ISA 400 Risk Assessments and Internal Control is one of the

International Standards on Auditing International Standards on Auditing (ISA) are professional standards for the auditing of financial information. These standards are issued by the International Auditing and Assurance Standards Board (IAASB). According to Olung M (CAO - L), ISA g ...

. It serves to require the

auditor An auditor is a person or a firm appointed by a company to execute an audit.Practical Auditing, Kul Narsingh Shrestha, 2012, Nabin Prakashan, Nepal To act as an auditor, a person should be certified by the regulatory authority of accounting and au ...

to understand the client's accounting system and

internal control Internal control, as defined by accounting and auditing, is a process for assuring of an organization's objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies. A broad ...

system and to assess control risk and

inherent risk Inherent risk, in risk management, is an assessed level of raw or untreated risk; that is, the natural level of risk inherent in a process or activity without doing anything to reduce the likelihood or mitigate the severity of a mishap, or the amoun ...

. The objective is to determine the nature, timing and extent of substantive procedures in order to reduce

audit risk Audit risk (also referred to as residual risk) as per ISA 200 refers to the risk that the auditor expresses an inappropriate opinion when the financial statements are materiality misstated. This risk is composed of: * Inherent risk (IR), the ri ...

to an acceptable low level. ISA 400 talks about the "walk through testing" or auditing in depth test. This standard was withdrawn in 2004, and has been replaced with the ISA 315, “Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement” and the ISA 330, “The Auditor’s Procedures in Response to Assessed Risks”

See also