0
0
Ideal for self-study or on-site training!
Learn the requirements that significantly enhance the quality and depth of the understanding of the entity and its environment, including its internal control system. Gain an understanding of how the new standards differ from existing standards and what you will have to do differently now — both during the interim and final field work phases. Learn what procedures are now required to respond to assessed risks. Also learn how the documentation standards in SAS No. 103 and the required communication of internal control related matters in SAS Nos. 112 and 115 fit into the typical audit process.
Objectives:Prerequisite: Basic understanding of accounting and auditing principles
Videocourse Details
In this video, Richard H. Gesseck, CPA, Audit Partner at UHY LLP in New Haven, CT, discusses
the new SASs with William I. Eskin, CPA, President at WIE, Inc. in Baltimore, MD, and an
instructor for this course; Elizabeth S. Gantnier, CPA, Director of Quality Control at Stegman &
Company in Baltimore, MD, and an instructor for this course; and Lawrence J. Gramling, Ph.D.,
CPA, Professor of Accounting at the University of Connecticut in Storrs, CT.
*(188-min. video) The DVD disk contains the video presentation and a viewable copy of the Manual.
**The Additional Manual is for group study training only. Unlike other formats, it has no exam
answer sheet and cannot be used to earn self-study credit.
732993
Chapter 1 - Overview
Learning Objectives
After completing this chapter you should be able to describe the key activities in the typical process for auditing an entity's financial statements in accordance with generally accepted auditing standards. This knowledge should, in turn, enable you to recognize changes in activities resulting from the issuance of the Risk Assessment Standards.
Introduction
To further enhance audit quality, the AICPA Auditing Standards Board issued a set of eight Statements on Auditing Standards (SASs) – collectively known as the Risk Assessment Standards. These Standards are effective for audits of financial statements for periods beginning on or after December 15, 2006.
This course begins with an overview of the typical audit process and then examines how the Risk Assessment Standards will affect it. The Risk Assessment Standards reflected in this course include the following:
• SAS No. 104, Amendment to Statement on Auditing Standards No. 1, Codification of Auditing Standards and Procedures ("Due Professional Care in the Performance of Work")
• SAS No. 105, Amendment to Statement on Auditing Standards No. 95, Generally Accepted Auditing Standards
• SAS No. 106, Audit Evidence
• SAS No. 107, Audit Risk and Materiality in Conducting an Audit
• SAS No. 108, Planning and Supervision
• SAS No. 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement
• SAS No. 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained
• SAS No. 111, Amendment to Statement on Auditing Standards No. 39, Audit Sampling
The Auditing Standards Board (ASB) believes that the requirements and guidance provided in the Risk Assessment Standards will result in a substantial change in audit practice and in more effective audits. Overall the new SASs change the audit process to
• Expand the quality and depth of the auditor's required understanding of the entity and its environment, including its internal control – The standards require the auditor to obtain an understanding of a significantly expanded set of information about specific elements of the entity and its environment. The purpose of the required understanding of this broadened set of information about the entity and its environment is to enhance the auditor's ability to identify and assess risks that may lead to material misstatements in the financial statements. The auditor is required to perform risk assessment procedures in all audits to obtain an understanding of the entity and its control environment, including its internal control. Risk assessment procedures include updating information obtained in prior audits that the auditor intends to use in the current audit. The expanded understanding about the entity and its environment should also be helpful to the auditor throughout the audit when making judgments about materiality and when critically evaluating audit evidence.
• Require the auditor to assess the risks of material misstatements at the financial statement level and at the assertion level on all audits based on the understanding obtained – The new SASs note that assessing risks of material misstatements encompasses a combined assessment of inherent risk and control risk. The new SASs eliminate the auditor's ability to assess "risk at the maximum" without support for that assessment. Thus, auditors will be required to support all risk assessments at whatever level, including risks at the maximum, based on their understanding of the entity and its environment. In addition, the new SASs require the auditor to identify "significant risks" (defined later in this chapter) that require special audit consideration, and risks for which substantive procedures alone will not reduce audit risk to an appropriate level.
