Presentation is loading. Please wait.

Presentation is loading. Please wait.

AGA Winter Seminar Slide Heading Auditing Standards Update

Published byKatherine Thornton Modified over 8 years ago

Similar presentations

Presentation on theme: "AGA Winter Seminar Slide Heading Auditing Standards Update"— Presentation transcript:

1 AGA Winter Seminar Slide Heading Auditing Standards Update
January 10-11, 2013 Jerry E. Durham, CPA, CGFM, CFE Division of Local Government Audit Slide Heading

2 Auditing Standards Two different types of Standards:
GASB Standards = GAAP How do I report numbers on the Financial Statements Auditing Standards How do I perform the audit of the numbers 2

3 Auditing Standards Auditing Standard Setters: How many? 1 2 3 4 5 3

4 Auditing Standards Standards Setters:
AICPA/ASB = Generally Accepted Auditing Standards = GAAS GAO = Government Auditing Standards = Yellow Book = GAGAS OMB = Single Audit Standards = A-133 Standards 4

5 Auditing Standards Standards Setters (cont’d):
IFAC/IAASB = International Audit Standards = ISAs?? PCAOB/SEC = Standards for Publicly Traded Companies = AS?? 5

6 Auditing Standards Why have Standards?
What if an inch was not an inch or a pound was not a pound? What if a size 10 was really a size 2? What if CPAs could perform audits any way they wanted to? Many auditing standards are driven by audit failures. 6

7 Auditing Standards History:
Prior to 1917, Verification Audits of the Balance Sheet without standards. , First Standards for Balance Sheet Audits (FTC and FRB) “Approved Methods for the Preparation of Balance-Sheet Statements” by AIA. 7

8 Auditing Standards History:
1929, “Verification of Financial Statements” which included the income statement (i.e. Financial Statements) 1936, Outline of examination of financial statements of a small or moderate size company, “Examination of Financial Statements by Independent Public Accountants”. (i.e. “Examination” rather than “Verification”) 8

9 Auditing Standards History:
1939, “Extensions of Auditing Procedure”, included Statement No. 1 of the Committee on Auditing Procedure, guide auditors in using judgment. 1941, “Statements on Auditing Procedure” 1951, 24 Statements were issued in a “Codification of Statements on Auditing Procedure” 9

10 Auditing Standards History:
1954, “Generally Accepted Auditing Standards – Their Significance and Scope” was published which changed the focus to “Standards” as opposed to “Procedures”. 1963, “Statement on Auditing Procedure No. 33” was issued. It consolidated all previous standards and procedures. 10

11 Auditing Standards History:
1972, Statement on Auditing Standards “(SAS) No. 1, Codification of Auditing Standards and Procedures”. 1978, Auditing Standards Board was created. , Sarbanes-Oxley Act was passed and the AICPA officially recognized PCAOB’s authority for publicly traded companies. 11

12 Auditing Standards History:
2011, the ASB issued SAS No. 122, Statements on Auditing Standards: Clarification and Recodification (already amended) More to come, already up to SAS 126. 12

13 Auditing Standards Just an Opinion:
Mark Funkhouser, former Kansas City Auditor and Mayor, now Director of Governing Institute said, auditors know how to audit, just do what you know is right (paraphrased) My question? Do you think the standards hinder us from doing that? 13

14 Auditing Standards Just an Opinion:
Bottom line, we must have standards or our audits have little meaning to “professional” and “other” users of our financial statements. But how do you do that with so many standard setters? You have to be good at blocks! 14

15 Auditing Standards ? A-133 requires a Yellow Book audit and adds to the standards required by the Yellow Book. The Yellow Book incorporates the SASs by reference and adds to those standards. The ASB establishes the SASs. SAS 117 Specifically deals with Compliance (A-133) Audits 15

16 Yellow Book

17 Must & Should Word Count
Chapter 2007 YB 2011 YB Must Should 1 2 3 11 12 17 60 5 84 4 88 68 9 62 6 67 7 59 61 Appendix TOTALS 48 354 15 356 * Chapter 1 indicates 2010 YB; however, to facilitate accurate comparison, the table uses chapter 2 data from 2007 YB in the chapter 1 row. ** Chapter 2 indicates 2010 YB; however, to facilitate accurate comparison, the table uses chapter 1 data from 2007 YB in the chapter 2 row. *** Chapter 4 indicates 2010 YB; the 2007 YB column includes the sum of chapters 4 and 5 from 2007 YB to facilitate accurate comparison. **** Chapters 5, 6, and 7 were Chapters 6, 7, and 8 in the 2007 YB.

18 Yellow Book Generally Accepted Government Auditing Standards (GAGAS) incorporates by reference the AICPA Statements on Auditing Standards (SAS). GAGAS includes additional standards for Financial Audits and Attestation Engagements. GAGAS establishes Performance Audit Standards for Governments. 18

19 Yellow Book GAGAS does not cover nonaudit services, which are defined as professional services other than audits or attestation engagements. Therefore, auditors do not report that the nonaudit services were conducted in accordance with GAGAS. 19

20 Chapter 3 General Standards 20

21 General Standards Independence Professional Judgment Competence
Quality Control and Assurance 21

22 General Standards Chapter 3 Independence 22

23 Independence In all matters relating to the audit work, the audit organization and the individual auditor must be independent. Independence of Mind The state of mind that permits the performance of an audit without being affected by influences that compromise professional judgment, allowing the individual to act with integrity and exercise objectivity and professional scepticism. 23

