Student Name. UMAIR AKHTAR Student Reg.

L1S20BSAF0024

Section. (A) Date. 26-01-2022

Instructions:
Assignment Topic & Details:
Write a note on “Relationship between auditing and risk assessment” and cover both aspects of
internal and external audit.

Risk Assessment:

Risk assessment is the foundation of the audit. Audit risk assessment procedures are performed
for obtaining the understandings of the company and its environment, including its internal
controls which are used to identify and assess the material misstatement of financial
statement.Through risk assessment we came to know what are the major areas that need
improvements. Audit is conducted to examine the company and its accounts, and
check either financial. statements give ‘true and fair view' or not, it also talks about the
company's internal controls if there is any gap in them or not, everyone is following those
controls or not? Audit check the adequacy and effectiveness of the risk management
framework.

Relationship between Internal Audit and Risk Assessment:

Internal audit is conducted by the employees of the company or the company may do
outsourcing for it, it is done on volunteer basis. It is mainly concerned with the inspection
within the company. Internal audit also has to follow audit risk assessment framework, so that
they can provide assurance to the board and senior management about their adequacy and
effectiveness. Internal audit also take part in risk treatment plans which represents
management's commitment to respond to current level of risk.
Relationship between External Audit and Risk Assessment:
While the external audit is conducted by an independent auditor, it is statutory by law. It is
conducted to audit the financial statements of the company and the company's internal controls.
The external auditor validates the internal control system to check that either the organization
has successfully and sufficiently mitigated the audit risk; including inherent risk, control
risk and
detection risk. External auditor can see if there is any blind spot or any gaps in the internal
controls, then the auditor gave recommendation on the basis of what should be done in future
to resolve those gaps. External audit is conducted by third party agencies who are involved in
evaluating specific business functions. By assessing the risk external auditor came to know in
which fields internal controls are strong or not, if internal controls in a field are strong then
that field need less attention and vice versa.