Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Auditing Standards Update NASACT Conference August 14, 2012 James R Dalkin.

Similar presentations

Presentation on theme: "1 Auditing Standards Update NASACT Conference August 14, 2012 James R Dalkin."— Presentation transcript:

1 1 Auditing Standards Update NASACT Conference August 14, 2012 James R Dalkin

2 American Institute of CPAs AICPA Standards Update 2

3 Technical Update - AICPA Auditing Standards Clarity Project SAS 125 – Restricting the Use of an Auditors Report Group Audits SAS 118 –120 - Supplementary Information All effective for audits of financial statements beginning on or after 12/15/2010 (early application permitted) Relevant Audit Guides 3

4 Technical Update – AICPA - Clarity Standards Issued SAS No. 122, Statements on Auditing Standards: Clarification and Recodification SAS No. 123, Omnibus Statement on Auditing Standards– 2011 SAS No. 124, Financial Statements Prepared in Accordance With a Financial Reporting Framework Generally Accepted in Another Country SAS No. 125, Alert That Restricts the Use of the Auditors Written Communication Effective for audits of periods ending on or after December 15, 2012; no early implementation 4

5 Technical Update – AICPA Clarity AU Section numbers will change to correspond to ISA numbers Many changes not intended to significantly impact practice, but some will have a significant effect Additional Quality Control guidance QC responsibilities for the audit more specifically described Overall QC function remains firm responsibility, but responsibilities are engagement partners and engagement teams Some changes in audit report to more clearly describe managements responsibility New format to use report headings 5

6 Technical Update – AICPA Clarity Keep in mind that many of the clarity standards have governmental consideration paragraphs that are specific to the public sector May cover Yellow Book/compliance audit considerations May cover financial statement audit considerations 6

7 Technical Update – AICPA Clarity Group Audit Standard Will Have Bigger Impact More specific as to what group engagement partner is responsible for Will affect many governmental and NPO financial statement audits Still working to determine effect on compliance audits Listen to an archived GAQC Web event, New Group Audits Standard and Its Effect on Your Governmental and Not-For-Profit AuditsNew Group Audits Standard and Its Effect on Your Governmental and Not-For-Profit Audits 7

8 Technical Update – AICPA Clarity Clarity section of Standards Videos Mapping from extant to new standards More Listen to an archived GAQC Web event titled, Implementing the Clarified SASs in a Governmental and Not-For Profit Audit Environment: What, When, and How? Implementing the Clarified SASs in a Governmental and Not-For Profit Audit Environment: What, When, and How? 8

9 Technical Update – AICPA Clarity SAS No Government Auditing Standards reports (including A-133 reports) will contain purpose alert instead of restriction alert Pay particular attention to effective date Effective for the auditors written communications related to audits of financial statements for periods ending on or after 12/15/12 For all other engagements conducted in accordance with GAAS, this SAS is effective for the auditors written communications issued on or after 12/15/12 9

10 Technical Update Single audit reports issued after 12/15/12, new wording must be used (could affect 6/30/12 audits) Yellow Book reports associated with f/s audit, new wording not used until periods ending on or after 12/15/

11 Technical Update – AICPA – SAS Relationship of GAAP-Defined SI and GAAS GAAS GAAP 11

12 Technical Update – AICPA – SAS SAS No. 118, Other Information in Documents Containing Audited Financial Statements Requires auditor to Read the information to identify material inconsistencies Make appropriate arrangements to obtain the OI prior to the report release date – if not possible, read as soon as practicable Communicate auditors responsibility on OI & results to those charged with governance Revisions/communication required if auditor finds material inconsistencies How/where depend upon whether management makes revisions & whether material inconsistencies were found prior/post to release date Discuss material misstatements of fact Illustrative disclaimer language provided but not required 12

13 Technical Update – AICPA SAS No. 119, Supplementary Information in Relation to the Financial Statements as a Whole Scope When the auditor is engaged to report on whether SI is fairly stated, in all material respects, in relation to the f/s as a whole Requires the auditor to determine certain conditions are met Provides for specific management representations 13

14 Technical Update – AICPA SAS No. 119, Supplementary Information in Relation to the Financial Statements as a Whole Specific procedures using the materiality level used in the audit of the F/S However, keep in mind that auditor has to perform procedures beyond SAS No. 119 due to the compliance audit Consideration of subsequent events not required for SI, however still have to consider any information related to the F/S Reporting requirements under various scenarios Dating – not earlier than the date on which the auditor completed procedures on SI 14

