Audit Risk Alert for Governments and Their Auditors presentation

About This Presentation

Transcript and Presenter's Notes

Title: Audit Risk Alert for Governments and Their Auditors

1
Audit Risk Alert for Governments and Their
Auditors

Presented by
Alan Nast, C.P.A.
Davis, Monk Company
June 1, 2009

2
Audit Risk Alert for Governments and Their
Auditors

Auditor Selection Procedures in Florida
Audit Standard Setters
Recent SASs
103 Audit Documentation
104-111 Risk Assessment Suite
112 Communicating IC Related Matters
113 Omnibus

3
Audit Risk Alert for Governments and Their
Auditors

Recent SASs, Continued
114 Communication with Those Charged with
Governance
115 Communicating IC Related Matters
116 Interim Financial Information
Yellow Book July 2007 Revision
Looking Ahead

4
AUDITOR SELECTION PROCEDURES218.391, FS
5
(No Transcript)
6
218.39,FS Annual Financial Audit Reports

Each county
Municipality
Revenues or expenses gt 250,000
Revenues or expenses between 100,000 and
250,000 if not audited in 2 preceding years
(Continued)

7
218.39,FS Annual Financial Audit Reports

Special District
Revenues or expenses gt 100,000
Revenues or expenses between 50,000 and 100,000
if not audited in 2 preceding years
Each District School Board
Each Charter School
Each Charter Technical Center

8
(No Transcript)
9
218.391, FS Auditor Selection Procedures

Auditor General Task Force
Legislation, Effective 7-1-05

10
Purpose of the Task Force

Audit Quality
Auditor General Concerns
Unqualified Auditors
Unlicensed Auditors
Low-Ball Bids
Inconsistency among Governments
No Written Contracts
Sarbanes-Oxley Act

11
Task force composition

26 individuals, plus AG
Composition
FGFOA
FLC
FAC
FACC
FICPA (13)
Schools
Special Districts

12
Section 218.391, Florida Statutes

Establishes uniform auditor selection
requirements for all entities
Effective 7-1-05

13
Auditor Selection Guidelines

In 2007, the Auditor Selection Task Force
Published non-authoritative guidelines, including
Q A

14
MANDATORY AUDITOR ROTATION
No. There is no provision for mandatory auditor
rotation.
15
FREQUENCY OF AUDITOR SELECTION PROCEDURES
No. This is not addressed in the law.
16
RENEWAL OF CONTRACTS
Yes. The law provides that contracts can be
renewed without auditor selection procedures.
17
AUDIT COMMITTEE
No. But an audit committee is required.
18
AUDIT COMMITTEE COMPOSITION

Note, it does not say auditor selection committee
Non-charter counties to include each
constitutional officer or designee and 1 member
from County Commission or designee
Charter counties, cities, and others are silent
on composition

19
AUDIT COMMITTEE DUTIES

Primary purpose assist in selecting the auditor
May serve other audit oversight purposes
Committee meetings must be open to the public

20
AUDIT COMMITTEE SHALL

Establish factors for evaluating only firms
licensed to do business in Florida
Ability of personnel
Experience
Ability to furnish required services
Other factors

21
AUDIT COMMITTEE SHALL

Publicly announce RFP with brief audit
description and how to apply
Provide RFP to interested parties
RFP to include evaluation detail and other
information necessary to prepare a response to
the RFP

22
AUDIT COMMITTEE SHALL

Evaluate proposals by qualified firms
Not allow compensation as a sole or predominant
factor
Rank and recommend in preference order no fewer
than 3 firms using established factors (provision
for less than 3 proposals)

23
GOVERNING BODY

Governing Body Shall
Select one firm and
Negotiate a contract using one of three (3)
methods

24
GOVERNING BODY

First method (aka 1-2-3)
If compensation is not a committee evaluation
factor, then governing body to negotiate with
first committee ranked firm
If no contract then move to second and then third
firm and may reopen negotiations
No simultaneous negotiations

25
GOVERNING BODY

Second method
If compensation is a committee evaluation factor,
then governing body must select the highest
committee ranked firm or document publicly the
reason why that firm was not selected

