Presentation is loading. Please wait.

Presentation is loading. Please wait.

AICPA Auditing Standards Update: Change, Change, Change… NASACT Audio Conference April 19, 2006 Presented by Frank Crawford, CPA President, Crawford &

Similar presentations


Presentation on theme: "AICPA Auditing Standards Update: Change, Change, Change… NASACT Audio Conference April 19, 2006 Presented by Frank Crawford, CPA President, Crawford &"— Presentation transcript:

1 AICPA Auditing Standards Update: Change, Change, Change… NASACT Audio Conference April 19, 2006 Presented by Frank Crawford, CPA President, Crawford & Associates, P.C.

2 Slide 2 Objectives today Review recently issued Generally Accepted Auditing Standards (GAAS) Assess impact of standards on the auditing profession Take questions Consider career change

3 Slide 3 Background AICPA audit standard-setting appeared to be on hold the last few years However the ASB appears to have returned with a flurry of new standards Overall focus is now attempting to mirror the International Audit and Attestations Standards Board (IAASB) Standards

4 Slide 4 Recently Issued Documents Standards issued recently –102, Defining Professional Requirements in Statements on Auditing Standards –103, Audit Documentation – , Audit Risk Assessment Suite of Standards

5 Slide 5 Recently Issued Documents Exposure drafts outstanding –Amendment to SAS 69, The Meaning of Present Fairly…(applicable only for nongovernmental entities) –Proposed Statement on Standards for Attestation Engagements, Reporting on an Entitys Internal Control Over Financial Reporting –Proposed Statement on The Auditors Communication With Those Charged With Governance –Proposed Statement on Communication of Internal Control Related Matters Noted in an Audit

6 Slide 6 SAS 102 This Statement on Auditing Standards (SAS) sets forth the meaning of certain terms used in SASs issued by the Auditing Standards Board in describing the professional requirements imposed on auditors. This statement was effective upon issuance… Introduction to SAS 102

7 Slide 7 SASs use two categories of professional requirements, identified by specific terms, to describe the degree of responsibility they impose on auditors, as follows: –Unconditional requirements. The auditor is required to comply with an unconditional requirement in all cases in which the circumstances exist to which the unconditional requirement applies. SASs use the words must or is required to indicate an unconditional requirement. SAS 102 Professional Requirements

8 Slide 8 –Presumptively mandatory requirements. The auditor is also required to comply with a presumptively mandatory requirement in all cases in which the circumstances exist to which the presumptively mandatory requirement applies; however, in rare circumstances, the auditor may depart from presumptively mandatory requirement provided the auditor documents his or her justification for the departure and how the alternative procedures performed in the circumstances were sufficient to achieve the objectives of the presumptively mandatory requirement. SASs use the word should to indicate a presumptively mandatory requirement. SAS 102 Professional Requirements

9 Slide 9 SAS Defining Professional Requirements Its hard to believe that we need a SAS to tell us that –Must means must; –Is required means is required; and –Should means should, but explain if you don't But, oh well…

10 Slide 10 SAS Audit documentation SAS 103 –Audit Documentation Effective for audits of financial statements for periods ending on or after December 15, 2006 Bringing GAAS more in line with what the Yellow Book standards have required for a number of years –Uses and experienced auditor reference point –Lists factors to consider when determining the nature and extent of audit documentation over particular areas –Requires documentation of who performed the audit work, the date is was performed, who reviewed it and the date it was reviewed

11 Slide 11 SAS 103 Audit documentation SAS 103 –Audit Documentation Bringing GAAS more in line with what the Yellow Book standards have required for a number of years –Provides guidance to the auditor when making changes to audit documentation after delivery of the auditors report –Gives the auditor 60 days from the delivery of the audit report to get all of their audit files assembled and in order –Certain audit documentation retention issues (5 years) –Document also contradictory, inconsistent conclusions and how they were resolved, and to justify any departure from the SASs –Dont date the audit report until you have gathered enough evidence that the financial statements are fairly presented, evidence which includes both the preparation of, and managements review, evaluation, and acceptance of responsibility for, the financial statements –The theory being that it must be tough to opine on something nobody has yet seen, including the auditor…

