Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
152 Cards in this Set
- Front
- Back
sets standards that affect auditor
|
PCAOB/FASB
|
|
when does the SEC usually take action?
|
when the public gets concerned.... Congress tells SEC to do something
|
|
what org can regulate management?
|
SEC
|
|
who does the pcaob have power over?
|
just the auditors, NOT MANAGEMENT
|
|
Helps users of FS most accurately predict amount and timing of cash flows?
|
FASB
|
|
who regulates US public company auditors?
|
PCAOB
|
|
oversees management with respect to financial reporting
|
audit committee
- independent of management |
|
picks auditor to ensure trustworthiness and independence
|
audit committee / independent directors
|
|
post vs. pre-sox
hiring auditor |
pre - management
post - independent directors |
|
post vs. pre-sox
$$$ for FASB/PCAOB (used to be AICPA) |
FASB/AICPA used to get money from contributions from companies
now FASB/PCAOB get $$$ from tax on stocks |
|
who makes up AC?
|
3 independent of management
1 accounting expert |
|
In the UK…
|
• Auditors followed standards, but got blamed for not warning that banks were going to fail
• But the Bank of England was backing banks so was it really a going concern??? |
|
AS 16
|
auditor/audit committee communications
|
|
AS 16 required communications
|
• Accounting choices and alternatives, “quality” of accounting choices, estimate processes
• Discuss significant RMM, audit approach, use of “other auditors” accounting disagreements with management • Audit differences – booked or not • Any audit problems, significant “unusual transactions” and business basis for them • Any illegal acts or fraud / significant ICFR deficiencies • Ask audit committee about other illegal acts or fraud • Justify audit firm’s u to audit committee |
|
probability for disclosure-footnotes MW vs. SD
|
remote / reasonable possible / probable (70-100??)
|
|
who monitors on behalf of shareholders/all parties?
|
independent directors
|
|
IFAC
2 roles of directors |
1. performance
(monitor on behalf of SH/all parties) - value creation and resource utilization 2. Conformance (conform with laws, practices) - accountability assuacne |
|
The structure that is intended to make sure that the right questions get asked and that checks and balances are in place to make sure that the answers reflect what is best for the creation of long-term sustainable value
|
corporate governance
|
|
is corporate governance running a business?
|
no corporate business is making sure a business is run well
|
|
2 dimensions of corporate governance according to the IFAC
|
1. performance
2. conformance |
|
confident investor (world wide) wants...
|
- legal system to minimize probability of squander or theft of assets (US: sec, justice department, jail time, in top 25%)
- directors vigilant in protecting shareholder interest (debatable about US) - audits to verify information relevant to performance and future prospects of company (US really good) - fair voting on major decisions (US no, really hard to oust director) - freedom to sell shares easily (US yes, small transaction fee) |
|
objectives (wish list) for corporate governance
|
1. add value through.....
- transparency (disclosures, help others understand co) - encourage efficient and effective strategy and operations 2. conserve value through... - compliance with law and behavioral norms - early warning of problems - quick corrective action when needed Problem? these two conflict... to create and conserve value - won't try anything new (QB and interceptions) and hard to tell if investors messing up or not |
|
corporations and conflicts
|
- corporations as a person with limited liability, unlimited life, vague objectives and limited accountability (just to get #s right), operated by its managers for disperse (and transient) owners
- CEOs, once elected, control all strategic and operating decisions, directs, contracts, and gatekeepers; subject to oversight based on audited GAAP-based accounting - conflicts of interest are pervasive; design problem is converting conflict to alignment of interests! or how to balance - competence - conflicts of interest - commitment (effort - restrictive stock) |
|
should directors have a financial interest?
|
restrictive stock so they care if company does well
alignment of interest |
|
board member duties
|
• Select, compensative (motivate?), evaluate, and replace (if necessary) the CEO
• Advice and counsel CEO • Review strategies, plans, financials, given corporate objectives • Nominate board candidates, evaluate board of directors • Review adequacy of compliance systems for applicable laws and regulations |
|
Management is responsible for financial statements and has discretion to…
|
• Choose transactions in which to engage
• Choose methods to account for transactions and events • Choose how carefully to apply chosen methods • Choose to misapply methods ….and is motivated to manage reported earnings |
|
do SH own the corporation?
|
• No, they own rights to claims of net assets of the company
|
|
is gaap good for corporate governance?
