Question

Which of the following should be done by the auditor if tests of controls indicate that a key control is not functioning as designed?

A. Increase the assessed level of control risk
B. Increase the level of assessed detection risk
C. Stabilize the nature, timing, and extent of substantive tests related to the assertion
D. Rely on external controls

Answer 1

If tests of controls indicate that a key control is not functioning as designed, the auditor should increase the assessed level of control risk.

Step-by-step explanation:

If tests of controls indicate that a key control is not functioning as designed, the auditor should increase the assessed level of control risk (option A). This means that the auditor believes there is a higher risk that the control will not prevent or detect material misstatements.

Increasing the assessed level of detection risk (option B) would mean that the auditor is willing to accept a higher risk of not detecting material misstatements during substantive testing, which is not the appropriate response to a control deficiency.

Stabilizing the nature, timing, and extent of substantive tests related to the assertion (option C) refers to the auditor's response when substantive testing is relied upon to compensate for a deficiency in the control environment.