Asses

Control
Risk
 Step of Control Risk Assesment
- Neil Armstrong

Identify and
evaluate associate
Associate assess
Control Control
Identify Identify Controls Control risk
Deficiencies, Deficiencies
audit existing with related for each
Significant with related
Objectives Controls audit related audit
Deficiencies, audit
Objectives Objective
and Material Objectives
weakness
 Control Deficiencies, Significant Deficiencies
and Material Weakness
A five-step approach can be used to identify deficiencies, significant deficiencies, and material
weaknesses:

- identify existing control

- identify the absence of KEY CONTROL

- Consider the possibility of Compensating control

- Identify significant deficiency and material weakness

- determine potential misstatements

 Test of Control

Make inquiries Examine

Observe Reperform
of appropriate documents,
control-related client
client records, and
activities. procedures
personnel. reports
 Evidence
of prior
year audit

Extent of Testing of

Procedures
Control

Testing
less than
The extent to which tests of audit
controls are applied depends on the period
preliminary assessed control risk. If
the auditor wants a lower assessed
control risk, more extensive tests of Outsoured
controls are applied system

Service
center
auditor