Presentation on theme: "Agenda Governance of PwC Audit"— Presentation transcript:
0A Continuous Improvement Approach to Audit Methodology The PwC AuditA Continuous Improvement Approachto Audit Methodology
1Agenda Governance of PwC Audit Overview of recent evolution of PwC AuditOverview key elements of PwC AuditAcceptance and ContinuanceAudit Comfort CycleSubstantive ProceduresOther Audit ProceduresAudit Committee Communications PlanOver the past five years, the PricewaterhouseCoopers audit approach has evolved to reflect the rapidly changing marketplace, the complexities of the 21st Century audit and the increasing expectations of the auditor’s roles and responsibilities in the corporate reporting supply chain.The PwC Audit is designed to be totally flexible, adapting to the needs of our large multinational clients as well as our smaller private companies practice. While the core of our audit methodology is consistent across all clients, the working practices surrounding how we implement our methodology vary by industry and by client size and sophistication. We create working practices around what our best teams are doing in the field while preserving the flexibility to adapt to specific client situations.
2PwC Audit Governance Implementation Partner Network Global Audit Policy BoardEstablish global overarchingpolicy principles & goalsand ratify policy statements.Global R&QEnsure methodology is consistentlyimplemented by providing feedbackon practice issues.Global Audit Methodology Steering GroupDrive execution of policy in practice through processes, tools, guidance, training content, etc.At PwC, we operate under a single global audit methodology which is codified in the PwC Audit Guide, our HTML-based electronic audit policy and methodology handbook. The continuous improvement of our methodology is a collaborative effort of technical experts and practitioners from multiple countries with oversight and coordination from three groups.The Global Audit Policy Board establishes the overarching policy principles and direction of our development and improvement efforts. This group also coordinates our firm response to the actions of international audit standard setters and is made up of both PwC representatives on various standard setting bodies and line service partners.The Global Audit Methodology Steering Group overseas the detail development activities and drives the execution of methodology and policy in the practice through processes, support tools, maintaining guidance and contributing to training content. This steering group works through a central global team and a network of Implementation Partners identified at both a theater and country level.The Global Risk and Quality Group ensures that our methodology is consistently implemented through annual quality reviews. R&Q provides feedback into the process so that practice issues can be reacted to and addressed as necessary in our continuous improvement process.Implementation Partner Network
3Towards Performance Audit: a continuous improvement program PwCAuditPwCAuditConverged approach, enhanced testing guidanceEnhanced client communications, transparency focusApplication to small companies/ MNCsBetter use of specialists and knowledge sources2003:Business analysis frameworkEnhanced audit guides/ practicesScaling up - different client situationsMyClient integration2002:Audit Comfort CycleManagement controls focusShow me and Taking stockTeam re-deployment2001:At the time of the merger of Price Waterhouse and Coopers & Lybrand in 1998, we crafted a single, comprehensive and documented global audit methodology, a first in our industry. Since that time, PwC Audit has continued to evolve, moving toward a much broader understanding of the businesses we audit in order to better assess risk, independently from management, and address the balance between reliance on management controls and the amount of substantive testing included in the audit.From this evolution, back in 2001 we anticipated the need to change deliverables moving “towards performance auditing.” But we did not foresee that the first of the new deliverables would be regulatorily mandated and would address the adequacy of internal controls over financial reporting.TimeHistorical Financial Statements OpinionChanges in Deliverables
4Changing the Focus of the Audit Model KeyRiskRiskKeyBefore I can explain our audit approach, I need to explain how we had to first fundamentally change the focus of the audit. If you view this large circle as the population of business risks facing a company, this smaller circle represents our audit risks. The traditional model focused on identifying audit risks through the focal point of the financial statements. What we found is that this approach did not necessarily lead to a complete risk assessment.So we turned the focus around to first focus on the business risks faced by the company and how those business risks translated into audit risks. We believe that this approach results in a much better risk assessment and places the financial statements as the output of the process.Business RisksAudit RisksIdentified
5PwC Audit in 2004 Acceptance and Continuance (FRISK) Audit Comfort CycleScopingUnderstandingEvaluatingValidatingSubstantive TestingOther Audit ProceduresAudit Committee Communications PlanThe traditional phases of the audit – beginning with a discrete planning process, moving to interim then year-end testing, and culminating in report issuance – are outdated. The PwC Audit involves a logical, iterative process that begins with a rigorous risk assessment even before we decide to take on or retain a client and culminates in robust communications of the results of our audit, communications that involve much more that just the audit opinion.
