ExpertCPA · Question 11 · Area II: Risk Assessment
An auditor is testing the operating effectiveness of a user entity's internal controls. The user entity outsources its payroll processing to a service organization. The auditor obtains a SOC 1 Type 2 report from the service organization. The report identifies several exceptions in the testing of the service organization's controls. Which of the following factors is MOST important for the user auditor to consider in determining the effect of these exceptions on the user entity's audit?
An auditor is testing the operating effectiveness of a user entity's internal controls. The user entity outsources its payroll processing to a service organization. The auditor obtains a SOC 1 Type 2 report from the service organization. The report identifies several exceptions in the testing of the service organization's controls. Which of the following factors is MOST important for the user auditor to consider in determining the effect of these exceptions on the user entity's audit?
Answer options:
Whether the user entity has complementary user entity controls (CUECs) that mitigate the risks associated with the exceptions.
Whether the service auditor issued a qualified or adverse opinion in the SOC 1 report.
The number of years the service organization has been in business.
Whether the service organization has insurance to cover potential losses.
How to approach this question
Full Answer
Common mistakes
Practice the full CPA AUD Practice Exam 2
78 questions · hints · full answers · grading