26
GOVERNING BODY

Third method
Governing body may
Select and negotiate with a committee recommended
firm however
Must use an appropriate alternate method that
does not consider compensation as the sole or
predominant factor

27
CONTRACT

Must be a written contract
Contract may be the proposal letter if signed and
executed by both parties
Must specify the services to be provided and fees
Must contain a provision requiring invoices in
detail to demonstrate contract compliance

28
CONTRACT

Must have provision specifying contract period,
including renewals, and conditions for
termination or renewal
Renewals may be done without auditor selection
procedures of this law
Renewals must be in writing

29
QUESTIONS
30
4 LEVELS OF STANDARDS/REQUIREMENTS
31
CURRENT LANDSCAPE OFAUDIT STANDARD SETTING
AICPAs Code of Professional Conduct changed to
designate PCAOB as the standard-setting body for
issuers (public company)
32
STANDARDS/REQUIREMENTS
PUBLIC COMPANIES
NON-ISSUERS
PUBLIC COMPANY ACCOUNTING OVERSIGHT BOARD PCAOB
33
Three Standard Setting Bodies The Forum
ASB
GAO
PCAOB
34
Audit Standard Setting

ASB will continue to set standards for audits
not subject to SOX or the Rules of the SEC

GAO will continue to set auditing standards
applicable to audits of governmental entities.
It will monitor and look to both ASB and PCAOB
for base standards

35
Composition of ASB
36
QUESTIONS
37
Recent Audit Standards

SAS 103 Audit Documentation
SAS 104-111 The Risk Assessment Suite
SAS 112 Communicating IC Related Matters
SAS 113 Omnibus
SAS 114 Communication With Those Charged With
Governance
SAS 115 Communicating IC Related Matters
SAS 116 Interim Financial Information

SAS 103, Audit Documentation

39
SAS 103

Certain key changes resulting from SAS 103 may
still be causing some questions
Experienced auditor
60 day lockdown
5 year retention
Date of Auditors Report

40
SAS 103

Prepare audit documentation in sufficient detail
to provide an experienced auditor with no
previous connection to the audit a clear
understanding of the work performed, the evidence
obtained and its source, and the conclusions
reached

41
SAS 103

Assemble the final audit engagement file within
60 days following the report release date.
After 60 days no deletion or discard of
existing audit documentation
After 60 days appropriately document
subsequent additions
Minimum file retention period of five years from
the report release date.

42
SAS 103

Dating of the auditors report
Not earlier than the date on which the auditor
has obtained sufficient appropriate evidence to
support the opinion.
When do you have sufficient appropriate
evidence?
When you are at a point that you would be
comfortable signing the report and releasing to
the client.

43
My Take On the Risk Assessment Suite

Understand your client so you can figure out what
stuff could go wrong
Audit the stuff that could go wrong
Document how you audited the stuff that could go
wrong

44
The Risk Assessment Suite

SAS 104 Due Professional Care
SAS 105 GAAS
SAS 106 Audit Evidence
SAS 107 Audit Risk Materiality
SAS 108 Planning and Supervision
SAS 109 Understanding the Entity and
Its Environment and Assessing the RMM
SAS 110 Responding to Risks and
Evaluating Audit Evidence
SAS 111 Audit Sampling

SAS 104, Due Professional Care

46
SAS 104 Due Professional Care

Clarifies that reasonable assurance means a
high, but not absolute level of assurance
Incorporates the must word related to obtaining
sufficient appropriate audit evidence

SAS 105, GAAS
This standard amends SAS 95, GAAS

48
SAS 105 GAAS

Scope of field work expanded from internal
control to the entity and its environment,
including its IC
Planning the audit is expanded to assessing
the risk of material misstatement of the FS
whether due to error or fraud
Terminology changes
OLD NEW
Tests to be performed Further audit
procedures
Evidential matter Audit evidence

SAS 106, Audit Evidence

50
SAS 106 Audit Evidence

Provides guidance related to concepts underlying
the 3rd standard of field work the auditor must
obtain sufficient appropriate audit evidence
Types of Audit Procedures
Risk Assessment Procedures
Tests of Controls (still not required!)
Substantive Procedures
Tests of Details
Substantive Analytical Procedures

