780 likes | 910 Views
What You Need to Know About the 2010 Yellow Book Exposure Draft. A Governmental Audit Quality Center Web Event September 22, 2010. Administrative Notes. If you encounter any technical difficulties (e.g., audio issues) during this event please take the following steps:
E N D
What You Need to Know About the 2010 Yellow Book Exposure Draft A Governmental Audit Quality Center Web Event September 22, 2010
Administrative Notes • If you encounter any technical difficulties (e.g., audio issues) during this event please take the following steps: • Press the F5 key on your computer to refresh • Close and re-start your browser • Check your speakers, ensure they are not on mute • Turn off your pop-up blocker • Re-start you computer • Call InterCall Genesys Tech support 866. 871.4318, Conf ID# 1483196 • If none of the above work, submit a request for help on the “Send a Question Box” located on the left hand side of your screen. • If are unable to get assistance from Genesys for some reason, e-mail gaqc@aicpa.org or call 202-434-9207
Administrative Notes • We encourage you to submit your technical questions – please limit your questions on the content of today’s program • To submit a question, type it into the “Send a Question” box on left side of your screen; we will answer as many as possible • You can also submit questions to the GAQC member forum for consideration by other members • This event is being recorded and will be posted in an archive format to the GAQC Web site
Continuing Professional Education • Must have registered for CPE credit prior to this event; a link to the CPE Credit Approval Form was e-mailed to you • Listen for announcement of 4 CPE codes (7 digit codes: ALL_ _ _ _ ) and 4 polling questions during the event • Record CPE Codes on CPE Credit Approval Form and return completed form (by fax or mail) to AICPA Service Center for record of attendance; keep a copy for your records • If you are not receiving CPE for this call, ignore the CPE codes that we announce, but please answer the polling questions
Presenters James DalkinGovernment Accountability OfficeNancy MillerMiller Foley GroupLisa SnyderAmerican Institute of CPAs
What we will cover? • Why the Government Auditing Standards (the Yellow Book) is being revised • Anticipated timeline for the Yellow Book revision • Discussion on specific areas that GAO expects to be revised in the next Yellow Book, to include the AICPA and practitioner’s perspective
Disclaimer Required to Receive a Preview The revisions discussed are preliminary and subject to change based on feedback from the Comptroller General’s Advisory Council on Government Auditing Standards and comments received on the Exposure Draft 7
Why the Yellow Book is being revised • Promote the modernization of auditing standards • Streamline with standard setters • Address issues GAO has observed
Anticipated timeline for the Yellow Book Revision • August 2010: • Exposured Draft of 2011 Revision of GAGAS • November 22, 2010: • Comments due on Exposure Draft • February – March 2011: • Issue 2011 Revision of GAGAS • Effective date to be determined
Significant Changes Realigned Chapters 1 and 2 • Along with the introduction, Chapter 1 now includes the foundation and ethical principles of government auditing • The overall discussion on the use and application of GAGAS is now in Chapter 2 Chapter 3 • Revised independence standard
Significant Changes Chapter 4 • The chapters on financial audit performance and reporting, formerly Chapters 4 and 5 respectively, have been combined into one chapter Chapter 5 • Clarified proper use of attest engagements Chapters 6 and 7 • Clarified obligation for reporting fraud
Format Changes Use of footnotes is more consistent. • Footnotes are now used strictly to refer to other sections of GAGAS and to other audit standards • Other information that was in footnotes in previous GAGAS editions has either been moved into the GAGAS text itself or eliminated
Chapter 1 Government Auditing: Foundation and Ethical Principles
Chapter 1 – Government Auditing: Foundation and Ethical Principles Clarified or added definitions of • Auditor • Audit organizations
Chapter 1 – Government Auditing: Foundation and Ethical Principles The audit function’s structural location relative to the audited entity. • External audit organizations report to third parties externally • Internal audit organizations are accountable to top management and usually don’t report externally • Government auditors who report to both third parties and top management are considered external auditors
Chapter 1 – Government Auditing: Foundation and Ethical Principles Contains concepts and ethical principles that serve as the foundation for the requirements and guidance for GAGAS. • Purpose and applicability of GAGAS (no major changes) • Ethical principles (no major changes)
Chapter 2 Standards for the Use and Application of GAGAS
