Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1...
-
Upload
sara-carpenter -
Category
Documents
-
view
214 -
download
1
Transcript of Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1...
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-1
Chapter SevenAuditing Internal Control over Financial Reporting
Chapter SevenAuditing Internal Control over Financial Reporting
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-2
Management Responsibilities under Section 404
Section 404 of the Sarbanes-Oxley Act requires managements of publicly traded companies in the
United States to issue an internal control report that explicitly accepts responsibility for establishing and maintaining ‘adequate’ internal control over financial
reporting.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-3
Management Responsibilities under Section 404
Management must comply with the following in order for its public accounting firm to complete an audit of
internal control over financial reporting.
1. Accepts responsibility for the effectiveness of the entity’s internal control over financial reporting.
2. Evaluate the effectiveness of the entity’s internal control over financial reporting using suitable control criteria.
3. Support its evaluation with sufficient evidence, including documentation.
4. Present a written assessment of the effectiveness of the entity’s internal control over financial reporting as of the end of the entity’s most recent fiscal year.
1. Accepts responsibility for the effectiveness of the entity’s internal control over financial reporting.
2. Evaluate the effectiveness of the entity’s internal control over financial reporting using suitable control criteria.
3. Support its evaluation with sufficient evidence, including documentation.
4. Present a written assessment of the effectiveness of the entity’s internal control over financial reporting as of the end of the entity’s most recent fiscal year.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-4
Auditor Responsibilities under Section 404
The entity’s independent auditor must audit and report on management’s assertion about the effectiveness of internal control. The auditor is required to conduct an ‘integrated audit’ of the entity’s internal control over financial reporting and its financial statements.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-5
Internal Control over Financial Reporting Defined
Internal control over financial reporting is defined as a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements in accordance with generally accepted accounting principles (GAAP). Controls include procedures that:
1.1. Pertain to the maintenance of records that fairly reflect the Pertain to the maintenance of records that fairly reflect the transactions and dispositions of the assets of the company.transactions and dispositions of the assets of the company.
2.2. Provide reasonable assurance that transactions are Provide reasonable assurance that transactions are recorded in accordance with GAAP.recorded in accordance with GAAP.
3.3. Provide reasonable assurance regarding prevention or Provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or timely detection of unauthorized acquisition, use or disposition of the company’s assets.disposition of the company’s assets.
1.1. Pertain to the maintenance of records that fairly reflect the Pertain to the maintenance of records that fairly reflect the transactions and dispositions of the assets of the company.transactions and dispositions of the assets of the company.
2.2. Provide reasonable assurance that transactions are Provide reasonable assurance that transactions are recorded in accordance with GAAP.recorded in accordance with GAAP.
3.3. Provide reasonable assurance regarding prevention or Provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or timely detection of unauthorized acquisition, use or disposition of the company’s assets.disposition of the company’s assets.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-6
Internal Control Deficiencies Defined
Material
Consequential
Inconsequential
Remote More than remote
MaterialMaterialweaknessweakness
Significant Significant deficiencydeficiency
Insignificant deficiencyInsignificant deficiency
L I K E L I H O O DL I K E L I H O O D
MMAAGGNNIITTUUDDEE
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-7
Management’s Assessment Process
Management must:Management must:
1.1. Design and implement an effective system of internal control. Design and implement an effective system of internal control. This process involves determining whether a necessary This process involves determining whether a necessary control is missing or an existing control is not properly control is missing or an existing control is not properly designed.designed.
2.2. Develop an ongoing assessment process for the internal Develop an ongoing assessment process for the internal controls in place. Management must assess the likelihood controls in place. Management must assess the likelihood that failure of a control could result in a misstatement.that failure of a control could result in a misstatement.
3.3. Management must decide which business units to include in Management must decide which business units to include in the assessment process.the assessment process.
Management must:Management must:
1.1. Design and implement an effective system of internal control. Design and implement an effective system of internal control. This process involves determining whether a necessary This process involves determining whether a necessary control is missing or an existing control is not properly control is missing or an existing control is not properly designed.designed.
2.2. Develop an ongoing assessment process for the internal Develop an ongoing assessment process for the internal controls in place. Management must assess the likelihood controls in place. Management must assess the likelihood that failure of a control could result in a misstatement.that failure of a control could result in a misstatement.