15 Technical Update – AICPA SAS No.120, Required Supplementary Information RSI: Information that a designated accounting standard setter requires to accompany an entitys basic financial statements Establishes auditors objectives for RSI Establishes presumptively mandatory auditor requirements Reporting Requires explanatory paragraph in all circumstances that refers to RSI Establishes reporting requirements 15

16 Technical Update – AICPA - Audit Guides Primary Focus Government Auditing Standards & Circular A-133 Audits Other Industries Include State and Local Governments Not for Profit Entities Health Care Entities Gaming Sampling Audit Risk Alerts Checklists & Illustrative Statements 16

17 Technical Update – AICPA Audit Guides AICPA Audit Guide, Government Auditing Standards and Circular A- 133 AuditsAICPA Audit Guide, Government Auditing Standards and Circular A- 133 Audits 2012 edition issued in May SAS No 119 is fully incorporated into guide (including the illustrative reports and SEFA practice aids in chapter 7) Appendix added with a summary of 2011 Yellow Book revisions Two new clarity Appendixes Information on AU-C sections with substantive changes or significant clarifying changes resulting from clarity Table that maps current AU sections to the new AU-C section numbers GAS-A133 Audit Risk Alert Coming Soon Guide - Looking forward Clarity New Yellow Book 17

18 Technical Update – AICPA – Audit Guides AICPA A&A Guide, State and Local GovernmentsAICPA A&A Guide, State and Local Governments 2012 Edition expected in July 2012 Incorporated GASB 62 (earlier than normal) but did so with appropriate footnotes to assist those that have not early implemented. Also updated for SAS Nos. 118, 119 & 120; illustrative reports updated for these statements and will also be posted on GAQC Web site Other SLG Publications Coming Soon! Updated SLG Practice Aid for Other Comprehensive Basis of Accounting SLG Audit Risk Alert 18

19 Technical Update – OMB Compliance Supplement – Emphasis Areas An auditor may consider a Type A program or cluster to be low-risk if all of the following conditions exist: Program or cluster had Recovery Act expenditures in the prior audit period; Program or cluster was audited as a major program in EITHER OF THE TWO PRIOR AUDIT PERIODS; Recovery Act expenditures in the current audit period are less than 20% of the total program or cluster expenditures; and Auditor has followed Section 520(c) and 525 of OMB Circular A-133 and determined that the program or cluster is otherwise low-risk 19

20 Technical Update – OMB Proposed Single Audit Changes Proposed Changes to Single Audit OMB issued an Advance Notice of Proposed Guidance titled, Reform of Federal Policies Relating to Grants and Cooperative Agreements; cost principles and administrative requirements (including Single Audit Act)Reform of Federal Policies Relating to Grants and Cooperative Agreements; cost principles and administrative requirements (including Single Audit Act) Why changes now? GAQC Executive Committee task force responded to the OMB Advance Notice on behalf of AICPA Feedback also obtained from general membership, other volunteer AICPA committees, and state societies Comment letter can be accessed on GAQC Web site ( 20

21 Technical Update – OMB Proposed Single Audit Changes Potential Changes Increase audit threshold from $500K to $1M Establish new category of Single Audit (Entities between $1-3M) Changes for larger Single Audits >$3M Changes to cost principles and administrative requirements 21

22 Looking Forward OMB to analyze the feedback received on Advance Notice Proposed regulatory changes may be released for comment before the end of the calendar year Revisions to OMB Circular A-133 Revisions to the OMB Cost Principles (A-21, A-87, A-122) Revision to Administrative Requirements (A-110, Common Rule) No plans that we are aware of to amend the Single Audit Act 22

23 Yellow Book Effective Dates Effective for financial audit periods ending on or after December 15, 2012 Effective for attestation periods ending on or after December 15, 2012 Effective for performance audits starting on or after December 15, 2011 Early adoption is not permitted

24 24 Primary Yellow Book Changes Updated independence Included a conceptual framework Focused on converging where practical Incorporated clarified SASs Fewer differences Added documentation requirements Additional documentation in independence Focus on non-audit services Made minor changes for performance audits

25 25 General Standards: Independence Conceptual Framework Allows the auditor to assess unique circumstances Adaptable Consistent with AICPA and IFAC frameworks Significant differences from ET Entry point for use of the framework Emphasis on services in aggregate Documentation requirement