6Acceptance/Continuance Assessment PwC Audit ApproachAcceptance/Continuance AssessmentEvaluatingAuditComfortCycleValidatingUnderstandingScopingNo / LimitedcontrolscomfortSignificantcontrolscomfortThe PwC Audit builds on our initial risk assessment through a broader risk assessment and testing regimen we refer to as the Audit Comfort Cycle, which principally focuses on management controls. We complete our testing with any necessary substantive procedures and other audit procedures required by GAAS. This process diagram graphically depicts the basic audit approach we utilize on all engagements.Other audit evidenceMainly Mainlytests of details substantive analyticalproceduresOther audit proceduresFinancial statementsCompletion
7PwC Audit Approach – With Attestation Acceptance/Continuance AssessmentBroader and deeper assessment of COSO controls over financial reporting, including management’s evaluation of those controls. e.g., estimates, fraud, tax accrual, more locations.EvaluatingAuditComfortCycleValidatingUnderstandingScopingReport on management’s assertions on internal controls over financial reportingNo / LimitedcontrolscomfortSignificantcontrolscomfortThis process is equally applicable in the audit of a U.S. registrant where we must also report on internal controls.However, to achieve the level of comfort we need for the attestation, our assessment of controls in the audit comfort cycle must be broader and deeper and take into consideration management’s own evaluation of those controls.This broader and deeper view of the COSO controls over financial reporting may further limit the amount of substantive testing we have to perform or may result in additional procedures being focused in particular areas in order for us to provide independent assurance on the financial statements.Other audit evidenceMainly Mainlytests of details substantive analyticalproceduresAdditional procedures deemed necessary to provide independent assurance on financial statements, taking into consideration the internal controls assessment.Other audit proceduresFinancial statementsCompletionReport on Financial Statements
8Acceptance & Continuance Process Governance and oversight of managementPast performanceManagement’s expertise and skillAdequacy of management resourcesAudit relationshipAudit adjustmentsRevenue recognitionAccounting controlIntegrity and ethicsManagement inclination for intentional misstatement in financial reportingReliability of estimatesIncentive for intentional misstatements in financial reportingRisk of insolvencyFRISK is our proprietary client acceptance and continuance software. All assurance clients are subject to an annual assessment process using this module. FRISK contains a series of questions designed to identify risk conditions under 13 different categories. Using extensive research we have developed a sophisticated risk scoring model that drives an overall risk rating, which factors into our acceptance or continuance decision.Our research has demonstrated that these thirteen risk conditions are effective predictors of risk to the firm and ultimately help us identify audit risks that must be addressed during the engagement.
