Put the following steps in the control risk assessment process
in their logical order:
identify and evaluate control deficiencies, significant
deficiencies, and material weaknesses
identify audit objectives
identify existing controls
associate controls with audit objectives
An internal control deficiency can be caused by:
the absence of a necessary control
a control that is not properly designed
a control that does not operate as designed
any of the above conditions is a control deficiency
Match the following concepts regarding tests...
Conducting a Risk Assessment You will be given a list
of organisation in week 3 by your lecturer and you can select any
one organisation from them. The organisation uses various IT
systems for its daily operations. Assume that you are appointed as
an IT Systems Auditor for the chosen organisation and you are asked
to provide a risk register must come up for the IT systems in the
organisation. A brief introduction of the organisation and the IT
systems...
in short essay name and describe the three levels of analyses
for conducting a needs assessment. Describe what problems might
arise if a proper needs assessment is not conducted. Name and
describe the uses of competency models.
Which of the following is a definition of control risk?
The risk that the auditor’s assessment of internal controls will
be at less than the maximum level.
The risk that the auditor will not detect a material
misstatement.
The susceptibility of material misstatement assuming there are
no related internal control policies or procedures.
The risk that a material misstatement will not be prevented or
detected on a timely basis by the client’s internal controls.