Which of the following activities demonstrates an example of the chief audit executive performing residual risk assessment?

Which of the following activities demonstrates an example of the chief audit executive performing residual risk assessment?
A . Cost-benefit analysis of management not implementing a recommendation to address an observation.
B . Inquiry of corrective action to be completed within a certain period
C . Reporting the status of every observation for every engagement in a detailed manner.
D . Soliciting management’s feedback after completion of the audit engagement.

View Answer

Answer: A

Explanation:

Performing a cost-benefit analysis when management decides not to implement a recommendation is a prime example of residual risk assessment. This involves evaluating the potential impacts and remaining risks associated with the decision, thereby determining the residual risk that the organization will continue to face.

Cost-Benefit Analysis: This helps in understanding the financial implications and benefits that would have been realized had the recommendation been implemented versus the risks of not implementing it.

Risk Assessment: By assessing the residual risk, the CAE can provide a clearer picture of the ongoing risks that the organization needs to manage.

Management Decision Impact: This analysis assists in making informed decisions and understanding the trade-offs involved in addressing audit observations.

Reference: "Audit and Assurance Services: An Integrated Approach," which explains residual risk assessment and the importance of cost-benefit analysis in audit recommendations.