|
it's indented to focus on LT and future cash flows BUT can lead to manipulation
|
|
constraints on corporate governance design
|
- free markets, voluntary contracts
- limited measurement criteria - public disclosure downside - limited statutory authority of SEC - market alternatives for capital, resources, products, and regulation |
|
who decides whether to record corrections?
|
CLIENT decides whether to record corrections, NOT THE AUDITOR
|
|
auditor's proposed corrections must be recorded to avoid an accounting qualification if they are...
|
1. individually material
2. material in the aggregate 3. qualitatively material (SAB 99) |
|
5 audit procedures to verify BV are valid
|
• Observe
• Inspect • Inquire • Reperform • Analyze |
|
EVOC
|
existence
valuation ownership completeness |
|
SAB 99
|
materiality if man correct no problem
if not consider 9 bullets and consider QUALITATIVELY MATERIAL |
|
SAB 99
9 bullets for qualitative |
1. hide trend change
2. manipulate earnings 3. meet target 4. profit sharing bonus 5.consensus forecasts 6. stock price 7. loan covenant 8. loss to profit 9. M a hard number |
|
Central to corporate governance and social control of corporations?
|
• Auditing FS using standardized accounting
|
|
Third (and new) demand for auditing
|
• As central to mandated corporate governance
|
|
Now central to understanding auditing practice?
|
• Regulation (and political economic theory)
|
|
Affect the cost and value of being an accountant
|
• Human nature, economics, law, technology, culture, and markets interact to
|
|
Three uses of standardized financial information
|
1. by management: to better run the business
2. by investors and creditors: to make investment and lending decisions (inform outsiders) 3. by those charged with governance: to make intervention decisions |
|
Is standardized world-wide financial reporting possible?
|
There’s no worldwide governing body, but business’ doing work globally want comparable numbers – lots of demand for this
|
|
how best to set global standards?
|
- individual national government mandates with convergence across nations
- global political group representation and voting *- independent experts, due process, independent over sign with voluntary national adoption - national government approved "global standard +" option - individual global network firm choice - let market decide |
|
other assurance standard
|
ISAE
|
|
IFAC standards
|
IAASB (ISAs auditing, ISAEs other assurance)
IESBA (ethics) IAESB (education) IPSASB (public sector accounting) |
|
PCAOB standards
|
AS (auditing)
AT (other assurance) Independence rules (ethics) QC standards |
|
Sarbanes-Oxley Act (2002)
Key US public company only provisions |
Regarding ICFR quality:
o 404(a) requires CEO and CFO evaluate and report upon ICFR o 404(b) requires audit and audit report on ICFR Management “certification” (not audited per se, but…_ o 302 “disclosure controls effective” o 906 financial statements “present fairly…” Independent audit committee to hire and fire audit firm Public company auditor inspections by PCAOB Management can’t lie to registered auditor |
|
404a
|
requires CEO and CFO evaluate and report upon ICFR
|
|
404b
|
requires audit and audit report on ICFR
|
|
302
|
management "certifications"
disclosure controls effective |
|
906
|
management "certifications"
financial statements "present fairly..." |
|
3 other SOX stuff
|
- independent AC to hire and fire audit firm
- public company auditor inspections by PCAOB - management can't lie to registered auditor |
|
Top 10 differences in design of IAASB and PCAOB
|
IAASB PCAOB
Global by design Some global influence via inspections or foreign filers (much more power, much less voluntary) Market-driven services (e.g., no ICFR audits – no std. unless mkt demnds) Statute-driven (domestic crisis politics as force) Public interest objective Investor protection objective Comprehensive (all assurance services, all entities, all auditors) Limited to financial & ICFR audits of US public companies Voluntary adoption (quality of stds, must be good or no adopt) Uses mandated by US law, no cost effective test Developed in sunshine Unknown- but not sunshine Diversity in members 3 non CPAs, 2 CPAs, stds staff Audit expertise on board (all) No expertise necessary Independent in selection, oversight, oath (only chairman paid) Staff is hired/paid by Board Independent oversight by PIOB Oversight by SEC personnel |
|
There are problems with and questions about standardized global financial reporting
• No single solution, but, Apparent demand for... |
- Market-driven mechanisms
- Expertise of independent public interest groups - Appropriate oversight at all levels with appropriate national government enforcement |
|
who does SAB 99 apply to?
|
both man and auditor
|
|
FCPA
|
foreign corrupt practices act
- management can't put out materially misstated financial statements |
|
untended consequence of PCAOB inspections?