12 Slide 12 SAS , Risk Assessment Standards 1.SAS No. 104, Amendment to Statement on Auditing Standards No. 1, Codification of Auditing Standards and Procedures; 2.SAS No. 105, Amendment to Statement on Auditing Standards No. 95, Generally Accepted Auditing Standards; 3.SAS No. 106, Audit Evidence; 4.SAS No. 107, Audit Risk and Materiality in Conducting an Audit; 5.SAS No. 108, Planning and Supervision; 6.SAS No. 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement; 7.SAS No. 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained; and 8.SAS No. 111, Amendment to Statement on Auditing Standards No. 39, Audit Sampling

13 Slide 13 Background The objectives of the SASs are to improve audit effectiveness by requiring: A more in-depth understanding of the entity and its environment, including its internal control. More rigorous assessment of the risks of material misstatement (whether caused by error or fraud) of the financial statements. A linkage between the assessed risks and the nature, timing, and extent of audit procedures performed in response to those risks.

14 Slide 14 Significant Changes to Existing Practices Identifying and assessing the risks of material misstatements at both the financial statement level and the relevant assertion level by performing risk assessment procedures. Designing and performing tailored further audit procedures responsive to assessed risks at the relevant assertion level Linkage of audit procedures to the risk of material misstatement.

15 Slide 15 Overview of SASs SAS No. 104, Amendment to SAS No. 1 SAS No. 104 expands the definition of reasonable assurance as a high level of assurance

16 Slide 16 Overview of SASs SAS No. 105, Amendment to SAS 95, Generally Accepted Auditing Standards Internal control replaces the entity and its environment, including its internal control Further audit procedures replaces tests to be performed Audit evidence replaces evidential matter Reflects new usage of terms required by SAS No. 102.

17 Slide 17 Overview of SASs SAS No. 106, Audit Evidence (Amends SAS 31) The auditor must obtain sufficient audit evidence by performing audit procedures to afford a reasonable basis for an opinion regarding the financial statements under audit.

18 Slide 18 Overview of SASs SAS No. 106, Audit Evidence Audit evidence is all the information used by the auditor in arriving at the conclusions on which the audit opinion is based and includes: –Entitys accounting records, –Confirmations, –Minutes, –Industry reports, –Audit procedures such as inquiries, observations, inspections, etc.

19 Slide 19 Overview of SASs SAS No. 106, Audit Evidence (continued) Categories of Managements Assertions a.Classes of transactions b.Account balances c.Presentation and disclosure

20 Slide 20 Overview of SASs SAS No. 107, Audit Risk and Materiality (Amends SAS 47) The auditors should perform the audit to reduce audit risk to a low level that is (in his or her judgment) appropriate for expressing an opinion on the financial statements.

21 Slide 21 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) The auditor should consider audit risk at both: a.Overall financial statement level b.Assertion level

22 Slide 22 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) Financial statement level risks include, for example: –Fraud –Incompetent management –Related party transactions

23 Slide 23 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) At the account balance, class of transactions, or disclosure level, audit risk consists of: a.Combined risk assessment, which consists of: 1.Inherent risk 2.Control risk b.Detection risk

24 Slide 24 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) The auditor should assess the risk of material misstatement at the relevant assertion level as a basis for further audit procedures. The auditor should have an appropriate basis for this assessment.

25 Slide 25 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) The determination of materiality, both quantitative and qualitative, is a matter of professional judgment.

26 Slide 26 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) Tolerable Misstatement (or error)is the maximum error in a population (e.g., the class of transactions or account balance) that the auditor is willing to accept. Tolerable misstatement is used to design substantive procedures.