51
SAS 106 Audit Evidence

Assertions expanded from 5 to 13
Account Balances
Existence
Rights and Obligations
Completeness
Valuation and Allocation
Classes of Transactions
Occurrence
Completeness
Accuracy
Cutoff
Classification
Presentation and Disclosure
Occurrence and Rights and Obligations
Completeness
Classification and Understandability
Accuracy and Valuation

SAS 107, Audit Risk and Materiality

53
SAS 107 Audit Risk Materiality

Audit risk and materiality need to be considered
In designing the nature, timing, and extent of
audit procedures
In evaluating the results of those audit
procedures
Auditors must perform risk assessment procedures
At the overall financial statement level
At the individual account balance, class of
transactions, or disclosure level
Auditors should determine planning materiality
and tolerable misstatement
Audit Risk Model
AR RMM x DR
(RMM is the product of inherent risk x control
risk)
(DR is the product of test of details risk x
substantive analytical procedures risk)

54
SAS 107 Audit Risk Materiality

Materiality Would the user of the FS change
his/her opinion because of the omission or
misstatement?
Consider quantitative and qualitative factors
After considering audit risks and materiality,
the auditor should plan the audit to reduce audit
risk to an appropriately low level (high, but not
absolute level of assurance)
SAS 107 also provides expanded guidance
Evaluating audit findings
Evaluating whether the FS are free of material
misstatement

SAS 108, Planning and Supervision

56
SAS 108 Planning Supervision

This standard provides guidance to help the
auditors comply with the first standard of
fieldwork
The auditor must adequately plan the work and
must properly supervise any assistants
Requires a written engagement letter

SAS 109, Assessing Risks

58
SAS 109 Assessing Risks

Auditors must perform Risk Assessment Procedures
as a basis for further audit procedures
Understand the entity and its environment,
including its internal control
Use analytics, inquiries, observations, and
inspections to help substantiate your
understanding of the entity and its IC
Walk Through
Brainstorming
Assess the risks of material misstatement
Financial statement level
Relevant assertion level
Account Balances
Classes of Transactions
Provide Linkage to further audit procedures

SAS 110, Performing Procedures
(Further Audit Procedures)

60
SAS 110 Further Audit Procedures

Overall Responses Respond to risks at the
financial statement level
Further Audit Procedures Respond to risks at
the relevant assertion level
Test of Controls
Substantive Procedures
Tests of Details
Analytical Procedures

SAS 111, Audit Sampling

62
SAS 111 Audit Sampling

Moves guidance from SAS 39 into the risk
assessment standards
Enhances guidance to auditors about tolerable
misstatement and its effect on sampling

SAS 112, Communicating Internal Control Related
Matters Indentified in an Audit

64
SAS 112

Recognizes that body to whom communication is
made may take different forms
Board of Directors
Committee of management
Single owner
Those charged with governance the persons with
responsibility for overseeing the strategic
direction of the entity and the entitys
financial reporting and disclosure process

65
SAS 112

Conforms definitions of control deficiency,
significant deficiency, and material weakness to
those is PCAOB AS2. The term significant
deficiency replaces the term reportable condition
Requires written communication of significant
deficiencies and material weaknesses to
management and those charged with governance
Should be communicated even if they were
communicated in connection with previous audits

66
New Definitions - SAS 112

Significant deficiency A control deficiency, or
combination of control deficiencies such that
there is more than a remote likelihood that a
misstatement of the entitys financial statements
that is more than inconsequential will not be
prevented or detected.
Material weakness A significant deficiency, or
combination of significant deficiencies, that
results in more than a remote likelihood that a
material misstatement of the financial statements
will not be prevented or detected.

67
Common Example of Material Weakness

Points To Consider
There is a control deficiency if the person
responsible for the accounting and reporting
function lacks the qualifications, training,
skills and knowledge to prepare financial
statements in conformity with GAAP.
It is a strong indication of a material weakness
if the entity has ineffective controls in
preventing or detecting material misstatements in
the preparation of its financial statements,
including footnotes.
The auditor cannot be a part of the IC system.

