[Morganf]

Which of the following factors is most relevant when an auditor considers the client’s organizational structure in the context of control risk?

A: Management’s attitude toward information processing and accounting departments.

B: The organization’s recruiting and hiring practices.

C: Physical proximity of the accounting function to upper management.

D: The suitability of the client’s lines of reporting.

My initial reaction: Look for something involving segregation of duties

My Answer: A; there is no segregation of duties answer, but this involves a control activity “tone at the top”

WIley Answer: D; “Answer D is correct because proper lines of reporting are necessary to prepare financial statement that follow GAAP. The requirement is to identify the factor that is most relevant when an auditor considers a client’s organization structure in the context of control risk.”

Wiley Explanation for A wrong: “Answer A is incorrect because management’s attitude on information processing and accounting departments is indicative of the tone at the top.”

COSO Internal Control Framework:

1 Control Environment (including tone at the top)

2 Risk Assessment

3 Information Communication

4 Control Activities (Segregation of duties, proper authorization, physical controls etc…)

5 Monitoring

The question doesn’t specifically ask for any 1 part of the Internal Control Framework, but if you really wanted to rank importance for the “best answer,” wouldn’t priority be something like Control activities, monitoring, control environment, info communication? How does the answer come out to D, which focusses on Information communication?

BEC - 88
AUD - 69, 74, 93
FAR - 78
REG - 79