29 paragraphs found
… is engaged to report on the operating effectiveness of controls this fact is not a substitute for the responsible … basis for its Statement on the outcome of the evaluation of controls. If the responsible party’s Statement claims that … and include regular management and supervisory activities. Internal auditors or personnel performing similar functions …
… may not be the engaging party, but is responsible for the controls which are the subject matter of the engagement and … The responsible party and the intended users may both be internal to the entity, for example if the responsible party … each of these roles relate to an assurance engagement on controls. …
… an appropriate foundation for the other components of internal control, and whether those other components are not … and monitoring activities that the entity uses to monitor controls, including the role of the internal audit function, which mitigate the risks that …
… Assurance conclusions on controls are often required by regulators or users in … auditors may be engaged to report under ASAE 3402, on controls at a service organisation that are likely to be relevant to user entities’ internal control as it relates to financial reporting, as …
… are not covered by this ASAE include financial reporting controls at a service organisation which are reported under ASAE 3402, including reasonable assurance reports on internal controls of Investor-directed portfolio services (IDPS) and …
… regarding: management’s assessment of the risk that controls may be circumvented due to fraud, including the … alleged fraud affecting the entity; make enquiries of the internal audit function, where it exists, to determine … and responding to the risks of fraud in the entity and the internal control that management has established to mitigate …
… that actual deviations in the operating effectiveness of controls in the population exceeds tolerable deviations, and … practitioner might extend the sample size or, unless the controls themselves are being concluded upon (such as when … The interaction of the deviation with other deviations in internal control. …
… effectiveness performed by the entity in monitoring controls (management, internal audit function or other personnel); and the … the interdependence of the control upon other controls (for example the design of controls associated with …
… IT also poses specific risks to an entity’s internal control, including, for example: reliance on …