3.3. Management must decide which business units to include in Management must decide which business units to include in the assessment process.the assessment process.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-8
Management’s Documentation
Management must develop sufficient Management must develop sufficient documentation to support its assessment of the documentation to support its assessment of the
effectiveness of internal control. This effectiveness of internal control. This documentation may take many forms, such as documentation may take many forms, such as paper, electronic files, or other media. It also paper, electronic files, or other media. It also
includes policy manuals, job descriptions, includes policy manuals, job descriptions, flowcharts, and process models.flowcharts, and process models.
Management must develop sufficient Management must develop sufficient documentation to support its assessment of the documentation to support its assessment of the
effectiveness of internal control. This effectiveness of internal control. This documentation may take many forms, such as documentation may take many forms, such as paper, electronic files, or other media. It also paper, electronic files, or other media. It also
includes policy manuals, job descriptions, includes policy manuals, job descriptions, flowcharts, and process models.flowcharts, and process models.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-9
Framework Used by Management to Conduct Its Assessment
Most entities use the framework developed by COSO.Most entities use the framework developed by COSO.This framework identifies three primary objectives of This framework identifies three primary objectives of
internal control: (1) reliable financial reporting;internal control: (1) reliable financial reporting;(2) efficiency and effectiveness of operations;(2) efficiency and effectiveness of operations;and (3) compliance with laws and regulations.and (3) compliance with laws and regulations.
Most entities use the framework developed by COSO.Most entities use the framework developed by COSO.This framework identifies three primary objectives of This framework identifies three primary objectives of
internal control: (1) reliable financial reporting;internal control: (1) reliable financial reporting;(2) efficiency and effectiveness of operations;(2) efficiency and effectiveness of operations;and (3) compliance with laws and regulations.and (3) compliance with laws and regulations.
COSO
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-10
Performing an Audit of Internal Control over Financial Reporting
Plan the engagement.
Evaluate management’sassessment process.
The auditor typically obtains his or her understanding of management’s assessment process through inquiry of
management and others.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-11
Performing an Audit of Internal Control over Financial Reporting
Plan the engagement.
Evaluate management’sassessment process.
Obtain and document anunderstanding of internal control.
As part of gaining this understanding the auditor must:
1.1. Understand and assess Understand and assess company-level controls.company-level controls.
2.2. Evaluate the effectiveness of Evaluate the effectiveness of the audit committee.the audit committee.
3.3. Identify significant accounts.Identify significant accounts.4.4. Identify relevant financial Identify relevant financial
statement assertions.statement assertions.
1.1. Understand and assess Understand and assess company-level controls.company-level controls.
2.2. Evaluate the effectiveness of Evaluate the effectiveness of the audit committee.the audit committee.
3.3. Identify significant accounts.Identify significant accounts.4.4. Identify relevant financial Identify relevant financial
statement assertions.statement assertions.
5.5. Identify significant processes Identify significant processes and major classes of and major classes of transactions.transactions.
6.6. Understand the period-end Understand the period-end financial reporting process.financial reporting process.
7.7. Perform walkthroughs.Perform walkthroughs.8.8. Identify controls to test.Identify controls to test.
5.5. Identify significant processes Identify significant processes and major classes of and major classes of transactions.transactions.
6.6. Understand the period-end Understand the period-end financial reporting process.financial reporting process.
7.7. Perform walkthroughs.Perform walkthroughs.8.8. Identify controls to test.Identify controls to test.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-12
Performing an Audit of Internal Control over Financial Reporting
Plan the engagement.
Evaluate the management’sassessment process.
Obtain and document anunderstanding of internal control.
Evaluate the design effectivenessof internal control.
Controls are effectively designed when they prevent or detect errors or fraud that could result in material
misstatements in the financial statements.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-13
Performing an Audit of Internal Control over Financial Reporting
Plan the engagement.
Evaluate the management’sassessment process.
Obtain and document anunderstanding of internal control.
Evaluate the design effectivenessof internal control.
Test and evaluate the operatingeffectiveness of internal control.
In testing the effectiveness of controls, the auditor needs to consider the nature, timing, and extent of testing.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-14
Performing an Audit of Internal Control over Financial Reporting
Plan the engagement.
