Becker CPA Review AUDIT 6 2015 Professional Responsibilities
Becker CPA Review AUDIT 6 2015
Professional Responsibilities
Ethics & Professional Responsibility Code of Professional Conduct – AICPA members – Principles • Responsibilities – exercise sensitive professional & moral judgments • Public interest – serve the public interest, honor trust & demonstrate commitment to the profession • Integrity – highest sense of integrity • Objectivity & Independence – objectivity applies to all services; but independence applies to attestation services • Due care –observe standards, no negligence • Scope & nature of services – internal quality control measures, determine conflicts of interests & assess whether activities are consistent with professionalism
Independence Rule In Fact & Appearance Not required for compilations & non-attest services Impaired if: – Has a direct financial interest – Has a material indirect financial interest – A member or his immediate family has a loan to or from a client. Exceptions are: • • 100% collateralized car loans with a financial institution client Cash advance or credit card balances < $10, 000 A bank account that is fully insured by the government A passbook loan – Acceptance of more than a token gift
Independence Rule Employment Relationships – Independence is impaired if an individual who was formerly employed by the client participates or is in a position to influence – covers any period of his or her employment with the client – Independence is impaired by an immediate family member’s employment with a client in a key position (internal audit employee) – Independence is impaired if an employee leaves the firm and is employed by the client in a key position – Independence is impaired if the CPA is interested in a job at client’s company
Independence Rule – A firm could perform non-attest services and still maintain independence if, among other things, it did not have custody of the client’s assets and did not make decisions on the client’s behalf – Independence is not impaired by being a member of or an honorary trustee for a nonprofit charitable, civic, or religious group if the position is purely honorary and the member does not participate in any management functions – Independence is impaired with respect to a client who is more than 1 year overdue – Actual or threatened litigation may impair independence
Integrity & Objectivity Rule Free of conflicts Must not knowingly misrepresent facts Must not subordinate judgment
General Standards Rule Professional competence – Undertake only services that the member can reasonably be expected to complete with professional competence Due professional care – critically review the work done Planning & supervision Sufficient relevant data – for conclusions & recommendations
Compliance with Standards Rule Comply with standards for auditing, compilation, management consulting, tax, or other professional services – – SAS PCAOB SSARS SSAE
Accounting Principles Rule A member shall not express an opinion or state affirmatively or negatively that financial statements are presented in conformity with GAAP if there is any departure from an accounting principle that has a material effect on the financial statement.
Confidential Client Information Rule A member may not disclose any confidential client information without the specific consent of the client except in the following circumstances: – – – Subpoena Peer review program Ethics division, trial board, state society, or board of accountancy
Contingent Fees Rule A contingent fee is a fee dependent upon a finding or result Contingent fees are permitted in the following cases: – – – Fixed by courts Tax matters Compilations only if the member includes a statement the member is not independent
Discreditable Acts Rule Examples: – – – – Failure to return records to a client Discrimination or harassment Failing to follow applicable standards in government audits Negligence Failing to follow GAAS Solicitation or disclosure of CPA Exam questions & answers Failure to timely file a personal or firm tax return or to timely remit payroll or other taxes collected on behalf of others
Advertising & Solicitation Rule Permitted but should not be false, misleading, or deceptive – – False or unjustified expectations Imply the ability to influence a court Intentionally underestimate fees Would mislead or deceive a reasonable person
Commissions & Referrals Rule Not permitted if: – Auditing or reviewing – Compiling F/S without disclosing the lack of independence – Examining prospective financial statements The commission must be disclosed to the client Referral fees must be disclosed to the client
Form of Practice and Name Rule May not designate itself as “members of the AICPA” unless all of its partners or shareholders are members of the Institute May not designate itself as CPAs unless all of its partners or shareholders are members of the AICPA A firm may continue to use the names of 1 or more past partners or shareholders If all partners except one have died or left – 2 years
Rule 505 Form of Practice and Name Ownership – over 50% must belong to CPAs A CPA must have ultimate responsibility Non CPA owners: – Must be actively engaged as a firm member in providing services to the firm’s clients – Abide by the AICPA Code – Not hold themselves out to be CPA’s – Can use title: principal, owner, officer, member, or shareholder
The Sarbanes-Oxley Act of 2002
Sarbanes-Oxley Act Public Company Accounting Oversight Board • 5 members • Subject to oversight by the SEC • Duty to: – – – Register public accounting firms Establish rules relating to the preparation of audit reports for issuers Conduct inspections, investigations, and disciplinary proceedings concerning registered public accounting firms
Sarbanes-Oxley Act – Title I Each Registered Firm: • Must update the registration annually • Must maintain the audit documentation for at least 7 years • Provide a concurring or second partner review of each audit report • Must monitor ethics and independence from issuers
Sarbanes-Oxley Act – Title II Independence – Prohibited services: – – – – – Bookkeeping Information systems Appraisal and valuation services Actuarial services Management functions or human resources services Internal auditing Services as a broker, dealer, adviser or banker Legal services Expert services unrelated to the audit
Sarbanes-Oxley Act – Title II Tax services are permissible if pre-approved by audit committee All services and permitted non-audit services should be pre-approved by the audit committee The lead and reviewing partner must rotate off the audit every 5 years Certain important issues should be communicated to the audit committee (policies, alternative treatments, written communications between the audit firm & management) The audit firm cannot have employed the issuer’s CEO, CFO, Controller, or Chief Accounting Officer for a one-year period preceding the audit
Sarbanes-Oxley Act – Title III It is unlawful for any officer or director of an issuer, or any person acting under the direction of an officer or director, to take any action to fraudulently influence, coerce, manipulate, or mislead any independent public or certified accountant engaged in the performance of an audit of the financial statements of the issuer for the purpose of rendering such financial statements materially misleading.
