In a scenario of high inherent and control risk, what additional audit action is typically warranted?

In a scenario characterized by high inherent and control risk, conducting substantive testing is generally warranted. This type of testing involves verifying the accuracy and completeness of account balances and transactions, as opposed to simply evaluating the design and effectiveness of internal controls.

When inherent risk is high, it indicates that the nature of the accounts or transactions being audited is more likely to misstate financial statements. Control risk reflects the possibility that the controls in place may fail to prevent or detect misstatements. In such situations, auditors need to provide more substantial evidence to support their conclusions. Substantive testing serves this purpose by directly assessing the underlying data through tests of details or analytical procedures, thus allowing the auditor to form a more reliable opinion on the financial statements.

It's important to note that while compliance testing assesses adherence to laws and regulations and the effectiveness of internal controls, it may not provide the level of assurance needed when risks are elevated. Techniques like discovery sampling and stop-or-go sampling are more specific approaches to sampling and are generally used in different contexts. Therefore, substantive testing becomes the most appropriate action for addressing the increased uncertainty associated with high risk situations.