Evaluate the management’sassessment process.
Obtain and document anunderstanding of internal control.
Evaluate the design effectivenessof internal control.
Test and evaluate the operatingeffectiveness of internal control.
Form an opinion of theeffectiveness of internal control.
The auditor should evaluate all evidence
before forming an opinion on internal control,
including (1) the adequacy of management’s
assessment, (2) the results of the auditor’s evaluation, (3) the negative results of substantive procedures
performed, (4) any control deficiencies.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-15
Written Representations
In addition to the management representations obtained as part of a financial statement audit, the auditor also
obtains written representations from management related to the audit of internal control over financial reporting.
Failure to obtain written Failure to obtain written representations from representations from
management, including management, including management’s refusal to management’s refusal to
furnish them, constitutes a furnish them, constitutes a limitation on the scope of the limitation on the scope of the audit sufficient to preclude an audit sufficient to preclude an
unqualified opinion.unqualified opinion.
Failure to obtain written Failure to obtain written representations from representations from
management, including management, including management’s refusal to management’s refusal to
furnish them, constitutes a furnish them, constitutes a limitation on the scope of the limitation on the scope of the audit sufficient to preclude an audit sufficient to preclude an
unqualified opinion.unqualified opinion.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-16
Auditor Documentation Requirements
The auditor must properly document the processes, procedures, judgments, and results relating to the audit
of internal control.
When an entity has effective internal control over financial reporting, the auditor should be able to perform sufficient testing of controls to assess control risk for all relevant assertions at a low level.
When an entity has effective internal control over financial reporting, the auditor should be able to perform sufficient testing of controls to assess control risk for all relevant assertions at a low level.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-17
Reporting on Internal Control
Sarbanes-Oxley requires management’s description of internal control to include:
1. A statement of management’s responsibility for establishing and maintaining adequate internal control.
2. A statement identifying the framework used by management to conduct the required assessment of the effectiveness of the company’s internal control.
3. An assessment of the effectiveness of the company’s internal control as of the end of the most recent fiscal year, including an explicit statement as to whether internal control is effective.
4. A statement that the public account firm that audited the financial statements included in the annual report has issued an attestation report on management’s assessment of internal control.
1. A statement of management’s responsibility for establishing and maintaining adequate internal control.
2. A statement identifying the framework used by management to conduct the required assessment of the effectiveness of the company’s internal control.
3. An assessment of the effectiveness of the company’s internal control as of the end of the most recent fiscal year, including an explicit statement as to whether internal control is effective.
4. A statement that the public account firm that audited the financial statements included in the annual report has issued an attestation report on management’s assessment of internal control.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-18
The Auditor’s Report on Internal Control over Financial Reporting
Once the auditor has completed the audit of internal control, he or she must issue an appropriate report to accompany management’s assessment, published in
the company’s annual report.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-19
Types of Reports Relating to the Audit of Internal Control
The auditor’s report contains opinions on two separate items: (1) management’s assessment of the
effectiveness of internal control over financial reporting, and (2) the effectiveness of internal control over financial reporting based on the auditor’s independent audit work.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-20
Types of Reports Relating to the Audit of Internal Control
OpinionOpinion
An An unqualifiedunqualified opinion opinion signifies that the client’s signifies that the client’s
internal control is internal control is designed and operating designed and operating
effectively.effectively.
An An unqualifiedunqualified opinion opinion signifies that the client’s signifies that the client’s
internal control is internal control is designed and operating designed and operating
effectively.effectively.
A A qualifiedqualified opinion is opinion is issued when there is a issued when there is a
limitation on the scope of limitation on the scope of the auditor’s work. the auditor’s work.
A A qualifiedqualified opinion is opinion is issued when there is a issued when there is a
limitation on the scope of limitation on the scope of the auditor’s work. the auditor’s work.
A serious scope A serious scope limitation requires the limitation requires the auditor to auditor to disclaimdisclaim an an
opinion. opinion.
A serious scope A serious scope limitation requires the limitation requires the auditor to auditor to disclaimdisclaim an an
opinion. opinion.
An An adverseadverse opinion is opinion is required if a material required if a material
weakness is identified. weakness is identified.
