AUDITING THEORY
AT.0105-The Auditor’s Responsibilities Relating to Fraud, Error and Non-compliance
LECTURE NOTES
Auditor's Responsibilities Relating to Fraud and
Error
Introduction
The auditor is responsible for obtaining reasonable
assurance that the FSs taken as a whole are free from
material misstatement, whether caused by fraud or error.
Hence, the auditor’s responsibility for the detection of
fraud and error is essentially the same.
Fraud refers to an intentional act by one or more
individuals among management, TCWG, employees, or
third parties, involving the use of deception to obtain an
unjust or illegal advantage. While, error pertains to
unintentional misstatements or omissions in FSs, including
the omission of an amount or disclosure. Differentiating
fraud from error requires professional judgment. The risk
of not fraud is higher than error because fraud may be
concealed, especially if through collusion.
Although fraud is a broad legal concept, the auditor is
concerned with fraud that causes a material misstatement
in the FSs. In addition, the auditor does not make legal
determinations of whether fraud has actually occurred.
Types of Fraud
In relation to audit of financial statements:
a. Fraudulent financial reporting – Involves intentional
misstatements, including omissions of amounts or
disclosures in FSs, to deceive FS users, normally
involves management. Examples are the following:
 Manipulation or falsification of financial records
 Misrepresentation or intentional omission of
information in the FSs
 Intentional misapplication of accounting policies
b. Misappropriation of assets (theft) - Involves the theft
of an entity’s assets and is often perpetrated by
employees in relatively small and immaterial amounts.
However, it can also involve management and TCWG.
Examples of this type of fraud are the following:
 Embezzling receipts
 Lapping of accounts receivable
 Entity funds sent to a personal bank account
 Inventory items sold personally by entity
employees
 Goods or services paid for by the entity but not
received
 Use of entity assets for personal use
As to perpetrator:
a. Management fraud – refers to fraud involving one or
more members of management or TCWG.
b. Employee fraud – refers to fraud involving only
employees of the entity.
The risk of the auditor not detecting management fraud is
greater than for employee fraud, because management
may override otherwise effective internal controls.
Responsibility of Management and Those Charged
with Governance (TCWG) vs. that of the Auditor
Page 1 of 9
MAY 2020
The primary responsibility for the prevention and detection
of fraud rests with both TCWG of the entity and
management. Management shall establish a control
environment and implement internal control policies and
procedures to prevent and detect fraud. On the other
hand, TCWG, through its oversight function, shall ensure
the integrity of accounting and financial reporting systems
and that appropriate controls are in place.
On the other hand, the auditor’s responsibility is to obtain
reasonable assurance about whether the FSs taken as a
whole are free from material misstatement, whether
caused by fraud or error. The auditor is not responsible
for discovering fraud, and is not and cannot be held
responsible for the prevention of fraud. Unless the auditor
has reason to believe the contrary, the auditor may accept
records and documents as genuine. An audit rarely
involves the authentication of documents.
The auditor shall perform the procedures below following
the risk-based audit process:
 maintaining an attitude of professional skepticism;
 exercising professional judgment;
 holding engagement team discussion (‘brainstorming’);
 performing RAP and related activities;
 identifying and assessing the ROMM due to fraud;
 responding to assessed ROMM due to fraud;
 evaluating the audit evidence and the results of audit;
 communicating misstatements resulting from fraud;
 obtaining management representations;
 considering withdrawing from engagement; and
 documenting the results of work.
Discussion Among the Engagement Team
This discussion shall place particular emphasis on how and
where the entity’s FSs may be susceptible to material
misstatement due to fraud, including how fraud might
occur. The team shall set aside beliefs that management
and TCWG are honest and have integrity.
Performing RAP and Related Activities
Management and Others within the Entity
The auditor shall make inquiries of management, and
others within the entity as appropriate, to determine
whether they have knowledge of any actual, suspected or
alleged fraud affecting the entity.
The auditor shall make inquiries of internal audit to
determine whether it has knowledge of any actual,
suspected or alleged fraud affecting the entity, and to
obtain its views about the risks of fraud.
Those Charged with Governance (TCWG)
The auditor shall obtain an understanding of how TCWG
exercise oversight of management’s processes for
identifying and responding to the risks of fraud in the
entity and the internal control that management has
established to mitigate these risks. TCWG of an entity
have oversight responsibility for systems for monitoring
risk, financial control and compliance with the law.
AT.0105
CPART GETS GMRC CPA REVIEW CENTER
The auditor shall make inquiries of TCWG to determine
whether they have knowledge of any actual, suspected or
alleged fraud affecting the entity. These inquiries are made
in part to corroborate the responses to the inquiries of
management.
Unusual or Unexpected Relationships Identified
The auditor shall evaluate whether unusual or unexpected
relationships that have been identified in performing
analytical procedures, including those related to revenue
accounts, may indicate ROMM due to fraud.
Other Information
The auditor shall consider whether other information
obtained by the auditor indicates ROMM due to fraud.
