An audit group is conducting a risk assessment as part of a risk-based audit strategy. To help ensure the risk assessment results are relevant to the organization, it is MOST important to:
A. understand the organization’s objectives and risk appetite.
B. include operational departments and processes.
C. determine both the inherent risk and detection risk.
D. understand the organization’s controls.
A. understand the organization’s objectives and risk appetite.
B. include operational departments and processes.
C. determine both the inherent risk and detection risk.
D. understand the organization’s controls.