An An adverseadverse opinion is opinion is required if a material required if a material
weakness is identified. weakness is identified.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-21
Types of Reports Relating to the Audit of Internal Control
Report Modification Based on Control DeficienciesReport Modification Based on Control Deficiencies
Likelihood ofLikelihood ofMisstatementMisstatement
Type ofType ofAudit ReportAudit Report
InconsequentialInconsequentialdeficiencydeficiency
SignificantSignificantdeficiencydeficiency
MaterialMaterialweaknessweakness
UnqualifiedUnqualifiedopinionopinion
AdverseAdverseopinionopinion
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-22
Types of Reports Relating to the Audit of Internal Control
Report Modification Based on Scope LimitationReport Modification Based on Scope Limitation
Reason forReason forScope LimitationScope Limitation
Type ofType ofAudit ReportAudit Report
MinorMinoreffecteffect
Management imposed/Management imposed/more than minor effectmore than minor effect
SeverSeverlimitationlimitation
UnqualifiedUnqualifiedopinionopinion
DisclaimDisclaimopinion oropinion orwithdrawwithdraw
QualifiedQualifiedopinionopinion
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-23
Elements of the Auditor’s Report
1. A title that includes the word ‘independent.’2. An identification of management’s conclusion about the effectiveness of
the company’s internal control over financial reporting.3. A definition of internal control over financial reporting.4. A statement that the auditor planned and performed the audit to obtain
reasonable assurance about whether effective internal control is maintained.
5. A statement that an audit includes obtaining an understanding of internal control, valuating management’s assessment of testing the design and effectiveness of internal control and any other procedures.
6. A paragraph stating that internal control may not prevent or detect misstatements because of inherent limitations.
7. The auditor’s opinion on whether management’s assessment of the effectiveness of internal control is fairly stated.
8. The auditor’s opinion on whether the company maintained effective internal control.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-24
Integrating the Audits of Internal Control and Financial Statements
An integrated audit is composed of the audits of internal control and the financial statements. The control testing impacts the planned substantive procedures. Also, the results of the substantive procedures are considered in
the evaluation of internal control.
Tests of Tests of internalinternalcontrolcontrol
Tests of Tests of internalinternalcontrolcontrol
SubstantiveSubstantiveauditaudit
proceduresprocedures
SubstantiveSubstantiveauditaudit
proceduresprocedures
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-25
Effect of the Audit of Internal Control on the Financial Statement Audit
If the auditor performs an integrated audit, he or she will have access to a large amount of information
about the client’s controls. This information can make the financial statement audit more efficient and result
in reduced substantive procedures.
Regardless of the level of control risk Regardless of the level of control risk in connection with the audit of the in connection with the audit of the
financial statements, auditing financial statements, auditing standards require the auditor to standards require the auditor to
perform some substantive procedures perform some substantive procedures for all significant accounts and for all significant accounts and
disclosures.disclosures.
Regardless of the level of control risk Regardless of the level of control risk in connection with the audit of the in connection with the audit of the
financial statements, auditing financial statements, auditing standards require the auditor to standards require the auditor to
perform some substantive procedures perform some substantive procedures for all significant accounts and for all significant accounts and
disclosures.disclosures.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-26
Effect of the Financial Statement Audit on the Audit of Internal Control
The effectiveness of the audit of internal controls should lead the auditor to determine the implications of these findings on the financial statement audit. The auditor’s evaluation should include:
1.1. Misstatements detected.Misstatements detected.
2.2. The auditor’s risk evaluations in connection with the The auditor’s risk evaluations in connection with the selection and application of substantive procedures, selection and application of substantive procedures, especially those related to fraud.especially those related to fraud.
3.3. Findings with respect to illegal acts and related party Findings with respect to illegal acts and related party transactions.transactions.
4.4. Indications of management bias in making accounting Indications of management bias in making accounting estimates and in selecting accounting principles.estimates and in selecting accounting principles.
1.1. Misstatements detected.Misstatements detected.
2.2. The auditor’s risk evaluations in connection with the The auditor’s risk evaluations in connection with the selection and application of substantive procedures, selection and application of substantive procedures, especially those related to fraud.especially those related to fraud.
3.3. Findings with respect to illegal acts and related party Findings with respect to illegal acts and related party transactions.transactions.