Evaluation of Fraud Risk Factors
Fraud risks factors refer to events or conditions that
indicate an incentive or pressure to commit fraud or
provide an opportunity to commit fraud. The three
conditions (the fraud triangle or characteristics) generally
present when fraud occurs are:
a) Attitudes or rationalizations – Those involved in the
fraud are able to rationalize committing a fraudulent
act. This relates to either a person committing the
fraud, or to the entity’s control environment.
b) Incentives or pressures – Management and employees
have an incentive (e.g., benefit or enrichment) or are
under pressure (e.g., threat of losing their job), which
provides a reason to commit fraud.
c) Opportunities – Circumstances making execution of
fraud possible. These circumstances exist when a
person is generally trusted, internal control is
perceived to be easily overridden, or the individual
knows about deficiencies in internal control.
Identifying and Assessing the ROMM Due to Fraud
The auditor shall identify and assess the ROMM due to
fraud at the FSs level, and at the assertion level for classes
of transactions, account balances and disclosures.
Risks of Fraud in Revenue Recognition
The auditor shall, based on a presumption that there are
risks of fraud in revenue recognition, evaluate which types
of revenue, revenue transactions or assertions give rise to
such risks. Otherwise, auditor shall document when this
presumption is not applicable. For example, when revenue
recognition is a single type of simple revenue transaction,
e.g., leasehold revenue from a single unit rental property.
Understanding the Entity’s Related Controls
The auditor shall treat assessed ROMM due to fraud as
significant risks and accordingly, obtain an understanding
of the entity’s related controls, including control activities.
Responding to Assessed ROMM Due to Fraud
Overall Responses
The auditor shall determine overall responses to address
the assessed ROMM due to fraud at the FSs level.
Audit Procedures Responsive to Assessed Risks of Material
Misstatement Due to Fraud at the Assertion Level
The auditor shall design and perform FAP whose nature,
timing and extent are responsive to the assessed ROMM
due to fraud at the assertion level.
Audit Procedures Responsive to Risks Related to
Management Override of Controls
Management is in a unique position to perpetrate fraud
because of management’s ability to manipulate accounting
records and prepare fraudulent FSs by overriding controls
Page 2 of 9
that otherwise appears to be operating effectively. Due to
the unpredictable way in which such override could occur,
it is a ROMM due to fraud and thus a significant risk.
Irrespective of the auditor’s assessment of the risks of
management override of controls, the auditor shall design
and perform audit procedures to:
a. Test the journal entries and other adjustments made in
the preparation of the FSs.
b. Review accounting estimates for biases.
c. For significant transactions that are outside the normal
course of business for the entity, or appear to be
unusual, the auditor shall evaluate business rationale
(or the lack thereof) of the transactions.
Evaluating Audit Evidence and Results of Audit
Based on the audit procedures performed and the audit
evidence obtained, to evaluate whether the assessments of
the ROMM at the assertion level remain appropriate. This
evaluation is primarily a qualitative matter based on the
auditor’s judgment.
Analytical Procedures Performed in the Overall Review of
the Financial Statements
The auditor shall evaluate whether analytical procedures
that are performed when forming an overall conclusion as
to whether the FSs as a whole are consistent with the
auditor’s understanding of the entity and its environment
indicate a previously unrecognized ROMM due to fraud.
Consideration of Identified Misstatements
The auditor’s actions depend on whether the fraud that has
been discovered or suspected is material or immaterial:
 If immaterial:
o Refer to appropriate level of management (one
level above the person involved)
o Gain satisfaction no FSs effect
 If material or unable to evaluate whether material or
immaterial:
o Consider implications for audit, e.g., reliability of
management representations
o Investigate further, i.e., discuss with appropriate
level of management (one level above the person
involved)
o Obtain evidence of fraud and its effects
o Suggest client consult legal counsel
Communication of Misstatements due to Fraud
In the exceptional circumstances where the auditor has
doubts about the integrity or honesty of management or
TCWG, the auditor may consider it appropriate to obtain
legal advice to assist in determining the appropriate course
of action.
Communication To Management
The communication enables management to act on a
timely basis. The communication is made even if the
matter might be considered inconsequential (for example,
a minor defalcation by an employee at a low level in the
entity’s organization). The determination whom to
communicate is a matter of professional judgment which
normally is at least one level above the person involved.
Communication With Those Charged With Governance
The auditor’s communication with TCWG may be made
orally or in writing. Due to the nature and sensitivity of
fraud involving senior management, or fraud that results in
a material misstatement in the FSs, the auditor reports
such matters on a timely basis and may consider it
necessary to also report such matters in writing.
AT.0105
CPART GETS GMRC CPA REVIEW CENTER
In some cases, the auditor may consider it appropriate to
communicate with TCWG when the auditor becomes aware
of fraud involving employees other than management that
does not result in a material misstatement. Similarly,
TCWG may wish to be informed of such circumstances.
Communications to Regulatory and Enforcement
Authorities
The auditor’s professional duty to maintain the
confidentiality of client information may preclude reporting
fraud to a party outside the client entity. However, the
regulatory requirements, statute, the law or courts of law
overrides this duty. For example, under a BSP
requirement, the auditor of a financial institution has a
statutory duty to report the occurrence of fraud to the
BSP. Also, under an SEC requirement, the auditor has a
duty to report material audit findings, such as those
involving fraud or error.
