Small Business Audit, Compilation and Review Update

• Chapter 1 - Auditing in a Changing Environment
  • Learning Objectives
  • Introduction
  • Considering Economic Conditions to Lower Audit Engagement Risk
    • Current Economic Factors
    • PCAOB Staff Audit Practice Alert
  • The Changing Auditing Environment
    • Return to Core Values on Every Engagement
    • Lessons from Recent Events
  • Assessing the Risk of Fraud in a Financial Statement Audit
    • Auditor Responsibility for Fraud Detection
    • Three Conditions of Fraud
  • U.S. Treasury Department’s Focus on the Auditing Profession
  • Understanding the Implications of Sarbanes-Oxley
    • Public Company Accounting Oversight Board
    • Registering with the PCAOB
    • Defining “The Client”
    • Implications for Auditor Independence
    • Implications for the Public Company
    • Implications for Auditors of Non-Public Companies
    • Focus of AICPA Auditing Standards Board
  • Summary
  • Questions
• Chapter 2 - Auditing Standards Board Risk Assessment Standards
  • Learning Objectives
  • Introduction
  • The Risk Assessment Standards
  • Overview of the Collective Effect of the Risk Assessment Standards
    • Applying the Risk Assessment SASs – An Overview
    • SAS No. 104, Amendment to SAS No. 1, Codification of Auditing Standards and Procedures (“Due Professional Care in the Performance of Work”)
    • SAS No. 105, Amendment to SAS No. 95, Generally Accepted Auditing Standards
    • SAS No. 106, Audit Evidence
    • SAS No. 107, Audit Risk and Materiality in Conducting an Audit
    • SAS No. 108, Planning and Supervision
    • SAS No. 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement
    • SAS No. 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained
    • SAS No. 111, Amendment to SAS No. 39, Audit Sampling
  • Technical Practice Aids Related to the Risk Assessment SASs
    • TIS 8200.05 – Testing the Operating Effectiveness of Internal Controls
    • TIS 8100.06 – The Meaning of Expectation of the Operating Effectiveness of Controls
    • TIS 8100.07 – Considering a Substantive Audit Strategy
    • TIS 8200.08 – Obtaining an Understanding of the Control Environment
    • TIS 8200.09 – Assessing Inherent Risk
    • TIS 8200.10 – Defaulting to Maximum Control Risk
    • TIS 8200.11– Ineffective Controls
    • TIS 8200.12 – Use of Walkthroughs
    • TIS 8200.13 – Documenting Internal Control
    • TIS 8200.14 – Suggesting Improvements in Internal Control
    • TIS 8200.15 – Identifying Significant Deficiencies
    • TIS 8200.16 – Examining Journal Entries
  • PCAOB Proposes New Standards Related to the Auditor’s Assessment of Risk
  • Summary
  • Questions
• Chapter 3 - New Standards Issued by the AICPA’s Auditing Standards Board
  • Learning Objectives
  • Introduction
  • Newly Issued Statements on Auditing Standards
    • SAS No. 114, The Auditor’s Communication With Those Charged With Governance
    • SAS No. 115, Communicating Internal Control Related Matters Identified in an Audit
    • SAS No. 116, Interim Financial Information
  • Recently Issued Auditing Interpretations
    • Interpretation No. 1: Use of Electronic Confirmations – AU §9330
    • Interpretation No. 14: Reporting on Audits Conducted in Accordance With Auditing Standards Generally Accepted in the United States of America and in Accordance With International Standards on Auditing – AU §9508
    • Interpretation No. 19: Financial Statements Prepared in Conformity With International Financial Reporting Standards as Issued by the International Accounting Standards Board – AU §9508
    • Interpretation No. 2: Financial Statements Prepared in Conformity With International Financial Reporting Standards as Issued by the International Accounting Standards Board – AU §9534
    • Interpretation No. 3: Financial Statements Audited in Accordance With International Standards on Auditing – AU §9534
    • Recently Issued Practice Alerts
      • Practice Alert 07-01 – Dating the Auditor’s Report and Related Practical Guidance
  • Recently Issued Technical Practice Aids
    • TIS 8100.01 – Determining the Effective Date of a New Statement on Auditing Standards for Audits of a Single Financial Statement
    • TIS 8100.02 – Determining the Effective Date of a New Statement on Auditing Standards for Audits of Interim Periods