9Acceptance & Continuance Process Risk Conditions (13)(defined withinAcceptance &Continuance module)Engagement Leader and Team Manager applyprofessional judgment in describing specific KeyRisks that relate to the broader Risk Conditions1Key Risks(user defined or2selected fromRisk and Approach ScheduleMaster Data)The Risk and Approach Schedule is populatedby the Key Risks selected and completed by theEngagement Leader and Team ManagerUsing the risk conditions highlighted in FRISK, the engagement leader and team manager identify key audit risks that are impacted by or give rise to these risk conditions. Some common key risks are populated in our Master Data sets (databases containing libraries of potential audit procedures). Other key risks are defined by the engagement team based on the specific circumstances of the engagement and the attributes of the client.The key risks identified are automatically populated into a risk and approach schedule which outlines, at a high level, our proposed audit approach to dealing with these risks.The Acceptance & Continuance process is fully integrated into MyClient, our audit documentation software, with the automatic population of the risks identified in FRISK into the “Audit Comfort Matrix “in the Client File for follow up and resolution during the audit process. Thus, risk identification begins in the Acceptance & Continuance process.Audit ComfortMatrixMyClient Client File3
10Audit Comfort Cycle 4 Key Questions Market OverviewStrategyValue Creating ActivitiesFinancial PerformanceOTHER AUDIT PROCEDURESFINANCIAL STATEMENTSCOMPLETIONACCEPTANCE/CONTINUANCE ASSESSMENTSUBSTANTIVE AUDIT EVIDENCEMAINLY SUBSTANTIVEANALYTICAL PROCEDURESSIGNIFICANTCONTROLSCOMFORTNO/LIMITEDMAINLY TESTS OF DETAILS4 Key QuestionsWhat does management need to get comfort on?How does management get comfort?Are they entitled to that comfort?Can we audit that comfort?PwC Audit is based on understanding the risks in the business, forming our own point of view on how those risks should be managed, assessing how well management controls the business, auditing the information they use in running the business, and reconciling that internal information to what they tell their external stakeholders, including the appropriate application of generally acceptable accounting principles.In short, we understand the company environment and how management runs the business; we validate the information management uses to run the business by testing controls and the internal data used to measure performance; we relate internal performance information to what they tell investors; and we assess the appropriate selection and application of GAAP.To guide us through the thought process, we use the Audit Comfort Cycle and four key questions that we need to consider, linked to the four phases of the cycle. These questions are not what we actually ask clients; but they provide a framework within which the audit team considers carefully what in-depth enquiries to make of management.
11Audit Comfort Cycle What does management need to get comfort on? Market OverviewStrategyValue Creating ActivitiesFinancial PerformanceOTHER AUDIT PROCEDURESFINANCIAL STATEMENTSCOMPLETIONACCEPTANCE/CONTINUANCE ASSESSMENTSUBSTANTIVE AUDIT EVIDENCEMAINLY SUBSTANTIVEANALYTICAL PROCEDURESSIGNIFICANTCONTROLSCOMFORTNO/LIMITEDMAINLY TESTS OF DETAILSWhat does management need to get comfort on?We begin the Audit Comfort Cycle with the scoping process.What does management need to get comfort on? How do we answer this question? It requires us to consider what we know about the industry, the marketplace and the company to form our own point of view on the risks that management should be concerned about. Thus, we rely heavily on our knowledge of the industry and the company’s business. We have to form our own independent point of view on the business and the risks faced by investors and management. We have to develop a deeper knowledge of the business through independent research and analysis and our own professional skepticism, and then use this point of view as we go about testing management’s assessment of risk, the controls they have put in place, and their effectiveness in mitigating risk of material misstatement in the financial statements.
12Scoping: Forming a Point of View Perform company and industry analytical proceduresResearch and analyze external communicationsPartners connect with staff membersDocument the team’s understanding of the businessKnowledge broker to capture and share industry informationForm a point of view on the risks that management should be concerned aboutThe scoping process is what allows us to form our independent point of view. Through research, analytical procedures, and knowledge sharing among and across engagement teams, we develop and document our understanding of the risks facing the business. Only through this deep understanding can we truly form an independent point of view.