Sarbanes-Oxley Act – Title IV Enhanced financial disclosures • • • All financial reports must reflect all material adjustments identified by a registered firm Financial reports must disclose all material offbalance sheet transactions Any officer, director or owner of more than 10% of any equity security must file a report Sec reports must include an internal control report Sec requires disclosure on whether they have a code of ethics for senior financial officers Sec requires disclosure whether or not the audit committee has at least one member who is a financial expert
Securities & Exchange Commission Independence – same rules discussed in the Code of Ethics
Licensing & Disciplinary State Board of Accountancy – Residency requirements – Educational requirements – Experience requirements Can suspend or revoke a CPA’s license – Misconduct while performing accounting services – Misconduct outside the scope of accounting services – Criminal conviction There is a due process.
Licensing Penalties – – – Suspension Monetary fine Reprimand Probation CPE courses
AICPA & State CPA Societies – – – The code of professional ethics Joint Ethics Enforcement Program – single investigation The AICPA & state societies can santion but they cannot suspend or revoke.
Securities & Exchange Commission The SEC may censure, suspend, or revoke an accountant’s right to practice before the SEC. The SEC can issue cease and desist orders.
AUDIT DOCUMENTATION
Audit Documentation Working papers are the principal record of procedures, evidence obtained, & conclusions reached. Audit documentation is the property of the auditor. Purposes: • Support the report. • Evidence as to compliance with GAAS • Assistance in planning, conducting & supervising • Accountability • Information for future audits
Requirements of Audit Documentation • • Assist in planning, conducting, and supervising the audit Show that the accounting records reconcile with the financial statements Provide a record of evidence, results of tests, and conclusions Enable reviewers to understand the work performed and the evidence obtained
Report Release Date in which the auditor grants the client permission to use the report Documentation retention: – Sas (non-issuers) – 5 years – PCAOB (issuers) – 7 years Documentation completion date: – Allowance of a 60 day period (PCAOB - 45 days) after the report is released to assemble the complete audit documentation file (documentation completion date) – Changes made after the 60 day period should be fully documented without deleting the original
Nature & Extent of Audit Documentation The quantity, type, & content of audit documentation are based on the auditor’s judgment. The auditor should consider: • • • The risk of material misstatement The extent to which judgment was required The nature of the specific auditing procedure The significance of the evidence obtained The nature & extent of any problems identified The need to document conclusions that may not be obvious
Specific Contents of W/P Permanent file – includes audit documentation that has a continuing interest from year to year (contracts, leases, options, bylaws, articles of incorporation, minutes). Current file – contains all audit documentation applicable to the year under audit. – – – Audit program Financial statements and report Working trial balance, adjusting journal entries
– – – Specific Contents of W/P Letter of confirmations Letter of representation Analyses, worksheets, schedules Abstracts or copies of entity documents Records of significant audit findings – Selection & application of accounting principles – Possible misstatements in the F/S – Cause significant difficulty in applying necessary audit procedures – May result in modification to the auditor’s standard report – Records of tests of controls & substantive tests
Significant Audit Findings Audit documentation should include audit findings, actions taken, and conclusions reached. Significant audit findings include: – Selection and application f accounting principles – Matters that give rise to significant risks – Possible material misstatements – Significant difficulties in applying audit procedures – May result in modification of the auditor’s opinion
Information Technology
EFFECT OF INFORMATION TECHNOLOGY Differences: Segregation of duties Disappearing audit trail Uniform processing of transactions Computer initiated transactions Potential for increased errors & irregularities – Remote, security, design or maintenance Potential for increased supervision and review
Effect on Evidence Gathering Audit procedures can be: – Around the computer – Auditing through the computer (computerassisted audit techniques) The auditor should seek help
Auditing Around the Computer The auditor tests the input data, processes the data independently, and then compares his independently determined results to the program results.
