Understanding the Entity and Its Environment
Section 2 is 25-35% of the AUD exam, expect 8-12 MCQs per sitting on risk assessment. The #1 AICPA trap mixes up two requirements: you must UNDERSTAND internal control in every audit (AU-C 315), but you only TEST controls when you plan to rely on them. Candidates also forget that AU-C 315 asks you to understand the entity's information system and business processes, not just the five COSO components on their own. So when a question says 'obtaining an understanding,' think AU-C 315 risk assessment procedures: inquiry, observation, inspection, and analytical procedures.
CPA Exam Lab is an independent study resource and is not affiliated with, endorsed by, or sponsored by the AICPA® or NASBA. Practice questions are original content created for study purposes. “CPA” is a registered trademark of the AICPA.
What AICPA wants you to know
- 1Identify the components of the entity's environment the auditor must understand
- 2Explain the purpose of understanding internal control in risk assessment
- 3Describe risk assessment procedures: inquiry, observation, inspection, and analytical procedures
- 4Understand the five components of internal control (COSO framework)
- 5Recognize how industry and regulatory factors affect audit risk
- 6Apply the key SAS 145 changes: separate IR/CR assessment, relevant assertions, the spectrum of inherent risk, and the stand-back requirement