0
0
This Audit Risk Alert is intended to provide auditors of financial statements with an understanding of the requirements and guidance contained in Statement on Auditing Standards No. 115, Communicating Internal Control Related Matters in an Audit. This alert is an important tool in helping you identify the differences between SAS No. 112 and SAS No. 115. Moreover, this alert delivers information about emerging practice issues and contains updated case studies to further illustrate the principles contained in SAS No. 115.
This publication is an other auditing publication as defined in AU section 150. Other auditing publications have no authoritative status; however, they may help the auditor understand and apply the Statements on Auditing Standards. The auditing guidance in this document has been reviewed by the AICPA Audit and Attest Standards staff and published by the AICPA and is presumed to be appropriate. This document has not been approved, disapproved, or otherwise acted on by a senior technical committee of the AICPA.
022539
Introduction
.01 In October 2008, the AICPA Auditing Standards Board (ASB) issued Statement on Auditing Standards (SAS) No. 115, Communicating Internal Control Related Matters Identified in an Audit (AICPA, Professional Standards, vol. 1, AU sec. 325). SAS No. 115 amends SAS No. 112 and further clarifies standards and provides guidance on communicating matters related to an entity's internal control over financial reporting (internal control) identified in an audit of financial statements.
.02 The new SAS is applicable whenever an auditor expresses an opinion on financial statements (including a disclaimer of opinion) except when the auditor is performing an integrated audit and will be expressing an opinion on the effectiveness of internal control over financial reporting under AT section 501, Reporting on an Entity's Internal Control Over Financial Reporting (AICPA, Professional Standards, vol. 1). This new standard is effective for audits of financial statements for periods ending on or after December 15, 2009. This Audit Risk Alert provides an overview of the requirements of SAS No. 115 as well as case studies that illustrate how deficiencies in internal control may be evaluated for severity.
Why SAS No. 115 Was Issued
.03 The Sarbanes-Oxley Act of 2002 and the issuance of Public Company Accounting Oversight Board (PCAOB) Auditing Standard No. 2, An Audit of Internal Control Over Financial Reporting Performed in Conjunction With an Audit of Financial Statements, which has since been superseded by PCAOB Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting That Is Integrated with AnAudit of Financial Statements (AICPA, PCAOB Standards and Related Rules, Rules of the Board, "Standards"), created considerable interest in management's responsibility for internal control and the auditor's responsibility for bringing certain internal control related matters to management's attention in an audit of financial statements. This renewed interest in an auditor's responsibility to report internal control deficiencies identified in an audit in conjunction with the goal of the ASB to converge definitions with Auditing Standard No. 2 led the ASB to issue SAS No. 112. By issuing SAS No. 115, the ASB revised SAS No. 112 maintain the uniformity of the definitions of the various kinds of deficiencies in internal control and the related guidance for evaluating such deficiencies with the definitions and guidance in Auditing Standard No. 5.
022539
Customer Service
Customer Service
Customer Service
Back to Browsing Products