Final answer:
The correct statement is that auditors must obtain an understanding of the steps in processing major types of transactions. There is no mandated requirement for auditors to prepare a flowchart or to assess control risk at a level lower than the maximum. Tests of controls are performed at the auditor's discretion based on their judgment of control risks.
Step-by-step explanation:
The question pertains to the auditor's consideration of internal control in a financial statement audit. Among the options given, number 3) The auditors must obtain an understanding of the steps in processing major types of transactions is true. According to auditing standards, auditors are required to gain an understanding of the entity's internal control system, which includes the procedures for processing significant transactions. While auditors assess control risk, they may choose to assess it at the maximum level, so option 1 is not necessarily true. Option 2 is incorrect because there is no requirement for auditors to prepare a flowchart; they can document their understanding in various ways. Lastly, performing tests of controls (option 4) is not mandatorily required in all audits; this decision is based on the auditor's judgment and assessed level of control risk.
When considering internal control in a financial statement audit, auditors must:Assess control risk at a level lower than the maximum to reduce the risk of material misstatements.Obtain an understanding of the steps involved in processing major types of transactions to assess the design and implementation of internal controls.Perform tests of controls to evaluate the operating effectiveness of internal controls.Preparing a flowchart description of internal control is not explicitly required, although it can be a useful tool for understanding and documenting the internal control system.