Final answer:
The five-step process in auditing ICFR involves planning, identifying significant accounts and controls, understanding and assessing control design and implementation, testing operating effectiveness, and evaluating conclusions. These steps are part of forming an opinion on the effectiveness of ICFR, not on financial statement presentation or asset safeguarding.
Step-by-step explanation:
The five-step process in the audit of Internal Control over Financial Reporting (ICFR) includes the following steps: 1) Planning the audit and deciding on the scope by understanding the company and its environment, 2) identifying significant accounts and disclosures and their relevant assertions, 3) understanding and assessing the design of internal controls and determining whether they have been implemented, 4) testing the operating effectiveness of controls, and 5) Evaluating and drawing conclusions on the effectiveness of ICFR and communicating with the management and audit committee.
This process helps the auditor to form an opinion on the effectiveness of the entity's ICFR, but it does not specifically include forming an opinion on the safeguarding of assets or the fairness of the presentation of the financial statements, which are separate objectives. The risk-based approach mentioned in option B is part of the second and third steps where the auditor identifies controls to test based on their significance and susceptibility to risk.