Communication of Misstatements due to Error
The auditor should communicate to management (and to
TCWG, where necessary) any identified material
misstatements resulting from error. In addition, the
auditor should communicate also to TCWG those
uncorrected misstatements aggregated by the auditor
during the audit that were deemed by management as
immaterial to the FSs.
Management Written Representations
The auditor shall obtain written representations from
management that:
a. It acknowledges its responsibility for internal control to
prevent and detect fraud;
b. It has disclosed to the auditor:
 the results of its assessment of the risk that the
FSs may be materially misstated due to fraud;
 its knowledge or suspicion of fraud involving:
management; employees who have significant
roles in internal control; or others where the fraud
could have a material effect on the FSs; and
 its knowledge of any allegations of fraud, or
suspected fraud, affecting the entity’s FSs
communicated by employees, former employees,
analysts, regulators or others.
Auditor Unable to Continue the Engagement
Examples of these exceptional circumstances include:
 The entity does not take the appropriate action
regarding fraud that the auditor considers necessary,
even when the fraud is not material to the FSs;
 The auditor’s consideration of the ROMM due to fraud
and the results of audit tests indicate a significant risk
of material and pervasive fraud; or
 The auditor has significant concern about the
competence or integrity of management or TCWG.
If, as a result of circumstances, the auditor shall:
a) Consider whether it is appropriate to withdraw from
the engagement; and
b) If the auditor withdraws:
 Discuss with the appropriate level of management
and TCWG, including the reasons thereof; and
 Determine whether there is a professional or legal
requirement to report to the person or persons or,
in some cases, to regulatory authorities.
Documentation
The auditor’s documentation shall include the:
a) Significant decisions reached during ‘brainstorming’
regarding the susceptibility of the entity’s FSs to
material misstatement due to fraud;
Page 3 of 9
b) Identified and assessed ROMM due to fraud at the FSs
level and at the assertion level.
c) Responses to the assessed ROMM: the overall
responses and the nature, timing and extent of FAP;
d) Results of the audit procedures;
e) Communications about fraud made to management,
TCWG, regulators and others; and
f) Reasons for that conclusion ROMM due to fraud related
to revenue recognition is not applicable.
Auditor’s Responsibility to Consider Laws and
Regulations
Introduction
The auditor needs to consider the applicable laws and
regulations to the entity in FSs audit because compliance
and non-compliance with those laws and regulations affect
the FSs in many ways. In addition, those laws and
regulations to which an entity is subject constitute the
legal and regulatory framework in which the entity
operates.
Nature and Definition of Non-compliance
Non-compliance–Acts of omission or commission by the
entity (intentional or unintentional), which are contrary to
the prevailing laws or regulations. Such acts include
transactions entered into by, or in the name of, the entity,
or on its behalf, by TCWG, management or employees.
However, non-compliance does not include personal
misconduct (unrelated to the business activities of the
entity) by TCWG, management or employees of the entity.
Types of Laws and Regulations
In relation to audit of FSs, there are two types:
a. Direct effect–Amounts and disclosures, as a result of
compliance, are reported on the FSs such as tax and
pension laws and regulations
b. Indirect effect–Relates primarily to operations of the
entity but does not have a direct effect on an entity’s
FSs. However non-compliance may result in fines,
litigation or other consequences for the entity that may
have a material effect on the FSs. Examples may
include compliance with the terms of an operating
license, regulatory solvency requirements, or
environmental regulations.
Responsibility for Compliance with Laws and
Regulations
Responsibility of Management for Compliance with Laws
and Regulations
Management, with the oversight of TCWG, is responsible
for ensuring that the entity’s operations are conducted in
accordance with laws and regulations.
Responsibility of the Auditor
The auditor is responsible for obtaining reasonable
assurance that the FSs, taken as a whole, are free from
material misstatement, whether caused by fraud or error.
The auditor shall identify ROMM of the FSs due to non-
compliance with laws and regulations. However, the
auditor is not responsible for preventing non-compliance
and cannot be expected to detect non-compliance with all
laws and regulations. In the absence of evidence to the
contrary, the auditor is entitled to assume the entity is in
compliance with applicable laws and regulations affecting
the client
In the context of laws and regulations, the potential effects
of inherent limitations on the auditor’s ability to detect
material misstatements are greater because:
 Many laws and regulations, relating principally to the
operating aspects of an entity, do not affect the FSs.
AT.0105
CPART GETS GMRC CPA REVIEW CENTER
 Non-compliance may be concealed, management
override of controls or intentional misrepresentations
to the auditor.
 Whether an act constitutes non-compliance is
ultimately determined by a court of law.
Ordinarily, the further removed non-compliance is from the
events and transactions reflected in the FSs, the less likely
the auditor is to become aware of it or to recognize the
non-compliance.
The Auditor’s Consideration of Compliance with Laws
and Regulations
Obtaining an Understanding of the Legal and Regulatory
Framework
As part of obtaining an understanding of the entity and its
environment, the auditor shall obtain a general
understanding of:
a) The legal and regulatory framework applicable to the
entity and the industry or sector in which the entity
operates; and
b) How the entity is complying with that framework.
