Sunday, August 15, 2010

Risk Assessment Procedures and Related Activities

ISA 315, Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment, para. 5 to 10 prescribes the audit risk assessment procedures and related activities.

The auditor shall perform risk assessment procedures to provide a basis for the identification and assessment of risks of material misstatement at the financial statement and assertion levels. Risk assessment procedures by themselves, however, do not provide sufficient appropriate audit evidence on which to base the audit opinion.

The risk assessment procedures shall include the following :

(a)  Inquiries of management, and of others within the entity who in the auditor's judgment may have information that is likely to assist in identifying risks of material misstatement due to fraud or error. Much of the information obtained by the auditor's inquiries is obtained from management and those responsible for financial reporting. However, the auditor may also obtain information, or a different perspective in identifying risks of material misstatement, through inquiries of others within the entity and other employees with different levels of authority.

(b)  Analytical procedures; the analytical procedures performed as risk assessment procedures may identify aspects of the entity of which the auditor was unaware and may assist in assessing the risk of material misstatement in order to provide a basis for designing and implementing responses to the assessed risks. Analytical procedures performed as risk assessment procedures may include both financial and non-financial information, for example, the relationship between sales and square footage of selling space or volume of goods sold.

(c)  Observation and inspection; the observation and inspection procedures may support inquiries of management and others, and may also provide information about the entity and its environment. Examples of such audit procedures include observation or inspection of the following : (i) the entity's operations, (ii) documents (such as business plans and strategies), records, and internal control manuals, (iii) reports prepared by management (such as quarterly management reports and interim financial statements) and those charged with governance (such as minutes of board of directors' meetings), (iv) the entity's premises and plant facilities.

The auditor shall consider whether information obtained from the auditor's client acceptance or continuance process is relevant to identifying risks of material misstatement.

If the engagement partner has performed other engagements for the entity, the engagement partner shall consider whether information obtained is relevant to identifying risks of material misstatement.

Where the auditor intends to use information obtained from the auditor's previous experience with the entity and from audit procedures performed in previous audits, the auditor shall determine whether changes have occurred since the previous audit that may affect its relevance to the current audit. This is because changes in the control environment, for example, may affect the relevance of information obtained in the prior year. To determine whether changes have occurred that may affect the relevance of such information, the auditor may make inquiries and perform other appropriate audit procedures, such as walk-through of relevant systems.

The auditor's previous experience with the entity and audit procedures performed in previous audits may provide the auditor with information about such matters as : (i) past misstatements and whether they were corrected on a timely basis, (ii) the nature of the entity and its environment, and the entity's internal control (including deficiencies in internal control), (iii) significant changes that the entity or its operations may have undergone since the prior financial period, which may assist the auditor in gaining a sufficient understanding of the entity to identify and assess risks of material misstatement.

Further, the standard states that the engagement partner and other key engagement team members shall discuss the susceptibility of the entity's financial statements to material misstatement, and the application of the applicable financial reporting framework to the entity's facts and circumstances. The engagement partner shall determine which matters are to be communicated to engagement team members not involved in the discussion (Hrd) ***

Friday, August 13, 2010

The U.S. 2010 Top 100 Accounting Firms

The INSIDE Public Accounting (IPA) through its August 2010, Vol. 24, Number 8 publication released the list of "The 2010 Top 100 Firms - The Largest Accounting Firms in the U.S."

INSIDE Public Accounting is an independent newsletter for reporting and analyzing news, trends, strategies and politics, published monthly by The Platt Consulting Group. Read more : http://insidepublicaccounting.com/

Here is a little quotation from the publication :

The headline this year focuses on the ability of the IPA Top 100 to move, pivot, change and adapt. Throughout the country, strategic discussions took place among owners to figure out how to react to the challenging economy and how to best position their firms to success once a recovery begins. "TIGHTEN THE BELT!" was the battle cry for most. But beyond that, strategies were as varied as the firms that pursued them.

In the list of the 2010 Top 100 Firms, which was ranked based on the U.S Net Revenue, Deloitte LLP & Subsidiaries of New York seated at the top, ranked #1 with the total revenue of $10,938,000,000. Following, in the 2nd place was Ernst & Young LLP of New York with total revenue of $7,620,000,000. While PricewaterhouseCoopers LLP of New York ranked in the 3rd place with total revenue of $7,369,000,000.

KPMG LLP of New York, RSM McGladrey Inc. and McGladrey & Pullen LLP of Minneapolis and Grant Thornton LLP of Chicago took the 4th, 5th and 6th places respectively.

The ranked of #1 until #12 remain unchanged from that of in 2009. Read further the publication : INSIDE Public Accounting - The 2010 Top 100 Firms

Tuesday, August 3, 2010

Audit Documentation Requirement

Auditors support the conclusions in their reports with the audit documentation, also referred to as working papers or work papers. Audit documentation also facilitates the planning, performance, and supervision of the engagement and provides the basis for the review of the quality of the work by providing the reviewer with written documentation of the evidence supporting the auditor’s significant conclusions.

The auditor shall prepare audit documentation on a timely basis, which must be sufficient to enable an experienced auditor (an individual who has practical audit experience, and a reasonable understanding of (i) audit processes, (ii) ISAs and applicable legal and regulatory requirements. (iii) the business environment in which the entity operates, and (iv) auditing and financial reporting issues relevant to the entity’s industry), having no previous connection with the audit, to understand :

(a) the nature, timing and extent of the audit procedures performed to comply with the ISAs and applicable legal and regulatory requirements;

(b) the results of the audit procedures performed, and the audit evidence obtained; and

(c) significant matters arising during the audit, the conclusions reached thereon, and significant professional judgments made in reaching those conclusions.

