This is the risk that an auditor will rely on the client’s internal control and therefore end up assessing control risk too low and perform less substantive procedures. This makes the auditor perform a less effective audit. This normally occurs when the sample results an auditor takes indicates a lower deviation rate then what really exists in the population. Therefore; making the auditor do less when he/she should do more.
