Internal Control and Risk Assessment
The nature and extent of
the procedures performed by the auditor to obtain an understanding of the
accounting and internal control systems generally depend on:
· Nature of policies or
kind of procedures,
· Changes in operating
environment,
· Size and complexity of
the business,
· Way of documentation
of business operations,
· Auditor’s assessment
of inherent risk.
The auditor should make
a study of internal control relevant for his audit. Although most controls
related to audit are relevant for financial reporting but all controls relevant
for financial reporting may not be relevant for audit. It is the judgment of
auditor to decide whether a control individually or in combination with other
is relevant for audit or not.
Auditor normally
classified audit risk for assessment into control risk and inherent risk.
Control risk signifies
that a material misstatement could occur but would not be prevented or detected
by internal control system.
Inherent risk signifies
the chances that recording of transactions have been done either erroneously or
under the influence of management fraudulent activity.
Assessment of control
risk
Assessing control risk
is the process of evaluating the effectiveness of an entity’s accounting and
internal control systems in preventing or detecting material mis-statements in
the financial statements. After having a basic idea of the accounting and
internal control system, the auditor should make an initial assessment of
control risk for the appropriate assertions in the financial statements.
When planning the audit
approach, the auditor should consider the initial assessment of control risk
(in conjunction with his assessment of inherent risk) to determine the
appropriate detection risk to accept for the financial..........
No comments:
Post a Comment