|
double risk
- stop taking risky clients, punishment for partners |
|
Part 1
|
list of mistakes by engagement
public |
|
Part 2
|
about audit firm itself, across engagements, quality control
- private unless not fixed within 1 year |
|
China and PCAOB
|
• Chinese government won’t allow PCAOB to inspect audit of EY Taiwan (for example)
• PCAOB/SEC doesn’t like bc major part of group audit of a US company • Firm won’t give work papers bc might be killed • Won’t allow foreigners to access numbers • US gov hasn’t said give us, auditors can’t fix problem • Problem → big part of total audit uninspected (Can you rely on firm to monitor their own people?) |
|
Alternative to PCAOB inspections
|
• There are alternative ways of monitoring audit quality – for example, conducting “internal control audits” of audit firms’ internal quality control system supplemented by “substantive audits” of a few randomly selected audits
|
|
2 PCAOB embarrassments
|
1. Moore and Associates
o 321 clients, but still every 3 years, PCAOB not paying attention o no one on staff had been to college o 2 partners o 7th largest o SEC shut down 2. India o Company with biggest fraud ever in India’s history • Cash fraud, not looked at bc low risk accounts |
|
sets and inspects own standards
|
PCAOB
|
|
how many standards changed since PCAOB inspections began?
|
0
|
|
AS 11
|
materiality and tolerable misstatement
• Current PCAOB standard • Way shorter than IAASB (more how to, why) • Doesn’t give % • Good definition of terms • Short checklist → PCAOB wants inspectable bullet points • Big 4 manuals elaborate |
|
standards for group audits
|
PCAOB - none; AS 11 component materiality
IAASB - ISA 600 - group covers US public AICPA - AU-C 600 nonpublic |
|
™ =
must correct above.... |
⅓ of M for stmts as a whole
1/6 of M for individual accounts |
|
what applies to both management and auditors?
|
Only SEC stuff
so SAB 99 |
|
if FS are off by an immaterial quantitative amount are they wrong? What if management refuses to correct?
|
Not necessarily, must look at SAB 99
9 bullets for qualitative |
|
4. Does the auditor have a responsibility to plan the audit to detect quantitatively immaterial misstatements? What about correction of such misstatements, if discovered?
|
• No, unless knew fraud/error prone area
|
|
who does AS 11 apply to?
|
only auditors
|
|
Component Materiality
|
• Group audit
• Amount a component can be misstated without the whole being off • Misstatement allowed in 1 group so that total not materially misstated |
|
Tolerable misstatement
|
• Amount an account balance can be off without making total misstated
• ½ M* |
|
Internal Control Components (per COSO)
|
Group/entity level controls
- Control environment – overall context of control process - Monitoring – analysis of functioning of other components of internal control Process Level - Risk assessment – identification, sourcing, and sizing of threats - Control activities – policies and procedures to reduce likelihood that risk will exceed acceptable limits - Information and communication – systematic transfer of information within and outside the entity |
|
How can group auditor reliably assess RMM for a component?
|
• internal auditor and tests of entity-level “controls over controls” (internal audit process and test group controls)
• Test of group’s controls over component ICFR and internal audit across the group as a whole • Analytical procedures for component as a whole (do #s seem reasonable?) |
|
an audit is of high quality when
|
all professional and ethical and auditing standards are met
|
|
Why are there initiatives for AQI’s and how will they work?
|
• IAASB → if you can’t define AQ, how do you measure it?
• PCAOB → shouldn’t inspectors already know AQ? Here’s what AC should look for, but can’t release inspection report client specific information o Encourage AC to ask their auditor • CAQ → center for audit quality; organization started after PCAOB; lobbying group; represent AICPA; first to put out CAMs; usually do stuff fist and IAASB and PCAOB tweaks and adopts |
|
Complications in evaluating Audit Quality
|
• Audits and auditors are economically motivated and pressured – motivation and pressures matter
• Underlying correctness of FS is unobservable and uncertain – uncertainty and risk matter • Audits are idiosyncratic – differences matter • Economical audits involve systematic processes – process matters • Audits involve judgment – judgments differ along multiple dimensions across context and time frame |
|
IAASB says… audit quality
|
• Quality audit when audit opinion can be relied upon because it was based on sufficient appropriate evidence from an engagement team with:
o Appropriate values, ethics, attitudes o Sufficient knowledge, experience, and time o Rigorous audit process and QC procedures o Valuable and timely audit report o Appropriate interactions with stakeholder You can’t really argue with this definition, but very vague/nonspecific • Doesn’t seem to help much |
|
GAO says…
|
• An audit performed in accordance with GAAS to provide reasonable assurance that FS and disclosures are presented in accordance with GAAP
• So… material deviations from GAAS (or GAAP?) are presumed to reflect poor audit quality → restatements of previously released audited financial statements may mean poor audit quality |
|
AS 2
|
IC audits
|
|
AS 5
|
change AS2 (IC)
|
|
PCAOB says…
AQ |
• Nothing about AQ, but
• An audit failure is: a deficiency of such significance that the audit firm failed to obtain sufficient appropriate evidence to support its audit opinion (in other words, there is no “safe harbor” on quality”) • Thus, a single inspections comment = a “low quality audit”? o Bad regulator? Bc now more failures than when started |
|
Academia says....
