X hits on this document

590 views

0 shares

0 downloads

0 comments

44 / 151

© 2008 Prentice Hall Business Publishing     Accounting Information Systems, 11/e    Romney/Steinbart

44 of 151

THE NATURE OF AUDITING

The risk-based audit approach

A risk-based audit approach is a four-step approach to internal control evaluation that provides a logical framework for carrying out an audit. Steps are:

Determine the threats (errors and irregularities) facing the AIS.

Identify control procedures implemented to minimize each threat by preventing or detecting such errors and irregularities.

Evaluate the control procedures.

Evaluate weaknesses (errors and irregularities not covered by control procedures) to determine their effect on the nature, timing, or extent of auditing procedures and client suggestions.

Focuses on control risks and whether the control system as a whole adequately addresses them.

If a control deficiency is identified, the auditor asks about compensating controls—procedures that make up for the deficiency.

A control weakness in one area may be acceptable if compensated for by control strengths in other areas.

Document info
Document views590
Page views590
Page last viewedThu Dec 08 08:28:46 UTC 2016
Pages151
Paragraphs2415
Words11231

Comments