Direct Effect Laws and Regulations
The auditor shall obtain sufficient appropriate audit
evidence regarding compliance with the provisions of those
laws and regulations with direct effect on the material
amounts and disclosures in the FSs.
Indirect Effect Laws and Regulations
The auditor shall perform the following to identify non-
compliance that may have a material effect on the FSs:
a. Inquiring of management and, where appropriate,
TCWG, as to whether the entity is in compliance with
such laws and regulations; and
b. Inspecting correspondence, if any, with the relevant
licensing or regulatory authorities.
Non-Compliance Brought to the Auditor’s Attention by
Other Audit Procedures
During the audit, the auditor shall remain alert to the
possibility that other audit procedures applied may bring
instances of non-compliance or suspected non-compliance
with laws and regulations to the auditor’s attention.
Audit procedures applied to form an opinion on the FSs
may bring instances of non-compliance or suspected non-
compliance with laws and regulations to the auditor’s
attention. For example, such audit procedures may
include: reading minutes; inquiring of the entity’s
management and in-house legal counsel or external legal
counsel concerning litigation, claims and assessments; and
performing substantive tests of details of classes of
transactions, account balances or disclosures.
Written Representations
The auditor shall request management and, where
appropriate, TCWG to provide written representations that
all known instances of non-compliance or suspected non-
compliance with laws and regulations whose effects should
be considered when preparing FSs have been disclosed.
No Identified or Suspected Non-compliance
In the absence of identified or suspected non-compliance,
the auditor is not required to perform audit procedures
regarding the entity’s compliance with laws and
regulations, other than those set out above.
Audit Procedures When Non-Compliance Is
Identified or Suspected
The auditor shall obtain:
Page 4 of 9
a) An understanding of the nature of the act and the
circumstances in which it has occurred; and
b) Further information to evaluate the possible effect on
the FSs.
Audit Procedures
If the auditor suspects there may be non-compliance, the
auditor shall discuss the matter with management and,
where appropriate, TCWG. If management or, as
appropriate, TCWG do not provide sufficient information
that supports that the entity is in compliance with laws and
regulations and, in the auditor’s judgment, the effect of
the suspected non-compliance may be material to the FSs,
the auditor shall consider the need to obtain legal advice.
Evaluating the Implications of Non-Compliance
The auditor shall evaluate the implications of non-
compliance in relation to other aspects of the audit,
including the auditor’s risk assessment and the reliability
of written representations, and take appropriate action.
In exceptional cases, the auditor may consider whether,
unless prohibited by law or regulation, withdrawal from the
engagement is necessary when management or TCWG do
not take the necessary remedial action, even when the
non-compliance is not material but the auditor may
consider seeking legal advice. If withdrawal is prohibited,
the auditor may consider alternative actions, including
describing the non-compliance in an Other Matter(s)
paragraph in the auditor’s report.
Reporting of Identified or Suspected Non-
Compliance
Reporting to Those Charged with Governance
The auditor shall communicate to TCWG matters involving
non-compliance with laws and regulations, unless those
are clearly inconsequential and they are involved in
management and already aware of it.
If the auditor suspects that management or TCWG is
involved in non-compliance, communicate the matter to
the next higher level of authority at the entity, if it exists.
Otherwise consider obtaining legal advice.
Reporting in the Auditor’s Report
Results Opinion
No sufficient appropriate audit
evidence obtained as precluded by Qualified or
management or TCWG Disclaimer
No sufficient appropriate audit
evidence obtained imposed by Evaluate effect on
circumstances audit report
Contains material misstatement Qualified or Adverse
Reporting to Regulatory and Enforcement Authorities
If the auditor has identified or suspects non-compliance
with laws and regulations, determine whether the auditor
has a responsibility to report the identified or suspected
non-compliance to parties outside the entity.
The auditor’s professional duty to maintain the
confidentiality of client information may preclude reporting
identified or suspected non-compliance with laws and
regulations to a party outside the entity.
Documentation
The auditor shall document identified or suspected non-
compliance with laws and regulations and the results of
discussion with management and, where applicable, TCWG
and other parties outside the entity. For example: copies
of records or documents or minutes of discussions held
with management, TCWG or parties outside the entity.
- done -
AT.0105
 MULTIPLE CHOICE
Fraud and Error
Fraud vs. Error
1. What is the primary determinate in the difference
between fraud and errors?
a. The materiality of the misstatement.
b. The intent to deceive.
c. The level of management involved.
d. The type of transaction effected.
2. The following are examples of error, except
a. A mistake in gathering or processing data from
which financial statements are prepared.
b. An incorrect accounting estimate arising from
oversight or misinterpretation of facts
c. A mistake in the application of accounting
principles relating to measurement, recognition,
classification, presentation, or disclosure
d. Misrepresentation in the financial statements of
events, transaction or other significant information
3. The risk of not detecting a material misstatement
resulting from fraud is higher than the risk of not
detecting a material misstatement resulting from error
because
a. The effect of fraudulent act is likely omitted in the
accounting records
b. Fraud is ordinarily accompanied by acts specifically
designed to conceal its existence and auditors do
not make legal determinations of whether fraud
has actually occurred
c. Fraud is always a result of connivance between or
among employees
d. The auditor is responsible to detect errors but not
fraud
Types of fraud
4. The two types of intentional misstatements that are
relevant to the auditor’s consideration of fraud include,
misstatements resulting from fraudulent financial
reporting and misstatements resulting from
misappropriation of assets. Fraudulent financial
reporting least likely involve
a. Deception such as manipulation, falsification
(including forgery), or alteration of accounting
records or supporting documents from which the
financial statements are prepared
b. Misrepresentation in, or intentional omission from,
the financial statements of events, transaction or
other significant information
c. Intentional misapplication of accounting principles
relating to measurement, recognition,
classification, presentation, or disclosure
d. Embezzling receipts, stealing physical assets or
intellectual property , causing an entity to pay for
goods and services not received, or using an
entity’s assets for personal use.