AQ |
• The “market-assessed joint probability that a given auditor will both discover and report a breach in the clients accounting system”… when breach exists!
• Requires: competence, effort, objectivity, professional skepticism, independence • Implicitly assumes that a “breach” is a GAAP violation and GAAP is relevant |
|
AU 320
|
professional skepticism
|
|
Professional Skepticism – AU 320
|
• Questioning mind
• Critical assessment of evidence Examples • Willingness to challenge management • Understand management’s motives • Alert for evidence that is inconsistent • Assessment of presumed honesty should not override inconsistent evidence |
|
PCAOB: Auditor’s skepticism weak for
|
• Areas of significant management judgment
• Areas of greatest uncertainty • Transactions outside of normal course of business o Non-recurring transactions, financing activities, related party transactions, considerations of fraud |
|
“Accounting Estimates” are required to...
|
• reduce receivables and inventory to their net realizable values
• determine accrual for warranty claims • determine useful lives or expected pattern of future benefits from depreciable assets • determine likely future costs to reorganize • record provision for possible loss from litigation • determine “fair value” of financial assets • ….among other examples |
|
Auditing Directly vs. Indirectly
|
• Count the beans
• Review the bean counting procedures • Review subsequent events to assess BV of beans at balance sheet date Which is best as to evidence? • Quantities – best evidence is go count yourself • Condition/MV – bean expert • FV of contract – specialized, rely more on management’s knowledge |
|
Human Judgments differ (a lot) given:
|
• Available information
• Available models for information integration • “judge’s” knowledge, training, incentives, personality/inclinations, whose side on? • time the judgment is being made; retrospective? • Who gets to move first o BVs, FV models, ICFR= SD or MV?; anchoring |
|
3 ways to audit fair values
|
1. testing management’s specific assumptions, the valuation model, and the underlying data
o discounted CF; interest rates o confirmation bias, just look at management’s first – sways you 2. developing independent FV estimates for corroborative purposes o most rigorously and reliable o really hard, lots of info they don’t have o time consuming and costly 3. review subsequent events and transactions |
|
AU 328
|
FV audits
|
|
PCAOB Meeting Last Week
|
• Inspections → motivation problems of inspections/preserve incentives/need for some random-based selection
• Audit Reporting Model → likely to re-expose given comments being received • Audit standards setting → behind schedule and some are open to a change in process • Center for economic analysis → cost benefit test for standards to be addressed by research • Monitoring EC/FRC/IAASB developments → on tendering, joint audits, audit reports, engagement partner naming • Consulting by global network firms → concern for both audit and non-audit clients (audit fees = 18% of total fees for one large firm) |
|
what are AS?
|
new auditing standards
16 |
|
what are AU?
|
old auditing standards
written by AICPA in early 2000s |
|
ICFR helps →
|
intentional employee and unintentional
|
|
ICFR doesn’t help much →
|
intentional management
• Controls designed by management so they can override • Controls designed by management to make sure employees are not steeling / making mistakes |
|
PFR
|
pervasive factors risk
o Design, walkthrough, operating effectiveness o Weak controls |
|
404(a)
|
• assess ICFR
• annual • audited? Yes/no • 2004 if MKTfloat > 75M |
|
302
|
• certify disclosure controls and procedures
• interim and annual • audited? NO o except AU 550 • auditor read all other stuff filed with 10-K matches up with what financial statements say; don’t audit info, but make sure it matches • 2003 |
|
906
|
• financial statements
• fairly presented • interim (10-Q) and annual (10-K) • Audited? Yes • 2002 |
|
AU 550
|
• auditor read all other stuff filed with 10-K matches up with what financial statements say; don’t audit info, but make sure it matches
|
|
COSO
Internal control includes: |
1. Effectiveness and efficiency of operation
2. Financial reporting 3. Compliance with laws and regulations |
|
Components (criteria for ICFR in US per PCAOB):
|
Entity Level
- Control environment - Monitoring Process Level - Risk assessments - Control activities - Information and communication |
|
a lot less ___ if you can rely on controls
|
DR
- large clients |
|
if you can't rely on controls...
