Slide Heading - PowerPoint PPT Presentation

slide heading n.
Skip this Video
Loading SlideShow in 5 Seconds..
Slide Heading PowerPoint Presentation
Download Presentation
Slide Heading

play fullscreen
1 / 131
Slide Heading
Download Presentation
Download Presentation

Slide Heading

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Slide Heading AGA Winter Seminar Auditing Standards Update January 10-11, 2013 Jerry E. Durham, CPA, CGFM, CFE Division of Local Government Audit

  2. Auditing Standards • Two different types of Standards: • GASB Standards = GAAP • How do I report numbers on the Financial Statements • Auditing Standards • How do I perform the audit of the numbers 2

  3. Auditing Standards • Auditing Standard Setters: • How many? • 1 • 2 • 3 • 4 • 5 3

  4. Auditing Standards • Standards Setters: • AICPA/ASB = Generally Accepted Auditing Standards = GAAS • GAO = Government Auditing Standards = Yellow Book = GAGAS • OMB = Single Audit Standards = A-133 Standards 4

  5. Auditing Standards • Standards Setters (cont’d): • IFAC/IAASB = International Audit Standards = ISAs?? • PCAOB/SEC = Standards for Publicly Traded Companies = AS?? 5

  6. Auditing Standards • Why have Standards? • What if an inch was not an inch or a pound was not a pound? • What if a size 10 was really a size 2? • What if CPAs could perform audits any way they wanted to? • Many auditing standards are driven by audit failures. 6

  7. Auditing Standards • History: • Prior to 1917, Verification Audits of the Balance Sheet without standards. • 1917-18, First Standards for Balance Sheet Audits (FTC and FRB) “Approved Methods for the Preparation of Balance-Sheet Statements” by AIA. 7

  8. Auditing Standards • History: • 1929, “Verification of Financial Statements” which included the income statement (i.e. Financial Statements) • 1936, Outline of examination of financial statements of a small or moderate size company, “Examination of Financial Statements by Independent Public Accountants”. (i.e. “Examination” rather than “Verification”) 8

  9. Auditing Standards • History: • 1939, “Extensions of Auditing Procedure”, included Statement No. 1 of the Committee on Auditing Procedure, guide auditors in using judgment. • 1941, “Statements on Auditing Procedure” • 1951, 24 Statements were issued in a “Codification of Statements on Auditing Procedure” 9

  10. Auditing Standards • History: • 1954, “Generally Accepted Auditing Standards – Their Significance and Scope” was published which changed the focus to “Standards” as opposed to “Procedures”. • 1963, “Statement on Auditing Procedure No. 33” was issued. It consolidated all previous standards and procedures. 10

  11. Auditing Standards • History: • 1972, Statement on Auditing Standards “(SAS) No. 1, Codification of Auditing Standards and Procedures”. • 1978, Auditing Standards Board was created. • 2002-2004, Sarbanes-Oxley Act was passed and the AICPA officially recognized PCAOB’s authority for publicly traded companies. 11

  12. Auditing Standards • History: • 2011, the ASB issued SAS No. 122, Statements on Auditing Standards: Clarification and Recodification (already amended) • More to come, already up to SAS 126. 12

  13. Auditing Standards • Just an Opinion: • Mark Funkhouser, former Kansas City Auditor and Mayor, now Director of Governing Institute said, auditors know how to audit, just do what you know is right (paraphrased) • My question? Do you think the standards hinder us from doing that? 13

  14. Auditing Standards • Just an Opinion: • Bottom line, we must have standards or our audits have little meaning to “professional” and “other” users of our financial statements. • But how do you do that with so many standard setters? • You have to be good at blocks! 14

  15. Auditing Standards • ? • A-133 requires a Yellow Book audit and adds to the standards required by the Yellow Book. • The Yellow Book incorporates the SASs by reference and adds to those standards. • The ASB establishes the SASs. SAS 117 Specifically deals with Compliance (A-133) Audits 15

  16. Yellow Book

  17. Must & Should Word Count

  18. Yellow Book Generally Accepted Government Auditing Standards (GAGAS) incorporates by reference the AICPA Statements on Auditing Standards (SAS). GAGAS includes additional standards for Financial Audits and Attestation Engagements. GAGAS establishes Performance Audit Standards for Governments. 18

  19. Yellow Book GAGAS does not cover nonaudit services, which are defined as professional services other than audits or attestation engagements. Therefore, auditors do not report that the nonaudit services were conducted in accordance with GAGAS. 19

  20. Chapter 3 General Standards 20

  21. General Standards 21

  22. General Standards Chapter 3 Independence 22

  23. Independence • In all matters relating to the audit work, the audit organization and the individual auditor must be independent. • Independence of Mind • The state of mind that permits the performance of an audit without being affected by influences that compromise professional judgment, allowing the individual to act with integrity and exercise objectivity and professional scepticism. 23

  24. Independence • Independence in Appearance • The absence of circumstances that would cause a reasonable and informed third party, having knowledge of the relevant information, to reasonably conclude that the integrity, objectivity, or professional scepticism of an audit organization or member of the audit team had been compromised. 24

  25. Independence 25

  26. Independence • New approach combines a conceptual framework with certain rules (prohibitions) • Outcome generally consistent with the International Federation of Accountants (IFAC) and AICPA • Certain prohibitions remain • Generally consistent with Rule 101 AICPA • If a threat, but not prohibited • Apply the conceptual framework 26