13Scoping: Business Analysis Framework The information that investors and management use to analyze the business is also useful in the audit approach. We gather and analyze this information to form our own point of view on the client’s business, and use this point of view to test management’s risk assessment during the rest of the audit comfort cycle.By addressing each element of the business analysis framework with our team we consider all aspects of a client’s business in identifying the client’s objectives. The business analysis framework was created out of over six years of extensive research. It enables us to understand the market in which the company operates, the strategy of the client and how it translates into their business goals and objectives, the key performance indicators that management uses to measure how they are doing, and the critical inputs and drivers of success.To perform a PwC Audit we need to develop a broader and deeper understanding of the business, its operating model and processes and the way in which management exercises control.We should have a clear appreciation of how the company is viewed by the outside world - within its industry, geographic market place and amongst its stakeholders. To achieve this we need to be aware of what the outside world is saying about our client. We should also be familiar with the picture the company is creating of itself and the impact this may have on its reputation and market value.
14Scoping: Risk Assessment – Key Risks We identify audit risk through understanding the entity’s business objectives and related risks.Business RisksAudit RisksKey risks are those conditions or factors within an audit that, in the judgment of the auditor, give rise to a greater risk of material financial misstatement or other matters resulting in the issuance of an inappropriate audit report.The PwC Audit approach requires us to identify audit risks by viewing risk from management’s perspective. We begin by requiring consideration of business conditions that could prevent the entity from achieving its business objectives.While beginning with this broad perspective, our aim is ultimately to focus on those risks, and management’s response thereto, that primarily relate to the entity’s objectives that have an impact on its financial reporting requirements and our audit responsibilities. Treating all audit risks as equally important during the audit process can lead to unnecessary work or a potentially inappropriate level of focus on less significant risk areas. Therefore, in planning the scope of our work, we concentrate our efforts around “Key Risks”.
15Scoping: Analytical Procedures High LevelUnderstand the businessIdentify areas of riskDisaggregated Account LevelDetermine the nature, timing & extent of testingExternal benchmarking to peers, market trendsLooking for anomalies, areas of riskUse of extensive knowledge management tools availablebWe also look to analytical procedures during the scoping phase. These preliminary analytical procedures help us understand the entity's business, identify unusual changes or the absence of expected changes in the financial statements, and assist in forming our own point of view about the areas of key risk and matters that should be critical to the entity. Preliminary analytical procedures can help drive an effective and efficient audit process by identifying audit issues that might not otherwise be apparent.
16Scoping Translated into Audit Strategy Business ObjectivesRisksControlsStakeholdersWe must translate our knowledge of and views on our client’s business objectives and related risks into our audit plan – by understanding not only their business objectives and risks but also management’s response to those risks.This slide represents ORCA – a framework for identifying risks and controls. ORCA stands for business Objectives, Risks, Controls and Alignment). Where controls over significant account balances or classes of transactions are not aligned, we must perform substantive tests of details.AlignmentWhere controls over significant account balances or classes of transaction are not aligned, we will need to perform substantive tests of details.
17Scoping: Audit Team of Specialists Computer-Assisted Audit TechniquesEnergy Trading RiskEnterprise-wide RiskBusiness ObjectivesFinancial RiskBusiness ResilienceProject ManagementBusiness ProcessRisksControlsStakeholdersPerformance ImprovementDuring the Scoping phase of the audit, we supplement the core engagement team with specialists to assist in understanding the business. These specialists become part of the team, rather than sitting outside of the process.Data RiskFraudRegulatory/ ComplianceInternal AuditSecurityAlignmentSystems & TechnologyTreasuryOur best teams use our specialist capabilities to help in forming a point of view.
18Scoping: Use of Specialists Policies for the use of Systems and Process Assurance specialists and Fraud Risk & Controls specialists are based around risk attributesPolicies are for consultation with specialists – level of involvement remains a decision of engagement leaderAt a minimum, Required to consider use of specialists at mobilization stageDue to the increasing complexity of our clients, we have instituted policies requiring the use of certain specialists if certain risk triggers exist. In particular, Systems and Process Assurance personnel are involved in audits were the client uses complex information systems. Fraud specialists must be consulted where we have determined there is a heightened risk of fraud on an engagement.The involvement of specialists on the audit engagement may be at any of three levels:Consulting, where the specialist's involvement may be limited to identification of key risks based on the client's business and changes since the prior year.Coaching, where the specialist's involvement is generally targeted at areas of change and generally consists of attendance at key meetings as well as assistance in the development of the risk assessment and audit comfort matrix. The specialist will coach a core team member as he or she performs the work in the specialist's area of expertise.Completing, where the specialist performs the work in the specialist's area of expertise, which is higher risk, in a complex environment, or where significant changes have occurred. The specialist will be involved in all aspects of the audit process.
