Behind the scenes
Auditors of small entities need to understand the design and implementation of internal controls – even when they take a fully substantive approach to risk assessment. Hugh Morgan, Michèle Rose and Katharine Bagshaw outline how and why.
Risk assessment is key to an ISA-compliant audit, as highlighted in ICAEW’s Quality Assurance Department (QAD) Audit Monitoring 2012 report. It recognises that firms often obtain “sufficient evidence to address the risks, even though the risk assessment process itself may not meet all the requirements”. The risk assessment process is important though, because without it, there is a danger that significant issues may be overlooked and the response to the risk assessment might not make sense. Standard work programmes help ensure that nothing is missed but they are much more likely to work if the risk assessment process that supports them is sound...
This is an extract from an article in the May 2014 edition of Audit & Beyond, the magazine of the Audit and Assurance Faculty.
Find out more
- Download the complete article: Behind the scenes
- Download associated examples of design and implementation of internal controls
Not yet a faculty member?
Not yet a member? To get access to all future publications, events, webinars and services, join the Audit and Assurance Faculty today.