68
Common Example of Material Weakness

CONCLUSION
The auditor will report that the entity has a
material weakness in internal control.

SAS 113, Omnibus - 2006

70
SAS 113

Amends SAS 95, Generally Accepted Auditing
Standards
Clarifies terminology used to describe
professional requirements in the 10 standards

71
SAS 113

Amends SAS 99, Consideration of Fraud in a
Financial Statement Audit
Strengthens the link between SAS 99 and Risk
Assessment SASs by adding footnotes
To heading prior to Paragraph 35 makes clear
the link between the auditors consideration of
fraud and the auditors assessment of risk
To heading prior to Paragraph 46 makes clear
the link between the auditors consideration of
fraud and the auditors response to assessed risks

72
SAS 113

Removes references to Completion of Fieldwork
throughout the SASs
Changes completion of fieldwork to date of
auditors report
Amends SAS No. 85, Management Representations
Requires representation letter to be dated as of
the date of the auditors report.

SAS 114, The Auditors Communication With Those
Charged With Governance

74
SAS 114

Supersedes SAS 61, Communication with Audit
Committees
The auditor must communicate with those charged
with governance significant audit matters
relevant to the responsibilities of those charged
with governance in overseeing the financial
reporting process

75
SAS 114

Those charged with governance those responsible
for overseeing the strategic direction of the
entity and obligations related to the
accountability of the entity, including
overseeing the entitys financial reporting
process.
Management Those responsible for achieving the
objectives of the entity who have the appropriate
authority. Management is responsible for the
financial statements, including designing,
implementing, and maintaining effective internal
control over financial reporting.

76
SAS 114

Required to communicate
The auditors responsibilities under GAAS
Auditor responsible for forming and expressing
opinion
Does not relieve management or those charged with
governance of their responsibilities
Audit designed to obtain reasonable, not
absolute, assurance
Includes consideration of internal control, but
not an opinion on its effectiveness
An overview of the planned scope and timing of
the audit
Be careful not to compromise effectiveness of the
audit

77
SAS 114

Required to communicate (cont.)
Significant findings from the audit
Qualitative aspects of significant accounting
policies
Significant difficulties, if any, encountered
Uncorrected misstatements
Disagreements with management
Other significant and relevant findings or issues
Material corrected misstatements
Management representations requested
Managements consultation with other accountants
Significant issues discussed with management

78
SAS 114

Communicate significant findings in writing if
oral communication would not be adequate
Other communications may be oral or written
Effective Date 9-30-08

79
SAS 115 Communicating IC Related Matters
IDd in An Audit

Supersedes SAS 112 of the same title
Effective 9/30/10
Early adoption is allowed
Conforms Language to PCAOB
Eliminates more than a remote likelihood

80
Control Deficiency

A deficiency in internal control exists when the
design or operation of a control does not allow
management or employees, in the normal course of
performing their assigned functions, to prevent,
or detect and correct misstatements on a timely
basis.

81
Material Weakness

A material weakness is a deficiency, or
combination of deficiencies, in internal control,
such that there is a reasonable possibility that
a material misstatement of the entitys financial
statements will not be prevented or detected and
corrected on a timely basis.

82
Significant Deficiency

A significant deficiency is a deficiency, or a
combination of deficiencies, in internal control
that is less severe than a material weakness, yet
important enough to merit attention by those
charged with governance.

83
Impact of SAS 115 on Yellow Book and Single
Audits

GAO says new language can be used in Yellow Book
reports
AICPA developing new report illustrations for
Yellow Book reports
OMB has not changed definitions yet dont update
Single Audit Reports

84
SAS 116 Interim Financial Information

Amends SAS 100 to accommodate review of interim
financial information of nonissuers
Removes guidance for reviews of interim financial
information of issuers since that guidance
resides in PCAOB audit standards

85
SAS 116 Interim Financial Information

Applies when
The entitys latest annual financial statements
have been audited by the accountant or a
predecessor
The accountant has been engaged to audit the
entitys current year financial statements, or
the accountant audited the entitys latest annual
financial statements and expects to be engaged to
audit the current year financial statements
The client prepares its interim financial
information in accordance with the same financial
reporting framework as that used to prepare the
annual financial statements
If the interim financial information is
condensed, then certain conditions must be met
Otherwise, perform review under SSARS