19Audit Comfort Cycle How does management get comfort? Market OverviewStrategyValue Creating ActivitiesFinancial PerformanceOTHER AUDIT PROCEDURESFINANCIAL STATEMENTSCOMPLETIONACCEPTANCE/CONTINUANCE ASSESSMENTSUBSTANTIVE AUDIT EVIDENCEMAINLY SUBSTANTIVEANALYTICAL PROCEDURESSIGNIFICANTCONTROLSCOMFORTNO/LIMITEDMAINLY TESTS OF DETAILS4 Key QuestionsWhat does management need to get comfort on?How does management get comfort?Once we have completed our initial scoping, we should have a pretty good handle on the answer to What does management need to get comfort on? We have formed our own point of view, and we’re ready to talk to the client and get their point of view – to see if it matches ours, or if there are some risks that they have missed (and are therefore not apt to be managing).The next step in the audit comfort cycle is gaining an understanding of How does management get comfort? – This requires that we understand how management goes about identifying risks in their business model and designing controls to mitigate that risk. This extends our audit process beyond the accounting controls testing and reliance to additional reliance on business controls. This is where we begin to use the tool of “show me” meetings to verify the information obtained from management.We are also going to be evaluating whether they are entitled to that comfort? Are controls effectively designed to mitigate the risks we’ve identified? This involves us challenging management, probing whether the controls they have to run the business should be effective and whether they can truly provide support for a conclusion that financial or other relevant information used in the business should be reliable. And, finally, we must validate that the controls are working effectively if we want to share in that comfort – The audit team needs to make in-depth inquiries of management and corroborate explanations where appropriate. We cannot rely wholly on what management tells us, and have to obtain evidence ourselves that the controls are reliable. Inquiry, observation, examination and reperformance – all of these tests of controls are used.Are they entitled to that comfort?Can we audit that comfort?
20Applying Audit Comfort Cycle from the Top-Down Organize audit team to align with how management runs the business.Extend discussions about business objectives & risk to management controls.Understand & evaluate how management controls risk.Validate controls against engagement team’s point of view.Audit controlsfrom thetop downWe start this process from the top down through the organization to get an understanding of the real business objectives and risks at our clients. Our audit approach is therefore analogous to the “scoping” of target clients. When the Firm pursues business opportunities, we obtain an understanding of the business from the top-down. We don’t begin from the bottom of the organization. The same holds true for our recurring engagements.Finding out about how the business is really controlled - not just how we think it is controlled - and using the whole team’s knowledge and experience to focus our work defines how PwC Audit works. The result should be a more effective and efficient audit.Key to this process is using the point of view developed during scoping, testing management’s views against our own independent, objective research and analysis. We should not concede to management’s views without further testing these with independent research – our own views on the risks in the business should be well formulated in advance of the top-down audit process so that we retain our audit objectivity throughout.Instead of organizing the audit team around business cycles, the team should be aligned with how management runs the business, across geographic lines if necessary, to mirror reporting and control structures in the client’s organization.We begin the audit by meeting with the board and senior management to fully understand the organization and its performance targets, the risks and opportunities it faces, and how the board and management believe they are controlling the risks and maximizing the opportunities. This is not a casual conversation, but a rigorous, in-depth inquiry followed up by observation, examination and/or reperformance, either during or after the meeting – using all 4 methods of testing internal controls.We work down and across the operations/business processes and more detailed functions as necessary, applying the same rigorous techniques to qualify as tests of controls.As we work through the client’s organization, we apply the audit comfort cycle to identify higher level controls that management uses to run the business, evaluate the adequacy of these controls to mitigate the risks identified in our scoping, and ultimately validate that the controls are working, gathering audit evidence throughout this process. We record our understanding and evidence in the audit file as we go, building up the file to tell the story of the audit.
