1. Discuss the differences between the attest function and advisory services.

The attest service is defined as an engagement in which a practitioner is engaged to

issue, or does issue, a written communication that expresses a conclusion about the
reliability of a written assertion that is the responsibility of another party.
Advisory services are professional services offered by public accounting firms to improve
their client organizations operational efficiency and effectiveness.
2. Explain the audit objectives of existence or occurrence, completeness, rights and
obligations, valuation or allocation, and presentation and disclosure.
The existence or occurrence assertion affirms that all assets and equities
contained in the balance sheet exist and that all transactions in the income
statement actually occurred.
The completeness assertion declares that no material assets, equities or
transactions have been omitted from the financial statements.
The rights and obligations assertion maintains that assets appearing on the
balance sheet are owned by the entity and that the liabilities reported are
obligations.
The valuation or allocation assertion states that assets and equities are valued in
accordance with GAAP and that allocated amounts such as depreciation
expense are calculated on a systematic and rational basis.
The presentation and disclosure assertion alleges that financial statement items
are correctly classified and that footnote disclosures are adequate to avoid
misleading the users of financial statements.
3. Discuss the concept of exposure and explain why firms may tolerate some
exposure.
Risks an organization concedes it is willing to accept outright tend to be foundational
elements of the current business model and relate strategy to create enterprise value.
These risks are so fundamental to the business they may not be included in a risk
appetite statement. Yet, they will often appear as significant risks in a risk assessment
and are an integral part of the existing risk profile. These risks are likely the ones that
are paying off through effective communication of the strategy, compensating the
company with satisfactory returns.
4. Explain how general controls impact transaction integrity and the financial
reporting process.
The task of internal control is to prevent and detect fraud in the organization.
5. What fraud detection responsibilities (if any) does SOX impose on auditors?
Interview management regarding any significant changes in the design or
operation of internal control that occurred subsequent to the preceding annual
audit or prior review of interim financial information.
Evaluate the implications of misstatements identified by the auditor as part of the
interim review that relate to effective internal controls.
Determine whether changes in internal controls are likely to materially affect
internal control over financial reporting.

6. Discuss whether a firm with fewer employees than there are incompatible tasks
should rely more heavily on general authority than specific authority.
A general authority is one which extends to all acts connected with a particular
employment; a special authority is one confined to "an individual instance."
7. Accounting firms are very concerned that their employees have excellent
communication skills, both oral and written. Explain why this requirement is so
important by giving examples of where these skills would be necessary in each of
the three phases of an audit.
Communication is quite simply the transmission of information. But this only describes
the process. The value of communication comes from achieving an objective; so the
meaning of communication is the response it elicits. For communication to be effective
we have to be clear on what we want it to achieve. And specific. So whether you are
briefing an audit team, interviewing a client or presenting your findings to the board, the
critical start point has to be that you are crystal clear on the purpose of your
communication.
8. If detective controls signal errors, why should they not automatically make a
correction to the identified error? Why are separate corrective controls
necessary?
Detective controls identify undesirable events and draw attention to the problem;
corrective actually fix the problem. For any detected error, there may be more than one
feasible corrective action, but the best course of action may not always be obvious.
9. A CPA firm has many clients. For some of its clients, it relies heavily on the work
of the internal auditors, while for others it does not. The amount of reliance affects
the fees charge. How can the CPA firm justify the apparent inconsistency of fees
charged in a competitive marketplace?
Only a firm with a low degree of accounting quality has the incentive to pay an extra
audit fee to avoid questions about that quality. If a firm improves its operating results in
such a convincing way that its audit opinion improves, then there is no need for it to pay
an extra fee to its auditors to obtain a better opinion.
10. An organizations internal audit department is usually considered to be an
effective control mechanism for evaluating the organizations internal control
structure. The Birch Companys internal auditing function reports directly to the
controller. Comment on the effectiveness of this organizational structure.
This function allows the internal auditor to be independent and objective in the
performance of their duty.