Conducting the Assurance Engagement

Flashcards for Chapter 14 of Internal Auditing: Assurance & Advisory Services, 5th Edition, focusing on conducting assurance engagements.

Conducting the Assurance Engagement

Gathering and documenting sufficient appropriate evidence to support conclusions about the effectiveness of controls.

Risk and Control Matrix

A tool used to document the results of testing during the assurance engagement.

Evaluate Evidence Gathered and Reach Conclusions

Requires the internal auditor to consider the initial evaluation of control design as well as the results of testing and form a conclusion as to whether the underlying risks are being mitigated to an acceptable level.

Key Considerations for Evaluating Evidence

Ensuring key controls are designed adequately, operating effectively, and mitigating risks to an acceptable level.

Develop Observations and Formulate Recommendations

Documenting any control deficiencies to facilitate discussion with management and communication to stakeholders.

Opportunities for Internal Audit to Provide Insight

Sharing process documentation, data analysis results, and thoughts on fraud risks to enhance the auditee's processes.

Providing Insight on KPIs

Advising on the sufficiency and comprehensiveness of key performance indicators to help auditee management better monitor performance.

Providing Insight on Risk Management

Discussing process-level risks and management's tolerance levels to ensure alignment and appropriate risk acceptance.

Providing Insight on Control Effectiveness

Sharing assessments of control design and operation to reach agreement on acceptability of design adequacy and operational effectiveness.