Unformatted text preview: would certainly be weakened. However, the company need not be unauditable, for two reasons: First, there may be controls outside the IT function which constitute effective control. For example, users may reconcile all input and output data on a regular basis. Second, the auditor of a non-public entity is not required to rely on internal control. He or she may take a substantive approach to the audit assuming adequate evidence is available in support of transactions and balances....
View Full Document
- Spring '10
- systems analyst, Data control N/A, Librarian Librarian Data, control N/A N/A