86
QUESTIONS
87
Government Auditing Standards

(Yellow Book)
July 2007 Revision

88
July 2007 Revision

2007 revision supersedes the 2003 revision
Issued revision late January 2007
Contained final 2007 revision except for quality
control and peer review sections
The July 2007 revision finalized after the
quality assurance and peer review sections were
finalized and incorporated into the standards
Effective 9-30-09

89
Chapter 1Use and Applicability of GAGAS

Clarified the standards through standardized
language to define the auditors level of
responsibility and distinguish between
requirements and additional guidance
Added guidance on citing compliance with GAGAS in
the auditors report
Clarified and expanded the standards to recognize
other sets of standards that can be used in
conjunction with GAGAS

90
Chapter 1Use of Terminology

Standardized language to define the auditor
requirements
Consistent with SAS No. 102
Must and is required indicate an unconditional
requirement
Should indicates a presumptively mandatory
requirement
Text not using the above conventions is
considered explanatory material

91
Chapter 1Citing Compliance with GAGAS

Citing GAGAS in auditors report
Unmodified GAGAS compliance statement Audit was
performed in accordance with GAGAS
Modified GAGAS compliance statement -
Audit was performed in accordance with GAGAS,
except for specific applicable standards that
were not followed, or
Auditor was unable to and did not perform the
audit in accordance with GAGAS

92
Chapter 1GAGAS and Other Standards

Recognizing other sets of professional standards
AICPA field work and reporting standards are
incorporated by reference for financial statement
audits
PCAOB and IAASB standards can be used in
conjunction with GAGAS for financial statement
audits
IIA standards can be used in conjunction with
GAGAS for performance audits

93
Chapter 2Ethical Principles in Government
Auditing

Heightened emphasis on ethical principles
Conducting audit work in accordance with
ethical principles is a matter of personal and
organizational responsibility. Ethical principles
apply in preserving auditor independence, taking
on only work that the auditor is competent to
perform, performing high-quality work, and
following the applicable standards cited in the
audit report.
Excerpt from paragraph 2.03

94
Chapter 3General Standards

Revised quality control and peer review sections
Clarified and streamlined the discussion of the
impact of professional services other than audit
services (nonaudit services) and their impact on
auditor independence
Updated CPE requirements to incorporate April
2005 changes

95
Chapter 3 General StandardsQuality Control and
Assurance

Strengthened emphasis on audit quality and
expanded description of overall objectives and
elements of quality control
Clarified that an audit orgs. noncompliance with
the peer review requirements results in a
modified GAGAS statement
Clarified that the GAGAS requirements for a
system of quality control are consistent with
AICPA however, supervisory reviews are not
monitoring controls when used alone
Increased transparency regarding the
effectiveness of quality control systems by
requiring that external peer review reports be
made public

96
Chapter 3 General StandardsNonaudit Services

Created three distinct categories of nonaudit
services and consolidated and streamlined the
examples previously interspersed throughout the
independence section
Nonaudit services that do not impair auditor
independence
Nonaudit services that will not impair
independence if supplemental safeguards are
complied with
Nonaudit services that impair independence

97
Nonaudit Services that Impair Independence

Maintain or prepare basic accounting records
Post transactions, whether coded or not coded
Design, develop, install, or operate the entitys
accounting system
Provide payroll services that are material to the
audit or involve making management decisions
Provide appraisal or valuation services that
exceed allowed scope
Recommend a single individual for a position or
conduct a recruitment program for the entity
Develop an entitys performance measurement
system, when material to the audit

98
Nonaudit Services that Impair Independence(Contin
ued)

Develop an entitys policies, procedures, and IC
Carrying out internal audit functions
Serve as voting member of entitys management
committee
Supervise entitys employees
Authorize entitys transactions
Maintain custody of entitys assets

99
Chapter 3 General StandardsContinuing
Professional Education

Incorporated the revised CPE requirements that
were issued in April 2005. Under these
requirements
All auditors should complete every 2 years at
least 24 hours of CPE that relates to GAGAS
All auditors involved in planning, directing, or
reporting on GAGAS assignments and all auditors
who charge 20 percent or more of their time
annually to GAGAS assignments also should obtain
at least an additional 56 hours of CPE that
enhances the auditors professional proficiency
to conduct audits

