Computer Services Company (CSC) processes payroll transactions for schools. Drake, CPA, is engaged to report on CSC’s policies and procedures implemented as of a specific date. These policies and procedures are relevant to the schools’ internal control, so Drake’s report will be useful in providing the schools’ independent auditors with information necessary to plan their audits. Drake’s report expressing an opinion on CSC’s policies and procedures implemented as of a specific date should contain a(n)

a. Description of the scope and nature of Drake’s procedures.

b. Statement that CSC’s management has disclosed to Drake all design deficiencies of which it is aware.

c. Opinion on the operating effectiveness of CSC’s policies and procedures.

d. Paragraph indicating the basis for Drake’s assessment of control risk.