24 Independence Independence in Appearance
The absence of circumstances that would cause a reasonable and informed third party, having knowledge of the relevant information, to reasonably conclude that the integrity, objectivity, or professional scepticism of an audit organization or member of the audit team had been compromised. 24

25 Standard Consists of Four Interrelated Sections:
Independence Conceptual Framework for making independence decisions. Requirements and guidance for audit organizations that are structurally located within the entities they audit. Requirements and guidance for auditors performing nonaudit services. Requirements for and guidance on documentation of independence. Standard Consists of Four Interrelated Sections: 25

26 Independence New approach combines a conceptual framework with certain rules (prohibitions) Outcome generally consistent with the International Federation of Accountants (IFAC) and AICPA Certain prohibitions remain Generally consistent with Rule 101 AICPA If a threat, but not prohibited Apply the conceptual framework 26

27 Independence Threats could impair independence
Do not necessarily result in an independence impairment Safeguards could mitigate threats Eliminate or reduce to an acceptable level Not all threats can be eliminated

28 Independence Conceptual Framework
Allows the auditor to assess unique circumstances Incorporates the familiar categories from 2007 YB Personal Impairments External Impairments Organizational Impairments Two Overarching Principles: Can’t assume management responsibilities Can’t audit your own work

29 Independence Seven Categories of Threats Self-interest threat
Self-review threat Bias threat Familiarity threat Undue influence threat Management participation threat Structural threat

30 Independence Conceptual Framework Approach (cont’d)
Self-interest threat = the threat that a financial or other interest will inappropriately influence an auditor’s judgment or behavior. Self-interest examples 30

31 Independence Conceptual Framework Approach (cont’d)
Self-review threat = the threat that an auditor (organization) that has provided nonaudit services will not appropriately evaluate the results of previous judgments made or services performed when forming a judgment significant to an audit. Self-review examples 31

32 Independence Conceptual Framework Approach (cont’d)
Bias threat = the threat that an auditor will, as a result of political, ideological, social, or other convictions, take a position that is not objective Bias examples 32

33 Independence Conceptual Framework Approach (cont’d)
Familiarity threat = the threat that aspects of a relationship with management or personnel of an audited entity, such as a close or long relationship, or that of an immediate or close family member, will lead an auditor to take a position that is not objective Familiarity examples 33

34 Independence Conceptual Framework Approach (cont’d)
Undue influence threat = the threat that external influences or pressures will impact an auditor’s ability to make independent and objective judgments Undue influence examples Undue influence examples 2 34

35 Independence Conceptual Framework Approach (cont’d)
Management participation threat = the threat that results from an auditor’s taking on the role of management or otherwise performing management functions on behalf of the entity undergoing an audit Management participation examples Management participation examples 2 35

36 Independence Conceptual Framework Approach (cont’d)
Structural threat = the threat that an audit organization’s placement within a government entity, in combination with the structure of the government entity being audited, will impact the audit organization’s ability to perform work and report results objectively (Paragraphs 3.28, 3.29, 3.30) Structural examples 36

37 Independence Conceptual Framework Approach (cont’d)
Structural threat is mitigated by: The audit organization is placed within a different branch of government from that of the audited entity. Head of the audit organization is appointed by a legislative body, subject to removal by a legislative body, and reports the results of audits to and is accountable to a legislative body. Other statutory protections. (See 3.30) 37

38 Independence Conceptual Framework Approach (cont’d)
Management participation/structural threat is created by: An audit organization’s principal serving as a voting member of an entity’s management committee or board of directors, making policy decisions that affect the future direction and operation of an entity’s programs, developing or approving programmatic policy, authorizing entity transactions. 38

39

40 Independence GAO will retire current Government Auditing Standards: Questions and Answers to Independence Standard Questions guidance

41 Independence Question 46 in the Yellow Book Q & A will no longer be available for demonstrating independence under the yellow book (dealt with preparing financial statements)

42 Independence Certain nonaudit services may be permitted:
First, determine if there is a specific prohibition If not, the auditor should assess the nonaudit service’s impact on independence using the conceptual framework

43 Independence Management should take responsibility for nonaudit services performed by the auditors Auditors should document their understanding with management regarding the nonaudit service Auditors should assess and document whether management possesses suitable skill, knowledge, or experience to oversee the nonaudit service (SKE)

44 Otherwise no safeguard could reduce the threat to an acceptable level
Independence Preparing F/S May be permissible provided Management possesses suitable Skills, Knowledge, “or” Experience To evaluate the adequacy and results of the services performed Consistent with AICPA ET 101–3 For CPAs all the requirements of AICPA ET 101 – Independence apply Otherwise no safeguard could reduce the threat to an acceptable level

45 Independence Bookkeeping Services May be performed provided the auditor does not: Determine or change journal entries, account codings or classifications for transactions, or other accounting records without obtaining client approval Authorize or approve transactions Prepare source documents Make changes to source documents without client approval Consistent with AICPA ET 101-3

46 Independence AICPA Safeguards Examples AICPA SKE Examples
Division of Local Government Audit 2011 Yellow Book Threats to Independence and Safeguards to the Threats AICPA Safeguards Examples AICPA SKE Examples AICPA Case Study Form 105, Safeguards to Independence

47 Independence Providing Nonaudit Services Crucial Point: The individual designated to oversee nonaudit services is not required to possess the expertise to perform or reperform the nonaudit services. (Paragraph 3.34) 47

48 PPC Analysis Before and After
2007 Yellow Book – PPC Analysis

49 PPC Analysis Before and After
Before: Yellow Book Ethics Interpretation allows the Government to designate an individual who possesses SKE to oversee nonattest services. However, Possessing SKE to over see a service requires a lower level of technical knowledge than the competence criteria in SAS 115. Practitioners Publishing Co. Scan

50 PPC Analysis Before and After
After: Yellow Book Same! Ethics Interpretation allows the Government to designate an individual who possesses SKE to oversee nonattest services. However, Possessing SKE to over see a service requires a lower level of technical knowledge than the competence criteria in SAS 115.

