According to the risk-based auditing approach,when a control deficiency is identified,the auditor should inquire about
A) tests of controls.
B) the feasibility of a systems review.
C) materiality and inherent risk factors.
D) compensating controls.

Question

Quizplus · Accepted Answer

When a control deficiency is identified, the auditor should inquire about compensating controls, which are alternative procedures or activities that have been put in place to mitigate the risk of the control deficiency. This helps the auditor determine if the compensating controls are sufficient to reduce the risk to an acceptable level. Inquiring about tests of controls, feasibility of a systems review, and materiality and inherent risk factors are relevant but not specific to addressing a control deficiency.

According to the Risk-Based Auditing Approach,when a Control Deficiency Is