100
All Types of GAGAS Audits and Attestation
Engagements

Defined those charged with governance
Added a requirement for controls over
electronically maintained audit documentation
Clarified and streamlined
Developing elements of a finding
Reporting views of responsible officials

101
All Types of GAGAS Audits The Role of Those
Charged with Governance

Have the duty to oversee the strategic direction
and obligations related to the accountability of
the entity
Because it may be unclear who is charged with
governance functions, auditors evaluate
organizational structure for directing and
controlling operations to achieve the entitys
objectives
Evaluation includes
How the entity delegates authority
How the entity establishes accountability for
management personnel

102
All Types of GAGAS Audits Controls over
Electronic Audit Documentation

Whether audit documentation is in paper,
electronic, or other media
The integrity, accessibility, and retrievability
of the underlying information could be
compromised if
Documentation is altered, added to, or deleted
without auditors knowledge
Documentation is lost or damaged
For documentation retained electronically, the
audit organization should establish information
systems controls concerning accessing and
updating the audit documentation

103
All Types of GAGAS Audits Developing Elements of
a Finding

Auditor should plan and perform procedures to
develop the elements of a finding that are
relevant
Criteria
Condition
Cause
Effect or potential effect

104
All Types of GAGAS Audits Reporting Views of
Responsible Officials

If the report discloses deficiencies in internal
control, fraud, illegal acts, violations of
provisions of contracts or grant agreements, or
abuse, auditors should
Obtain and report views of responsible officials
concerning
Findings, conclusions, and recommendations
Planned corrective action
Include in the report an evaluation of the
comments
If the audited entity does not provide comments,
auditors may issue the report
Indicate that the audited entity did not provide
comments

105
Chapter 4Financial Audit Field Work Standards

Updated communications during planning
Clarified and streamlined the auditors
responsibilities for contract provisions or grant
agreements
Clarified and streamlined the auditors
responsibilities in field work for abuse
Added a clear and prominent discussion on
consideration of fraud and illegal acts
Updated GAGAS based on recent developments in
financial auditing and internal control

106
Chapter 4 Financial Audit Field Work
StandardsCommunication During Planning

Auditors are required to communicate their
understanding of the services to be performed for
each audit
Communication is required to be written to both
management and those charged with governance
If not clear who are those charged with
governance, the auditor should
Document the process followed
Document conclusions reached on the appropriate
individuals to receive the auditor communications

107
Chapter 4 Financial Audit Field Work
StandardsContract Provisions or Grant Agreements

Auditors should design the audit to provide
reasonable assurance of detecting misstatements
that result from violations of provisions of
contract or grant agreements that could have a
direct and material effect on financial statement
amounts or other financial data significant to
the audit objectives

108
Chapter 4 Financial Audit Field Work
StandardsAbuse

If the auditor becomes aware of indications of
abuse that could be material, the auditor should
apply audit procedures specifically to ascertain
Whether material abuse has occurred
The potential effect on the subject matter of the
audit
However, because the determination of abuse is
subjective, auditors are not required to provide
reasonable assurance of detecting abuse

109
Chapter 4 Financial Audit Field Work
StandardsFraud and Illegal Acts

Clarifies the existing standard but does not
change auditors responsibilities
Under both the AICPA standards and GAGAS,
auditors have the following responsibilities
Plan and perform the audit to obtain reasonable
assurance about whether the financial statements
are free of material misstatement, whether caused
by error or fraud
Design the audit to provide reasonable assurance
of detecting material misstatements that could
have a direct and material effect on the
financial statements

110
Chapter 4 Financial Audit Field Work
StandardsAudit Documentation

Updated the standard to achieve consistency with
SAS No. 103
The auditor should prepare audit documentation
that enables an experienced auditor, having no
previous connection to the audit, to understand
The nature, timing, and extent of procedures
performed
The results of procedures performed and evidence
obtained
How the audit evidence relates to the audit
conclusions
The conclusions reached on significant matters

