How to use document 13.50 Risk and control assessment
The objectives of the document are to:
Identify, assess and document fraud and inherent risks at an overall level through risk indicators and obtaining an understanding of the entity and its environment.
Identify and evaluate any non-compliance with the rules of the law societies.
Consider the design and implementation of relevant control activities, identify controls that can be relied on, designing tests of control as well as identifying and reporting control weaknesses.
The document is divided into the following tabs to assist you in documenting fraud and inherent risks at financial statement level:
- Overall fraud and inherent risk indicators
- Overall fraud and inherent risk assessment
The document is divided into the following tabs to assist you in documenting any non-compliance with the rules of the law societies as well as documenting and reporting on control activities and weaknesses.
- Accounting records
- Transactions and balances
- Service Activities
Overall fraud and inherent risk indicators
|Risk indicator||Tick the appropriate tick boxes next to the risk indicator.||By selecting the relevant risk indicators you will be reminded to record a risk.|
|Risk||Raise a risk relating to the risk indicator here if necessary.||When raising a risk you are prompted to perform work on the risk in the next tab, Overall fraud and inherent risk assessment other documents.|
Overall fraud and inherent risk assessment
Insert the source from where the risk was identified as a cross-reference.
You can also double-click in the cell to automatically insert the source from which you identified the risk.
|By inserting references to source documentation you ensure that your file is easy to follow and logical.|
Provide a detailed description of the risk.
Risks without a description will not show up in the risk summary or other documents.
|When raising a risk you will be prompted to perform work on the risk in other documents.|
|Implication||Insert a detailed implication of the risk.||By describing the implication of the risk you will be able to better understand the risk and identify non-compliance.|
|Overall risk response||Provide detail of the overall response to the risk.||By providing a detailed response to the overall risk you will have proof of addressing the risk for reviewers and future enquiries. The risk response should be applied throughout the audit.|
Accounting records, Transactions and balances, Investments, Service activities
You will be guided to consider various factors relevant to the different elements of the client’s internal controls as well as rules of the law society.
|In assessing all the questions you will be able to identify controls in place as well as control risks and conclude on the overall control risk of the engagement as well as compliance with the rules of the law society.|
Answer the question by making a selection with the "Yes / No" drop-down box.
|By answering the questions you will be reminded to report weaknesses/non-compliance.|
|Description||Insert a short description to document the control.||By describing the control you are able to substantiate your answer to reviewers and future enquiries.|
|How was relevant controls implemented||You have to describe, for relevant controls, how you determined that the control was implemented.||By describing how the control was implemented you are able to substantiate your answer to reviewers and future enquiries.|
|Reliance intended||You have to decide whether you want to place reliance on the control and therefore test this control in order to obtain audit evidence||When you want to place reliance on the control you have to test this control in order to obtain audit evidence and test of control procedures will be enabled for the relevant section in your work programs.|
|Test of control||If reliance is intended you design the test of control for the specific control.||The test of control will show up in your work programs to remind you to perform additional work on the control and to test the control.|
|Report item||You have to decide whether or not you want to report the weakness in 03.90 Report to management and those charged with governance as well as 03.95 Auditor's assurance report.|
If the control is not in place and you decide not to report the item, an input cell will appear below the control question where you can insert a description or comment.
|By reporting weaknesses/non-compliance as and when they are discovered you ensure that all weaknesses/non-compliance are recorded and reported.|
|Weakness/Non-compliance||If you decided to report the weakness/non-compliance, then you have to record the weakness in this column.|
The weakness/non-compliance will automatically carry forward to 03.90 Report to management and those charged with governance as well as 03.95 Auditor's assurance report.
|Inserting the weakness here will ensure that your 03.90 Report to management and those charged with governance as well as 03.95 Auditor's assurance report are completed automatically.|
|Risk||Raise a risk relating to the control question here if necessary.||When raising a risk you are prompted to perform work on the risk in other documents.|
The following features are available in the document:
- Insert comment, click here for further information
- Delete comment, click here for further information
- Insert row at end of table, click here for further information
- Delete row, click here for further information
- Record risk, click here for further information
For each section you have to conclude on whether controls, individually or in combination with other controls, are capable of effectively preventing, or detecting and correcting non-compliance with laws and rules of the law society. You make a selection by using the "Yes / No" drop down box.
If you answer "No", you have to describe the impact on the overall plan.
You also have to assess the risk of material misstatement for the section by making a selection from the drop down box.
(Popularity = 1/100, Rating = 0.0/5)