Why is it not necessary to test control weaknesses? What action does the auditor need to take when control evaluation work indicates a control weakness?
Answer to relevant QuestionsWhy are an auditee’s privacy controls relevant to the audit?How does the direction of a control test relate to control objectives? Why does an inventory of Rolex watches have a high inherent risk, and why does the auditor expect management to have strong controls over this inventory? How does the auditor’s control risk assessment affect the preliminary audit program? Why is there a cost-benefit trade-off involved in evaluating internal controls for planning the audit?
Post your question