26 26 Applying the Framework New approach combines a conceptual framework with certain rules (prohibitions) Balances principle and rules based standards Serves as a hybrid framework Certain prohibitions remain Generally consistent with Rule 101 AICPA Beyond a prohibition Apply the conceptual framework Will be used more often than AICPA 26

27 27 Chapter 3 – General Standards: Independence Threats could impair independence Do not necessarily result in an independence impairment Safeguards could mitigate threats Eliminate or reduce to an acceptable level

28 28 GAGAS Conceptual Framework for Independence

29 29 Documentation Requirement Conceptual Requirement New documentation requirement Must document when safeguards have been applied Beyond the threat level Only once safeguards are applied Document how safeguards sufficiently mitigate the threats

30 30 Independence Categories of Threats 1.Management participation threat 2.Self-review threat 3.Bias threat 4.Familiarity threat 5.Undue influence threat 6.Self interest threat 7.Structural threat

31 31 Routine Audit Services and Nonaudit Services Routine audit services pertain directly to the audit and include: Providing advice related to an accounting matter Researching and responding to an audited entitys technical questions Providing advice on routine business matters Educating the audited entity on technical matters Other services not directly related to the audit are considered nonaudit services

32 32 Routine Audit Services and Nonaudit Services Services that are considered non-audit services include: Financial statement preparation Bookkeeping services Cash to accrual conversions (a form of bookkeeping) Other services not directly related to the audit Unless specifically prohibited, nonaudit services MAY be permissible but should be documented In relation to the conceptual framework In relation to the auditors assessment of managements skill, knowledge or experience

33 33 Nonaudit Services Certain services may be permitted First, determine if there is a specific prohibition If not, the auditor should assess the nonaudit services impact on independence using the conceptual framework

34 34 Assessing Significance in the Conceptual Framework for Non-audit services The framework requires the auditor to assess the significance of threats Threats related to non-audit services often include Management participation threat Self review threat Indicators of a significant threat include: Level of services provided (aggregation assessment) Significance to the audit objective Basic understanding of the service enough to recognize material errors Facts and circumstances that increase the perception that the auditor is working as part of management

35 35 Preconditions to Performing Nonaudit Services Management should take responsibility for non- audit services performed by the auditors Auditors should document their understanding with management regarding the non-audit service Auditors should assess (AICPA) and document (GAGAS) whether management possesses suitable skill, knowledge, or experience to oversee the nonaudit service

36 36 Assessing Managements Skill, Knowledge, or Experience Factors to document include managements: Understanding of the nature of the service Knowledge of the audited entitys mission and operations General business knowledge Education Position at the audited entity Some factors may be given more weight than others GAGAS does not require that management have the ability to perform or reperform the service

37 37 Sufficiency of Skills, Knowledge and Experience Sufficient skills, knowledge and experience may be judged in part based on: Ability of the identified client personnel to identify material errors or misstatements in a non audit service work product Ability of the client to sufficient background to understand the nature and results of the audit service Ability of management to take responsibility and understand the work Client prepared material in poor condition may indicate the client is not capable of taking responsibility for the service. Significant audit findings and adjustments may also be indicative of this issue.

38 38 Safeguards – Non audit services Auditors should document safeguards when significant threats are identified. Auditor has responsibility to perform the assessment, this cannot be a management assertion Assessment should be in writing and indicate actions the auditor has taken to mitigate the threat Assessment should include a conclusion Auditor should document actions taken to mitigate the threat Examples may include: Actions taken by the client to gain an understanding of the non-audit service and detect any errors Actions taken by the auditor to preserve independence such as an extra level of review or secondary review

39 39 Bookkeeping Services May be performed provided the auditor does not Determine or change journal entries, account codings or classifications for transactions, or other accounting records without obtaining client approval Authorize or approve transactions Prepare source documents Make changes to source documents without client approval Consistent with AICPA ET 101-3

40 40 Prohibitions within Internal Audit Services provided by external auditors Setting internal audit policies or the strategic direction Deciding which recommendations resulting from internal audit activities to implement Taking responsibility for designing, implementing and maintaining internal control

41 41 Prohibitions within IT Services External auditors may not Design or develop an IT system that would be subject to or part of an audit Make significant modifications to an IT systems source code Operate or supervise an IT system Significant change in auditing prohibitions for future periods after a system implementation

42 42 Prohibitions within Valuation Services External auditors may not provide valuation services that Would have a material effect, Involve a significant degree of subjectivity, and Are the subject of an audit