Computer Assisted Audit Techniques Sometimes the only feasible way to complete the audit. CAATs include: 1. Transaction tagging – a technique to “electronically mark” specific transactions and follow them through the client’s system 2. Embedded audit modules – sections of the application program that collect transaction data for the auditor.
Computer Assisted Audit Techniques 3. Test deck data method – technique that uses the application program to process a set of test data, the results of which are already known. – Some invalid conditions – Live computer files are not affected in any way (off-line) 4. Integrated test facility – similar above except that test data is commingled with live data (on-line)
Computer Assisted Audit Techniques 5. Parallel simulation – auditor reprocesses some or all of the client’s live data and the compares the results with the client’s files. The auditor’s system is used to process the client’s data.
Generalized Audit Software Packages Allow the auditor to perform tests of controls and substantive tests directly on the client’s system Advantages: – Test a much higher % of transactions – Little technical knowledge – Reduces audit time
Auditing with a Computer May achieve audit efficiency Advantages: – – – – Automatic math, reduces errors Automatic cross referencing Automatic preparation of F/S , tax returns Reduction in supervisory review time Automatic performance of analytical Enhanced client service Improved morale and productivity Disadvantages: – May not contain readily observable details of calculations
Governmental Auditing CPA examination questions frequently focus on the additional standards applicable to governmental audits and the additional contents of reports.
Governmental Auditing Audits of governments & governmental assistance require compliance with GAAS & GAGAS For engagements involving expenditures of federal financial assistance, supplementary requirements included in the SINGLE AUDIT ACT may also apply
Sources of Government Auditing Standards GAAS – applicable to all audits GAGAS – Generally accepted government auditing standards (yellow book) – Contain standards for audits of: • Government organizations, programs, activities, and functions • Government assistance received by contractors, not-for -profit organizations, and other non-governmental organizations – Includes designing the audit to provide reasonable assurance of detecting material misstatements resulting from non-compliance
Audit Requirements Should be conducted in accordance with: – GAAS & GAGAS The following requirements also apply (Extra fieldwork & Extra Reporting Standards): – Expanded internal control documentation and testing requirements – Expanded reporting to include formal written reports on the consideration of internal control and the assessment of control risk – Expanded reporting to include whether the federal financial assistance has been administered in accordance with laws and regulations (compliance) – Application of single audit standards to federal financial assistance
Purpose & Types of Government Audits Financial audits – GAAP or OCBOA basis financial statements Attestation engagements (Expanded requirements) – Compliance with specified laws, regulations, rules, contracts, or grants – Effectiveness of internal control over compliance with specified requirements – Presentation of management’s discussion and analysis – Reliability of performance measures
Purpose & Types of Government Audits Performance audits – Effectiveness, economy, and efficiency – Internal control – Compliance – target population has been served
Effects of Laws & Regulations Management’s responsibility – Identification of applicable laws & regulations with compliance requirements – Establishment of internal controls, to provide reasonable assurance that the entity complies with those laws and regulations – Preparation of schedules of expenditures of federal awards – Obtain an audit that satisfies relevant legal regulatory & contractual requirements
Governmental Auditing Auditor’s responsibility – Obtaining reasonable assurance that the financial statements are free of material misstatement resulting from violations of laws and regulations that have a direct and material effect on the determination of financial statements amounts – Assessing whether management has identified laws & regulations that have a direct and material effect on the determination of amounts in the entity’s financial statements
GAAS Requirements for Compliance Audits Objectives – obtain sufficient evidence to form an opinion on whether the entity complied, in all material respects, with the compliance requirements applicable to its programs. Assumptions – Management will: – – Identify & comply with compliance requirements Maintain effective controls Conduct ongoing evaluation and monitoring Take appropriate corrective actions on audit findings
GAAS Requirements for Compliance Audits Overall standards – – – Perform a risk assessment Design responses to the risk assessment Determine if supplementary audit requirements exist Obtain written representations from management Prepare reports Prepare documentation Audit risk of Noncompliance model – Risk of material noncompliance • Inherent risk of noncompliance • Control risk of noncompliance – Detection risk of noncompliance Design responses to Risk Assessment – Tests of operating effectiveness may be required
GAAS Requirements for Compliance Audits Documentation – The assessed risk of material noncompliance – Responses to the risk assessment – The basis or rationale for materiality levels – Compliance with supplemental requirements See report on compliance page #51
Government Auditing Standards 1. 2. 3. 4. 5. Ethics Independence Professional judgment Competence Quality control considerations – external quality control review at least once every 3 years
Performing Under GAGAS ADDITIONAL standards for financial audits under GAGAS include: – Previous audits & attestation engagements – evaluate whether corrective actions have been addressed – Requires additional attention to fraud, noncompliance, and abuse – Developing a finding – includes criteria, conditions, cause and effect or potential effect – Audit documentation – evidence of supervisory review, document departures from GAGAS and the impact
Reporting Under GAGAS Reporting standards for financial audits under GAGAS include additional requirements (beyond GAAS) for financial audits 1. Include affirmative statement of compliance with GAGAS 2. Include in the same report or separate reports a description of the scope of testing of internal control over financial reporting and compliance with laws, regulations, contracts and grant agreements. State whether the tests provide sufficient evidence to support an opinion on the effectiveness of internal control over compliance.