51 Peer review will be looking!
Conceptual Framework decisions are based on your professional judgment. Document, Document, Document!!!!!!!!!!!!! 51

52 Performance Audit Changes:
The discussion of validity as an aspect of the quality of evidence has been revised to indicate that it is the extent to which evidence is a meaningful or reasonable basis for measuring what is being evaluated. In other words, validity refers to the extent to which evidence represents what it is purported to represent. (6.60b) The discussion of the sufficiency and appropriateness of computer-processed information now indicates that the assessment of the sufficiency and appropriateness of computer-processed information includes considerations regarding the completeness and accuracy of the data for the intended purposes. (6.66) The auditor’s responsibilities for communicating identified internal control deficiencies that are not significant to the audit have been clarified. Related documentation requirements and those related to noncompliance with provisions of contracts or grant agreements or abuse that are not significant to the audit have been removed. (7.19, 7.22)

53 Performance Audit Changes:
The fraud reporting requirement is now limited to occurrences that are significant within the context of the audit objectives (7.21), with a requirement to communicate in writing other instances of fraud that warrant the attention of those charged with governance. (7.22) The requirement that audit organizations develop policies to address requests by outside parties to obtain access to audit documentation has been removed. (2007 GAGAS, 7.84) Early communication of deficiencies has been added as a consideration auditors may follow in the course of the performance audit. (6.78)

54 Yellow Book Peer Review Excuses for Not Complying

55 Reporting on the Audit Chapter Three Test:
Auditors must be independent in _______ and _______ . Auditors should apply the conceptual framework to (a) identify threats; (b) evaluate the significance of threats; (c) apply safeguards. True or False ? Which of the following is not a threat to independence: (a) Self-interest; (b) Self-review; (c) Bias; (d) Familiarity; (e) Undue Influence; (f) Documentation; (g) Management Participation; (h) Structural ? All threats are equally significant True or False ? With proper documentation, Auditors can eliminate any identified threat True or False ? 55

56 Reporting on the Audit Chapter Three Test (cont’d):
Management must designate someone to oversee nonaudit services that has _____, ________, or __________ and __________ of the nonaudit service sufficiently to oversee them. The person designated to oversee nonaudit services does not have to possess the expertise to _________ or _________ the nonaudit service. Auditors should document management’s ability to effectively oversee nonaudit services True or False ? If a threat cannot be eliminated, auditors should withdraw from the audit True or False ? 56

57 Questions?

58 GAAS Clarity Standards

59 Clarity Standards Statement on Auditing Standards: Clarification and Recodification SAS 122 This standard contains 39 clarified SASs and supersedes all outstanding SASs through SAS No. 121 except SAS No. 51 (see SAS No. 124 below); No. 59; No. 65; No. 87 (see SAS No. 125 below); and Nos. 117–120. This standard also withdraws SAS No. 26. 59

60 Clarity Standards New Clarified Standards:
SAS 123 – “Omnibus Statement on Auditing Standards – 2011” SAS 124 – “Financial Statements Prepared in Accordance with a Financial Reporting Framework Generally Accepted in Another Country” SAS 125 – “Alert that Restricts the Use of the Auditor’s Written Communication” SAS 126 – “The Auditor’s Consideration of an Entity’s Ability to Continue as a Going Concern” SAS 127 – “Omnibus Statement on Auditing Standards – 2013” 60

61 Clarity Standards “The goal of the Clarity Project is to make generally accepted auditing standards easier to read, understand, and apply.” As part of the project, the standards were also converged with standards issued by IAASB. “All AU Sections have been modified.” (AU-C) “The revisions to GAAS, although extensive, do not create many substantial requirements to existing requirements.” “Redrafting brings both significant and subtle changes” 61

62 Clarity Standards But, if you think not much has changed that is of any importance or relevance, THINK AGAIN! Appendix B to SAS 122 divides the new AU-C Sections into: Substantive Changes Primarily Clarifying Changes 62

63 Clarity Standards Changes in Terminology – New Terms:
Applicable financial reporting framework replaces GAAP as the assumed basis of accounting. “Emphasis-of-matter” and “other-matter” paragraphs replace “explanatory paragraphs”. Group engagement partner and component auditor replace principal auditor and other auditor. Unmodified Opinion replaces Unqualified Opinion Modified Opinion means a Qualified, Adverse, or Disclaimer of Opinion. 63

64 Clarity Standards Substantive Changes 64

65 Clarity Standards Consideration of Laws and Regulations (AU-C 250)
Correspondence with Licensing or Regulatory Authorities Communicating Internal Control Related Matters (AU-C 265) Communicate other deficiencies in internal control (i.e. Beyond Material Weaknesses and Significant Deficiencies) Include in any written report that no material weaknesses were identified. Include an explanation of the potential effects of the Material Weaknesses and Significant Deficiencies identified. Related Parties (AU-C 550) Shifts audit to a risk based approach. 65