    • TIS 8350.01 – Audit Evidence: Audit Documentation
    • TIS 9100.06 – Signing and Dating Reports
    • TIS 9120.08 – Reliance on Others
    • TIS 1900.01 – Interim Financial Information
  • Recently Issued Guidance for Attestation Engagements
    • SSAE No. 15, An Examination of an Entity’s Internal Control Over Financial Reporting That is Integrated with an Audit of Its Financial Statements
    • Interpretation No. 7 – Reporting on the Design of Internal Control
  • Statement on Quality Control Standard
    • SQCS No. 7, A Firm’s System of Quality Control
    • Practice Aid on Establishing and Maintaining a System of Quality Control
  • Summary
  • Questions
• Chapter 4 - On the Horizon: Issues for Audits of Nonissuer Entities
  • Learning Objectives
  • Introduction
  • The ASB’s International Convergence Plan
    • The ASB Plan
  • The ASB’s Clarity Project
    • Background
    • Establishing Objectives of Standards
    • Improving Readability and Understandability
    • Clarity Drafting Conventions
    • Redrafting Existing Standards
    • Proposed, Redrafted, and Revised
  • Recently Issued Redrafted Standards
  • Current Clarity Project Exposure Drafts
    • Audit Sampling (Proposed Redraft of SAS No. 39)
    • Initial Audit Engagements, Including Reaudits–Opening Balances (Proposed Redraft of SAS No. 84)
    • Risk Assessment SASs (Proposed Redrafting of SAS Nos. 106-110)
    • Consideration of Fraud in a Financial Statement Audit (Proposed Redrafting of SAS No. 99)
    • Required Supplemental and Other Information (Proposed Redrafting of SAS Nos. 8, 29, and 52)
    • Service Organizations (Proposed Redrafting of SAS No. 70)
    • Overall Objectives of Audit (Proposed Redrafting of Preface to Codification and SAS No. 1)
    • Illegal Acts (Proposed Redrafting of SAS No. 54)
  • Overview of Existing Auditing Standards Board Projects
    • Exposure Draft – Amendments to SAS No. 69, The Meaning of Present Fairly in Conformity with Generally Accepted Accounting Principles, for Nongovernmental Entities
    • Exposure Draft – Compliance Audits
  • ASB Task Force Projects
    • Task Forces of the ASB
  • Other Activities of the Auditing Standards Board
    • Auditing Standards Committee of the American Accounting Association (AAA)
    • International Auditing and Assurance Standards Board (IAASB)
    • Professional Issues Task Force (PITF)
    • XBRL Assurance Task Force
  • Summary
  • Questions
• Chapter 5 - Other Issues Affecting Auditors
  • Learning Objectives
  • Introduction
  • Recent GAO Guidance
    • Overview of Major Revisions
    • Interim Guidance on Reporting on Deficiencies in Internal Control for GAGAS Financial Audits and Attestation Engagements
    • Guidance on Complying with GAGAS Reporting Requirements for the Report on Internal Control for Audits of Certain Entities Subject to Sarbanes-Oxley and GAGAS Requirements
  • COSO’s Guidance on Internal Control for Smaller Public Companies
    • Smaller Public Companies
    • Internal Control Challenges for Smaller Businesses
    • Strengthening Internal Control for Smaller Businesses
    • Key Messages about Implementing Effective Internal Control
    • Organization of Guidance
  • COSO’s New Guidance about the Monitoring Component of Internal Control
    • Key Monitoring Concepts
    • Primary Elements of Monitoring
    • Communication of Monitoring
    • Three-Volume Set Available
  • COSO’s Enterprise Risk Management – Integrated Framework
    • What Is Enterprise Risk Management?
    • Overview of COSO’s Enterprise Risk Management Framework
  • Professional Ethics Activities
    • Code of Conduct Revisions
    • New Ethics Interpretations
    • Interpretation 501-8 – Failure to Follow Requirements of Governmental Bodies, Commissions, or Other Regulatory Agencies on Indemnification and Limitation of Liability Provisions in Connection With Audit and Other Attest Services
    • Guide for Complying with Rules 102–505
    • Proposed Interpretation 101-17, Networks and Network Firms, and Proposed Revisions to ET 92
  • Center for Audit Quality
  • AICPA Audit Committee Effectiveness Center
    • Dealing with Management Override
  • AICPA Employee Benefit Plan Audit Quality Center
  • AICPA Governmental Audit Quality Center
  • Summary
  • Questions
• Chapter 6 - Latest Developments
• Value Aid AICPA’s Audit Risk Alert

