If an auditor discovers a 'Subsequent Event' (after the period end but before the report date) that significantly affects the system's security, what should they do?

Answer options:

Ignore it because it happened after the period.

Extend the audit period to include the event.

Disclose the event in the report if it is material.

Withdraw from the engagement.

How to approach this question

Standard audit standard for subsequent events: Disclose.

Full Answer

C.Disclose the event in the report if it is material.✓ Correct

Subsequent events that are of such a nature that their non-disclosure would affect the user's ability to rely on the report must be disclosed, typically in a separate section or note.

Common mistakes

Ignoring it because of the date cutoff.

Question 76 All questions Question 78

Practice the full CPA ISC Practice Exam 5

82 questions · hints · full answers · grading

More questions from this exam

Q01A service organization provides a cloud-based payroll processing application to its user entities...Medium Q02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...Hard Q03A financial institution requires a cloud deployment model that offers the highest level of contro...Medium Q04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...Medium Q05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy

View all 82 questions →