27 Slide 27 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) The auditor should reassess the materiality determined during the planning process. Failure to do so may result in inadequate audit procedures.

28 Slide 28 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) The auditor must accumulate: a.Known misstatements - these are specific misstatements arising from the incorrect selection or misapplication of accounting principles or misstatements of facts identified during the audit. b.Likely misstatements – these are misstatements that include: 1.Audit differences involving auditing estimates and 2.Projected misstatements based on extrapolation of audit evidence.

29 Slide 29 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) Auditors responses to identified misstatements Type of misstatement Request management to: KnownCorrect misstatements Likely - estimatesExamine accounts or class of transactions Likely - projectedReview assumptions and methods

30 Slide 30 Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) Evaluating audit findings – the auditor must consider the effect (individually and in the aggregate) of misstatements (known and likely) identified by the auditor that are not corrected by management. Document, document, document

31 Slide 31 Overview of SASs SAS No. 108, Planning and Supervision (Amends SAS 1 and SAS 22) The auditor must adequately plan the work and must properly supervise any assistants.

32 Slide 32 Overview of SASs SAS No. 108, Planning and Supervision (continued) SAS No. 108 discusses: Appointment of the independent auditor, Establishing a written understanding with the client, Preliminary engagement activities, The overall audit strategy, The audit plan, Determining the extent of involvement of specialists, Additional considerations in initial audit engagements.

33 Slide 33 Overview of SASs SAS No. 109, Assessing Risks The auditor must obtain a sufficient understanding of the entity and its environment, including its internal control, to assess the risk of material misstatement of the financial statements whether due to error or fraud, and to design the nature, timing, and extent of further audit procedures.

34 Risk Assessment Overview Fraud Risk Factors Respond Risk Assessment New Process Brainstorming Inquiries Analytical Procedures Other

35 Slide 35 Overview of SASs SAS No. 109, Assessing Risks (continued) Understanding the entity and its environment, including its internal control. –Industry, regulatory, and other external factors –Nature of the entity –Objectives and strategies and the related business risks that may result in a material misstatement of the financial statements –Measurement and review of the entity's financial performance –Internal control

36 Slide 36 Overview of SASs SAS No. 109, Assessing Risks (continued) The auditor should obtain a sufficient understanding of internal controls to: a.Evaluate the design of controls relevant to the audit, b.Determine whether the controls have been implemented.

37 Slide 37 Overview of SASs SAS No. 109, Assessing Risks (continued) The auditor should perform risk assessment procedures to obtain an understanding of internal control. Procedures include observation, inspection, or performing walkthroughs. Inquiry alone is not sufficient to evaluate the design of controls and whether they have been implemented.

38 Slide 38 Overview of SASs SAS No. 109, Assessing Risks (continued) The auditor should identify and assess the risks of material misstatements at: a.Financial statement level b.The relevant assertion level

39 Slide 39 Overview of SASs SAS No. 109, Assessing Risks (continued) The auditor should use the risk assessment to determine the nature, timing and extent of the further audit procedures to be performed. When the risk assessment is based on an expectation that controls are operating effectively, the auditor should perform tests of controls.

40 Slide 40 Overview of SASs SAS No. 109, Assessing Risks (continued) Significant risks –Require special audit consideration –Different than high inherent risk –Often relate to significant nonroutine transactions and judgmental matters

41 Slide 41 Overview of SASs SAS No. 110, Performing Procedures (together with Assessing Risks amend SAS 55) The auditor must obtain sufficient appropriate audit evidence through audit procedures performed to afford a reasonable basis for an opinion regarding the financial statements taken as a whole.

42 Slide 42 Overview of SASs SAS No. 110, Performing Procedures (continued) SAS No. 110 provides guidance on: a.Determining overall responses b.Designing and performing further audit procedures

43 Slide 43 Overview of SASs SAS No. 110, Performing Procedures (continued) The auditor should design and perform further audit procedures that are responsive to the assessed risk at the relevant assertion level. The purpose is to provide a clear linkage between the risk assessments and the further audit procedures.

