Chapter 2 CORPORATE GOVERNANCE - ENHANCING THE AUDIT FUNCTION
Chapter 2
CORPORATE GOVERNANCE - ENHANCING THE AUDIT
FUNCTION
Define Corporate Governance
"a process by which the owners and creditors of an organization exert control and require accountability for the resources entrusted to the organization. The owners (stockholders) elect a board of directors to provide oversight of the organization's activities"
List primary parties involved in corporate governance
StockholdersBoards of DirectorsAudit Committees of the BoardManagementSelf-Regulatory Accounting Organizations
(e.g. AICPA, FASB)Other Self-Regulatory Organizations (e.g.
NYSE, NASD)Regulatory Agencies (e.g. SEC)External AuditorsInternal Auditors
What are SEC concerns regarding the auditing profession?
Auditors were no longer willing to confront clients over questionable accounting practices
Consulting fees were impairing auditor independence
Accountants were using technical interpretations of GAAP to push the limits of accounting
What are the Public Oversight Board (POB) concerns?
Analytical procedures used inappropriately to replace direct tests of account balances
Audit firms not thoroughly evaluating internal control and applying substantive procedures to address weaknesses in control
Audit documentation, especially related to audit planning, did not meet professional standards
Auditors ignored warning signs of fraud and other problems
Auditors were not providing sufficient warning about companies that might not continue as 'going concerns'
The Sarbanes/Oxley Act of 2002 was passed by Congress in response to
massive accounting scandals.Significant provisions include: Establishes the Public Companies Accounting
Oversight Board (PCAOB) with broad authority, including the power to set auditing standards for audits of publicly traded companies
Requires the CEO and CFO certify the financial statements
Requires companies to provide a comprehensive report on internal controls over financial reporting and that auditors report on internal controls
Audit Committees given expanded powers as the 'audit client' and must pre-approve any non-audit services by its external auditors
Audit Committees must report their activities to the public
The Sarbanes/Oxley Act of 2002 Continued
Audit Committees must have at least one person who is a financial expert. Other members must be knowledgeable in financial accounting and control
Audit engagement partners, as well as other partners and managers with significant roles in the audit, must be rotated off the engagement every five years
A "cooling off" period before an audit partner or manager can take a high-level position with an audit client without jeopardizing the independence of the public accounting firm
Increased disclosure of "off-balance sheet" transactions or agreements that may have a material effect Requires the GAO to study a number of issues including the effect of consolidation on competition with the accounting profession, and an analysis of mandatory audit firm rotation
Sarbanes/Oxley granted the PCAOB broad authority including the power to Set auditing standards - the PCAOB has chosen to
set auditing standards Set financial accounting standards - the PCAOB has
chosen to let the FASB continue to set accounting standards
Set standards for the reports on internal control and risk management
Perform quality reviews of public accounting firms and recommend penalties if the firms fail to perform
Establish quality control standards for the audits of public companies
Require all public accounting firms that audit public companies to register with the PCAOB and become licensed to perform such audits
What are auditor independence provisions?
Prohibits audit firms from performing consulting work for their audit clients (in most cases)
Makes the Audit Committee the auditor's client
Requires the Audit Committee to pre-approve any non-audit services by the audit firm
Requires partner rotation on all public company audits every five years
Discuss Corporate Responsibility for Financial Reports
Sarbanes/Oxley Act requires the CEO and CFO to certify the accuracy of the financial statements and provides criminal penalties for misrepresentation
The Act also-- Requires management to describe whether
they have implemented a Corporate Code of Conduct
Requires management to report on the effectiveness of internal control over financial reporting
What is the enhanced role of audit committees under Sarbanes?
Is designated as the audit clientHas oversight responsibilities over the
internal audit and financial reporting processes
Must be comprised of "outside" directors, i.e. not members of management or have other relationships with the organization
Must report on its activities, including the results of significant discussions with the external auditor
Audit committee responsibilities include
Be appraised of all significant accounting decisions made by management
Be appraised of all significant changes in accounting systems and system controls
Have authority to hire and fire the external auditor Review the audit plan and discuss audit results with
the auditor Have authority to hire and fire the head of the
internal audit function and set the budget for the internal audit function
Review the audit plan and discuss all significant results
Receive all regulatory audit reports and meet with regulatory auditors to discuss findings
What are the required communications to the audit
committee?Auditing standards (SAS 61) require specific
communications between the audit committee and the external auditor:
Auditor's responsibility under Generally Accepted Auditing Standards
Significant Accounting PoliciesManagement Judgments and Accounting
EstimatesSignificant Audit AdjustmentsOther Information in Annual ReportsDisagreements with Management
Comment on Generally Accepted Auditing Standards
General Standards provide guidance in hiring and training of auditors
Fieldwork Standards help auditors plan and perform the audit
Reporting Standards help ensure clear communication between auditor and statement users
General Standards
The examination is to be performed by a person or persons having adequate technical training and proficiency as an auditor
In all matters relating to the assignment, the auditor must maintain an independent mental attitude
Due professional care is to be exercised in the performance of the examination and preparation of the report
Fieldwork Standards
The work shall be adequately planned and assistants, if any, properly supervised
A sufficient understanding of the entity and its environment, including its internal control, is to be obtained to assess the risk of material misstatement of the financial statements whether due to error or fraud, and to design the nature, timing, and extent of further audit procedures
Sufficient competent audit evidence is to be obtained through audit procedures performed to provide a reasonable basis for an opinion regarding the financial statements under examination
Reporting Standards
The audit report shall state whether statements are fairly presented in accordance with Generally Accepted Accounting Principles
The audit report shall identify those circumstances in which accounting principles have not been applied on a consistent basis with the preceding period
Informative disclosures in the financial statements are to be regarded as reasonably adequate unless otherwise stated in the audit report
The audit report shall contain either expression of opinion regarding the financial statements, taken as a whole, or an assertion that an opinion cannot be expressed. When an opinion cannot be expressed, the reasons should be stated. In all cases where an auditor's name is associated with financial statements, the report should contain a clear-cut indication of the character of the auditor's examination, if any, and the degree of responsibility the auditor is taking
Reporting Standards
Attestation Standards
Financial statement audits are only a small part of the demand for assurance services.