734521

Chapter 1 - Auditing in a Changing Environment

Learning Objectives

Upon completing this chapter, you should be able to

• Identify lessons for auditors from recent accounting scandals.
• Describe auditor responsibility for fraud and the three conditions of fraud.
• Understand key economic trends affecting U.S. businesses in 2008.
• Summarize the focus of the U.S. Treasury Department's Advisory Committee on the Auditing Profession.
• Describe key provisions of the Sarbanes-Oxley Act of 2002 and recent SEC rules.
• Describe the key responsibilities of the Public Company Accounting Oversight Board (PCAOB).
• Explain implications of the Sarbanes-Oxley legislation to audits of public company financial statements.
• Describe the key components of the Sarbanes-Oxley Act affecting public companies.
• Understand scope of the AICPA's Auditing Standards Board.

Introduction
Publicity surrounding the financial reporting scandals and other corporate events continues to provide a significant focus on the audit process. As a result, numerous changes have been made for CPAs in the conduct of audits of financial statements for their clients. This chapter focuses on some of the key events that are having a drastic impact on the audit environment.

The chapter begins by highlighting lessons for CPAs that are already being gleaned from prior audit failures. It is important for auditors to consider implications arising from financial reporting scandals to ensure that audit quality is strengthened and the public's interest is protected. Several implications for auditors are highlighted as lessons designed to reduce audit failures that CPAs should consider as they plan their 2008 audit engagements.

The chapter also summarizes recent economic events that should be considered as audit planning is performed. Given the current state of the U.S. economy, auditors should be alert for implications recent economic developments may have on a client's financial reporting processes and ability to continue as a going concern.

Finally, this chapter highlights key provisions of the Sarbanes-Oxley Act of 2002. It is important for all auditors, whether they serve public or nonpublic clients, to understand how this legislation is drastically affecting auditors and management of public companies. While the Sarbanes- Oxley provisions directly impact audits of public companies, many believe there is a cascading effect of numerous aspects of this legislation to audits of private, not-for-profit and governmental entities. Thus, it is crucially important for all CPAs to have a general understanding of the impact of the Sarbanes-Oxley legislation.

This chapter provides an initial overview of many initiatives affecting the audits of both public and nonpublic clients.

The Changing Auditing Environment
The Sarbanes-Oxley Act, signed by President Bush in July 2002, introduced sweeping changes affecting auditors, corporate officers, board members, and other corporate advisors. The Securities and Exchange Commission (SEC) has been actively issuing final rules to implement provisions related to the Sarbanes-Oxley legislation with an awareness and close monitoring of the costs of compliance. The profession continues to grapple with the significant impact these regulations have imposed on public companies, their auditors and the continued focus on the profession. In fall 2007, U.S. Treasury Secretary Henry Paulson formed an advisory panel to study and make recommendations on the future of the auditing profession in relation to the capital markets. The focus of this committee, which is described more fully in this chapter, is to develop recommendations as to what can be done to sustain the auditing profession.

This chapter provides a brief overview of many of the Sarbanes-Oxley requirements and related SEC provisions.

In the five plus years since the passage of the Act, business executives, accounting professionals, and regulators are beginning to settle into their roles of compliance with the Act's provisions. Many are embracing greater transparency in their financial reporting. Disclosures in annual financial statements and proxy statements to shareholders are significantly expanding.

Auditors continue to look for ways to strengthen the auditing process. A constant awareness of the overall environment helps auditors maintain the level of professional skepticism necessary for effective auditing. Auditors can benefit from a hindsight review of recent lessons. Many of these lessons emphasize the importance of core values necessary for every audit engagement.

Return to Core Values on Every Engagement
One of the keys to meeting challenges affecting the auditing profession is the need for the auditor to exercise due professional care by approaching each audit with an appropriate level of professional skepticism. Generally accepted auditing standards (GAAS) describe professional skepticism as an attitude that includes a questioning mind and a critical evaluation of the audit evidence. Auditors may be tempted to put professional skepticism in the back of their minds, making it a concept that receives inadequate attention. Given this temptation, auditors need to continually focus on the importance of professional skepticism as they approach each and every new audit given that an auditor's attitude can increase the likelihood of detecting material misstatements.

Auditors need to maintain an awareness that many companies "manage" their financial reporting by using creative, aggressive, and sometimes fraudulent accounting techniques. In some cases management may follow appropriate accounting rules but use loopholes to manage financial results or they may unreasonably stretch accounting rules to significantly enhance financial results. In other cases, they may actually commit aggressive financial statement fraud. As a result, auditors need to realize that the risk of fraud is present in every entity they audit.

