Final answer:
An auditor must evaluate application controls for each individual application within the IT system to confirm data integrity and processing accuracy. This includes examining input and processing controls as part of the company's internal control audit.
Step-by-step explanation:
Application controls vary across the IT system. To gain an understanding of internal control for a private company, the auditor must evaluate the application controls for every individual application within the IT system. These controls are specific to each application and are designed to ensure the integrity of the data and processing within the application. Examples include input controls, which check the validity and accuracy of data before it is processed, and processing controls, which ensure that data is processed correctly.
An auditor examines these controls to confirm that they are properly designed and operating effectively. This involves reviewing the control environment, risk assessment processes, control activities, information and communication systems, and monitoring activities related to the application. An effective audit ensures that the company mitigates risks related to data accuracy, privacy, and security, among others.