1 / 28

New Auditing Standards

New Auditing Standards. Laurie Ball, CPA Swenson Advisors, LLP (Murrieta) Audit Director Accounting Day May 12, 2008. Overview of Risk Standards. 8 new SAS’s (No. 104 through No. 111) issued March 2006 - Collectively referred to as Risk Assessment Standards

Download Presentation

New Auditing Standards

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. New Auditing Standards Laurie Ball, CPA Swenson Advisors, LLP (Murrieta) Audit Director Accounting Day May 12, 2008

  2. Overview of Risk Standards 8 new SAS’s (No. 104 through No. 111) issued March 2006 - Collectively referred to as Risk Assessment Standards • Applicable to all non-PCAOB audits • Effective for audits of periods beginning on or after December 15, 2006 (generally calendar year 2007)

  3. No. 104 – Due Professional Care (Amends to SAS No. 1) No. 105 – GAAS(Amends SAS No. 95) No. 106 – Audit Evidence No. 107 – Audit Risk & Materiality No. 108 – Planning and Supervision No. 109 – Understanding the Entity and Assessing Risks of Material Misstatement No. 110 – Audit Procedures in Response to Risks and Evaluating Audit Evidence No. 111 – Audit Sampling The 8 New Risk Standards

  4. Objectives of New Risk Standards • More in-depth understanding of the audited entity and its environment • More rigorous assessment of the risks of where and how the financial statements could be materially misstated • Improved linkage between the auditor’s assessed risks and the nature, timing and extent of the audit procedures to be performed

  5. Audit Strategy Audit Plan Auditor’s operational approach to achieving the objectives of the audit; high-level determination by audit area (previously referred to as the Audit Plan) A more detailed; includes nature, timing and extent of procedures (previously referred to as the Audit Program) New Vocabulary

  6. Audit Evidence Sufficient, Appropriate Evidence All the information used by the auditor in arriving at conclusions on which audit opinion is based (previously referred to as the evidential matter) Replaces sufficient, competent evidential matter (for compatibility with ISA) New Vocabulary (continued)

  7. Those Charged with Governance Significant Deficiencies Group responsible for oversight of financial reporting; more general and inclusive than previous Audit Committee reference(also for compatibility with ISA) Replaces previous concept of reportable conditions New Vocabulary (continued)

  8. So What Does this all mean?!

  9. Central Themes of New Standards • Better understanding (and documentation!) of internal control to be used in risk assessment • Checklist-driven approach no longer acceptable • Auditor judgment emphasized in the assessment of and response to risk • Learning about client is not part of planning the audit – it is the audit!

  10. Preliminary Team “Brainstorming” Meeting Now Required • Consider nature and magnitude of possible misstatement risks (whether they are caused by error OR fraud) • Should be held prior to designing further audit procedures • Many examples of risks to consider in Appendix C of SAS No. 109

  11. “Understanding of Internal Control” Now Required • Provides a basis for assessment (can no longer “default” to high risk) • Includes a review of the design of controls and a confirmation they are in operation • MORE than inquiry • Walkthrough and observation • Auditors NOT required to test or rely on controls as part of their audit strategy

  12. “Linkage” Now Required • Identified risks are REQUIRED to be linked to relevant controls and audit actions designed to respond to these risks • Helps audit team determine if responses are appropriate • Helps reviewers (including peer reviews) follow the implantation of the audit

  13. Other New Standards

  14. Overview of Additional Standards • 3 additional new SAS’s: • SAS 112 establishes standards for communicating internal control matters (supersedes SAS 60) • SAS 113 makes conforming and other minor terminology changes to existing standards • SAS 114 revises standards for communicating with “those charged with an entity’s governance”(supersedes SAS 61) • All effective for calendar year 2007

  15. Overview of SAS 112 & 114 Significant deficiencies and material weaknesses must be reported to management and those charged with governance

  16. Overview of SAS 113 • Conforms terminology describing professional requirements • Links the consideration of fraud to auditor’s assessment of and response to risk • Clarifies date of report is date sufficient appropriate audit evidence obtained • Clarifies date of management rep letter should be the same as audit report

  17. Questions?!

  18. Contact me at laurie.ball@swensonadvisors.com

  19. Risk Standards “By the Numbers”

  20. Risk Assessment By the Numbers: SAS 104 • Requires auditor to obtain sufficient appropriate audit evidence to limit audit risk to a low level • Should obtain a high, but not absolute, level of assurance that the financials are free of material misstatements

  21. Risk Assessment By the Numbers: SAS 105 • Scope of understanding expanded to include the entity and its environment, including its internal control • Considered to provide audit evidence supporting opinion (not just planning) • Emphasizes the link between understanding the entity, assessing risks and the design of further audit procedures; no more “generic” audit programs

  22. Risk Assessment By the Numbers: SAS 106 • Defines audit evidence and provides guidance on the reliability of various kinds of evidence • New groups of assertions by classes of transactions, account balances and presentation and disclosure • Defines relevant assertions as those having meaningful bearing on whether something is fairly stated

  23. Risk Assessment By the Numbers: SAS 106 (continued) • Defines risk assessment procedures, which along with results of further audit procedures, provide basis for opinion • Describes the types of audit procedures that may be used alone or in combination throughout audit (including risk assessment process)

  24. Risk Assessment By the Numbers: SAS 107 • Extended discussion of materiality in more qualitative terms (e.g., consider users of financial statements) • Audit risk and materiality are used to identify and assess the risk of material misstatement • Discusses evaluating audit evidence and communicating material misstatements to those charged with governance

  25. Risk Assessment By the Numbers: SAS 108 • Significant discussion of preliminary engagement activities and components of overall audit strategy and audit plan • Discusses use of specialists • Makes clear that planning process is ongoing • Supervisory communications should go both ways

  26. Risk Assessment By the Numbers: SAS 109 • Defines risk assessment procedures • Requires audit team discussion of susceptibility of financials to material misstatement (from both errors and fraud) • Directly links risk assessment to design and performance of further audit procedures • Guidance on how to evaluate the design of internal control and determine if design adequate and controls have been implemented

  27. Risk Assessment By the Numbers: SAS 110 • Significant discussion of overall responses to address identified risks • Requires documentation of linkage between assessed risks and the design of further audit procedures • Guidance on matters to consider when determining the nature, timing and extent of such procedures

  28. Risk Assessment By the Numbers: SAS 111 • Moves appendix from SAS 39 into body of new SAS (now authoritative not interpretive) • Enhanced guidance on tolerable misstatement

More Related