300 likes | 762 Views
Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 2. Corporate Governance, Audit Standards. Define Corporate Governance.
E N D
Rittenberg/Schwieger/JohnstoneAuditing: A Business Risk ApproachSixth EditionChapter 2 Corporate Governance, Audit Standards
Define Corporate Governance • "a process by which the owners and creditors of an organization exert control and require accountability for the resources entrusted to the organization. The owners (stockholders) elect a board of directors to provide oversight of the organization's activities"
The primary parties involved in corporate governance • Stockholders • Boards of Directors • Audit Committees of the Board • Management • Self-Regulatory Accounting Organizations (e.g. AICPA, FASB) • Other Self-Regulatory Organizations (e.g. NYSE, NASD) • Regulatory Agencies (e.g. SEC) • External Auditors • Internal Auditors
What are SEC concerns regarding the auditing profession? • Auditors were no longer willing to confront clients over questionable accounting practices • Consulting fees were impairing auditor independence • Accountants were using technical interpretations of GAAP to push the limits of accounting
What are the Public Oversight Board (POB) concerns? • Analytical procedures used inappropriately to replace direct tests of account balances • Audit firms not thoroughly evaluating internal control and applying substantive procedures to address weaknesses in control • Audit documentation, especially related to audit planning, did not meet professional standards • Auditors ignored warning signs of fraud and other problems • Auditors were not providing sufficient warning about companies that might not continue as 'going concerns'
The Sarbanes/Oxley Act of 2002 was passed by Congress in response to massive accounting scandals. Significant provisions include: • Establishes the Public Companies Accounting Oversight Board (PCAOB) with broad authority, including the power to set auditing standards for audits of publicly traded companies • Requires the CEO and CFO certify the financial statements • Requires companies to provide a comprehensive report on internal controls over financial reporting and that auditors report on internal controls • Audit Committees given expanded powers as the 'audit client' and must pre-approve any non-audit services by its external auditors • Audit Committees must report their activities to the public
The Sarbanes/Oxley Act of 2002 (continued) • Audit Committees must have at least one person who is a financial expert. Other members must be knowledgeable in financial accounting and control • Audit engagement partners, as well as other partners and managers with significant roles in the audit, must be rotated off the engagement every five years • A "cooling off" period before an audit partner or manager can take a high-level position with an audit client without jeopardizing the independence of the public accounting firm • Increased disclosure of "off-balance sheet" transactions or agreements that may have a material effect Requires the GAO to study a number of issues including the effect of consolidation on competition with the accounting profession, and an analysis of mandatory audit firm rotation
Sarbanes/Oxley granted the PCAOB broad authority including the power to • Set auditing standards - the PCAOB has chosen to set auditing standards • Set financial accounting standards - the PCAOB has chosen to let the FASB continue to set accounting standards • Set standards for the reports on internal control and risk management • Perform quality reviews of public accounting firms and recommend penalties if the firms fail to perform • Establish quality control standards for the audits of public companies • Require all public accounting firms that audit public companies to register with the PCAOB and become licensed to perform such audits
What are auditor independence provisions? • Prohibits audit firms from performing consulting work for their audit clients (in most cases) • Makes the Audit Committee the auditor's client • Requires the Audit Committee to pre-approve any non-audit services by the audit firm • Requires partner rotation on all public company audits every five years
Discuss Corporate Responsibility for Financial Reports • Sarbanes/Oxley Act requires the CEO and CFO to certify the accuracy of the financial statements and provides criminal penalties for misrepresentation • The Act also-- • Requires management to describe whether they have implemented a Corporate Code of Conduct • Requires management to report on the effectiveness of internal control over financial reporting
What is the enhanced role of audit committees under Sarbanes? • Is designated as the audit client • Has oversight responsibilities over the internal audit and financial reporting processes • Must be comprised of "outside" directors, i.e. not members of management or have other relationships with the organization • Must report on its activities, including the results of significant discussions with the external auditor
Audit committee responsibilities include • Be apprised of all significant accounting decisions made by management • Be apprised of all significant changes in accounting systems and system controls • Have authority to hire and fire the external auditor • Review the audit plan and discuss audit results with the auditor • Have authority to hire and fire the head of the internal audit function and set the budget for the internal audit function • Review the audit plan and discuss all significant results • Receive all regulatory audit reports and meet with regulatory auditors to discuss findings
What are the required communications to the audit committee? • Auditing standards (SAS 61) require specific communications between the audit committee and the external auditor: • Auditor's responsibility under Generally Accepted Auditing Standards • Significant Accounting Policies • Management Judgments and Accounting Estimates • Significant Audit Adjustments • Other Information in Annual Reports • Disagreements with Management
Generally Accepted Auditing Standards (GAAS) • General Standards provide guidance in hiring and training of auditors • Fieldwork Standards help auditors plan and perform the audit • Reporting Standards help ensure clear communication between auditor and statement users
General Standards • The examination is to be performed by a person or persons having adequate technical training and proficiency as an auditor • In all matters relating to the assignment, the auditor must maintain an independent mental attitude • Due professional care is to be exercised in the performance of the examination and preparation of the report