5. In comparing management fraud with employee fraud,
the auditor’s risk of failing to discover the fraud is
a. Greater for employee fraud because of the higher
crime rate among blue collar workers
b. Greater for management fraud because of
management’s ability to override existing internal
controls, which is always assumed in audit.
c. Greater for employee fraud because of the larger
number of employees in the organization
d. Greater for management fraud because managers
are inherently smarter than employees
6. Which of the following constitutes the fraud of larceny?
a. Misappropriation of assets that have been
entrusted to one’s care
b. Theft of assets
Page 5 of 9
c. Theft of assets covered up by manipulation of
accounting records
d. Agreement between two or more persons to
commit a criminal act
7. The most difficult type of misstatement to detect is
fraud based on
a. The overrecording of transactions.
b. The nonrecording of transactions.
c. Recorded transactions in subsidiaries or incorrect
postings of recorded transactions.
d. Related-party receivables.
Responsibilities for fraud
8. Which statement(s) is(are) incorrect regarding the
auditor’s responsibility to consider fraud and error in
an audit of financial statements?
a. The auditor is not and cannot be held responsible
for the prevention of fraud and error being the
primary responsibility of both the management
and those charged with governance.
b. When planning and performing audit procedures
and evaluating and reporting the results thereof,
the auditor should consider the risk of
misstatements in the financial statements resulting
from fraud.
c. In planning the audit, the auditor should discuss
with other members of the audit team the
susceptibility of the entity to material statements
in the financial statements resulting from fraud or
error and exercise professional skepticism (the
best method to detect fraud).
d. The auditor should design audit programs that will
provide reasonable assurance that material errors
and fraud will be detected in the ordinary course of
the examination.
Engagement Team Discussion (‘Brainstorming’)
9. Brainstorming about the susceptibility of the entity’s
financial statements to material misstatement due to
fraud include the following advantages?
a. Provides an opportunity for more experienced
engagement team members to share their insights
about how and where the FSs may be susceptible
to material misstatement due to fraud and how
entity’s assets could be misappropriated
b. Enables the auditor to consider an appropriate
response to such susceptibility and to determine
which members of the engagement team will
conduct certain audit procedures.
c. Permits the auditor to determine how the results of
audit procedures will be shared among the
engagement team and how to deal with any
allegations of fraud that may come to the auditor’s
attention.
d. All of the above.
Risk Assessment Procedures and Related Activities
10. Sources of information gathered to assess fraud risks
usually do not include:
a. Analytical procedures.
b. Inquiries of management and others within the
entity.
c. Communication among audit team members.
d. Review of corporate charter and bylaws.
11. Categories of fraud risk factors (whose presence often
has been observed in circumstances where frauds have
occurred) in relation to misstatements arising from
misappropriation of assets and fraudulent financial
reporting are: opportunities; attitudes or
rationalizations; and pressures or incentives. Which of
AT.0105
CPART GETS GMRC CPA REVIEW CENTER
the following creates an opportunity for fraud to be
committed in an organization?
a. Management demands financial success or is
aggressive in its application of accounting rules.
b. Poor internal control.
c. Commitments tied to debt covenants.
d. Finding loopholes in the accounting rules to
achieve earnings targets.
Identifying and Assessing the ROMM due to fraud
12. Which of the following is an example of a common type
of financial reporting fraud?
a. Capitalizing major overhauls to operating
equipment.
b. Deferring service revenue until it is delivered to
customers.
c. Recording sales for inventory sold with the right to
return, hence, fraud on revenue recognition is
always presumed to exist in absence or conditions
to the contrary.
d. Excluding a contingent liability that has been
settled.
Responding to Assessed ROMM due to fraud
13. Which of the following is most likely to be an overall
response to fraud risks identified in an audit?
a. Supervise members of the audit team less closely
and rely more upon judgment.
b. Use less predictable audit procedures.
c. Only use certified public accountants on the
engagement.
d. Place increased emphasis on the audit of objective
transactions rather than subjective transactions.
14. As part of designing and performing procedures to
address management override of controls, auditors
must perform which of the following procedures?
Examine all journal Review accounting
entries above materiality estimates for biases
a. Yes Yes
b. No No
c. Yes No
d. No Yes
Evaluating the Audit Evidence and Results of Audit
Circumstances that Indicate the Possibility of Fraud
15. The following are examples of circumstances that may
indicate the possibility that the financial statements
may contain a material misstatement resulting from
fraud, except
a. Transactions that are recorded in a complete or
timely manner or are properly recorded as to
amount, accounting period, classification, or entity
policy.
b. Unsupported or unauthorized balances or
transactions.
c. Last-minute adjustments that significantly affect
financial results or unusual journal entries.
d. Tips or complaints to the auditor about alleged
fraud.
