RISK ASSESSMENTS AND INTERNAL CONTROL
(This Standard is effective, but will be withdrawn when ISA 315 and 330 become effective)*
Paragraph Introduction ... 1-10 Inherent Risk ... 11-12 Accounting and Internal Control Systems ... 13-20 Control Risk ... 21-39 Relationship Between the Assessments of Inherent and Control Risks ... 40 Detection Risk ... 41-47 Audit Risk in the Small Business ... 48 Communication of Weaknesses ... 49 Appendix: Illustration of the Interrelationship of the Components of Audit Risk
International Standard on Auditing (ISA) 400, “Risk Assessment and Internal Control” should be read in the context of the “Preface to the International Standards on Quality Control, Auditing, Assurance and Related Services,” which sets out the application and authority of ISAs.
* ISA 315, “Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement” and ISA 330, “The Auditor’s Procedures in Response to Assessed Risks” are effective for audits of financial statements for periods beginning on or after December 15, 2004.