Reporting Under GAGAS Reporting standards for financial audits under GAGAS include additional requirements (beyond GAAS) for financial audits (continued) 3. Communicate deficiencies in Internal Control, Fraud, and Non-compliance - Report to the appropriate members of the audited organization: • Fraud and non-compliance • Noncompliance with contracts • Abuse 4. Report views of Responsible Officials • Auditor should solicit & report the views of responsible officials along with any planned corrective actions • Written responses by the audited organization are included in the auditor’s report
Reporting Under GAGAS Reporting standards for financial audits under GAGAS include additional requirements (beyond GAAS) for financial audits (continued) 5. Reporting confidential or sensitive information • Audit reports should disclose the exclusion of confidential or sensitive information from an audit report • Auditors may issue separate, classified, or limited use reports that are distributed to only the persons authorized by law or regulation to receive the confidential information 6. Distribute reports • • Governance Officials Oversight bodies All others authorized
Opinion on F/S & Supplementary Schedule of Expenditures 1. Introductory paragraph – Stats name, F/S audited, date and periods. 2. Scope paragraph – states that the audit was performed in accordance with GAAS and GAGAS, describes an audit & asserts the audit provides a reasonable basis. 3. Opinion paragraph –opinion as to fair presentation 4. Disclosure paragraph – states that the auditor has complied with GAGAS and has issued a report on internal control over financial reporting and on tests of the entity’s compliance with laws & regulations. 5. Opinion on additional schedules required by the Single Audit Act (no part of F/S, was audited & is fairly stated)
Reporting Under GAGAS – Fraud & Illegal Acts GAGAS reporting requirements: – Consistent with GAAP – report that fraud or an illegal act has occurred, or is likely to occur. – Report to any of the following: • Top official • Governance • Oversight body – The report may be: • Included in the required audit reports • Presented as separate audit reports
Reporting on Internal Control GAGAS Requires the auditor to: – – Obtain an understanding of the design of relevant controls and determine whether they have been implemented Communicate all significant deficiencies (reportable conditions) noted during the audit, even those that are not material weaknesses GAGAS requires a written report on the auditor’s understanding of internal control and the assessment of control risk in all audits Significant deficiencies should be reported to specific legislative and regulatory bodies
Single Audits Entities subject to the Act: – Expend total federal assistance equal to or in excess of $750, 000 in a fiscal year Objectives: – – Audit of the entity’s financial statements & reporting on a separate schedule of expenditures of federal awards in relation to those financial statements Compliance audit of federal awards expended during the year as a basis for issuing additional reports on compliance related to major programs and on internal control over compliance
Single Audits – Auditor Responsibilities 1. Express an opinion on the fair presentation of the F/S in accordance with GAAP. 2. Express an opinion regarding the fair presentation of the Schedule of Expenditures of Federal Awards in relation to the F/S 3. Report on internal control over financial reporting and compliance with federal statutes, regulations, and the terms & conditions for the federal award 4. Report on compliance for each major program and report on internal control over compliance
Single Audits Materiality evaluation in a single audit includes a separate evaluation of materiality for each major program selected Determination of major programs
Program Specific Audits When a single audit is not required Do not incclude reports on the financial statements of the organization taken a s a whole
Pass Key Audits of an entire organization that include additional audit procedures on specific programs are called “single audits”. These audits include a report on the financial statements of the whole organization and audit reports on the specific programs Audits of specific programs are called “program audits” and do not include reports on the financial statements of the organization taken as a whole. Certain recipients under certain circumstances are permitted to have a program specific audit instead of a single audit
QUALITY CONTROL STANDARDS
Quality Control Standards AICPA Code of Professional Conduct System of quality control required to ensure that the firm complies with professional standards and appropriate legal and regulatory requirements, and that any reports issued are appropriate in the circumstances. Elements of a Quality Control System: Human resources Engagement acceptance and continuance Leadership responsibilities Performance of the engagement Monitoring Ethical requirements