16. The following are examples of circumstances that may
indicate the possibility that the financial statements
may contain a material misstatement resulting from
fraud, except
a. Missing documents.
b. Documents that appear to have been altered.
c. Unavailability of other than photocopied or
electronically transmitted documents when
documents in original form are expected to exist.
d. Significant explained items on reconciliations.
17. Which of the following might be considered a "red flag"
indicating possible fraud in a large manufacturing
company with several subsidiaries?
Page 6 of 9
a. The existence of a financial subsidiary.
b. A consistent record of above average return on
investment for all subsidiaries.
c. Complex sales transactions and transfers of funds
between affiliated companies.
d. Use of separate bank accounts for payrolls by each
subsidiary.
Communicating Misstatements Resulting from Fraud
18. Communication of a misstatement resulting from
fraud, or a suspected fraud, or error to the appropriate
level of management on a timely basis is important
because it enables management to take action as
necessary. Ordinarily, the appropriate level of
management is
a. At least equal to level of persons who appear to be
involved with misstatements or suspected fraud
b. At least one level above persons who appear to be
involved with the misstatement or suspected fraud
c. The audit committee of the board of directors
d. The head of internal audit department
19. Protection Transparency, Inc. is being audited by
Messer and Bromely, LLP. During the assessment of
fraud, Messer and Bromely discover that the controller
has been creating fictional sales and posting them to
the general ledger. Who should the auditors make
aware of this issue?
a. Protection Transparency's legal counsel.
b. The law enforcement agency.
c. The chairman of audit committee.
d. The predecessor auditor.
Management Representations
20. The auditor least likely obtains written representations
from management that:
a. It acknowledges its responsibility for the
implementation and operations of accounting and
internal control systems that are designed to
prevent and detect fraud and error
b. It has disclosed to the auditor its knowledge of
fraud or suspected fraud affecting the entity
involving employees who have significant roles in
internal control only.
c. It has disclosed to the auditor its knowledge of any
allegations of fraud, or suspected fraud affecting
the entity’s financial statements communicated by
employees, former employees, analysts,
regulations or others
d. It has disclosed to the auditor the results of its
assessment of the risk that the financial
statements may be materially misstated as a result
of fraud
Withdrawing from engagement
21. The auditor may encounter exceptional circumstances
that bring into question the auditors ability to continue
performing the audit, including where
a. The entity does not take the remedial action
regarding fraud that the auditor considers
necessary in the circumstances, even when the
fraud is not material to the financial statements
b. The auditor’s consideration of the risk of material
misstatement resulting from fraud and the results
of audit tests indicate a significant risk of material
and pervasive fraud
c. The auditor has significant concern about the
competence or integrity of management or those
charged with governance that affect the auditor's
ability to rely on management's representations.
d. All of the above
AT.0105
CPART GETS GMRC CPA REVIEW CENTER
Documentation
22. PSAs require auditors to document which of the
following matters related to the auditor’s consideration
of material misstatements due to fraud?
a. Reasons supporting a conclusion that there is not a
significant risk of material improper expense
recognition.
b. Procedures performed to obtain information
necessary to identify and assess the risks of
material fraud.
c. Results of the internal auditor’s procedures
performed to address the risk of management
override of controls.
d. Discussions with management regarding
separation of duties.
Non-compliance with Laws and Regulations
Nature, Definition and Types
23. Which statement is incorrect regarding the auditor’s
consideration of laws and regulations in an audit of
financial statements?
a. Noncompliance refers to acts of omission or
commission by the entity being audited which are
contrary to prevailing laws and regulations
b. Noncompliance includes transactions entered into
by, or in the name of, the entity, or on its behalf,
by TCWG, management or employees.
c. Noncompliance includes personal misconduct of
the entity’s management or employees though
they are unrelated to the entity’s business
activities
d. In the absence of evidence to the contrary, the
auditor is entitled to assume the entity is in
compliance with applicable laws and regulations
affecting the client.
Responsibility for Compliance with Laws and Regulations
24. Which of the following is incorrect about the auditor’s
responsibility for evaluating noncompliance by the
entity to laws and regulations?
a. It is the responsibility of management, with the
oversight of those charged with governance, to
ensure that the entity’s operations are conducted
in accordance with laws and regulations, including
compliance with laws and regulations that
determine the form or content of the entity’s
financial statements. This includes responsibility
for the prevention and detection of non-compliance
with laws and regulations.
b. An audit cannot be expected to detect
noncompliance with all laws and regulations.
Detection of noncompliance, regardless of
materiality, requires considerations of the
implications for the integrity of management or
employees
c. Generally, the further removed non-compliance is
from the events and transactions reflected in the
financial statements, the more likely the auditor is
to become aware of it or to recognize the possible
non-compliance. This is because an illegal act by
the client often relate to operating aspects rather
than accounting aspects.
d. In order to plan the audit, the auditor should
obtain a general understanding of the legal and
regulatory framework applicable to the entity and
the industry and how the entity is complying with
that framework.
