1. The internal control framework developed by COSO includes five so-called "components" of internal control. Discuss each of these five component. 2. What is the purpose of performing "tests of control" and, under what general circumstances, must the auditor perform tests of control? 3. Describe the auditor's basic responsibility to detect and communicate internal control deficiencies in connection with a financial statement audit. 4. Discuss the differences between a control deficiency, a significant deficiency, a material weakness, and the two dimensions of the control deficiency - likelihood and magnitude. 5. Once a material weakness is discovered, what must happen for management to avoid an adverse opinion on ICFR? 6. Distinguish between internal documentation and external documentation as types of audit evidence. Give two examples of each. Which type is considered more reliable? 7. You are the internal auditor at a company where the following policies, procedures or conditions exist: ___________a. There is strong segregation of duties in the inventory cycle between receiving inventory, its custody and the recording of inventory movements in the perpetual inventory system. ___________b. The board of directors and senior management meet every six months to identify the challenges facing the company and how successfully they are being addressed. ___________c. The company's organizational structure is designed in such a way as to provide the board of directors with a realistic chance of achieving its objectives on an ongoing basis. ___________d. The human resource department goes to great lengths to define the skills necessary for each job category and to recruit suitable personnel. ___________e. The financial director meets frequently with the financial accountant to ensure that information required to be disclosed by the International Financial Reporting Standards is properly accumulated, recorded and processed. ___________f. Access to the company's computer network is controlled by the use of comprehensive logical controls, e.g. user IDs, user profiles and passwords. ___________g. The recording in the general ledger of sales, purchases and other transactions that must be processed is achieved by passing journal entries. All journal entries are scrutinized and authorized by a senior financial accounting department employee before they can be processed. FINAL EXAM ___________h. All transactions keyed into the computer via terminals are subject to a wide range of input controls. ___________i. The internal audit department conducts frequent reviews of breakdowns in internal control and how these can be corrected. ___________j. To be able to enter the company's warehouse and production plant, individuals must place their thumbs on a biometric scanner. Indicate in the space provided to which component of internal control each of the policies, procedures or conditions listed above relate