  27. Independence Threatscould impair independence • Do not necessarily result in an independence impairment Safeguards could mitigate threats • Eliminate or reduce to an acceptable level • Not all threats can be eliminated

  28. Independence Conceptual Framework Allows the auditor to assess unique circumstances Incorporates the familiar categories from 2007 YB Personal Impairments External Impairments Organizational Impairments Two Overarching Principles: Can’t assume management responsibilities Can’t audit your own work

  29. Independence Seven Categories of Threats Self-interest threat Self-review threat Bias threat Familiarity threat Undue influence threat Management participation threat Structural threat

  30. Independence Conceptual Framework Approach (cont’d) Self-interest threat = the threat that a financial or other interest will inappropriately influence an auditor’s judgment or behavior. Self-interest examples 30

  31. Independence Conceptual Framework Approach (cont’d) Self-review threat = the threat that an auditor (organization) that has provided nonaudit services will not appropriately evaluate the results of previous judgments made or services performed when forming a judgment significant to an audit. Self-review examples 31

  32. Independence Conceptual Framework Approach (cont’d) Bias threat = the threat that an auditor will, as a result of political, ideological, social, or other convictions, take a position that is not objective Bias examples 32

  33. Independence Conceptual Framework Approach (cont’d) Familiarity threat = the threat that aspects of a relationship with management or personnel of an audited entity, such as a close or long relationship, or that of an immediate or close family member, will lead an auditor to take a position that is not objective Familiarity examples 33

  34. Independence Conceptual Framework Approach (cont’d) Undue influence threat = the threat that external influences or pressures will impact an auditor’s ability to make independent and objective judgments Undue influence examples Undue influence examples 2 34

  35. Independence Conceptual Framework Approach (cont’d) Management participation threat = the threat that results from an auditor’s taking on the role of management or otherwise performing management functions on behalf of the entity undergoing an audit Management participation examples Management participation examples 2 35

  36. Independence Conceptual Framework Approach (cont’d) Structural threat = the threat that an audit organization’s placement within a government entity, in combination with the structure of the government entity being audited, will impact the audit organization’s ability to perform work and report results objectively (Paragraphs 3.28, 3.29, 3.30) Structural examples 36

  37. Independence • Conceptual Framework Approach (cont’d) • Structural threat is mitigated by: • The audit organization is placed within a different branch of government from that of the audited entity. • Head of the audit organization is appointed by a legislative body, subject to removal by a legislative body, and reports the results of audits to and is accountable to a legislative body. • Other statutory protections. (See 3.30) 37

  38. Independence • Conceptual Framework Approach (cont’d) • Management participation/structural threat is created by: • An audit organization’s principal serving as a voting member of an entity’s management committee or board of directors, making policy decisions that affect the future direction and operation of an entity’s programs, developing or approving programmatic policy, authorizing entity transactions. 38

  39. Independence GAO will retire current Government Auditing Standards: Questions andAnswers to Independence Standard Questions guidance

  40. Independence Question 46 in the Yellow Book Q & A will no longer be available for demonstrating independence under the yellow book (dealt with preparing financial statements)

  41. Independence • Certain nonaudit services may be permitted: • First, determine if there is a specific prohibition • If not, the auditor should assess the nonaudit service’s impact on independence using the conceptual framework

  42. Independence • Management should take responsibility for nonaudit services performed by the auditors • Auditors should document their understanding with management regarding the nonaudit service • Auditors should assess and document whether management possesses suitable skill, knowledge, or experience to oversee the nonaudit service (SKE)

  43. Independence Otherwise no safeguard could reduce the threat to an acceptable level Preparing F/S May be permissible provided • Management possesses suitable • Skills, • Knowledge, “or” • Experience To evaluate the adequacy and results of the services performed Consistent with AICPA ET 101–3

  44. Independence Bookkeeping Services May be performed provided the auditor does not: • Determine or change journal entries, account codings or classifications for transactions, or other accounting records without obtaining client approval • Authorize or approve transactions • Prepare source documents • Make changes to source documents without client approval Consistent with AICPA ET 101-3

  45. Independence • Division of Local Government Audit • 2011 Yellow Book • Threats to Independence and Safeguards to the Threats AICPA Safeguards Examples AICPASKE Examples AICPA Case Study Form 105, Safeguards to Independence

  46. Independence • Providing Nonaudit Services • Crucial Point: The individual designated to oversee nonaudit services is not required to possess the expertise to perform or reperform the nonaudit services. (Paragraph 3.34) 47

  47. PPC Analysis Before and After 2007 Yellow Book – PPC Analysis

  48. PPC Analysis Before and After Before: 2007 Yellow Book Ethics Interpretation 101-3 allows the Government to designate an individual who possesses SKE to oversee nonattest services. However, Possessing SKE to over see a service requires a lower level of technical knowledge than the competence criteria in SAS 115. Practitioners Publishing Co. Scan

  49. PPC Analysis Before and After After: 2011 Yellow Book Same! Ethics Interpretation 101-3 allows the Government to designate an individual who possesses SKE to oversee nonattest services. However, Possessing SKE to over see a service requires a lower level of technical knowledge than the competence criteria in SAS 115.