The Auditor’s Consideration of Compliance with Laws and
Regulations
25. Which of the following is incorrect about the auditor’s
responsibility for evaluating noncompliance by the
entity to laws and regulations?
Page 7 of 9
a. When the auditor becomes aware of information
concerning a possible instance of noncompliance,
the auditor shall obtain an understanding of the
nature of the act and the circumstances in which it
has occurred and evaluate the possible effect on
the financial statements.
b. If the auditor has identified or suspects
noncompliance with laws and regulations, the
auditor shall determine whether the auditor has a
responsibility to report the identified or suspected
noncompliance to parties outside the entity.
c. The auditor shall document identified or suspected
non-compliance with laws and regulations but not
the results of discussion with management, and
where applicable, those charged with governance
and other parties outside the entity.
d. The auditor may withdraw from the engagement
when the entity does not take the remedial action
that the auditor considers necessary in the
circumstances, even when the noncompliance is
not material to the financial statements or affects
auditor’s ability to rely on management
representations.
Indications of Non-Compliance with Laws and Regulations
26. According to PSA 250 (Consideration of Laws and
Regulations in an Audit of Financial Statements), the
following are indications that noncompliance may have
occurred, except
a. Investigation by government departments or
payment of fines or penalties
b. Adverse media comment
c. Authorized transactions or properly recorded
transactions
d. Purchasing at prices significantly above or below
market price
27. Examples of the type of information that may come to
the auditor's attention that may indicate that
noncompliance with laws or regulations has occurred
least likely include
a. Payments for unspecified services or loans to
consultants, related parties, employees or
government employees.
b. Purchasing at prices significantly above or below
market price.
c. Unauthorized transactions or improperly recorded
transactions.
d. Payments with proper exchange control
documentation.
Audit Procedures When Non-Compliance Is Identified or
Suspected
28. When an auditor becomes aware of a possible illegal
act by a client, the auditor should obtain an
understanding of the nature of the act to
a. Increase the assessed level of control risk.
b. Recommend remedial actions to the audit
committee.
c. Evaluate the effect on the financial statements and
may consider seeking legal advice especially when
involving members of senior management,
including members of the board of directors.
d. Determine the reliability of management’s
representations.
29. Which of the following statements is usually true?
a. It is easier for the auditor to uncover fraud than
errors.
b. It is easier for the auditor to uncover indirect-
effect illegal acts than fraud.
c. The auditor’s responsibility for detecting direct-
effect illegal acts is similar to the responsibility to
detect fraud.
AT.0105
CPART GETS GMRC CPA REVIEW CENTER
d. The auditor’s responsibility for detecting indirect-
effect illegal acts is similar to the responsibility to
detect fraud.
Reporting of Identified or Suspected Non-Compliance
30. Which of the following is the auditor least likely to do
when aware of an illegal act?
a. Discuss the matter with the client’s legal counsel.
DO-IT-YOURSELF (DIY) DRILL
1. Which of the following are most often involved in
perpetrating fraud in financial statement reporting?
a. The auditors and the attorneys.
b. The audit committee members.
c. The chief executive and chief financial officers.
d. The accounts payable clerks.
2. Audits of financial statements are designed to obtain
reasonable assurance of detecting material
misstatements due to
a. b. c. d.
Errors Yes Yes Yes No
Fraudulent financial Yes Yes No Yes
reporting
Misappropriation of Yes No Yes No
assets
Direct-effect illegal acts Yes No Yes No
3. Which of the following most accurately defines
professional skepticism as it is used in auditing
standards?
a. It either assumes management is honest or slightly
dishonest, but neither all the time.
b. It neither assumes that management is dishonest
nor assumes unquestioned honesty.
c. It assumes management is honest most of the
time.
d. It assumes that management is dishonest in only
rare instances.
4. Brainstorming about the manner in which fraud may
be committed should include all of the following except
a. how management could perpetrate and conceal
fraudulent financial reporting
b. any unusual or unexplained changes in behavior or
lifestyle of management or employees
c. any fraud risk factors observed to be present in the
engagement
d. all of the above
5. Which of the following best represents actions that
may indicate fraud is pervasive throughout the
company under audit?
a. The company's management negotiates deals with
vendors in such a manner as to pay lower prices.
b. The company's management drives luxury vehicles
and takes personal vacations to exotic places.
c. The company's management takes an overly
aggressive approach to revenue recognition.
d. The company's management estimates bad debts
using an aged accounts receivables ledger rather
than as a percent of sales.
6. If the audit team discovers that fraud risk factors are
present on an engagement, it should then:
a. resign from the client and inform the audit
committee and regulatory authorities.
b. modify procedures to actively search for the
existence of fraud.
c. reduce the amount of evidence required and resort
to management inquiry.
d. turn the audit over to forensic accountants.
Page 8 of 9
b. Obtain evidence about the potential effect of the
illegal act on the financial statements.
c. Contact the local law enforcement officials
regarding potential criminal wrongdoing.
d. Consider the impact of the illegal act on the
relationship with the company’s management.
