Question

True or False

1. In an audit of internal control over financial reporting, if the auditor identifies only one material weakness, the auditor is required to issue an adverse opinion on the effectiveness of the client's internal control over financial reporting.

2. The auditor's client outsources parts of its accounting functions to an independent service provider. The auditor plans to reduce control risk for transactions processed and balances maintained by the service provider.

A. Because the service provider is independent of the audit client, the auditor may assume that controls at the service provider are effective

B. The auditor must obtain a Type 1 SOC report issued by the service provider's independent auditor

C. The auditor may obtain and use a Type 2 SOC report issued by the service provider's independent auditor to assess control risk.

D. The auditor may perform its own control testing at the service provider, if the service provider permits it.

E. C or D

3. In an audit of internal control, the auditor discovered one control deficiency and concluded that it was a significant deficiency. The type of audit report the auditor would issue in this circumstance is:

1. unqualified opinion audit report
2. unqualified opinion audit report with an extra paragraph describing the significant deficiency
3. qualified opinion audit report with an extra paragraph describing the significant deficiency
4. qualified or adverse opinion audit report, depending on the severity of the significant deficiency, with an extra paragraph describing the significant deficiency

4. Non-public and smaller public companies are not required to have an audit of their internal control over financial reporting.

1. Because of this, auditors usually assume the controls are not effective and perform extensive substantive tests.
2. Even so, the auditor must obtain an understanding of internal control to the same extent as would be required for a large public company.
3. Auditors of these companies only need to obtain an understanding of internal control and audit evidence sufficient to assess control risk.
4. the auditor of these companies is not required to do any work with regard to internal control.

Answer 1

Question 1:

False

The auditor can issue an qualified opinion for one material weakness but can't issue an adverse opinion on the same while issuing opinion for effectiveness of internal controls.

Question 2:

Option E. C Or D

The auditor can

• obtain and use a Type 2 SOC report issued by the service provider's independent auditor to assess control risk
• perform its own control testing at the service provider, if the service provider permits it.

Question 3 :

Option C. qualified opinion audit report with an extra paragraph describing the significant deficiency

As the deficiency is significant in the opinion of the auditor, so the auditor should issue an qualified audit report with a paragraph defining significant deficiency.

Question 4:

Option B. Even so, the auditor must obtain an understanding of internal control to the same extent as would be required for a large public company

The auditor need to obtain the understanding of internal controls in order to determine control risk and on the basis of the control risk to determine the other audit risks.