4.4. Indications of management bias in making accounting Indications of management bias in making accounting estimates and in selecting accounting principles.estimates and in selecting accounting principles.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-27
Special Considerations for an Audit of Internal Control
Special considerationSpecial considerationby managementby managementand the auditorand the auditor
Special considerationSpecial considerationby managementby managementand the auditorand the auditor
Using the work Using the work of others.of others.
Using the work Using the work of others.of others.
Multi-locations Multi-locations and business and business
units.units.
Multi-locations Multi-locations and business and business
units.units.
ServiceServiceorganizations.organizations.
ServiceServiceorganizations.organizations.
SafeguardingSafeguardingassets.assets.
SafeguardingSafeguardingassets.assets.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-28
Using the Work of Others
In determining the extent to which the auditor may use the work of others, the auditor should:
o Evaluate the nature of the controls Evaluate the nature of the controls subjected to the work of others.subjected to the work of others.
o Evaluate the competence and Evaluate the competence and objectivity of the individuals who objectivity of the individuals who performed the work.performed the work.
o Test some of the work performed by Test some of the work performed by others to evaluate the quality and others to evaluate the quality and effectiveness of their work.effectiveness of their work.
o Evaluate the nature of the controls Evaluate the nature of the controls subjected to the work of others.subjected to the work of others.
o Evaluate the competence and Evaluate the competence and objectivity of the individuals who objectivity of the individuals who performed the work.performed the work.
o Test some of the work performed by Test some of the work performed by others to evaluate the quality and others to evaluate the quality and effectiveness of their work.effectiveness of their work.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-29
Testing Multi-locationTotal number of units = 150Total number of units = 150Total number of units = 150Total number of units = 150
Is unit individually important?
Are there specific significant risks?
Are there units that are not important even when
aggregated?
Are there documented company-level controls over
this group?
NoNo
NoNo
NoNo
NoNo
135135Evaluate documents and test
controls over significant accounts at each location.
15 15 YesYes
130130Evaluate documents and test controls over specific risks.
5 5 YesYes
No further action required.7070 60 60 YesYes
Evaluate documents and test company-level controls over group.
Some testing of controls at individual locations.
YesYes
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-30
Safeguarding of Assets
Safeguarding of assets is defined as policies and procedures that ‘provide reasonable assurance regarding prevention or timely
detection of unauthorized acquisition, use or disposition of the company’s assets that could
have a material effect on the financial statements.’
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-31
Computer-Assisted Audit Techniques
Computer-assisted audit techniques include:Computer-assisted audit techniques include:
o Generalized audit software packages.Generalized audit software packages.
o Custom audit software.Custom audit software.
o Test data.Test data.
Computer-assisted audit techniques include:Computer-assisted audit techniques include:
o Generalized audit software packages.Generalized audit software packages.
o Custom audit software.Custom audit software.
o Test data.Test data.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-32
Generalized Audit SoftwareFunction Description
File or data accessReads and extracts data from a client's computer files or databases for further audit testing.
Selection operators Select from files or databases transactions that meet certain criteria.
Arithmetic functions
Perform a variety of arithmetic calculations (addition, subtraction, and so on) on transactions, files, and databases.
Statistical analysesProvide functions supporting various types of audit sampling.
Report generationPrepares various types of documents and reports.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-33
Custom Audit Software
Custom audit software is generally written by auditors for specific audit tasks. It may be required when the client’s computer system is not compatible with the
auditor’s generalized audit software.
Custom software:Custom software:
(1)(1) Is expensive to develop.Is expensive to develop.
(2)(2) Requires extended Requires extended development time.development time.
(3)(3) Is limited in scope of functions.Is limited in scope of functions.
Custom software:Custom software:
(1)(1) Is expensive to develop.Is expensive to develop.
(2)(2) Requires extended Requires extended development time.development time.
(3)(3) Is limited in scope of functions.Is limited in scope of functions.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-34
Test Data
This is data developed by the auditor to test the application controls in the client’s computer programs.
The technique can be used to check (1) data validation controls and error detection routines, (2) processing logic controls, (3) arithmetic calculations, and (4) the inclusion of transactions in records, files, and reports.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin
7-35
End of Chapter 7