66 Clarity Standards Group Audits (AU-C 600)
Guidance has been significantly expanded Terminology has been entirely changed Certain things the Engagement Partner must do? Who is the engagement partner? Acceptance and Continuance focus has changed Uses a Risk based approach based on the Risk Assessment Standards Understanding the Component Auditor Determination of Materiality for the Group as a whole and for the component Communication with the Component Auditor and Those Charged with Governance Auditor’s Reports (AU-C 700, 705 and 706) 66

67 Headings and Subheadings
Management’s Responsibilities Opinion (Basis for qualified, adverse, or disclaimer) Emphasis of Matter Matters appropriately presented or disclosed Other Matter To understand audit matters New: headings for each paragraph Expanded Management’s Responsibilities Qualified opinion – heading Basis for Opinion EMPHASIS OF MATTER vs OM – required by SASs or auditor’s discretion Emphasis-of-matter – things properly disclosed in financial statements Tricky part – OM will have things that you want to bring to the reader’s attention about the audit of the financial statements. Probably rarely used when not required. Other things listed will have be in other reporting requirements. Title is what is appropriate for circumstances “Other Auditor Reporting Requirements” in government entity audits – all the things I did that weren’t part of my plain-vanilla audit but were required for this particular audit. This may be plain-vanilla audits in your practice – for other CPAs this may be tropical fruit. Other auditor reporting responsibilities

68 Independent Auditor’s Report
Clarity Standards Independent Auditor’s Report The Governing Body [Entity Name] Report on the Financial Statements We have audited the accompanying financial statements of the governmental activities, the business-type activities, the aggregate discretely presented component units, each major fund, and the aggregate remaining fund information of [Entity Name], as of [Month XX, 20X2] and for the year then ended and the related notes to the financial statements, which collectively comprise [Entity Name]’s basic financial statements as listed in the table of contents. 68

69 Clarity Standards Management’s Responsibility for the Financial Statements [Entity Name]’s management is responsible for the preparation and fair presentation of these financial statements in accordance with accounting principles generally accepted in the United States of America; this includes the design, implementation, and maintenance of internal control relevant to the preparation and fair presentation of financial statements that are free from material misstatement, whether due to fraud or error. 69

70 Clarity Standards Auditor’s Responsibility
Our responsibility is to express opinions on these financial statements based on our audit. We conducted our audit in accordance with auditing standards generally accepted in the United States of America and the standards applicable to financial audits contained in Government Auditing Standards, issued by the Comptroller General of the United States. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free from material misstatement. An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial statements. The procedures selected depend on the auditor’s judgment, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error. In making those risk assessments, the auditor considers internal control relevant to the entity’s preparation and fair presentation of the financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the entity’s internal control.3 Accordingly, we express no such opinion. An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of significant accounting estimates made by management, as well as evaluating the overall presentation of the financial statements. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinions. 70

71 Clarity Standards When the auditor issues an opinion other than unqualified, the paragraph detailing the reason for the modified report is still required immediately preceding the opinion paragraph, but now must have an appropriate heading: Basis for Qualified Opinion; or Basis for Adverse Opinion; or Basis for Disclaimer of Opinion 71

72 Clarity Standards Opinion
In our opinion, the financial statements referred to above present fairly, in all material respects, the respective financial position of the governmental activities, the business-type activities, the aggregate discretely presented component units, each major fund, and the aggregate remaining fund information of [Entity Name], as of [Month XX, 20X2], and the respective changes in financial position and, where applicable, cash flows thereof for the year then ended in accordance with accounting principles generally accepted in the United States of America (GAAP). 72

73 Clarity Standards Other Matters
In accordance with Government Auditing Standards, we have issued our report dated [Month XX, 20X2] on our consideration of [Entity Name]’s internal control over financial reporting and our tests of its compliance with certain provisions of laws, regulations, contracts and grant agreements, and other matters. The purpose of that report is to describe the scope of our testing of internal control over financial reporting and compliance and the results of that testing, and not to provide an opinion on the internal control over financial reporting or on compliance. That report is an integral part of an audit performed in accordance with Government Auditing Standards and should be considered in assessing the results of our audit. 73

74 Clarity Standards Other Matters
[Identify the applicable financial reporting framework (for example, accounting principles generally accepted in the United States of America)] require that [identify the included required supplementary information, such as management’s discussion and analysis and budgetary comparison information] be presented to supplement the basic financial statements. Such information, although not a part of the basic financial statements, is required by [identify designated accounting standard setter, such as the Governmental Accounting Standards Board], who considers it to be an essential part of financial reporting for placing the basic financial statements in an appropriate operational, economic, or historical context. We have applied certain limited procedures to the required supplementary information in accordance with auditing standards generally accepted in the United States of America, which consisted of inquiries of management about the methods of preparing the information and comparing the information for consistency with management’s responses to our inquiries, the basic financial statements, and other knowledge we obtained during our audit of the basic financial statements. We do not express an opinion or provide any assurance on the information because the limited procedures do not provide us with evidence sufficient to express an opinion of provide any assurance. 74