44 Slide 44 Overview of SASs SAS No. 110, Performing Procedures (continued) Audit Approach a.The auditor should have an appropriate basis for the audit approach. b.Defaulting to a maximum control risk without an appropriate basis is no longer permitted. c.Nature, timing, extent

45 Slide 45 Overview of SASs SAS No. 110, Performing Procedures (continued) Test of controls must be tested: a.Auditors risk assessment includes an expectation of the operating effectiveness of controls, or b.Substantive procedures alone do not provide sufficient audit evidence

46 Slide 46 Overview of SASs SAS No. 110, Performing Procedures (continued) Test of Controls may be rotated –The auditor should test the operating effectiveness of controls at least every three years in an annual audit –The auditor should update his or her understanding to ensure controls have not changed –If the auditor plans to rely on control that have changed, the auditor should test the controls

47 Slide 47 Overview of SASs SAS No. 110, Performing Procedures (continued) If the auditor plans to rely on controls that mitigate significant risks, the auditor needs to test those controls in the current period, that is, these controls cannot be rotated.

48 Slide 48 Overview of SASs SAS 111, an amendment to SAS 39, Audit Sampling –Moves guidance from the appendix into the body of the statement and into SAS 107 –Also incorporates discussion from SAS 99 and SAS 110 –Enhances guidance to the auditor about his/her judgments related to tolerable misstatement

49 Slide 49 Overview of SASs The standards are effective date for audits of financial statements with periods beginning after 12/15/06 (Calendar 07, FY 08 audits) To assist implementation of the standards an audit guide will be issued. Read Audit Risk Alert entitled, Understanding the New Auditing Standards Related to Risk Assessment for a summary of the standards of highlights of significant changes

50 Slide 50 Exposure Draft – Reporting on an Entitys Internal Control Applicable to and appropriate for examinations of the internal control of non-issuers Reflects guidance in PCAOB Auditing Standard #2 In other words, follow this standard when management of a non-publicly traded company wants an opinion on internal control Comment period ends May 19, 2006 Probably will be effective upon issuance

51 Slide 51 Exposure Draft – Communication With Those Charged with Governance Proposed replacement for SAS 61, Communication with Audit Committees –Necessary due to the ramifications of the well-publicized audit failures and the need for open communication between the auditor and those charged with governance –Stresses the importance of communication being a two-way street –It appears to take the current SAS 61 communication requirements, and adds more –Comment period ends May 31, 2006 –Proposed effective date is for audits of financial statements for periods beginning after December 15, 2006

52 Slide 52 Exposure Draft – Communication of Internal Control Matters Communication of Internal Control Related Matters Noted in an Audit –Uses new definitions of what is to be reported as an internal control finding, removing the term reportable condition, and now using the terms control deficiency, significant deficiency and revising the term material weakness A word to the wise here, it appears that the new definitions are much more broad than the old ones –Requires the auditor to evaluate findings based upon which severity bucket (my term) the finding falls in –Requires written communication of all significant deficiencies and material weaknesses (even those that have been reported to the entity previously) to management and those charged with governance –Written communication should be made by the financial statement audit report delivery date, or at least, no later than 60 days following the report release date

53 Slide 53 Exposure Draft – Communication of Internal Control Matters Communication of Internal Control Related Matters Noted in an Audit –Inherent in this is that the auditor cant be a part of the entitys COSO internal control framework for financial reporting without that involvement being considered at least a significant deficiency, which is more than likely also a material weakness, which would be reported to management and those charged with governance every year –Proposed effective date is for audits of financial statements for periods ending on or after December 15, 2006 (but I think it will be changed)

54 Questions???


Download ppt "AICPA Auditing Standards Update: Change, Change, Change… NASACT Audio Conference April 19, 2006 Presented by Frank Crawford, CPA President, Crawford &"

Similar presentations


Ads by Google