369 paragraphs found
IT also poses specific risks to an entity’s internal control, including, for example: reliance on systems or programs that are inaccurately processing data, processing inaccurate data, or both; unauthorised access to data that may result in breaches of …
Manual elements in internal control may be more suitable where judgement and discretion are required such as for the following circumstances: Large, unusual or non-recurring transactions. Circumstances where errors are difficult to define, anticipate or …
Manual elements in internal control may be less reliable than automated elements because they can be more easily bypassed, ignored, or overridden and they are also more prone to simple errors and mistakes. Consistency of application of a manual control …
The scope of the engagement may require the assurance practitioner to conclude on only certain components of control, such as control activities, within the system and not provide a conclusion on the system as a whole. Nevertheless, the assurance …
The assurance practitioner obtains an understanding of the components of control to understand how they may impact the effectiveness of the component which is included in the scope of the engagement. This understanding of the control components may …
The division of internal control into the components, in paragraph A68(a)-(e) above, provides a useful framework for the discussion of different aspects of an entity’s internal control which may affect the engagement in this ASAE. However, this does not …
Management is in a unique position to perpetrate fraud because of management’s ability to manipulate the entity’s records or prepare fraudulent reports by overriding controls that otherwise appear to be operating effectively. Although the level of risk …
In obtaining an understanding of the system, including controls, the assurance practitioner determines whether the entity has an internal audit function and its effect on the controls within the system. The internal audit function ordinarily forms part …
An effective internal audit function may enable the assurance practitioner to modify the nature and/or timing, and/or reduce the extent of assurance procedures performed, but cannot eliminate them …
In a direct engagement the assurance practitioner’s evaluation of controls and gathering of evidence to support an assurance conclusion on controls, is a single process which results in an assurance conclusion which is also the outcome of the assurance …