75 Clarity Standards Other Matters
Our audit was conducted for the purpose of forming opinions on the financial statements that collectively comprise [Entity Name]’s basic financial statements. The [identify accompanying supplementary information, such as the combining and individual non-major fund financial statements] are presented for purposes of additional analysis and are not a required part of the basic financial statements. Such information is the responsibility of management and was derived from and relates directly to the underlying accounting and other records used to prepare the financial statements. The information has been subjected to the auditing procedures applied in the audit of the financial statements and certain additional procedures, including comparing and reconciling such information directly to the underlying accounting and other records used to prepare the financial statements or to the financial statements themselves, and other additional procedures in accordance with auditing standards generally accepted in the United States of America. In our opinion, the information is fairly stated in all material respects in relation to the financial statements as a whole. Our audit was conducted for the purpose of forming opinions on the financial statements that collectively comprise [Entity Name]’s basic financial statements. The [identify relevant other information, such as the introductory and statistical section] is presented for purposes of additional analysis and is not a required part of the basic financial statements. Such information has not been subjected to the auditing procedures applied in the audit of the basic financial statements and, accordingly, we do not express an opinion or provide any assurance on it. 75

76 Clarity Standards Report on Other Legal and Regulatory Requirements
[The form and content of this section of the auditor’s report will vary depending on the nature of the auditor’s other reporting responsibilities.] [Signature] [Auditor’s city and state] [Date] 76

77 Primarily Clarifying Changes
Clarity Standards Primarily Clarifying Changes 77

78 Clarity Standards “Primarily clarifying changes” are changes that are intended to explicitly state what may have been implicit in extant standards. These changes may not have a substantial impact but may result in adjustments to the timing and responsibilities of auditors or their clients. 78

79 Clarity Standards Terms of Engagement (AU-C 210)
Requires a written engagement letter (for each new engagement) and a reminder (written or oral) for recurring audits and to document that understanding. Financial Reporting Framework (Obtain mgmt’s agreement and acknowledgement of its responsibilities such as: selecting the appropriate financial reporting framework; establishing and maintaining internal controls; and allowing unrestricted access to employees.) Imposed limitation on audit scope, or financial framework not acceptable, or mgmt will not acknowledge its responsibility for selecting the financial framework, then decline the audit unless required by law. 79

80 Clarity Standards Using a Service Organization (AU-C 402)
Section 402 contain guidance “only” for “user” auditors. A user organization is now known as a user “entity”. A user auditor is permitted to refer to the work of a service auditor report to explain a modification of the user auditor’s report (but still cannot make reference in an unmodified opinion) A user auditor is required to inquire of management of the user entity about whether the service organization has reported to the user entity any fraud, noncompliance with laws or regulations or uncorrected misstatements. 80

81 Clarity Standards Audit Evidence (AU-C 501)
Requires the auditor to seek direct communication with the entity’s lawyers only if the auditor assesses a risk a material misstatement regarding the litigation or claim or when audit procedures performed indicate that material litigation or claims may exist. Auditors must document the basis for any determination “not” to seek direct communication with the entity’s legal counsel. However, as a practical matter, most auditors will continue to communicate with the entity’s attorney(s). 81

82 Clarity Standards External Confirmations (AU-C 505)
“Written” Confirmations are required. (the extant standard requires that an oral confirmation should be documented, implying that it was acceptable to use oral confirmations) An oral confirmation does not meet the definition of an external confirmation. Oral confirmations may be considered part of alternative procedures performed to obtain sufficient appropriate audit evidence. The definition of an external confirmation includes audit evidence obtained by electronic or other medium provided the information comes from the third party. The presumptively mandatory requirement to confirm accounts receivable is found in AU-C 330. 82

83 Clarity Standards Opening Balances on Initial and Reaudit Engagements (AU-C 510) Makes clear that reviewing a predecessor auditor’s documentation “cannot” be the only procedure performed to obtain sufficient audit evidence regarding opening balances. Many auditors have the perception under the extant standard that reviewing the predecessor auditor’s audit documentation is all that needs to be done to obtain sufficient appropriate audit evidence. Auditors must determine whether: Opening balances contain material misstatements Accounting policies have been consistently applied between current year and prior financial statements. 83

84 Clarity Standards Using the Work of An Auditor’s Specialist (AU-C 620)
The clarified standard includes in-house audit firm specialists and requires incremental documentation. The extant standard specifically scopes out the use of specialists employed by the audit firm. 84

85 Clarity Standards Special Purpose Frameworks (AU-C 800)
Special purpose frameworks such as Cash, Tax, Regulatory, or Contractual bases of Accounting are commonly referred to as OCBOAs. The term OCBOA is replaced with the term “Special Purpose Framework” The clarified standard requires several procedures when a “Special Purpose Framework” is utilized. 85

86 Clarity Standards Restricted Use Alert (AU-C 905)
Clarified standard is consistent with the extant standard except when audit engagement is also performed in accordance with “Government Auditing Standards”, and the written communication pursuant to the engagement is required by law or regulation to be made publicly available. In this situation, the alert language describes the purpose of the communication and states that the communication is not intended to be and should not be used for any other purpose. No specified parties are identified in type of alert! 86

87 Clarity Standards Restricted Use Alert (AU-C 905)
New Paragraph Language: The purpose of this [report, letter, presentation, or communication] is solely to [describe the purpose of the auditor's written communication, such as to describe the scope of our testing of internal control over financial reporting and compliance, and the result of that testing, and not to provide an opinion on the effectiveness of the entity's internal control over financial reporting or on compliance]. This [report, letter, presentation, or communication] is an integral part of an audit performed in accordance with Government Auditing Standards in considering [describe the results that are being assessed, such as the entity's internal control over financial reporting and compliance]. Accordingly, this [report, letter, presentation, or communication] is not suitable for any other purpose. Notice: No specified parties. Same type of language for A-133 Reports. 87

