Control environment, Risk Assessment, Control Activities, Information & Communication, Monitoring Activities

Risk management, risk mitigation, risk monitoring

Risk prevention, risk detection, risk response

Risk assessment, risk control, risk reporting

Internal control systems hinder the audit process

Internal control systems are only relevant for small businesses

Internal control systems are important in the audit process to assess risks, design audit procedures, and ensure reliability of financial reporting.

Internal control systems are unnecessary in the audit process

Conducting a detailed financial analysis

Understanding the client's business and industry, assessing risks and materiality, developing an audit strategy, setting audit objectives, planning the audit approach, determining the audit scope, assigning audit team members, and developing a detailed audit plan.

Skipping the risk assessment step

Reviewing previous audit reports

Conducting data analytics, document reviews, verifying transactions, surprise audits and make sure the control are proper adequate base on maker/checker mechanism.

Avoiding surprise audits

Ignoring financial records

Relying solely on verbal assurances

IFRS guidelines, ISO 9001 standards, SEC regulations

COSO framework, PCAOB standards, AICPA auditing standards

Send audit findings via carrier pigeon

Report audit findings to stakeholders in a clear, concise, and visually engaging manner, tailored to their level of understanding and make sure mentioned responsible person and periods to get it done.

Deliver audit findings through a puppet show

Present audit findings using interpretive dance

Risk assessment is essential in the internal audit process to identify and prioritize potential risks that could impact the organization's objectives.

Risk assessment is not necessary for internal audit

Risk assessment only adds unnecessary complexity to the audit process

Internal audit can be done without considering potential risks