21“Taking Stock”: Real-Time Linkage in the Iterative Process Share team members’ cumulative knowledgeUpdate risk identification and assessmentConsider the audit comfort gained to date, by audit assertionAnswer: “Do we have enough comfort?”Answer: “What do we do next?”At certain points throughout the audit, we pause and “take stock” – What have we learned to date? Have we gained the level of audit comfort we need? If not, what do we need to do next? The “taking stock” process is critical to the iterative audit approach, allowing us to react quickly to new information and/or changes in the business. “Taking stock” involves the entire team, including specialists, to ensure the maximum effectiveness of the audit coupled with efficient performance.
22Connecting the Dots … Business Process A Completeness Financial Statement Assertions/ Audit ObjectivesClasses of TransactionsOccurrenceCompletenessAccuracyCutoffClassificationAccount BalancesRights & ObligationsExistenceAccuracy/ValuationPresentation & DisclosureOccurrence/R&OUnderstandabilityBusiness Process ACompletenessAccuracyValidityRestricted AccessBusiness ObjectivesAccount Balances and TransactionsBusinessRisks related to achieving Objectives……Business Process BCompletenessAccuracyValidityRestricted AccessAccount Balances and TransactionsTaking stock is about connecting the Dots. In past audit approaches, the “staff audit” took place in the tan boxes on this slide, while the “partner audit” had more to do with the orange boxes. And, Systems Assurance is more-or-less connected to other aspects of the audit, depending on the engagement team and approach.Partners focus on business objectives and risks, and the financial statement assertions relative to the greatest areas of risk, while the staff look at business process controls and their relationship to financial statement account balances, without connecting the business objectives and risks. And, the true tie in of Systems Assurance is sometimes very murky.The Audit Comfort Cycle is designed to bring this all together, through team participation in the Show Me and Taking Stock processes. It’s all about improved teamwork to reduce audit risk and improve audit quality.Business Process CCompletenessAccuracyValidityRestricted AccessAccount Balances and TransactionsGeneral Computer Controls
23Audit Comfort MatrixThe audit comfort matrix is the documentation tool we use to pull the audit evidence together on how we addressed the key risks identified. It helps us tie the audit risks to the underlying business objectives and risks and management’s approach to controlling these risks. The audit comfort matrix is required on all audits but our teams can adapt this matrix to their specific client circumstances as long as the fundamental concepts are preserved. Many teams prepare mutliple ACMs addressing the key risks at significant individual business or management units.
24Summary of ComfortWe have also developed a practice aid used to summarize all our comfort – from all testing – controls and substantive – key risks and general risks of material misstatement. It is a useful tool for partners to get an overview of the work performed.
25Substantive Audit Evidence Market OverviewStrategyValue Creating ActivitiesFinancial PerformanceOTHER AUDIT PROCEDURESFINANCIAL STATEMENTSCOMPLETIONACCEPTANCE/CONTINUANCE ASSESSMENTSUBSTANTIVE AUDIT EVIDENCEMAINLY SUBSTANTIVEANALYTICAL PROCEDURESSIGNIFICANTCONTROLSCOMFORTNO/LIMITEDMAINLY TESTS OF DETAILSThe next stage of the process is to supplement our controls work with substantive testing – both substantive analytical procedures and tests of details. This work is necessary to meet GAAS requirements and to fill in the gaps remaining from the audit comfort cycle. The taking stock meetings continue to respond to the question: Do we have enough comfort?
26Achieving the Right Balance No/Limited Controls Comfort Significant Controls ComfortThis graphic depicts the testing continuum that we follow - while not prescribing which controls that must be tested. The engagement’s teams judgment is critical, and partner-led decisions are essential. Getting to the right balance in the testing approach is key to providing the highest quality audit.