88 Clarity Standards Restricted Use Alert (AU-C 905)
Old Paragraph Language: This report is intended solely for the information and use of management, (Identify those charged with governance such as: the County Mayor/Executive, Road/Highway Superintendent, director of schools, County Commission, Highway Commission, Board of Education), others within Typical County, federal awarding agencies and pass-through entities (delete reference to pass-through entities if not applicable) and is not intended to be and should not be used by anyone other than these specified parties. 88

89 Clarity Standards SAS 126, The Auditor’s Consideration of an Entity’s Ability to Continue as a Going Concern Continuation of an entity as a going concern is assumed absence significant information to the contrary Auditor should evaluate whether there is substantial doubt for a reasonable period of time (defined as one year) This evaluation is based audit procedures planned and performed to achieve the audit objectives (it is not necessary to design audit procedures solely to identify conditions or events, that taken in aggregate, indicate substantial doubt The auditor should consider management’s plans to mitigate the adverse effects of conditions or events creating substantial doubt Adequately disclosed 89

90 Clarity Standards SAS 126, “The Auditor’s Consideration of an Entity’s Ability to Continue as a Going Concern” Obtain written representations from management Include the words “substantial doubt” and “going concern” in the auditor’s report in an emphasis-of-a-matter paragraph If you decide to disclaim, the no going concern emphasis-of-a matter paragraph Communicate with those charged with governance Nature of conditions or events Possible effects on the financial statements Effects on the auditor’s report 90

91 Clarity Standards SAS 126, “The Auditor’s Consideration of an Entity’s Ability to Continue as a Going Concern” Going Concern Emphasis-of-a-matter paragraph: Emphasis of Matter Regarding Going Concern The accompanying financial statements have been prepared assuming that the Company will continue as a going concern. As discussed in Note X to the financial statements, the Company has suffered recurring losses from operations and has a net capital deficiency that raise substantial doubt about its ability to continue as a going concern. Management's plans in regard to these matters are also described in Note X. The financial statements do not include any adjustments that might result from the outcome of this uncertainty. Our opinion is not modified with respect to this matter. 91

92 Questions?

93 Proposed Changes To Single Audit

94 Proposals Reform of Federal Policies Relating to Grants and Cooperative Agreements; Cost Principles and Administrative Requirements (Including Single Audit Act) Released in the Federal Register February 28, 2012 Result of over a year of work by federal / state / local / IG task force ordered by E.O Goals Reduce fraud, waste and abuse Increase cross-collaboration Streamline reporting and adjudication of findings Cut rules that are burdensome, ineffective etc. 94

95 Proposals Proposals fall under 3 Sections:
Section A – reforms to A-133 and the Single Audit Act Section B – reforms to cost accounting principles – A-87 (also A-21 / A-122) Section C- reforms to the Common Rule (A-102) 95

96 Proposals Proposals fall under 3 Sections:
Section A – reforms to A-133 and the Single Audit Act 96

97 A-133 Proposals Audit resolution and oversight resources will focus on higher dollar, higher risk awards Entities receiving less than $1 Million in federal awards = NO Single Audit required Entities receiving greater than $1 Million but less than $3 million in federal awards = More focused / targeted audit Once major program determination made, audit only covers: Allowable / unallowable costs Area at federal agency discretion, but targeting fraud, waste, and abuse. 97

98 A-133 Proposals Entities receiving greater than $3 million
Full single audit - BUT Cross – cutting requirements are gone. Audit focused on Fraud, Waste, Abuse, and Improper payments Focus is on universal requirements – proper stewardship of federal funds Practical Considerations for Auditors: Increased testing and sample sizes Lower levels of materiality 98

99 A-133 Proposals Possible Compliance Requirements:
Allowable or unallowable activities and costs, Eligibility Reporting Selection of sub-recipients and sub-recipient monitoring Special tests and provisions Period of availability of Federal funds, Compliance of procurement with suspension and debarment policies Davis / Bacon could be gone Previously, there were 14 that auditors had to consider. 99

100 A-133 Proposals Practical Considerations for Auditors:
Less compliance requirements Less audit burden Use more of a risk based approach Concentration will be on audit findings resolution 100

101 A-133 Proposals Audit follow up may change:
Federal agencies will be required to designate a single federal official to oversee audit resolution Federal agencies must implement metrics Timeliness of report submission Number of audits without an unqualified opinion Number of repeat findings Cooperative resolution between agencies and with auditees pushed Proactive approach on resolving audit issues 101

102 A-133 Proposals Sub-recipient monitoring:
Federal awarding agencies are responsible for coordinating additional audits of a recipient entity Ensuring that audits are coordinated across Federal agencies should reduce number of sub-recipients for which pass-through entities engage in follow- up efforts that could duplicate the Federal efforts. Federal agencies would be required for follow-up – not pass-through entities 102

103 Proposals Proposals fall under 3 Sections:
Section B – reforms to cost accounting principles – A-87 (also A-21 / A-122) 103