Chapter 2 – Standards for the Use and Application of GAGAS • Recognizes the terms that define professional requirements, which are consistent with terminology used in the AICPA’s Statements on Auditing Standards • Recognizes the longstanding GAGAS financial audit requirements to report on deficiencies in internal control; and on fraud, noncompliance with provisions of laws, regulations, contracts, and grant agreements, and abuse
Chapter 2 – Standards for the Use and Application of GAGAS Clarified citing compliance with GAGAS • Determination of appropriate GAGAS compliance statement is a matter of professional judgment • Departures from presumptively mandatory requirements • Using GAGAS with other standards
Chapter 3 General Standards Independence Professional Judgment Competence Quality Control and Assurance
Chapter 3 – General Standards: Independence GAGAS is adopting a conceptual framework approach to independence determinations • Provides a means for auditors to assess auditor independence in light of the unique circumstances that often apply to these determinations • Approach replaces consideration of independence in terms of the three categories of independence – personal, external, and organizational – included in previous editions of GAGAS • The framework includes definitions of both independence of mind and independence in appearance
Chapter 3 – General Standards: Independence The conceptual framework for independence requires that auditors: • Identify threats to independence • Evaluate the significance of the threats identified • Apply safeguards, when necessary, to eliminate the threats or reduce them to an acceptable level
Considering Independence • New framework will combine rules (prohibitions) with a conceptual framework. • Certain prohibitions will remain • Generally consistent with Rule 101 AICPA • Beyond a prohibition • Apply the conceptual framework
Chapter 3 – General Standards: Independence GAGAS framework will: • Provide consistent results when compared with AICPA and IFAC • Address unique governmental structural issues GAO will retire current Questions andAnswers to Independence Standard Questions guidance
Chapter 3 – General Standards: Independence Threats to independence are circumstances that could impair independence • Usually, a threat to independence does not result in an independence impairment! Safeguards are controls that eliminate or reduce to an acceptable level a threat’s potential to impair independence
Chapter 3 – General Standards: Independence Seven categories of threats: • Self-interest threat • Self-review threat • Bias threat • Familiarity threat • Undue influence threat • Management participation threat • Structural threat
Safeguards • Safeguards created by the profession, legislation, or regulation • Professional or regulatory monitoring and disciplinary procedures • External review by a third party of the reports, communications or other information produced by the auditor • Safeguards in the work environment • Using different management and engagement teams with separate reporting lines for the provision of nonaudit services to and audited entity • Having additional review of the nonaudit service or the audit by staff who was not involved in providing the service/working on the engagement • The audited entity provides appropriate oversight and communication regarding the nonaudit service and the audit engagement
Assess condition or activity for threats to independence NO Threat identified? YES Assess threat for significance NO Is threat significant? Proceed YES Identify and apply appropriate safeguard(s) Assess safeguard effectiveness Is threat eliminated or reduced to an acceptable level? YES Potential independence impairment; do not proceed NO
Independence Framework ExamplePayroll Accruals • Client requests auditor to assist with payroll accruals for financial statements prepared using GASB accounting standards • Threat—self-review threat • Safeguard-Knowledgeable staff at client that is able to review and check reasonableness of numbers based on analytical calculation • Safeguard-Staff assigned are not connected to the audit team
Assess condition or activity for threats to independence Payroll Accruals example NO Threat identified? (self-review threat) YES Assess threat for significance Is threat significant?(material) Proceed NO YES Identify and apply appropriate safeguard(s) (Knowledgeable management) Assess safeguard effectiveness-depends on confidence on managements knowledge YES Is threat eliminated or reduced to an acceptable level? Potential independence impairment; do not proceed NO
Nonaudit Services • Certain Non Audit Services may be permitted. For Yellow Book the auditor should • First, determine if there is a specific prohibition • If not, the auditor should apply the conceptual framework • The auditor should also • Be aware of existing AICPA guidance • General Comment • Non audit service prohibitions in this Exposure Draft are generally consistent with AICPA requirements.