Attestation standards have been developed to ensure quality for a broader array of services beyond financial statement audits.
Such services include attesting to financial forecasts and projections, pro forma financial information, internal controls, compliance with contracts or regulatory requirements, and agreed-upon procedures
Similar to GAAS with the exception ofAssertions are specific to the area on which
the attestation is being performedPractitioner must have adequate knowledge
in subject matter of the assertionPractitioner shall perform engagement only if
the assertion is capable of evaluation against an established reasonable criteria and reasonable consistent estimation or measurement
The report provides assurance related to the specific assertion
Attestation Standards
Summary of Audit Standard Settings and Authority
Audit Standard Setter Scope and Basis of AuthorityPublic Company Authority Base: U.S. Congress: Expressed in the Accounting StandardsSarbanes-Oxley Act of 2002Board (PCAOB)
Scope: Sets audit standards for the audits of all public companies that are registered with the SEC
American Institute Authority Base: Historical, as self-regulatoryof CPAs (AICPA) organization that had earned the public's trust
Scope:Auditing standards for the audits of small non-public companies
Attestation standards for areas other than public company reports on internal control
Assurance services that are less in scope than an audit such as reviews and compilations
General Accounting Authority Base: Congressional lawsOffice (GAO) establishing the GAO as audit arm of the
Congress and delegating to them the authority
to set standards for audits of governmental entities
Scope: Sets audit standards for the auditsof all governmental entities in the U.S.
International Audit Authority Base: As agreed upon by countriesStandards Committee who agree to abide by their standards(IASC)
Scope: Standards for financial statementaudits across most of Europe and manydeveloping countries
Summary of Audit Standard Settings and Authority
International Audit Authority Base: Developed by the Institute
Standards Board of Internal Auditors as a self-regulatory
organization
Scope: Standards for the practice of internal auditing around the world
Summary of Audit Standard Settings and Authority
Overview of Audit Process: A Standards-Based Approach(1)
Planning the AuditUnderstanding with the Audit ClientScope of services to be provided Management responsibilitiesCoordination of work with client personnelAudit fees and expectations of each partyDevelop an Understanding of Materiality
Audit must be planned to provide reasonable assurance that material
misstatements will be detected
Overview of Audit Process: A Standards-Based Approach(2)
Develop a Preliminary Audit ProgramDevelop understanding of client business and
industryDevelop understanding of risks client faces and
how they might affectthe company's financial statements
Develop understanding of management compensation plans and how those plans may motivate management actions
Develop preliminary understanding of client's internal controls overfinancial reporting
Develop audit program on audit risk, internal control quality,accounting assertions, and materiality
Develop understanding of client's accounting policies and procedures
Anticipate financial statement items likely to require adjustment
Identify factors that might require modification of audit tests
Determine the type of reports to be issued
Overview of Audit Process: A Standards-Based Approach(3)
Overview of Audit Process: A Standards-Based Approach(4)
Gathering Audit Evidence: Testing AssertionsThird Standard of Fieldwork requires auditor to
gather "sufficient, competent, evidential matter" in order to reach a conclusion on the fairness of the financial statements
Audit Process is Designed to Examine AssertionsThe assertions inherent in the accounting
communication: existence,completeness, rights and obligations,
valuation, and disclosure/presentation
Overview of Audit Process: A Standards-Based Approach(5)
Summarize Audit Evidence and Reach Audit Conclusion If the evidence supports fair presentation, auditor can move
on to other areas of investigation
If the evidence does not support fair presentation, auditor will gather
additional evidence. This will lead auditor to one of three states: Auditor reaches a conclusion and the client agrees to
adjust the financial statements
Auditor reaches a conclusion, but the client disagrees. The auditorwill issue a report describing the differences in opinion
Auditor is unable to reach a conclusion and the amounts are so material, the auditor cannot render an opinion
Overview of Audit Process: A Standards-Based Approach(6)
Reach an Audit Conclusion and Issue a Report
For most engagements, the auditor will reach a conclusion that the financial statements are fairly stated and will issue an unqualified audit report
Before issuing the report, the auditor will meet with the audit committee to discuss the audit process and the overall fairness of the company's financial statements