104 A-87 Proposals Some give and take features:
Indirect (‘‘facilities and administrative’’) costs – proposal is for flat rates instead of negotiated rates. Option 1- Mandatory flat rate discounted from negotiated rate Burden reduction in compliance and reduction of indirect costs Option 2 – Discounted flat or negotiated rate Transition period to flat rate of 4 years with minimal documentation OR Raised to negotiated rate with full documentation 104

105 A-87 Proposals Salary / Maintenance of Effort Reform:
Existing pilots used or development of new pilots to accountably document the allowability and allocability of salaries and wages charged to Federal awards as direct costs Directly allocable administrative support in higher education may be taken as a direct cost Cost of certain computer devices would be allowable as a supply cost Threshold probably involved 105

106 A-87 Proposals “Recycling” ban on depreciation may be lifted
Use of recovered costs from depreciation are sometimes used for administrative costs Certain IT costs may be more allowable than now – especially for grants management systems Improper payment recovery costs would be now allowable 106

107 Proposals Proposals fall under 3 Sections:
Section C- reforms to the Common Rule (A-102) 107

108 A-102 Proposals COMMON APPLICATION COMING for federal grants?
Grants would now be graded on proposal’s merit and each applicant’s financial risk 90 day notice public required for all funding opportunities in a standard format 108

109 Future? OMB analyzing the feedback received on Advance Notice over next 4-5 months Proposed regulatory changes may be released for comment before the end of the calendar year Revisions to OMB Circular A-133 Revisions to the OMB Cost Principles (A-21, A-87, A-122) Revision to Administrative Requirements (A-110, Common Rule) No plans that we are aware of to amend the Single Audit Act GAO to look at audit quality? 109

110 Service Organization Control Reporting
SSAE No. 16

111 From SAS 70 to SSAE 16 111

112 From SAS 70 to SSAE 16 Suggested Topic Timing: 80 mins Service auditor reporting has evolved over a 40+ year period SAS 70 became a de facto global standard SAS 70 is viewed as a generic term However, SAS 70 reports are being used in ways for which they were never intended – they have been used as a form of certification or even proof of security or compliance. 112

113 Migration to a new standard
Suggested Topic Timing: 80 mins General convergence of US and International Standards The International Auditing and Assurance Standards Board (IAASB) included service auditor reporting on its agenda in 2008, resulting in the development of an international standard The U.S. Auditing Standards Board agreed to conform to the IAASB approach 113

114 From SAS 70 to SSAE 16 Suggested Topic Timing: 80 mins IAASB has approved International Standard on Assurance Engagements (ISAE) No. 3402 US: SSAE 16 New standard will be effective for reports covering periods ending on or after June 15, 2011 Supersedes SAS 70 114

115 SSAE 16 – How does it compare to SAS 70
115

116 From SAS 70 to SSAE 16 WHAT HAS NOT CHANGED:
Purpose & intended use of the report Primary purpose – provide information to the user entities financial statement auditors Focus is on controls at service organizations likely to be relevant to user entities’ internal control over financial reporting Intended for use by: Management of the service organization Entities that used the service organization during the period (user entities) – includes indirect or downstream users Financial Statement auditors of those user entities 116

117 From SAS 70 to SSAE 16 WHAT HAS NOT CHANGED:
Core elements of the report Auditor’s Opinion Management Description Detailed Tests of Controls ( 2 types of reports) Other Relevant Information 117

118 From SAS 70 to SSAE 16 WHAT HAS NOT CHANGED: Service Auditor’s Opinion
Fair presentation of the description of the service organization’s system Suitability of the design of the service organization’s controls relative to the control objectives For type 2 engagements, operating effectiveness of the service organization’s controls relative to the control objectives 118

119 From SAS 70 to SSAE 16 WHAT HAS NOT CHANGED:
Options for handling subservice organizations Carve out method Inclusive method 119

120 Audit Standard vs. Attestation Standard An Attestation Engagement is:
WHAT HAS CHANGED: Audit Standard vs. Attestation Standard An Attestation Engagement is: An examination, a review, or an agreed-upon procedures report on subject matter, or an assertion about the subject matter that is the responsibility of another party SSAE 16 only addresses examination engagements 120

121 Significant Terminology changes
WHAT HAS CHANGED: Significant Terminology changes No longer a “SAS 70” report SSAE 16 Service Organization Control (SOC 1) Report Service Organization’s “System” Uses a broad definition of system Includes policies & procedures designed, implemented and documented to provide a service to user entities Criteria Standards or benchmarks to present the subject matter and against which the practitioner evaluates the subject matter 121

122 New requirements impacting management
WHAT HAS CHANGED: New requirements impacting management Management must provide a written assertion for inclusion on the report Management must include the criteria used in making these assertions Management must have a reasonable basis for its assertion Assertion Page 1 Assertion Page 2 Assertion Page 3 122

123 WHAT HAS CHANGED: Management’s Assertion - A written assertion about whether in all material respects, and based on suitable criteria that: The description fairly presents the system that was designed and implemented throughout the period Controls were suitably designed throughout the period to achieve the control objectives Those controls operated effectively throughout the period to achieve the control objectives 123

124 Minimum criteria for evaluating:
WHAT HAS CHANGED: Minimum criteria for evaluating: Fairness of presentation relative to the description of the system Presents how the system was designed and implemented Includes relevant changes during the period Does not omit or distort relevant information 124

125 Minimum criteria for evaluating:
WHAT HAS CHANGED: Minimum criteria for evaluating: Suitability of the design of controls Management identified the risks that threaten the achievement of the control objective Controls, if operating as described, provide reasonable assurance that control objectives would be achieved 125