Financial Statements Preparation • May be permissible provided • Audit entity managers charged with overseeing the nonaudit service must possess suitable skill, knowledge, and/or experience to evaluate the adequacy and results of the services performed • This requirement has is consistent with an existing AICPA requirement in ET 101 – 3 “Performance of non attest services” • For CPAs all the requirements of AICPA ET 101 – Independence apply • Otherwise no safeguard could reduce the threat to an acceptable level
Bookkeeping Services • Bookkeeping Services may be performed provided the auditor does not… • Determine or change journal entries, account codings or classifications for transactions, or other accounting records without obtaining client approval • Authorize or approve transactions • Prepare source documents • Make changes to source documents without client approval • The Yellow Book’s position on bookkeeping services is consistent with existing AICPA requirements in ET 101.
Prohibitions within Internal Audit • Certain internal audit services provided by external auditors • Setting internal audit policies or the strategic direction of internal audit activities • Deciding which recommendations resulting from internal audit activities to implement • Taking responsibility for designing, implementing and maintaining internal control
Prohibitions Related to Internal Control Assessments • Internal control monitoring • Auditors are prohibited from providing ongoing monitoring services • Management is responsible for designing, implementing and maintaining internal control. • Auditors may evaluate the effectiveness of controls, but may not design the system of internal controls and then assess its effectiveness
Prohibitions within IT Services • Certain IT services • Design or development of a financial or other IT system that would be subject to or part of an audit • Services that entail making other than insignificant modifications to the source code underlying such a system • Operating or supervising the operation of such a system
Prohibitions within Valuation Services • Certain valuation services • If the valuation services would have a material effect, separately, or in the aggregate, on the financial statements or other information that is the subject of an audit, and the valuation involves a significant degree of subjectivity
Nonaudit Services Audit Period • Technical Requirement • The impairment to independence resulting to the provision of nonaudit services applies during • the period of the audit, • the professional engagement, and • one audit cycle performed by another audit organization after the nonaudit service completion date provide a safeguard • Other Potential Impact • Independence for subsequent periods of audit and professional engagement • Independence for reporting material weaknesses and significant deficiencies resulting from the nonaudit service
Chapter 3 – General Standards: Professional Judgment Emphasized that auditors use professional judgment in applying the conceptual framework for independence
Non Audit Services AICPA Perspective • Lisa Snyder will • Provide her perspective on the Yellow Book exposure draft in light of the AICPA’s independence rules. • Discuss a comparison of the GAO proposal and AICPA rules. • Please refer to the handout provided with this presentation.
Non Audit Services Practitioner Perspective • Documentation requirements • Not documented = not performed • Documentation required for non performance of presumptively mandatory requirements. • Assessment of risks and safeguards required when an independence threat is determined. • Peer reviewer’s will be looking for documentation of independence threat assessments
Non Audit Services Practitioner Perspective • Independence • If not specifically prohibited, apply conceptual framework • Non audit services • Generally similar to 101-3 • Evaluate self-review threat where auditor is • Preparing workpapers • Proposing entries • Preparing financial statements
Non Audit Services Practitioner Perspective • Independence • Non audit services Con’t • Define safeguards (examples, not inclusive) • Performance by staff not on audit team • Review by staff not on audit team • Review by client personnel competent to evaluate services rendered • Outsourced review • Prohibited activity – taking on management responsibilities. • Prohibited under 101-3 as well • Assess management competency to accept responsibility • If management can’t or won’t take responsibility – auditor is not independent.
Non Audit Services Practitioner Perspective • Independence • Non audit services Con’t • Bookkeeping services • need client approval • Documentation • Note safeguard of “cleansing audit”
Chapter 3 – General Standards: Competence Continuing professional education: The distinction between internal and external specialists was highlighted • External specialists should be qualified and maintain professional competence, but are not required to meet GAGAS CPE requirements • Internal specialists performing GAGAS work should comply with CPE requirements. Training in areas of specialization counts towards the required 24 hours of CPE that relate to their area of expertise or government auditing
Chapter 3 – General Standards: Continuing Professional Education (CPE) • 2007 Revision of GAGAS incorporated the revised CPE requirements that were issued in April 2005 (GAO-05-568G) • No revision to overall requirements • 24 hours of CPE every 2 years directly related to GAGAS engagements • Additional 56 hours of CPE, involved in planning, directing, or reporting on GAGAS assignments or charge 20 percent or more of time annually to GAGAS assignments • 20 hours of CPE each year
Chapter 3 – General Standards: Quality Control and Assurance Harmonize Quality Control with AICPA standards • Communicate deficiencies noted during the monitoring process • Make recommendations for appropriate remedial action