Launch offer — 25% off with code LAUNCH-25 See plans →
Try now → N
📚 Learn/ / Risk Assessment and Internal Control
Microlesson · 5-min read

Relevance of Controls to the Audit – Auditor's Judgment

## Relevance of Controls to the Audit

### Key Principle

Not all of an entity's internal controls are relevant to the auditor. The auditor applies professional judgment to determine which controls are relevant to the risk assessment.

> An entity may have controls for financial reporting, operational efficiency, and compliance — but the auditor is primarily concerned with controls relevant to the risk of material misstatement in financial statements.

### Factors Influencing the Auditor's Judgment on Relevance

FactorDescription
MaterialityHow significant is the account or transaction?
Significance of related riskHow high is the associated risk of misstatement?
Size of entityLarger entities typically have more formalised controls
Nature of entity's businessIndustry, organisation, ownership characteristics
Diversity and complexityComplex/diverse operations create more control touchpoints
Legal and regulatory requirementsSome controls are mandated by law
Circumstances and component of ICWhich specific IC component applies?
Nature of IT systemsComplexity of systems and use of service organisations
Effectiveness of the controlWhether a control prevents, or detects and corrects, material misstatement

### Practical Implication

The auditor does not need to assess all controls implemented by the entity — only those that are relevant to identifying and assessing risks of material misstatement.

Worked example

### Example 1

Scenario: FDP Ltd. has controls for financial reporting, operational efficiency, and compliance. CA Karan believes all controls should be assessed; CA Rajat believes only relevant controls should be assessed. Who is correct?

Answer: CA Rajat is correct. Not all controls are relevant to the auditor's risk assessment. The auditor uses professional judgment to identify controls relevant to the risk of material misstatement, considering factors like materiality, risk significance, entity size, complexity, and whether the control prevents or detects misstatement.

### Example 2

Scenario: A retailer has strong inventory shrinkage controls (for operational reasons) and weak revenue recognition controls. Which is more relevant to the auditor?

Answer: Revenue recognition controls are more relevant — they directly affect the risk of material misstatement in financial statements. Inventory shrinkage controls, while operationally important, are relevant to the auditor only to the extent they affect inventory valuation assertions.

⚠️ Common exam mistakes

  • Assuming the auditor must evaluate all of the entity's internal controls — the scope is limited to controls relevant to the audit.
  • Forgetting to mention 'whether a control prevents, or detects and corrects, material misstatement' as a factor — this is the most directly audit-relevant factor.
  • Treating the list of factors as exhaustive — the standard uses 'may include such matters as' indicating the list is illustrative, not exhaustive.
Reference: — SA 315 – Identifying and Assessing the Risk of Material Misstatement through Understanding the Entity and its Environment
← Previous
Prospective Financial Informat
Next →
Risk of Material Misstatement
Now that you've read this — what's next?
Move from understanding → mastery in 3 clicks. Each option below picks up from this lesson's topic.
🔥 Drill 5 Qs on this → ✍️ Adaptive practice →
Start 15-min diagnostic