When setting the scope for the identification and assessment of key risks and controls in a process, which of the following would be the least appropriate approach?
A) Develop the scope of the audit based on a bottom-up perspective to ensure that all business objectives are considered.
B) Develop the scope of the audit to include controls that are necessary to manage risk associated with a critical business objective.
C) Specify that the auditors need to assess only key controls, but may include an assessment of non-key controls if there is value to the business in providing such assurance.
D) Ensure the audit includes an assessment of manual and automated controls to determine whether business risks are effectively managed.
Correct Answer:
Verified
Q393: The board has asked the internal audit
Q394: Which of the following statements describes an
Q395: Due to price risk from the foreign
Q396: According to IIA guidance, which of the
Q397: An audit identified a number of weaknesses
Q399: According to IIA guidance, which of the
Q400: An internal auditor has been assigned to
Q401: While conducting an audit of a third
Q402: If observed during fieldwork by an internal
Q403: An internal auditor is conducting a review
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents