This question tests materiality determination under AU-C 320, specifically benchmark selection for entities with volatile results. The key facts are volatile grant revenue causing near-breakeven results, stable total expenses, and significant total assets in a not-for-profit organization. The correct answer A appropriately selects a stable benchmark (total expenses or total assets) rather than volatile net assets, consistent with AU-C 320's guidance to select benchmarks relevant to users and appropriate to entity circumstances. Answer B incorrectly mandates net income for all entities when benchmark selection depends on entity-specific factors; Answer C incorrectly equates planning and performance materiality which serve different purposes; Answer D incorrectly defers materiality determination when it's needed for planning. The professional framework requires selecting materiality benchmarks that are relevant to financial statement users and relatively stable, avoiding volatile measures that don't reflect the entity's size or activities. For not-for-profits with volatile revenues, stable measures like expenses or assets often provide more appropriate benchmarks than change in net assets.

This question tests the auditor's response to identified risks during audit planning, specifically addressing automated controls and IT-related risks under AU-C 315. The key facts are that the bank implemented a new online platform with automated controls on an accelerated timeline, limited testing, and customer complaints about duplicate postings indicate control deficiencies. The correct answer B appropriately responds by increasing focus on IT general controls (ITGCs) and application controls while planning targeted substantive procedures over affected accounts, which aligns with AU-C 315's requirement to design audit procedures responsive to assessed risks. Answer A incorrectly defers risk response until after year-end, violating the requirement to plan procedures based on risk assessment; Answer C inappropriately relies on management representations without obtaining sufficient appropriate audit evidence; Answer D incorrectly applies PCAOB standards to a nonissuer audit. The professional judgment framework requires auditors to modify their audit approach when control deficiencies are identified during planning, focusing on both controls testing and substantive procedures for areas affected by automated processes. When IT systems show implementation issues, auditors must evaluate both ITGCs and application controls while designing substantive procedures to address the specific risks identified.

This question addresses planning procedures for a review engagement under AR-C 90, distinguishing review procedures from audit procedures. The key facts are that this is a review engagement (not an audit), the entity implemented a new inventory system, and gross margins fluctuate with management explanations. The correct answer B appropriately plans inquiry and analytical procedures as the primary review procedures, with follow-up inquiries for unusual fluctuations, consistent with AR-C 90 requirements. Answer A incorrectly applies audit procedures (tests of controls) and attempts to issue an opinion in a review; Answer C incorrectly requires confirmations which are not required in reviews; Answer D incorrectly applies PCAOB standards to a nonissuer review. The professional framework for reviews requires primarily inquiry and analytical procedures to obtain limited assurance, with additional inquiries when analytical procedures identify unusual fluctuations. Review engagements do not include tests of controls, obtaining audit evidence through inspection or confirmation, or expressing an opinion on financial statements.

This question tests fraud risk assessment during audit planning under AU-C 240, focusing on revenue-related fraud risk factors. The key facts are management compensation tied to revenue targets, debt covenant requirements based on revenue, and significant late-period manual entries affecting revenue accounts. The correct answer A properly identifies the combination of incentive (compensation and covenant), opportunity (manual entries), and timing (late period) as fraud risk indicators requiring focused audit attention. Answer B incorrectly assumes policies eliminate fraud risk when policies don't prevent override; Answer C incorrectly minimizes fraud risk for private companies when fraud risk exists regardless of ownership structure; Answer D incorrectly defers fraud consideration when AU-C 240 requires fraud risk assessment during planning. The professional framework requires auditors to identify fraud risk factors including incentives, opportunities, and rationalization during planning, with particular attention to revenue recognition. When management has both incentive and opportunity to manipulate revenue through manual entries, auditors must design procedures specifically responsive to the identified fraud risks.

This question addresses using the work of internal auditors under AU-C 610, focusing on evaluating objectivity and competence. The key facts are that internal audit reports to the controller (not independent), performance evaluations by the controller impair objectivity, and internal audit assisted with implementing the controls they're testing. The correct answer B correctly requires evaluating objectivity and competence, recognizing that impaired objectivity due to reporting lines and implementation involvement requires limiting reliance and adjusting procedures accordingly. Answer A incorrectly uses internal audit work without evaluation; Answer C incorrectly states internal audit must report to external auditors; Answer D incorrectly applies issuer standards to a nonissuer. The professional framework requires auditors to evaluate both competence and objectivity of internal auditors before relying on their work, with particular attention to organizational status and activities that may impair objectivity. When internal audit lacks independence or has participated in implementing controls, external auditors must limit reliance and perform additional procedures.

