ISA 400 Risk Assessments and Internal Control
Encyclopedia
ISA 400 Risk Assessments and Internal Control is one of the International Standards on Auditing
. It serves to require the auditor is to understand the client's accounting system and internal control
system and to assess control risk and inherent risk
. The objective is to determine the nature, timing and extent of substantive procedures in order to reduce audit risk
to an acceptable low level.
International Standards on Auditing
International Standards on Auditing are professional standards for the performance of financial audit of financial information. These standards are issued by International Federation of Accountants through the International Auditing and Assurance Standards Board .-Respective responsibilities:*ISA...
. It serves to require the auditor is to understand the client's accounting system and internal control
Internal control
In accounting and auditing, internal control is defined as a process effected by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives. It is a means by which an organization's...
system and to assess control risk and inherent risk
Inherent risk
Inherent risk, in the audit of financial statements, is the risk that the account, disclosure or financial statement note being attested to by an independent CPA firm is materially misstated without considering internal controls due to error or fraud...
. The objective is to determine the nature, timing and extent of substantive procedures in order to reduce audit risk
Audit risk
Audit risk refers to acceptable audit risk, i.e. it indicates the auditor's willingness to accept that the financial statements may be materially misstated after the audit is completed and an unqualified opinion was issued...
to an acceptable low level.
See also
- Control environmentControl environmentControl environment also called "Internal control environment". It is a term of financial audit, internal audit and Enterprise Risk Management. It means the overall attitude, awareness and actions of directors and management regarding the internal control system and its importance to the entity...
- Control objectives
- Control procedures
- Internal control types
- Walk through test
- Sarbanes-Oxley
- Entity-Level ControlsEntity-Level ControlsEntity-Level Controls are internal controls that help ensure that management directives pertaining to the entire entity are carried out. They are the second level of a top-down approach to understanding the risks of an organization...