|
lots of vouching/counting
|
|
what has to be done with MW?
|
don't have to correct
just have to disclose |
|
direct costs of SOX 404(a) and (b)
|
1. audit fees
2. consultant fees 3. employee ICFR review and remediation |
|
SOX 404(a) and (b) costs and potential disclosure benefits
Disclosure Benefits |
• Lower cost of debt
• Lower cost of equity (about 1%) • Customer/supplier trading benefits • Labor terms benefits |
|
Internal Benefits of SOX 404(a) and (b)
|
• Audit committee effort/confidence
• Better day-to-day operating decisions; less employee fraud |
|
A deficiency in ICFR exists when
|
design or operation of a control does not allow management or employees, in the normal course of duties, to prevent or detect (any possible) misstatement on a timely basis
|
|
• Design deficiency exists when
|
control is missing or improperly designed
|
|
• Operation deficiency exists when
|
properly designed control is not operating as designed or person operating the control has inadequate authority or competency
|
|
Significant Deficiency →
|
is less than a material weakness, yet important enough to mention to those charged with oversight of ICFR
|
|
Material Weakness →
|
a deficiency or combination thereof, such that there is a reasonable possibility that a material misstatement of annual or interim financial statements not prevented or detected on a timely basis
|
|
ICFR limitations – AS 5
|
1. HUMAN FAILURES due to lack of diligence or compliance and to carelessness, distraction, mistakes of judgment, misunderstanding instructions
2. COLLUSION of lower management or an employee with insiders or outsiders to circumvent controls 3. Improper MANAGEMENT OVERRIDE of ICFR |
|
Auditor reports ICFR…
• Deficiencies |
management
|
|
Auditor reports ICFR…
• Significant Deficiencies |
o management and audit committee (if not top management involved)
o audit committee (if top management involved) |
|
Auditor reports ICFR…
• Material Weaknesses |
o Audit committee (even if weakness is incompetent or ineffective audit committee)
o and disclose MW in annual audit report on ICFR |
|
audits of internal controls are what kind?
|
direct assurance engagement
|
|
Financial Statement Audit Report (reasonable assurance)
Responsibilities → |
statements are management’s… we express an opinion based on our audits
|
|
Financial Statement Audit Report (reasonable assurance)
Scope → |
audit according to PCAOB standards to obtain reasonable assurance that… statements are free of material misstatement (test checking, assess account principle uses, and estimates)
|
|
Financial Statement Audit Report (reasonable assurance)
Opinion → |
in our opinion, statements presented fairly in all material respects in compliance with GAAP
|
|
Financial Statement REVIEW Report (limited assurance)
Scope → |
we have reviewed… (F/S) are the responsibility of management
|
|
Financial Statement REVIEW Report (limited assurance)
Procedures → |
review in accordance with PCAOB standards… analytical procedures and inquiry of those… less than an audit… therefore, we express no opinion
|
|
Financial Statement REVIEW Report (limited assurance)
Opinion → |
based on our review, we are not aware of any modification that should be made… to be in conformity with GAAP
|
|
INTERNAL CONTROL AUDIT REPORT (reasonable assurance/direct)
Intro → |
we have audited the effectiveness of Co’s ICFR as of 12/31/13 based on COSO
|
|
INTERNAL CONTROL AUDIT REPORT (reasonable assurance/direct)
Opinion → |
in our opinion, Co maintained effective ICFR as of 12/31/13… based on (COSO)
As of a date: not saying good all year or will be good going forward |
|
INTERNAL CONTROL AUDIT REPORT (reasonable assurance/direct)
Inherent limitations → |
because of its inherent limitations, ICFR may not prevent/detect material misstatements
|
|
INTERNAL CONTROL AUDIT REPORT (reasonable assurance/direct)
Definition → |
ICFR is a process designed to…
|
|
INTERNAL CONTROL AUDIT REPORT (reasonable assurance/direct)
Scope → |
audit provides reasonable assurance… in accordance with PCAOB standards
|
|
Testing Identified Controls – AS 5
Testing Operating Effectiveness |
• Is the control operating as designed?
