When making a preliminary assessment of control risk, the starting point for most auditors is
A) IT assessment controls.
B) assessment of entity level controls.
C) transaction-related controls.
D) fraud controls.

Question

Quizplus · Accepted Answer

The starting point for most auditors when making a preliminary assessment of control risk is the assessment of entity level controls. This includes the overall control environment, risk assessment process, control activities, information and communication processes, and monitoring activities. Understanding these controls provides auditors with a foundation for evaluating the effectiveness of transaction-related controls and determining the extent of substantive testing needed to achieve the desired level of assurance. IT assessment controls, fraud controls, and other specific control areas may be considered during this process, but the assessment of entity level controls is typically the primary focus.

When Making a Preliminary Assessment of Control Risk, the Starting