1. Describe the four steps performed by the auditor when obtaining an understanding of internal control and assessing control risk.
2. What is the purpose of a control risk matrix?
3. What four types of procedures are used by auditors to test whether internal controls are operating effectively