Using the risk-based auditing approach,when the auditor identifies a control deficiency,the auditor should inquire about
A)tests of controls.
B)the feasibility of a systems review.
C)materiality and inherent risk factors.
D)compensating controls.

Question

Quizplus · Accepted Answer

When a control deficiency is identified during a risk-based audit, the auditor should inquire about compensating controls that may mitigate the risk associated with the control deficiency. Compensating controls are alternative controls that are put in place to reduce the risk of a control deficiency. The other options listed (tests of controls, feasibility of a systems review, materiality and inherent risk factors) are important considerations during the audit process but they are not directly related to addressing a control deficiency.

Using the Risk-Based Auditing Approach,when the Auditor Identifies a Control