In documenting the nature, timing and extent of audit procedures performed, the auditor shall record :

(a) the identifying characteristics of the specific items or maters tested;

(b) who performed the audit work and the date such work was completed; and

(c) who reviewed the audit work performed and the date and extent of such review.

ISA 230 Audit Documentation, para. 14-16 regulates the assembly of the final audit file. The auditor shall assemble the audit documentation in the audit file and complete the administrative process of assembling the final audit file on a timely basis after the date of the auditor’s report. After the assembly of the final audit file has been completed, the auditor shall not delete or discard audit documentation of any nature before the end of its retention period.

Audit documentation may be recorded on paper or on electronic or other media. Examples of audit documentation include audit programs, analyses, issues memoranda, summaries of significant matters, letters of confirmation and representation, checklist and also correspondence (including e-mail) concerning significant matters.

International Standard on Quality Control (ISQC) 1 requires firms to establish policies and procedures for the timely completion of the assembly of audit files. An appropriate time limit within which to complete the assembly of the final audit file is ordinarily not more than 60 days after the date of the auditor’s report.

The completion of the assembly of the final audit file after the date of the auditor’s report is an administrative process that does not involve the performance of new audit procedures or the drawing of new conclusions. Changes may, however, be made to the audit documentation during the final assembly process if they are administrative in nature. Example of such changes include :

  • Deleting or discarding superseded documentation
  • Sorting, collating and cross-referencing working papers
  • Signing off on completion checklist relating to the file assembly process
  • Documenting audit evidence that the auditor has obtained, discussed and agreed with the relevant members of the engagement team before the date of the auditor’s report.

ISQC 1 also requires firms to establish policies and procedures for the retention of engagement documentation. The retention period for audit engagements ordinarily is no shorter than 5 (five) years from the date of the auditor’s report, or, if later, the date of the group auditor’s report.

While PCAOB in its Auditing Standard No. 3 Audit Documentation requires the auditor to retain audit documentation for seven years from the date the auditor grants permission to use the auditor’s report in connection with the issuance of the company’s financial statements (report release date), unless a longer period of time is required by law. If a report is not issued in connection with an engagement, then the audit documentation must be retained for seven years from the date that fieldwork was substantially completed. If the auditor was unable to complete the engagement, then the audit documentation must be retained for seven years from the date the engagement ceased. Read further

The skill of an accountant can always be ascertained by an inspection of his working papers.” – Robert H. Montgomery, Montgomery’s Auditing, 1912

Monday, August 2, 2010

IAASB proposed enhanced standard on using the work of Internal Auditors, revised to ISA 315 and ISA 610

On July 15, 2010, IAASB issued an Exposure Draft (ED) for the proposed revision of ISA 610, Using the Work of Internal Auditors. The standard is being revised in recognition of developments in the internal auditing environment as well as the evolving relationship between internal and external auditors. As a result of the revision of ISA 610, changes are also being proposed to ISA 315, Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment.

The IAASB's objective in revising ISA 315 and ISA 610 is to enhance the performance of external auditors by, (a) enabling them to better consider and leverage, as appropriate, the knowledge and findings of an entity's internal audit function in making risk assessments in the external audit, and (b) strengthening the framework for the evaluation and, where appropriate, use the work of internal auditors in obtaining audit evidence. The IAASB believes that the proposed revision will enhance the quality of audits internationally.

In determining whether the work of the Internal Audit function can be used, the IAASB proposes that the external auditor's initial assessment should be based on an evaluation of the internal audit function's degree of objectivity (as supported by its organization status, and relevant policies and procedures), level of competence and application of a systematic and disciplined approach, including quality control. The related requirements and guidance on factors to consider in making this evaluation have been updated to reflect developments in internal audit practice.

In some jurisdictions, internal auditors provide direct assistance to the external auditor through performance of audit procedures on the audit engagement under the direction, supervision, and review of the external auditor. Extant ISA 610 states explicitly that it does not deal with such instances. There is ambiguity about whether the fact that ISA 610 does not deal with direct assistance meant that the IAASB does not support its use, or whether it was simply not addressed in the scope of the ISA. However, national auditing standards of a number of jurisdictions allow for direct assistance, and it is common practice in many; while in others, it is not allowed. The IAASB concluded that continued ambiguity about its intent is not in the public's interest.

The IAASB believes, that, the proposed requirements will :

(a)  provide a framework for determining the nature and extent of the work of the internal audit function that can justifiably the used in the external audit; and

(b)  set out clear boundaries to guard against use of the work of the internal audit function in circumstances in which it would be inappropriate.

Comments for this ED are requested by November 15, 2010. Respondents are asked to submit their comments electronically through the IAASB website (www.iaasb.org), using the "Submit a Comment" link on the Exposure Draft and Consultation Papers page.

Comments can also be faxed to the attention of the IAASB Technical Director at +1 (212) 856-9420, or mailed to : Technical Director - International Auditing and Assurance Standards Board, 545 Fifth Avenue, 14th Floor, New York, New York 10017 USA.

Copies of the exposure draft may be downloaded free of charge from the IAASB website at www.iaasb.org, or just follow the download link in here : Proposed ISA 315 (Revised), Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment, and ISA 610 (Revised), Using the Work of Internal Auditors