126 Minimum criteria for evaluating:
WHAT HAS CHANGED: Minimum criteria for evaluating: Operating effectiveness Consistent application throughout the period Manual controls applied by individuals with appropriate competence and authority 126

127 Reasonable Basis WHAT HAS CHANGED:
In order to have a reasonable basis for its assertion, management should: Understand the criteria that should be used to make the assertion Fairness – Does the description address all of the required elements? Design – Do we understand the risks and have we identified the key controls that mitigate those risks? Operating effectiveness – Do we know that those key controls were operating with sufficient effectiveness to achieve the control objectives? 127

128 Reasonable Basis WHAT HAS CHANGED: Type 2 Report Page 1 Type 2 Report Page 2 Type 2 Report Page 3 Type 2 Report Page 4 Type 2 Report Page 5 128

129 SOC 1, SOC 2, SOC 3 WHAT HAS CHANGED: Changes impacting the report
Use of Internal Audit must be disclosed The Service Auditor’s Report Expanded wording on management’s responsibilities Opinion on fairness of presentation and design in a type 2 report will now cover the entire period One opinion addressing all three elements Intended users SOC 1, SOC 2, SOC 3 129

130 WHAT HAS CHANGED: Seals 1 Seals 2 130

131 Questions? Jerry E. Durham, CPA, CGFM, CFE
Division of Local Government Audit In conclusion, how smooth the transition to new standards is, in part, dependent on what service organizations already have in place. Service organizations that have obtained SAS 70 reports in the past — and have detailed written descriptions of systems, services and controls — will transition to the new standards more easily than will organizations that have never obtained a SAS 70 report. Yet all organizations can prepare for a smooth transition by wisely utilizing the lead-up time to June 15, We urge you to contact a service auditor now to outline a transition strategy.

Download ppt "AGA Winter Seminar Slide Heading Auditing Standards Update"

Similar presentations

Understanding Audit Reports

Understanding Audit Reports
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 2 - 1 The CPA Profession Chapter 2.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The CPA Profession Chapter 2.
Office of the Auditor General of Canada CANADA’S ADOPTION OF INTERNATIONAL STANDARDS ON AUDITING 20 FACTS PREPARERS of FINANCIAL STATEMENTS SHOULD KNOW.

Office of the Auditor General of Canada CANADA’S ADOPTION OF INTERNATIONAL STANDARDS ON AUDITING 20 FACTS PREPARERS of FINANCIAL STATEMENTS SHOULD KNOW.
Learning Objectives LO1 Describe the current audit environment, including developments in regulatory oversight and provincial regulation of public accountants.

Learning Objectives LO1 Describe the current audit environment, including developments in regulatory oversight and provincial regulation of public accountants.
Discussion on SA-500 – AUDIT EVIDENCE

Discussion on SA-500 – AUDIT EVIDENCE
Assurance Services and Auditing Research Chapter 8.

Assurance Services and Auditing Research Chapter 8.
Audit Reports Chapter 3.

Audit Reports Chapter 3.
Assurance Services and Auditing Research Chapter 8.

Assurance Services and Auditing Research Chapter 8.
1 2011 Yellow Book: What You Need to Know West Virginia AGA Spring Training MOV AGA Chapter Parkersburg, WV May 14, 2013 Nicole M. Burkart.

Yellow Book: What You Need to Know West Virginia AGA Spring Training MOV AGA Chapter Parkersburg, WV May 14, 2013 Nicole M. Burkart.
Current Developments at the PCAOB Ensuring Integrity: 3 rd Annual Auditing Conference at Baruch College December 4, 2008.

Current Developments at the PCAOB Ensuring Integrity: 3 rd Annual Auditing Conference at Baruch College December 4, 2008.
25 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Other Assurance Services Chapter 25.

©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Other Assurance Services Chapter 25.
©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley 3 - 1 Audit Reports Chapter 3.

©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley Audit Reports Chapter 3.
Chapter 2 Professional Standards “All my growth and development led me to believe that if you really do the right thing, and if you play by the rules,

Chapter 2 Professional Standards “All my growth and development led me to believe that if you really do the right thing, and if you play by the rules,
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 24 - 1 Other Assurance Services Chapter 24.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Other Assurance Services Chapter 24.
2-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 2 Professional Standards: “The Rules of the Road”

2-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 2 Professional Standards: “The Rules of the Road”
Filmmaker Krisztof Kieslowski

Filmmaker Krisztof Kieslowski
Auditing April 1, 2015 1 Chapter Two The CPA Profession just skim the section on Generally Accepted Auditing Standards Page 32-36.

Auditing April 1, Chapter Two The CPA Profession just skim the section on Generally Accepted Auditing Standards Page
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.

18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
CHAPTER 2 FINANCIAL STATEMENT AUDITS AND AUDITORS’ RESPONSIBILITIES Fall 2007 u G enerally Accepted Auditing Standards u Assurance Provided by an Audit.

CHAPTER 2 FINANCIAL STATEMENT AUDITS AND AUDITORS’ RESPONSIBILITIES Fall 2007 u G enerally Accepted Auditing Standards u Assurance Provided by an Audit.
Professional Standards. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 2-2 Generally Accepted Auditing Standards-- General.

Professional Standards. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 2-2 Generally Accepted Auditing Standards-- General.

Similar presentations

Ads by Google