| A116. | In making risk assessments, the auditor may identify the controls that are likely to prevent, or detect and correct, material misstatement in specific assertions. Generally, it is useful to obtain an understanding of controls and relate them to assertions in the context of processes and systems in which they exist because individual control activities often do not in themselves address a risk. Often, only multiple control activities, together with other components of internal control, will be sufficient to address a risk. |
| A117. | Conversely, some control activities may have a specific effect on an individual assertion embodied in a particular class of transactions or account balance. For example, the control activities that an entity established to ensure that its personnel are properly counting and recording the annual physical inventory relate directly to the existence and completeness assertions for the inventory account balance. |
| A118. | Controls can be either directly or indirectly related to an assertion. The more indirect the relationship, the less effective that control may be in preventing, or detecting and correcting, misstatements in that assertion. For example, a sales manager's review of a summary of sales activity for specific stores by region ordinarily is only indirectly related to the completeness assertion for sales revenue. Accordingly, it may be less effective in reducing risk for that assertion than controls more directly related to that assertion, such as matching shipping documents with billing documents. |
|
|
Licence and copyright | © 2018, LexisNexis Group a division of Reed Elsevier (UK) Ltd. All rights reserved. |