Human resources Recruitment and hiring, determining capabilities and competencies, assigning personnel to engagements, professional development, and performance evaluation, compensation, and advancement Examples: 1. 2. 3. 4. 5. 6. Timely identification of staffing requirements Background check Evaluations Trainings Rotation On the job training
Engagement/client Acceptance & Continuance Policies & procedures for deciding whether to accept or retain a client. To avoid a client whose management lacks integrity Undertake only those engagements that the firm can reasonably expect to complete with professional competence Procedures: 1. 2. 3. 4. Reviewing financial statements Third parties Ability to service the client properly Reevaluating for continuance
Leadership Responsibilities for Quality Within the Firm Culture that emphasizes quality. Tone at the top! – – Quality should be emphasized over commercial considerations Performance evaluations, compensation, and advancement should demonstrate a commitment to quality. Sufficient resources should be devoted to developing, communicating, and supporting the quality control system. Those with operational responsibility for the quality control system should have appropriate experience, ability, and authority.
Performance Policies and procedures should be established to: • • • Achieve a consistently high level of performance (standardized documentation). Ensure supervision and revision. Maintain confidentiality. Allow consultation with experts. Provide a means to resolve differences of opinion. Perform engagement quality control reviews (before the engagement report is released).
Monitoring Policies & procedures should be established to provide the firm with reasonable assurance that its quality control system is relevant, adequate, operating effectively, and complied with in practice. Examples: 1. 2. 3. 4. Quality control reviews (inspections) Peer review –every 3 years AICPA members Wrap up or second partner review Performance of corrective actions
Monitoring Peer reviews • When one CPA firm reviews another CPA firm’s compliance with its quality control system. • Every 3 years for AICPA members • Purpose is to determine and report whether the CPA firm being reviewed has developed adequate policies and procedures for the elements of quality control and is following them in practice. • Upon completion, a report is issued with conclusions and recommendations. A firm that fails to take corrective actions is subject to sanctions.
Etical Requirements Independence – impartiality Integrity – honest Objectivity – free of conflicts Examples include: 1. 2. 3. 4. Records showing past employment & relatives Notifying client portfolio Confirming independence Emphasizing independence
Sarbanes-Oxley Act 02 Audit firms may not perform: – – – – – Bookkeeping Information systems Appraisals Actuarial services Internal audits Human resources Investment services Legal services Expert services unrelated to the audit
Sarbanes-Oxley Act 02 Audit firms may not audit public companies whose CEO, CFO has worked for the audit firm during the preceding year The lead partner and the reviewing partner must rotate every 5 years
Quality Control Policies Depend on: – – Size Organizational structure Complexity of its practice Cost benefit Communication – should be communicated to firm personnel (oral or in writing). Relationship between Auditing Standards & Quality Control Standards – – GAAS relate to the conduct of each individual audit engagement Quality Control Standards relate to the conduct of all professional activities of the firm’s practice as a whole.
Quality Control Policies Deficiencies: • Deficiencies or non compliance with a firm’s quality control standards do not necessarily indicate a lack of compliance with GAAS • Deficiencies in quality control for an individual engagement does not necessarily imply that the firm’s quality control system overall is insufficient.
Engagement Partner Responsibilities 1. The audit complies with standards and applicable legal & regulatory requirements. 2. The auditor issues a report that is appropriate. The engagement partner should: – Remain alert for noncompliance with ethical requirements – Form a cnclusion with independence requirements – Be satisfied that procedures regarding client acceptance have been followed – Be satisfied with competence & capabilities of personnel – Take responsibility for the performance of the audit and reviews – Be satisfied with audit evidence – Take responsibility for the engagement team
Engagement Quality Control Review The engagement quality control reviewer should not be part of the engagement team The review should be completed before the engagement partner releases the audit report Procedures: – Discussion of significant matters with engagement partner – Reading the financial statements and the auditor’s report – Review of audit documentation – Evaluation of conclusions
- Slides: 86