The policies and procedures that help ensure that management directives are carried out, for example, that necessary actions are taken to address risks that threaten the achievement of the entity’s objectives

Audit approaches in relation to control risk assessment

Series of tasks and records of an entity by which transactions are processed as a means of maintaining financial records

Two Possible Risk Assessments

PSA 315 is based on which internal control framework?

Which type of analytical procedures is not required for every audit?

The auditor should document his understanding of internal control. The extent of documentation is a matter of the CPA’s judgment and the form of documentation depends upon

Types of CIS application controls

Risks can arise or change due to circumstances such as

Transactions are accumulated and processed in a group

Consists of infrastructure (physical and hardware components), software, people, procedures, and data

File system with exclusive access to and use of individual data

Exists when a computer of any type or size is involved in the processing by the entity of financial information of significance to the audit, whether the computer is operated by the entity or by a third party