This question tests the determination of planning materiality under AU-C Section 320, considering the entity's nature and users' needs. The key facts involve a not-for-profit with volatile donations, a stable endowment, and users focused on program spending, requiring a benchmark that reflects these priorities. Selecting an appropriate benchmark like total expenses aligns with AU-C 320, which allows professional judgment in choosing benchmarks based on the entity's circumstances and users' expectations. Using total assets solely (choice A) or 5% of revenue automatically (choice D) is incorrect, as AU-C 320 does not mandate specific benchmarks and requires consideration of qualitative factors. Setting materiality after adjustments (choice C) contradicts AU-C 300, which requires materiality determination in planning. Auditors should evaluate quantitative and qualitative factors, including user focus, when selecting materiality benchmarks. This rule ensures materiality is tailored to the engagement, supporting relevant and reliable audit opinions.

This question tests the consideration of customer concentration and credit risks in audit planning under AU-C Section 315 and 540. The key facts include a dominant customer in distress and extended terms, heightening collectability and recognition risks, including side agreements. Focusing on these risks aligns with AU-C 315, which requires assessing business risks impacting financial statements, and AU-C 240 for fraud. Issuing an adverse control opinion (choice B) is not required, as concentration is not inherently a deficiency, and reducing testing (choice C) contradicts AU-C 330. Deferring confirmations (choice D) violates AU-C 300's planning. Auditors should evaluate concentrations for impacts on estimates and disclosures. This framework aids in addressing entity-specific risks holistically.

This question addresses audit planning for complex accounting areas requiring specialized knowledge under AU-C 315 and AU-C 620. The key facts are foreign currency transactions in a new jurisdiction, limited internal expertise, spreadsheet-based processes, and minimal review controls. The correct answer A appropriately plans to involve personnel with expertise (or specialists) and design procedures addressing both foreign currency and spreadsheet control risks, consistent with AU-C 620 requirements for using specialists when needed. Answer B incorrectly treats foreign currency as low risk despite complexity and limited expertise; Answer C incorrectly excludes spreadsheet controls from audit consideration when they're part of the financial reporting process; Answer D incorrectly requires a SOC report for internal processes. The professional framework requires auditors to assess whether specialized skills are needed and to understand controls over complex accounting areas, including spreadsheet controls. When entities lack expertise in complex areas and use manual processes with limited review, auditors must plan appropriate involvement of specialists and procedures addressing both technical accounting and process control risks.

This question tests the auditor's response to control deficiencies and fraud risks in cash-intensive operations under AU-C 315 and AU-C 240. The key facts are significant cash collections, lack of segregation of duties (staff can adjust accounts and process refunds), and no independent review of refunds. The correct answer A appropriately increases procedures over revenue and refunds, including understanding controls and designing substantive procedures responsive to override risk, consistent with AU-C 240's requirements for addressing fraud risks. Answer B incorrectly reduces effort when third-party involvement doesn't eliminate internal control risks; Answer C incorrectly defers testing when refunds are current-period transactions requiring current-period procedures; Answer D incorrectly limits communication when control deficiencies should be communicated to those charged with governance. The professional framework requires auditors to identify and respond to control deficiencies that create opportunities for fraud, particularly in cash-intensive operations. When segregation of duties is lacking and override opportunities exist, auditors must increase both control understanding and substantive procedures in affected areas.

This question tests understanding of revenue recognition risks and audit planning when an entity uses third-party marketplace arrangements, addressing requirements under AU-C 315 for understanding the entity and its environment. The key facts are the rapid shift to online sales through a third-party marketplace, net remittances after fees, and management's limited visibility into gross sales and chargebacks. The correct answer B appropriately focuses planning on controls and substantive procedures addressing completeness and accuracy of gross revenue, returns, and proper classification, including assessing the reliability of third-party reports as required by AU-C 500. Answer A incorrectly treats marketplace transactions as low risk despite the complexity and limited visibility; Answer C inappropriately suggests confirming with end customers when the marketplace is the contracting party; Answer D incorrectly requires management reporting on internal control for a nonissuer. The professional judgment framework requires auditors to identify and respond to risks arising from new revenue streams and third-party arrangements, focusing on completeness, accuracy, and proper presentation. When entities rely on third-party platforms for revenue processing, auditors must plan procedures to address the reliability of third-party information and the entity's controls over revenue recognition.