1 / 19

Construction Audit Issues Update

Construction Audit Issues Update. AGC Financial Issues Forum January 9, 2014 Presented By: Tim Wilson. Agenda. AICPA Audit Risk Alert Accounting and Auditing issues Auditor Risk Assessment Approach Enterprise Risk Management IT Risk Governance. AICPA Audit Risk Alert.

venice
Download Presentation

Construction Audit Issues Update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Construction Audit Issues Update AGC Financial Issues Forum January 9, 2014 Presented By: Tim Wilson

  2. Agenda • AICPA Audit Risk Alert • Accounting and Auditing issues • Auditor Risk Assessment Approach • Enterprise Risk Management • IT Risk • Governance

  3. AICPA Audit Risk Alert • AICPA publishes annually • Focus is to help auditors better understand business, economic and regulatory environment • Understanding audit risk is the key • Combines Real Estate and Construction

  4. Real Estate Market Conditions • Keep an eye on residential • Commercial Strength – Q3 of 2013 • Industrial availability – 11.7%, 130bps under 2012 • Retail availability – 12.2%, 70bps under 2012 • Apartment vacancy – steady at 4.6% • Office vacancy – 15.1%, 50bps under 2012 • Hotels – 35.8% growth in rooms under construction

  5. Construction Market Conditions • Total construction starts up 6% over 2012 • Residential up 25% • Non-residential building up 8% • Non-building down 15% • Excluding electric utility category total is up 14%

  6. Economic and Industry Risks • Debt modifications • Debt covenants • Decreased margins • Subcontractor concerns • Warranty claims and change orders

  7. Accounting Developments • AICPA FRF for SME’s • FASB/PCC for nonpublic companies • ASU 2013-02 – Reclasses of AOCI • Public – 12/15/12, Nonpublic – 12/15/13 • ASU 2013-03 – Disclosures related to fair value for nonpublic companies – effective on issuance • Other narrow subjects

  8. Auditing Developments • Continued push towards risk based auditing • Clarity standards • Larger focus on planning, interim testing, analyzing risk of material misstatement (RMM) • Group audit issues and materiality • Component auditors • Related party transactions

  9. Common Issues in Peer Review Findings • Subsequent event date disclosures and evaluation • Lack of disclosure of open tax years • Documentation on expectations for analytics • Documentation on risk assessment procedures • Engagement letters not updated

  10. Risk Assessment Approach • Looking for RMM in the financials • Control Risk • Usually assessed as high unless testing key controls for operating effectiveness • Inherent Risk • Must understand transactions that flow thru • Any stories from 2012 audits?

  11. Enterprise Risk Management • Boards and audit committees are becoming more involved – governance • Integrated approach for companies to assess risk and controls • More than financial risks • Not just for public companies • Treadway Commission (COSO) – 2004 Report

  12. Enterprise Risk Management • Integrated Approach • Operational • Financial • Strategic • Regulatory • Technology

  13. Components of Enterprise Risk Management • Internal Environment – the tone • Objective Setting – must exist to understand risk • Event Identification – internal and external • Risk Assessment – analyze likelihood and impact • Risk Response – align response with tolerances • Control Activities – policies and procedures

  14. Components of Enterprise Risk Management • Information and Communication – important process to allow flow of information • Monitoring – ERM must be monitored and modified

  15. IT Risk • Anybody seen the headlines lately? • Do you know where your risks are? • More mobile technology in construction • Remote job sites • Vendor/subcontractor connectivity

  16. IT Risk • Should review IT risk in all areas • Identity theft • Physical security • Logical security • Business continuity planning • Information security • Vendor management • Internet security

  17. Social Engineering • Obtaining confidential information thru user manipulation • Simulated pretext phone calls • Spoofing • Phishing • Physical access attempts • Malware • Counterfeit websites for security testing

  18. IT Risks • Network scanning • Beginning step for full penetration testing • Vulnerability Scanning • Network hosts, services, operating system, applications • Penetration Testing • Combination of network and vulnerability scanning – the true hacking approach

  19. Governance • Auditors are much more focused on the “Tone at the Top” • Active board and audit committees are good!! • Closely aligned with ERM • Open discussion on best practices

More Related