Flashcards in 2-internal control concepts Deck (8)
if internal controls are bad (ineffective) then we would set control risk to the______level
if you have reliance it means you can depend on the internal controls. if you have no reliance then its the same as setting cr to maximum.
reliance means the same thing as to assess control risk at less than the maximum level, for purposes of accepting a higher level of DR.
a wholly _______ audit approach means no reliance on internal control, which means the same thing as assessing CR to the maximum level.
why must an auditor take into consideration a companies internal control in planning the audit engagement.
in order to plan and effective and efficient audit, auditors must assess control risk as a basis for setting the appropriate level of DR related to their substantive auditing procedures
*if internal control is effective or ineffective
ineffective-assess cr at the maximum level (which means no reliance) perform wholly substantive audit approach, because the internal controls can't be relied on.
effective-consider the possibility of assessing control risk at less than the maximum level (which means reliance) consider cost benefit issues. if reliance is determined to be an efficient audit strategy, the auditor must perform test of controls to evaluate the operating effectiveness of those controls. once those controls are complete reevaluate the test of controls operating effectiveness and see if the nature timing and extent of those test of control reflect in the audit plan.
after setting control risk (at max or min level) the auditor would prepare the ______ that's designed to achieve the appropriate level of _______. taking into consideration the risk of material misstatement -RMM (IR*CR)
once everything is done the auditor should make an audit plan auditor should ______ whether controls are effective or ineffective