369 paragraphs found
When evaluating the suitability of the design of controls to prevent, detect or correct fraud, the assurance practitioner considers whether the following fraud risk factors are adequately mitigated by the designed controls: any incentives or pressures to …
Controls can mitigate but not eliminate the risk of fraud, which may threaten achievement of the identified control objectives. In evaluating the suitability of the design of controls, the assurance practitioner considers whether the controls mitigate …
Suitably designed controls may be undermined by deficiencies in other components of control or other competing factors within the entity which the assurance practitioner may need to consider. These risks may be addressed through indirect controls, if so …
When evaluating the suitability of the design of controls the assurance practitioner may identify controls which are either included in the design but omitted from the description or included in the description but are ineffective in achieving the control …
In a reasonable assurance engagement, when obtaining an understanding of the control environment and considering other components of controls, not included in the scope of the engagement, the assurance practitioner may consider, for example: the tone at …
In obtaining evidence as to whether those aspects of the description included in the scope of the engagement are fairly presented in all material respects, the assurance practitioner determines whether: The description addresses the major aspects of the …
In obtaining evidence as to whether complementary user-entity or client controls included in the description are adequately described, the assurance practitioner may: compare the information in the description to contracts with user entities; compare the …
The assurance practitioner’s evaluation of the description may be performed in conjunction with procedures to obtain an understanding of that system. These procedures may include: Enquiries of management and staff including, where the scope of the …
If a control is suitably designed, the assurance practitioner determines, if included in the scope of the engagement, whether the control is implemented by assessing that the implementation process has been carried out so that the control can operate …
The effective implementation of controls, which enables those controls to operate effectively once they are delivered and in operation, usually involves a number of processes which may include: Documentation of controls. Development of manuals, …