- This topic has 1 reply, 2 voices, and was last updated 5 years ago by
.
- Posts
Sir , in most of the exams set, the control objectives, recommendations and tests of control is it to identify the business risks and the corresponding recommendations? Is it suppose to be the auditors duty apart from testing the control put in place .
I ask this question because I taught the only major concern for the auditor in this context is to see the how effective & efficient is the operating internal controls are and to assess whether to place reliance on them or not.
Thank you sir !
I don’t understand what you are asking. Business risk is not examinable per se (it’s not mentioned in the syllabus) but may be the root of inherent risk (which is examinable).
Please see Chapter 9 in the notes – the auditor assesses the risk that the client’s internal controls fail to prevent or detect and correct misstatements (control risk).
The auditor must decide (through understanding the entity and Its environment) whether controls are expected to be effective. Tests of controls are performed only to confirm that they are indeed effective and can therefore be relied on. They are not tested if expected to be ineffective (see the overview at the beginning of Chapter 7 or 8).
Management is responsible for the design and operation of internal controls (section 2 of Chapter 12). The auditor reports on controls “if the internal control system is inadequate (i.e. the auditor does not perform TOCs) or is not operating efficiently (i.e. as shown by the results of TOCs)”. This is stated in section 7 of Chapter 12.
- You must be logged in to reply to this topic.