Final answer:
A CPA is not required to test internal controls and assess fraud risk for a review, but these practices are part of a more comprehensive audit.
Step-by-step explanation:
The CPA (Certified Public Accountant) is not required to test internal controls and assess fraud risk for a review. However, this is a standard practice in audits, which are more comprehensive than reviews.
In an audit, the CPA tests a company's internal controls to ensure that they are functioning effectively and to detect any potential instances of fraud. This involves assessing the design and implementation of controls, as well as performing tests of control effectiveness.
On the other hand, a review is a limited-scope engagement that focuses on providing moderate assurance about the accuracy of financial statements. It does not require testing of internal controls, although some inquiries and analytical procedures may be performed to identify any material misstatements.