While certain elements of the model, such as Inherent Risk and Control Risk, are beyond the auditor’s control, the auditor can assess them without the ability to alter them. However, the auditor has the authority to decide the desired level of overall audit risk, typically opting for a relatively low level. This model provides a systematic approach to ensure that audit efforts are strategically directed towards areas with the highest potential for material misstatements.