10-1. a. Assessing control risk is the process of evaluating the effectiveness of an entity's internal controls in preventing or detecting material misstatements in the financial statements.
b. Control risk should be assessed in terms of individual financial statement assertions.
10-2. In assessing control risk for an assertion, the auditor should perform the following five steps: 1. Consider knowledge acquired from procedures to obtain an understanding about whether controls pertaining to the assertion have been designed and placed in operation by the entity's management. 2. Identify the potential…show more content… However, the auditor must perform direct tests of application controls in order to assess control risk below a high level.
10-8. a. The advantages of using computer assisted audit technique in performing tests of controls include: • A significant part of the entity’s system of internal controls is imbedded in computer programs. • There are significant gaps in the visible audit trail. • There are large volumes of records to be tested.
b. The major disadvantages of using computer-assisted audit techniques are the special knowledge and skills required, and the possible disruption of the client’s IT operations while the auditor uses IT equipment, programs and files. The auditor must also test the effectiveness of manual follow-up procedures in order to determine how effectively the computer controls are at preventing or detecting and correcting misstatements in assertions.
10-9. The advantages of parallel simulation include the following: • Because real data are used, the auditor can verify the transactions by tracing them to source documents and approvals. • The size of the sample can be greatly expanded at relatively little additional cost. • The auditor can independently run the test.