The quality of financial results can be diminished when accounting choices are made to achieve a pre-determined result other than improving the usefulness of financial statement information to decision makers. Thus, auditors should focus on the "choice" of accounting information, in addition to their application in accordance with GAAP, to evaluate whether the financial reporting reflects economic reality.

Audit firms need to evaluate whether their own "tone at the top" enforces the importance of applying an appropriate level of professional skepticism throughout all their engagement teams. Firm leaders should examine all communications they send throughout the organization, including messages contained in promotion and incentive compensation arrangements, to ensure that inherent incentives encourage all professionals to strive towards a level of high audit quality in all engagements they perform.

Lessons from Recent Events
There are lessons auditors can learn by considering prior accounting scandals and audit failures that can be used to improve the auditor's professional skepticism. Each year, the AICPA staff issues a publication titled, Audit Risk Alert, (Alert) to provide auditors with an overview of recent events affecting audit risk. The recent Alerts contain a list of circumstances and observations gleaned from the recent accounting scandals and audit failures that provide auditors a useful "checklist" of lessons from these recent events. Below are ten considerations for the auditor that are highlighted in these Alerts:

1. Be aware of a company culture of arrogance - Management that engages in deceptive accounting practices or fraudulent financial reporting often exhibit high levels of arrogance, pride, and greed. As auditors evaluate the client's control environment ("tone at the top"), they should be alert for signals of overly aggressive and arrogant behavior. In particular, auditors should be alert for signals such as overly aggressive predictions, forecasts, and beliefs about the current and future business environment that may contradict actual industry and general economy trends.
2. Closely examine accounting policies and estimates that heavily rely on management's judgment or that seem overly aggressive - Accounting policies and account balances that are heavily dependent on management's judgment and assumptions create opportunities for management to distort the actual financial results presented in financial statements. As auditors examine these policies and balances, they should be alert for and closely examine overly aggressive and unsupported assumptions and other judgments.
3. Consider the effectiveness of the audit committee and board of director governance - Fraud is typically perpetrated by members of the senior executive team. If the oversight over the financial reporting process by the audit committee or board is ineffective or biased towards management, members of the senior executive team have greater opportunities to engage in overly aggressive or fraudulent actions. As auditors consider internal controls, they should closely evaluate characteristics and actions of the audit committee and board to determine whether this ultimate internal control oversight over senior management is operating effectively. Auditors should closely evaluate how the audit committee addresses the ever-present risk of management override of internal control. An AICPA document, Management Override of Internal Control: The Achilles' Heel of Fraud Prevention, provides an excellent overview of the key activities that audit committees and boards of directors can take to monitor the risk of management override. This document can be downloaded from the AICPA's web site, www.aicpa.org.
4. Examine whether senior management is dominated by a single or few individuals - If senior management decisions are dominated by a small group of individuals, there is greater opportunity for them to dictate many of the decisions that may unduly influence the financial reporting process. This dominance provides greater opportunities for a few to collude to engage in overly aggressive or even fraudulent behavior. Again, as auditors evaluate the organizational hierarchy as part of their evaluation of the control environment, they should consider the extent to which significant decisions are limited to a few individuals.
5. Look for significant differences in client financial results and ratios from industry and other benchmarks - As auditors perform planning analytical procedures, they should evaluate client financial results that differ markedly from expectations based on industry and other benchmarks. In particular, auditors should be alert when reported earnings do not correspond to actual cash flows into an entity. That may be a signal that management is manipulating financial results in the balance sheet or income statement that cannot be reflected in the statement of cash flows.
6. Determine if management compensation plans provide an unusual incentive or pressure to engage in financial statement fraud - As the trend continues to compensate senior executives with stock-related incentive plans and other bonus plans based on financial results, senior executives may be facing greater and greater incentives to present favorable financial results, even when those are not being realized. Auditors should examine the nature of these compensation plans to determine if they may be creating a significant pressure on management.
7. Ensure that the nature of the client's business and operations are well understood -In some of the recent scandals, many found it difficult to clearly understand the nature of the client's operations and how they made money. In some cases, the entity was engaging in unusual and complicated business transactions that were difficult to follow and understand. In those situations, the underlying business rationale was difficult to identify, except that the transaction created unique accounting opportunities. In other cases, management's strategy involved acquiring businesses and assets more for the sake of accumulating assets than for the overall good for the company. Auditors should closely examine the nature of the client's business and operations so that they can be more alert for unusual and hard-to-explain business transactions.

734520