See attached file for full problem description.© BrainMass Inc. brainmass.com September 23, 2018, 8:12 am ad1c9bdddf - https://brainmass.com/business/auditing/assessing-control-risk-143922
OBTAINING AND DOCUMENTING THE UNDERSTANDING:
The first stage is to obtain the understanding of the system. This means getting the information and understanding the operating environment of the organization. The auditor should write down the various components of the operating environment like the laws that are applicable to the organization and keep a record of these. The internal auditor should then understand the goals and objectives of the organization and assess the related risks. The internal auditor needs to check the controls, understand the related policies and evaluate the procedures. He should enter these controls, polices and procedures in his working papers. He should then examine and understand the information system and communication techniques in use in the organization and enter their details in his working papers. Finally, he should understand the method used to monitor the performance of the organization. He should use evaluate their effectiveness, assess their weaknesses and enter the relevant information in their working papers;
PERFORMING CONCURRENT TESTS OF CONTROLS:
While the internal auditor is performing his duties he should carefully observe the control system. This is an important test of control. The next test is to inspect the corroboration that the control procedures were carried out. Were ...
This explanation provides you a comprehensive argument relating to assessing control risk