43 43 Prohibitions Related to Internal Control Monitoring External auditors May not provide ongoing monitoring services May not design the system of internal controls and then assess its effectiveness May evaluate the effectiveness of controls Management is responsible for designing, implementing and maintaining internal control

44 44 Financial Statement Preparation Auditors may prepare financial statements Considered by GAGAS a non-audit service Must apply the conceptual framework Two additional documentation requirements Document application of safeguards Document assessment of managements skill, knowledge or expertise

45 45 Assessing Significance for Bookkeeping and Financial Statement Preparation Relative significance is a continuum Indicators of significant threats for bookkeeping and financial statement preparation may include: Financial statement preparation with other non-audit services such bookkeeping or cash to accrual conversions Condition of client prepared books and records Level of anticipated correction or adjustments to client prepared schedules and documents Condition of the general ledger/trial balance Less significant may be: Purely mechanical calculations

46 46 Independence Q&A Guide GAO will retire current Government Auditing Standards: Questions and Answers to Independence Standard Questions guidance

47 47 Revisions to Timeframes Related to IT and Other Services Q&A guidance prohibited installing or designing a system and subsequently performing an audit This prohibition has been deleted Other potential considerations Independence in appearance for subsequent periods Possible Safeguard: One audit cycle performed by another audit organization after the nonaudit service completion date provide a safeguard

48 48 General Standards: Continuing Professional Education (CPE) No revision to overall requirements: Minimum of 24 hours of CPE every 2 years Government Specific or unique environment Auditing standards and applicable accounting principles Additional 56 hours of CPE for auditors involved in Planning, directing, or reporting on GAGAS assignments; or Charge 20 percent or more of time annually to GAGAS assignments Minimum of 20 hours of CPE each year

49 49 General Standards: Competence CPE requirements for external specialists: External specialists are not required to meet GAGAS CPE requirements, but should be qualified and maintain professional competence

50 50 General Standards: Competence CPE requirements for internal specialists: Internal specialists serving as auditors are subject to all CPE requirements Specialized CPE count towards the required 24 hours Internal consulting specialists are not required to meet GAGAS CPE requirements, but should be qualified and maintain professional competence

51 51 General Standards: Quality Control and Assurance Harmonized quality control system with AICPA standards Additional requirements for consistency with AICPA Communicate deficiencies noted Recommend remedial action

52 52 Overall Changes for Financial Audits

53 53 Overall Changes for Financial Audits Considered Clarity Project conventions Streamlined language to harmonize with AICPA Clarified additive requirements No new requirements were added for financial audits and attestation engagements

54 54 Requirements Beyond AICPA Additional requirements relate to Auditor communication Previous audits and attestation engagements Noncompliance with provisions of contracts or grant agreements, or abuse Developing elements of a finding Documentation For attestation engagements, this applies only at the examination level

55 55 Requirements Beyond AICPA Additional requirements relate to Reporting auditors compliance with GAGAS Reporting on internal control, compliance with provisions of laws, regulations, contracts, and grant agreements, and other matters Reporting views of responsible officials Reporting confidential or sensitive information Distributing reports

56 56 Special Considerations for Government Engagements Applying certain AICPA standards Materiality Early communication of deficiencies (SAS No. 115)

57 57 Removed Duplicative Requirements Financial Audits Restatements Internal control deficiency definitions Communication of significant matters Consideration of fraud and illegal acts Attestation Engagements Internal control deficiency definitions

58 58 Chapter 5 Attestation Engagements

59 59 Chapter 5 - Attestation Engagements Separated attest requirements Examination Review Agreed-Upon Procedures Update considerations Identified practice issue Clarified distinctions between engagement types Emphasized AICPA reporting requirements

60 60 Chapter 5 - Attestation Engagements Within each section, emphasized Citing compliance with GAGAS Required elements of AICPA reporting Communicating the services to be performed

61 61 Chapters 6 & 7 Field Work & Reporting Standards for Performance Audits

62 62 Chapter 7 - Performance Audits: Reporting - Modifications Updates to fraud requirements Emphasized fraud reporting to occurrences significant to the audit objectives Fraud that is not significant within the context of the audit objectives but warrants the attention of those charged with governance should still be communicated in writing to officials

63 Resources Yellow Book 63

Download ppt "1 Auditing Standards Update NASACT Conference August 14, 2012 James R Dalkin."

Similar presentations

Ads by Google