Professional Documents
Culture Documents
ASSESSING RISK
KAP TANUBRATA SUTANTO
FAHMI BAMBANG & REKAN
CHEOW WILLIAM & NINA PUTRI PERMATASARI
1
DETERMINING A CONCLUSION FOR EACH IDENTIFIED RISK
SPECTRUM OF INHERENT
LIKELIHOOD
INHERENT
IDENTIFIED RISK
RISK
RISK
RISK CONCLUSION
FACTORS
MAGNITUDE
IDENTIFY POTENTIAL RMMs
Understand the Understand the Understand the Stand back at the end
entity, its entity’s cycles and components of the of risk assessment
environment and the the business entity’s system of procedures to consider
applicable financial processes and internal control if there are any more
reporting framework information systems potential RMMs
within those cycles
UIC-ELC
IT
UTE ENVIRON-
MENT UIC-CARA ETD Q
PAR/RADA INFO
SYSTEMS ITGC RAQ
IDENTIFY POTENTIAL RMMs
Potential RMMs
History of effectiveness
Other CR factors
DETERMINING DIFFERENT ASSURANCE LEVELS
Nature /
Precision reliability of
evidence
Amount of
Coverage
corroboration
TESTS OF CONTROL
CARA ITGC
DEFINITION OF CARA
The ISAs define certain control activities as relevant to the audit. Any
of the following are considered CARA:
Example 1
CR = High
Example 2
CR = Low
WHY? ISA 330.18: For each GOAL: SSPs are performed to obtain
material FSA, irrespective of evidence to support our initial
assessed RMMs, substantive audit assessment that there is no IRMM in
procedures shall be designed and a material FSA, not to reduce our
performed. risk to an acceptable level.
NATURE AND DESIGN OF SSPs