111
Chapter 5Financial Audit Reporting Standards

Updated reporting requirements for internal
control deficiencies
Encouraged communicating, in the auditors
report, significant concerns, uncertainties, or
other unusual events that could have a
significant impact on the financial condition or
operations
Increased transparency surrounding reporting on
restated financial statements

112
Chapter 5 Financial Audit Reporting
StandardsInternal Control

Definitions of internal control deficiencies
(consistent with SAS 112)
Significant deficiency (Same as 112)
Material weakness (Same as 112)

113
Reporting Internal Control Deficiencies
114
Chapter 5 Financial Audit Reporting
StandardsFraud, Illegal Acts, Other
Noncompliance, Abuse

When auditors conclude that any of the
following has occurred or is likely to have
occurred, they should include in the audit report
the relevant information about
Fraud and illegal acts that are greater than
inconsequential
Material violations of contracts or grant
agreements
Material abuse

115
Chapter 5 Financial Audit Reporting
StandardsManagement Letter

Illegal acts, violations of provisions of
contracts or grant agreements, or abuse that is
inconsequential
Internal control deficiencies that have an
inconsequential effect on the financial
statements
Determining whether and how to communicate is a
matter of professional judgment
Violations of provisions of contracts or grant
agreements or abuse that have an effect that is
less than material but more than inconsequential
Should be communicated in writing

116
Chapter 5 Financial Audit Reporting
StandardsRestatements Increased Transparency

Auditors should advise management to make
appropriate disclosures when the auditors believe
it is likely that previously-issued financial
statements are misstated and the misstatement
could be material (AU 561)
Under GAGAS, auditors have additional
responsibilities in the following areas
Evaluate the timeliness and appropriateness of
managements disclosure and actions to determine
and correct misstatements in the
previously-issued financial statements
Report on restated financial statements in an
explanatory paragraph

117
Chapter 6Attestation Engagements

Not addressed during this session

118
Chapters 7 8Performance Audits

Not addressed during this session

119
July 2007 Revision Implementation Date

For financial audits and attestation engagements,
the standards become effective for audits of
periods beginning on or after January 1, 2008
Certain standards issued by the AICPAs Auditing
Standards Board (ASB) have earlier effective
dates. Effective dates of those new ASB standards
apply to GAGAS audits
Early implementation is permissible and encouraged

120
Looking Ahead

Clarity project and convergence with
international standards
Proposed changes to SAS 74
Other exposure drafts
RSI and Other Information (SAS 8, 29, 52)
Fraud (SAS 99)
Illegal Acts (SAS 54)
Risk Assessment (SAS 106-110)

121
Clarity and International Convergence

Goals
Address concerns over length and complexity of
standards
Make standards easier to read, understand and
implement
Will lead to enhancements in audit quality

122
Clarity and International Convergence

Project will take 3 years to complete
During this period, few new standards will be
issued
Only those that are needed to respond to emerging
issues (e.g., SAS 74)
Clarified standards will be exposed over the next
few years and finalized
Target date for final approval June 2010

123
Clarity and International Convergence
Clarity Drafting Conventions

Introduction
Objective
Definitions
Terms used in the SAS are defined
Establish separate glossary of terms
Requirements and Application Material

124
Proposed Changes to SAS 74

Clarifying updating it for changes in the
compliance audit environment
Establishing a requirement for the auditor to
adapt and apply GAAS, including the risk
assessment and fraud standards (all of which
primarily address audits of financial
statements), to a compliance audit and providing
guidance on how to do so
Identifying the AU sections that are applicable
to a compliance audit and those that are not
applicable
Defining terms related to a compliance audit
Providing guidance on the factors an auditor may
consider in evaluating whether an entity has
materially complied with the applicable
compliance requirements
Identifying the elements to be included in an
auditors report on compliance

125
Other Exposure Drafts

Primarily to revise format per the clarity
project and convergence with international audit
standards
Fraud
Illegal Acts
Risk Assessment

126
Thank You!
127
QUESTIONS

Write a Comment

User Comments (0)

About PowerShow.com

Audit Risk Alert for Governments and Their Auditors PowerPoint PPT Presentation