Choice "B" is correct. When using positive confirmation requests, the auditor should generally follow up with a second and sometimes third request to those parties from whom replies have not been received. In addition, asking the client to contact its customers may encourage further responses.
Choice "d" is incorrect. Confirmations are designed to provide evidence of existence, so nonresponses would require alternative procedures focused on existence as well. Verification that the account was subsequently written off tests the valuation assertion, but does not provide evidence of existence.
Choice "a" is incorrect. The auditor sets detection risk based on the assessed levels of inherent risk and control risk, and would only increase the acceptable level of detection risk in response to a decrease in inherent or control risk. Failure to receive confirmations would not cause the auditor to make such a change.
Choice "c" is incorrect. Inherent risk assessments would not be affected by confirmation response rates, which are not subject to client control.