• Eliminate the "default to maximum" for control risk, which should encourage testing of controls – Auditors will no longer be able to assess control risk "at the maximum" without support for that assessment. Thus, that kind of audit approach can no longer be used as a default audit strategy. Instead, auditors should document the basis for a control risk at maximum assessment. The ASB believes this will encourage the testing of controls in all audits. In addition, the new SASs expand the auditor's requirement to understand internal controls in every audit by also requiring the auditor to evaluate the design of controls, including relevant control procedures over "significant risks," and to determine whether those control procedures have been implemented.
• Emphasize importance of the entity's risk assessment process – The new SASs emphasize that when the auditor identifies potential risks of material misstatements in the financial statements, it is important for the auditor to consider the entity's risk assessment process. To assist the auditor with this consideration, the new SASs discuss how the entity's risk assessment process fits in with the entity's process of setting objectives and strategies and assessing related business risks. When the auditor identifies risks of material misstatements that the entity's risk assessment processes failed to detect, the new SASs require the auditor to consider why the process failed and whether the process is appropriate in the circumstance.
• Strengthen the linkage between assessed risks and the auditor's responses to those risks – Because auditors frequently struggle with designing an appropriate audit response to risks identified, the new SASs contain expanded guidance designed to significantly improve the auditor's ability to effectively address the identified risks. Auditors are required to determine both an overall response to address the risks of material misstatements at the financial statement level and a response to assess risks of material misstatements at the assertion level. The new guidance emphasizes the importance of the nature of the audit procedures in responding to assessed risks. The new SASs also require the auditor to perform substantive procedures for "significant risks." These substantive procedures consist of tests of details alone or tests of details combined with substantive analytical procedures that are specifically responsive to the identified risks. If the auditor plans to rely on the operating effectiveness of controls to mitigate a significant risk, the auditor is required to obtain all evidence about the operating effectiveness of those controls from tests of controls performed in the current period. The auditor cannot conclude that controls are operating effectively based on tests of controls performed in prior audits even when the auditor also determined that the controls did not change since that testing.
• Clarify the auditor's ability to rely on audit evidence gathered in prior audits – Except for controls related to significant risks, the auditor who plans to rely on controls that have not changed since they were last tested should perform tests of the operating effectiveness of those controls at least every third year in an annual audit. As noted above, the auditor should test controls designed to address significant risks in the current audit.
• Strengthen guidance for testing disclosures – The new SASs include expanded guidance to specifically address the importance of considering the "completeness" of disclosures and their understandability. The assertions related to presentation and disclosure have been significantly revised to provide this emphasis.
• Clarify and expand guidance on evaluating audit findings – When evaluating audit findings, auditors should consider the effect of uncorrected misstatements related to prior periods on the current-period financial statements.
• Expand documentation requirements – Because the ASB believes that documentation requirements can drive behavior, the new SASs require the auditor to document, among other things, the following items:
– Results of the risk assessments both at the financial statement level and the assertion level;
– The nature, timing, and extent of audit procedures performed;
– The linkage of auditor responses with the assessed risks at the assertion level; and
– Results of the audit procedures.
The Audit Process
The typical audit process may proceed as depicted below. And although it is presented as an iterative process, procedures and phases often overlap and activities may even take place in a different sequence. The Risk Assessment Standards, which are effective for audits of financial statements for periods beginning on or after December 15, 2006, affect almost all of the phases presented. The phases and activities have been numbered and named merely for reference purposes during the remainder of this course. A summary of the typical audit process and the key activities within each phase follows:
• Phase I (Audit Planning) – Chapter 2
– Perform client continuance procedures and consider independence matters.
– Understand the entity and its risks.
– Perform preliminary analytical review procedures.
– Estimate planning materiality and tolerable misstatement.
– Identify significant accounts and processes.
– Conduct an audit team "brainstorming" meeting. This meeting addresses the risks of material misstatement arising from error or fraud.
– Assess the risk of material misstatement arising from error or fraud at the entity level.
– Agree on timing and deliverables.
– Develop overall audit strategy.
– Establish an understanding with the client regarding the services to be performed.
– Issue an audit planning report.
• Phase II (Internal Control Documentation) – Chapter 3
– Gather or update documentation for significant processes.
– Perform a walk-through of each significant process.
– Ask "what could go wrong" questions.
– Identify preventive vs. detective controls.
732993
Customer Service
Customer Service
Customer Service
Back to Browsing Products