• Test via: inquiry of personnel, observation of operations, document inspection, re-performance of control |
|
Testing Identified Controls – AS 5
Testing Design Effectiveness |
• If operated by persons of authority and competence, would control prevent/detect material misstatement?
• Walkthroughs that include inquiry of personnel, observation of operations, and document inspection are ordinarily sufficient to evaluate design effectiveness! |
|
ICFR reporting under AS 5
|
Material Weakness if it results in a reasonable possibility of a material misstatement of… FS
(material weakness if based on potential for or occurrence of material misstatement) In forming opinion on IC, the auditor considers: • Auditor’s evaluation of ICFR design and tests and operating effectiveness • Auditor’s financial statement audit results (i.e., do detected misstatements suggest MW in ICFR?) Auditor issues adverse ICFR opinion if material weaknesses exist OR a disclaimer if a scope restriction (or withdraw from engagement) |
|
Alternative for ICFR audits (cheapest and least effective first)
|
1. comply or explain why not / audit or not = AU 550 if management says “we comply” when clearly don’t
o Voluntary guidelines – do or explain why don’t 2. nothing from management/enhanced control disclosure (i.e., source all misstatements to cause and include findings as auditor commentary) o Auditor keeps track and lets public know about MW 3. SOX 404 (a) Management report / enhanced control disclosure o Management self evaluate; avoid full IC audit 4. SOX 404 (A) management report / entity-level ICFR audit with enhanced control disclosure o If entity good then can ignore procedures |
|
FV audit problem
|
wiggle room (range) is more than materiality
|
|
AICPA and PCAOB differ now because of...
|
IC audits
|
|
4 constants
|
information quality (value) depends on decision maker's perception of ....
- measurement method relevance - care in measurement process - trustworthiness of measurement display audit firm structure public expectations and politics as fire alarm trigger |
|
why did big 8 merger?
|
based on audit methods
|
|
2003-2013: PCAOB Decisions and Problems
|
• Decision to set own standards “in house”
• Decision to inspect partial engagement on “double risk biased” selection • Decision to base need for standards revision on inspections rather than feedback from audit firms and independent experts • Regulator objectives and competition • Current proposals |
|
standard setter vs PCAOB objectives
|
Standards Setters’ Objectives
• Maximize value of CPA while maintaining public interest • Time pressure to get job done bc not paid big bucks and part time PCAOB Objectives • Oversea audits of public companies in order to protect interest of investors and further public interest in the preparation of informative, accurate, independent audit reports • Std setters are full time and mostly not in audit business • No big mess up until I get off board, no vested interest bc not auditors |
|
3 expectation gaps
|
fraud
going concern fv |
|
3 problems
|
product mix
litigation structure |
|
3 fundamental roles for assurance
|
ensure running co well
inform others raising cap corp gov |
|
• at least three proposals each for
|
audit firm rotation, naming audit participants, disclosure of audit methods, and scope of services limits – all focused on “issuer pays” independence problem
|
|
formular for ICFR audit risk
|
no simple formula like AuR=IR x CR x APR x TDR
OR in concept ICFR AuR = f ( IR, DRCdesign, DRCoper, DRmisstatement) |
|
3 test or procedures the auditor apply for an integrated audit of a client's ICFR under AS 5
pros and cons of each |
1. source all misstatements as to cause and note if MW
+ cheap, catches most companies MWs - doesn't catch MW if no mistakes found 2. test control DESIGN effectiveness + may find MW reasonably possible even if 0 mistakes - requires experiences auditor to work 3. test control OPERATING effectiveness + audit staff may find good control not applied - can be costly to apply and imprecise |
|
AU 550
|
read all documents that accompany audited FS such as in 10-K and if any material statements of fact or materially misleading statements are found, withhold opinion until resolved
important bc SOX requires management statements in 10-K about MW via 404(a) and 302 - even if there is no 404(b) audit of ICFR |
|
measurement criteria
ICFR under AS5 |
COSO
|
|
assurance standards
ICFR |
PCAOB/AS 5
|
|
ICFR report
auditor finds theoretical MW in ICFR design by company argues no and no misstatements have even been detected |
adverse
|
|
ICFR report
Co reports effective ICFR but auditor didn't audit ICFR but FS correct |
not applicable - no report
|
|
ICFR report
MW found 12/31/11 auditor found no MW for 2012, auditor believes SD in 2012 |
none
|