Fieldwork Standards • The work shall be adequately planned and assistants, if any, properly supervised • A sufficient understanding of the entity and its environment, including its internal control, is to be obtained to assess the risk of material misstatement of the financial statements whether due to error or fraud, and to design the nature, timing, and extent of further audit procedures • Sufficient competent audit evidence is to be obtained through audit procedures performed to provide a reasonable basis for an opinion regarding the financial statements under examination
Reporting Standards • The audit report shall state whether statements are fairly presented in accordance with Generally Accepted Accounting Principles • The audit report shall identify those circumstances in which accounting principles have not been applied on a consistent basis with the preceding period • Informative disclosures in the financial statements are to be regarded as reasonably adequate unless otherwise stated in the audit report
Reporting Standards (continued) • The audit report shall contain either expression of opinion regarding the financial statements, taken as a whole, or an assertion that an opinion cannot be expressed. When an opinion cannot be expressed, the reasons should be stated. In all cases where an auditor's name is associated with financial statements, the report should contain a clear-cut indication of the character of the auditor's examination, if any, and the degree of responsibility the auditor is taking
Attestation Standards Financial statement audits are only a small part of the demand for assurance services. Attestation standards have been developed to ensure quality for a broader array of services beyond financial statement audits. Such services include attesting to financial forecasts and projections, pro forma financial information, internal controls, compliance with contracts or regulatory requirements, and agreed-upon procedures
Attestation Standards (continued) Similar to GAAS with the exception of • Assertions are specific to the area on which the attestation is being performed • Practitioner must have adequate knowledge in subject matter of the assertion • Practitioner shall perform engagement only if the assertion is capable of evaluation against an established reasonable criteria and reasonable consistent estimation or measurement • The report provides assurance related to the specific assertion
Summary of Audit Standard Setting and Authority (continued) Audit Standard SetterScope and Basis of Authority Public Company Authority Base: U.S. Congress: Expressed in the Accounting Standards Sarbanes-Oxley Act of 2002 Board (PCAOB) Scope: Sets audit standards for the audits of all public companies that are registered with the SEC American Institute Authority Base: Historical, as self-regulatory of CPAs (AICPA) organization that had earned the public's trust Scope: Auditing standards for the audits of small non-public companies Attestation standards for areas other than public company reports on internal control Assurance services that are less in scope than an audit such as reviews and compilations
Summary of Audit Standard Setting and Authority (continued) General Accounting Authority Base: Congressional laws Office (GAO) establishing the GAO as audit arm of the Congress and delegating to them the authority to set standards for audits of governmental entities Scope: Sets audit standards for the audits of all governmental entities in the U.S. International Audit Authority Base: As agreed upon by countries Standards Committee who agree to abide by their standards (IASC) Scope: Standards for financial statement audits across most of Europe and many developing countries
Summary of Audit Standard Setting and Authority(continued) International Audit Authority Base: Developed by the Institute Standards Board of Internal Auditors as a self-regulatory organization Scope: Standards for the practice of internal auditing around the world
Overview of Audit Process: A Standards-Based Approach (1) • Planning the Audit • Understanding with the Audit Client • Scope of services to be provided • Management responsibilities • Coordination of work with client personnel • Audit fees and expectations of each party • Develop an Understanding of Materiality • Audit must be planned to provide reasonable assurance that material misstatements will be detected
Overview of Audit Process: A Standards-Based Approach (2) • Develop a Preliminary Audit Program • Develop understanding of client business and industry • Develop understanding of risks client faces and how they might affect • the company's financial statements • Develop understanding of management compensation plans and how those • plans may motivate management actions • Develop preliminary understanding of client's internal controls over • financial reporting
Overview of Audit Process: A Standards-Based Approach (3) • Develop audit program on audit risk, internal control quality, • accounting assertions, and materiality • Develop understanding of client's accounting policies and procedures • Anticipate financial statement items likely to require adjustment • Identify factors that might require modification of audit tests • Determine the type of reports to be issued
Overview of Audit Process: A Standards-Based Approach (4) Gathering Audit Evidence: Testing Assertions Third Standard of Fieldwork requires auditor to gather "sufficient, competent, evidential matter" in order to reach a conclusion on the fairness of the financial statements • Audit Process is Designed to Examine Assertions • The assertions inherent in the accounting communication: existence, • completeness, rights and obligations, valuation, and disclosure/ • presentation
Overview of Audit Process: A Standards-Based Approach (5) Summarize Audit Evidence and Reach Audit Conclusion • If the evidence supports fair presentation, auditor can move on to • other areas of investigation • If the evidence does not support fair presentation, auditor will gather • additional evidence. This will lead auditor to one of three states: • Auditor reaches a conclusion and the client agrees to adjust the • financial statements • Auditor reaches a conclusion, but the client disagrees. The auditor • will issue a report describing the differences in opinion • Auditor is unable to reach a conclusion and the amounts are so • material, the auditor cannot render an opinion
Overview of Audit Process: A Standards-Based Approach (6) • Reach an Audit Conclusion and Issue a Report • For most engagements, the auditor will reach a conclusion that the financial statements are fairly stated and will issue an unqualified audit report • Before issuing the report, the auditor will meet with the audit committee to discuss the audit process and the overall fairness of the company's financial statements