The Auditing
Standards Board, which is the standards-setting body
that governs auditors on non-public entities, has passed
a sweeping set of new standards that rewrite many of
the fundamental principles of a financial statement audit
for non-public entities.
Though not as extensive
as the rules for public companies, these new standards
parallel many of the key aspects of the Sarbanes-Oxley
legislation that public companies have had to comply
with in recent years.
As a direct result of Enron
and other recent corporate scandals, the main objective
of the new standards is to strengthen and maintain the
integrity of the independent financial statement audit.
We support this objective. We
also believe that the new standards will benefit all
stakeholders in the financial reporting process -- those
who prepare financial information, those of us who provide
assurance on the reliability of that information, and
those who use the information to make decisions about
your business.
These new rules are intended
to enhance the auditors’ application
of the audit risk model and will require a more in-depth
understanding and documentation of your overall operations,
business objectives and strategies and the risks associated
with achieving these objectives.
Additionally, the new
standards require us to perform a more thorough evaluation
of, and testing related to, your key internal processes
and related internal controls.
|
 |
SAS No. 104 –-
Due Professional Care in the Performance of Work |
| Requires the auditor to plan and perform
the audit to obtain sufficient appropriate audit evidence
in an attempt to reduce overall audit risk to a low level. |
 |
KEY
CHANGE: Auditors can no longer assess
risk at a high level and then automatically turn to substantive
procedures to conduct the audit without appropriate documentation and testing
of the entity level controls and key processes within your
organization. |
| |
|
| SAS No. 105 –-
Generally Accepted Auditing Standards |
| Expands the scope of the
audit primarily to recognize that audit procedures are
performed to obtain the understanding on which the auditor's
risk assessments are based. |
|
KEY
CHANGE: Generic audit work programs will no longer
be appropriate for most engagements. |
|
| SAS No. 106 –-
Audit Evidence |
| Provides the auditor with
expanded guidance, concepts, and definitions for audit
evidence and relevant assertions; discusses qualitative
aspects related to sufficiency and appropriateness of audit
evidence; and describes various additional audit procedures
and discusses why they should be performed. |
|
KEY
CHANGE: Greatly reduces the auditor’s ability
to rely upon representations from management. Increases
auditor’s responsibility to observe and test information
supporting management representations. |
|
| SAS No. 107 – Audit
Risk and Materiality in Conducting an Audit |
| Provides the auditor with
guidance on how to consider audit risk and materiality when performing an audit of financial statements in accordance with generally accepted accounting principles. |
|
KEY
CHANGE: Similar to SAS No. 104, auditors can no longer automatically turn to a substantive based audit; they must assess control risk and test the effectiveness of internal controls, where appropriate. |
|
| SAS No. 108 – Planning
and Supervision |
| Establishes standards and provides guidance applicable to auditor planning and supervision. Planning should begin with engagement acceptance and continue throughout the audit. An overall audit strategy should be developed encompassing nature, timing, and extent, with an understanding of the entity environment, including its internal control. |
|
KEY
CHANGE: This will require an increase in our planning and documentation time prior to your actual year end, essentially requiring us to be on-site for interim work before your year end. |
|
| SAS No. 109 – Understanding
the Entity and Its Environment and Assessing the Risks
of Material Misstatement |
Pertains to the auditor
obtaining sufficient understanding of the entity and
its environment, including its internal control, and
the assessment of risk as it pertains to the financial
statements.
Provides that the auditor should: 1) Assess risk procedures
and sources of information about the entity and its environment,
including internal control; 2) Understand the entity
and its environment, including its internal control;
3) Assess the risks of material misstatement; and 4)
Provide adequate documentation to support conclusions.
The auditor should consider the following aspects in
the overall assessment: 1) Industry, regulatory, and
other external factors; 2) Nature of the entity; 3) Objectives
and strategies and the related business risks that may
result in a material misstatement; 4) Measurement and
review of the entity's financial performance; and 5)
Internal control, which includes the selection and application
of accounting policies. |
|
KEY
CHANGE: Auditors should perform increased inquiries
of management and others within the entity, analytical
procedures, and/or observation and inspection.
Auditors are also required to have an internal brainstorming
session to discuss the risk of financial statement
misstatements.
In addition, auditors must evaluate the design of
internal controls and determine whether these controls
have been implemented, which will require more planning
time and related testing of controls. |
|
| SAS No. 110 – Performing
Audit Procedures in Response to Assessed Risks and Evaluating
the Audit Evidence Obtained |
| Design and perform audit
procedures so the nature, timing, and extent are responsive
to the assessed risks of material misstatement at the relevant
assertion level. Provides a clear linkage between the auditor's
procedures and the overall risk assessments. |
|
KEY
CHANGE: Essentially, results in each financial
statement audit requiring tailored audit programs and
procedures, specific to each client. |
|
| SAS No. 111 – Audit
Sampling |
| Provides the auditor with
amended and enhanced guidance surrounding audit sampling
and auditor judgment in planning a sample for tests of
details. |
|
KEY
CHANGE: Will likely increase the amount of testing
performed on audit engagements. |
|
| SAS No. 114 –Auditor's
Communication with Those Charged with Governance |
| This encompasses "person(s) with responsibility
for overseeing the strategic direction of the entity and
obligations related to the accountability of the entity," including overseeing the financial reporting process...and
encompasses the term board of directors or audit committee. Relates to all of entity’s governance bodies, including
trustees, partners, board of directors. Addresses information
to be obtained from those governance bodies. Also clarifies
auditor responsibilities, including scope and timing of
audit, communication of significant audit findings,
and the communication process. |
|
KEY
CHANGE: Supersedes SAS No. 61 and addresses all
specified matters to be addressed to individuals charged
with an entity’s governance. |