27Assurance Hierarchy Yes No Yes No Yes No Test controls. Will we obtain audit assurance from tests of controls?YesNoTest controls.Can we obtain audit assurance from substantive analytical procedures?YesPerform substantive analytical procedures.Our determination of the type and extent of substantive testing to be performed is based on our responses to this assurance hierarchy decision tree. The way we perform substantive tests has not changed significantly and we continue to promote the use of Computer Assisted Auditing Techniques wherever possible.NoDo we need additional audit assurance?YesNoPerform tests of details.No further testing required.
28Other Audit Procedures Market OverviewStrategyValue Creating ActivitiesFinancial PerformanceOTHER AUDIT PROCEDURESFINANCIAL STATEMENTSCOMPLETIONACCEPTANCE/CONTINUANCE ASSESSMENTSUBSTANTIVE AUDIT EVIDENCEMAINLY SUBSTANTIVEANALYTICAL PROCEDURESSIGNIFICANTCONTROLSCOMFORTNO/LIMITEDMAINLY TESTS OF DETAILSIn completing the audit we need to ensure the management information we have been relying on reconciles to the financial statements. This process is initially documented as part of scoping and progresses as we determine which reports management is relying on.We consider subsequent events, analyze legal letters, review the financial statements and related disclosures and perform other procedures to bring the audit to completion.
29Other Audit Procedures: More Connecting the Dots Link management information to financial statementsReview adjustments necessary to reconcile management information to the financial statementsReview non-standard journal entries and other adjustments to ascertain whether entries may be indicative of fraud based upon the risk of management override on controlsPerform ongoing analytical procedures, including updating analytical procedures related to revenueThese other auditing procedures represent the final step in “connecting all the dots” in order for us to issue our audit report.
30Audit Committee Communications Framework: Objectives Promote effective and candid communicationsEnhance timely reporting, dialogue and sharing viewsService approachRisk and ControlFinancial ReportingGovernanceProvide consistency in our deliverables through recommended templates and practice aidsThroughout the audit, we must maintain continuous communication with both management and those charged with governance of the company. Our Audit Committee Communications plan is designed to promote this communication by providing structure and consistency. The plan is centered around four central themes.
31Ongoing assessment of needs & expectations Audit Committee Communications PlanGetting startedUnderstanding the auditStaying informedResolution and completion[Indicate timing][Indicate timing][Indicate timing][Indicate timing]Our audit planPwC principles and practicesReporting timetableBusiness unit scopeEngagement teamOther deliverablesService approachCommunications planEngagement letter and independence confirmationRisk analysisInternal control and business issues reportUpdate on accounting/audit issues and risk analysisRisk and controlPerspectives on fraud riskRisk condition alertOther regulatory requirements – planReportingrequirementsInternal control deficienciesAccounting policiesManagement judgmentsQuality of earningsIndependenceTransparencyQuarterly reviewQuarterly reviewQuarterly reviewFinancial reportingAudit opinionThis graphic provides a summary depiction of our consolidated approach to communicating to those charged with governance throughout the auditTransparency of corporate reportingBest practices in corporate reportingGovernanceCorporate governance:roles and practicesAssessing our performance and yoursOngoing assessment of needs & expectations
32The PwC Audit Global approach adaptable to all clients Designed for continuous improvementPerformance metrics will play a larger role in future auditsAudit quality is at the core of our long term business objectives.In summary, we believe that we have developed a flexible audit methodology that is scalable to our largest global clients as well as our smallest private customers.We have built an ongoing development and continuous improvement process to address the rapidly changing environment we face.We continue to believe that assurance around performance measures will grow in importance in the coming years.But ultimately, our success in the future – our very viability – will be determined by the quality of execution on our audits. Thus, the centerpiece of our business strategy – both short-term and long-term – is to consistently achieve the highest level of audit quality.