- now do the DIY drill -
7. Which of the following is least likely to be required on
an audit in accordance with PSAs?
a. Test appropriateness of journal entries and
adjustment.
b. Review accounting estimates for biases.
c. Evaluate the business rationale for significant
unusual transactions.
d. Make a legal determination of whether fraud has
occurred.
8. How will the results of the auditor's assessment of
fraud risk factors further affect the planned audit
procedures?
a. Audit procedures and fraud assessment do not
relate.
b. The assessment may require a re-audit of previous
periods.
c. By the assignment of qualified audit staff to risky
areas of the engagement.
d. Management will be called upon to assist in
coordinating audit procedures.
9. The following are examples of circumstances that may
indicate the possibility that the financial statements
may contain a material misstatement resulting from
fraud, except
a. Fewer responses to confirmations than anticipated
or a greater number of responses than anticipated.
b. Large numbers of debit entries and other
adjustments made to accounts receivable records.
c. Missing inventory or physical assets of significant
magnitude.
d. Unusual discrepancies between the entity's records
and confirmation replies.
10. If an auditor believes a client may have committed
illegal acts, which of the following actions should the
auditor take?
a. Consult with the client’s counsel and the auditor’s
counsel to determine how the suspected illegal
acts will be communicated to stockholders.
b. Extend auditing procedures to determine whether
the suspected illegal acts have a material effect on
the financial statements.
c. Make inquiries of the client’s management and
obtain an understanding of the circumstances
underlying the acts and of other evidence to
determine the effects of the acts on the financial
statements.
d. Notify each member of the audit committee of the
board of directors about the nature of the acts and
request that they advise an approach to be taken
by the auditor.
11. Which of the following is an auditor responsible for
concerning the detection of illegal activities of an audit
client?
a. Assess the inherent risk of material misstatements
due to illegal acts
b. Monitor legal requirements and ensure that the
client’s operating procedures are designed to meet
these requirements, for the period under audit
c. Ensure that the client appoints an audit committee
AT.0105
CPART GETS GMRC CPA REVIEW CENTER

d. Ensure that the client’s internal auditors act in an audit evidence or in the resolution of potential
ethical manner disagreements with management.
c. Usual delays by the entity in providing requested
12. An auditor who discovers that a client's employees
information
paid small bribes to municipal officials most likely
d. An unwillingness to address identified weaknesses
would withdraw from the engagement if
in internal control on a timely basis.
a. The payments violated the client's policies
regarding the prevention of illegal acts. 17. The following are examples of circumstances that may
b. The client receives financial assistance from a indicate the possibility that the financial statements
federal government agency. may contain a material misstatement resulting from
c. Documentation that is necessary to prove that the fraud, except
bribes were paid does not exist. a. Unwillingness by management to permit the
d. Management fails to take the appropriate remedial auditor to meet privately with those charged with
action and reliance on management’s governance.
representation becomes doubtful. b. Accounting policies that appear to be consistent
with industry norms.
13. If an illegal act is discovered during the audit of a
c. Frequent changes in accounting estimates that do
publicly held company, the auditor should
not appear to result from changed circumstances.
a. Notify the regulatory authorities.
d. Tolerance of violations of the entity’s Code of
b. Determine who was responsible for the act.
Conduct
c. Modify the extent of auditing procedures.
d. Report the act to high-level personnel within the 18. Brainstorming about the manner in which fraud may
client's organization. be committed should include all of the following except
a. Consider factors that might affect management
14. Which of the following is least likely to be included in
motivation to misstate the financial statements
an auditor's inquiry of management while obtaining
b. Consider weaknesses in internal control that would
information to identify the risks of material
allow a fraud to take place or management
misstatement due to fraud?
override of controls
a. Are financial reporting operations controlled by and
c. Consider the materiality of the individual account
limited to one location?
balances for substantive testing
b. Does it have knowledge of fraud or suspect fraud?
d. Consider factors that may enable an individual
c. Does it have programs to mitigate fraud risks?
capable of committing a fraud to rationalize
d. Has it reported to the audit committee the nature
perpetrating it
of the company's internal control?
19. In evaluating the effect of fraud upon the audit
15. Which of the following could indicate that the risk of
procedures the auditor should consider
fraud and other irregularities perpetrated by senior
a. The type of fraud that may occur.
management is higher than normal?
b. The potential significance and likelihood of
a. There are very few related party transactions.
occurrence of fraud.
b. The auditor has not audited this client before.
c. The pervasiveness of fraud detected.
c. Management turnover is unusually high.
d. All of the above.
d. The auditor discovers a GAAP departure during the
audit. 20. Relative to internal controls, what is a primary risk of
fraud in the client company?
16. The following are examples of circumstances that may
a. The risk that management overrides controls.
indicate the possibility that the financial statements
b. The risk that management changes controls each
may contain a material misstatement resulting from
year.
fraud, except
c. The risk that management carefully enforces and
a. Undue time pressures imposed by management to
monitors controls.
resolve complex or contentious issues.
d. The risk that the audit committee monitors
b. Complaints by management about the conduct of
controls.
the audit or management intimidation of
engagement team members, particularly in
connection with the auditor’s critical assessment of
 - end of AT.0105 - 

Page 9 of 9 AT.0105