Comprehensive and Detailed Step-by-Step Explanation:

Reference to Engagement Risk Assessment:

Definition: Engagement risk assessment evaluates specific risks relevant to the engagement and

identifies controls or mitigations.

Standard 2210.A1: Internal auditors must consider significant risks to objectives, focusing on their

likelihood and impact.

Reasoning:

Option C is correct because it aligns with assessing significant risks and ensuring they are mitigated

to acceptable levels.

Option A (ensuring all risks are addressed) is impractical since auditors prioritize significant risks

within resource constraints.

Option B focuses on prioritizing risks but does not encompass the broader purpose of addressing

their impact or mitigation.

Importance of Risk Assessment:

It ensures that the audit focuses on high-impact risks, aligning resources with the organization’s risk

management framework.