AUD Pt I - Ethics, Resp, Prof Conduct Flashcards
Overview of creation of GAAS
AICPA - ASB - SAS (AU-C)
What is an issuer / nonissuer?
Company that files/doesn’t file with SEC
What are the 3 preconditions of an audit engagement?
1) An appropriate framework chosen & applied
2) Mgmt acknowledges and accepts responsibility
3) Consider matters affecting nature, timing & scope, & objectivity
What is the yellow book?
GAGAS (Gen Acc Govt Aud Stds)
What does the Single Audit Act cover?
A financial and compliance audit of federally granted programs
Who is the authoritative body of the Single Audit Act?
OMB (Office of Management and Budgeting)
What are the classifications & effects of an auditee under the Single Audit Act?
High risk (audit 40% of expenditures) and low risk (audit 20% of expenditures)
What are the classifications & effects of programs under the Single Audit Act?
Type A and Type B
What is a performance audit?
An audit (of gov’t entities) that evaluate the entity’s efficiency and effectiveness
What is the Cognizant Agency Concept, and who created it?
One agency represents all others when dealing with grantees in common areas
The OMB
What is a compliance audit?
Audit to ensure gov’t entity is in compliance and measure risk of noncompliance
What does SSARS stand for, and who created it?
Statements on Standard for Accounting and Review Services
The ARSC (Accounting and Review Services Committee)
What are the 4 sections of SSARS and their topics?
Section 60 - General Principles
Section 70 - Preparation Engagements
Section 80 - Compilation Engagements
Section 90 - Review Engagements
What all does a CPA provide under a SSARS Section 70 Engagement?
No report, no assurance, no opinion/conclusion
When does a SSARS Section 70 engagement not apply? (8)
(SSARS Section 70 = Preparation Engagement)
1) When also contracted for attestation engagement
2) preparing info for tax authorities
3) personal financial statements prep
4) litigation services
5) business valuation services
6) maintaining client schedules (depr, etc) / bookkeeping
7) preparing/proposing adjustments
8) drafting F/S notes
What all does a CPA provide under a SSARS Section 80 Engagement?
Report, no assurance, no opinion/conclusion
What all does a CPA provide under a SSARS Section 90 Engagement?
Report, limited assurance, conclusion
What are two other relevant standard for SSARS engagements?
AICPA Code of Professional Conduct
SQCS - Statements on Quality Control Standards
For Nonissuers, what does GAAS say about interim F/S reviews?
Allowed if conducted by firm’s current annual auditors
For Issuers, what does GAAS say about interim F/S reviews?
Allowed, but if conducted, must submit to SEC
What is an attestation engagement?
An engagement where a report is issued
What are the standards for attestation engagements?
SSAE - Statements on Standards for Attestation Engagements
What are 3 attestation engagements?
1) Examinations
2) Reviews
3) AUP - agreed upon procedures
What are two types of examination engagements under SSAE?
1) Assertion-based (express opinion on party’s assertions)
2) Direct (accountant does not rely on client)
What all does a CPA provide on AUP engagements?
A report, but no opinion or conclusion
What must a CPA do additionally for SSAE engagement reports for issuers?
Include city and state of accountant on report
What does IESBA stand for?
International Ethics Standards Board for Accountants
What is the layout of the AICPA Code of Professional Conduct?
Preface - Principles
Part I - Public CPA’s
Part II - Industry CPA’s
Part III - all other members
Under the AICPA Code, what are the 6 Principles of Professional Conduct?
1) Auditor’s General Responsibilities
2) Public Interest
3) Integrity
4) Objectivity
5) Independence
6) Due Care
What is the Conceptual Framework of the AICPA Code of Professional Conduct?
Identify and evaluate threats to noncompliance, then mitigate threats by identifying and implementing safeguards to an acceptable level
What are 7 threats to noncompliance with the AICPA Code of Professional Conduct?
1) Adverse Interest
2) Advocacy
3) Familiarity
4) Mgmt participation
5) Self-interest
6) Self-review
7) Undue Influence
What are 3 categories of Safeguards for public CPA’s under Part I the AICPA Code of Professional Conduct?
1) By profession
2) By client
3) By firm
What are 2 categories of Safeguards for public CPA’s under Part II the AICPA Code of Professional Conduct?
1) By profession
2) By employer
What is the standard of “acceptable level” under the AICPA Code of Professional Conduct?
An objective third party
Who does the Independence rules of the AICPA Code of Professional Conduct apply to?
Public Members
What are 5 threats to independence under the AICPA CPC?
All are financial-based
Unpaid fees, direct financial interests, indirect material financial interests, employment or association with client, non-audit services.
What type of service is generally not included in independence threats?
Advisory services
Who, outside of a member, does the AICPA CPC Independence Rules apply to ?
Immediate family (and sometimes close relatives)
What is the General Standards Rule under the AICPA CPC? (4 stds)
While performing professional services, a member must exercise:
professional competence,
due professional care,
proper planning and supervision, and
obtain sufficient relevant data to support conclusions.
What is the Compliance with Standards Rule under the AICPA CPC?
A member who provides professional services must comply with relevant standards.
What is the Accounting Principles Rule under the AICPA CPC?
A member must follow relevant principles and standards for performing professional standards.
What is the Acts Discreditable Rule under the AICPA CPC?
A member shall not perform acts discreditable to the profession.
What are at least 4 discreditable acts under the AIPCA CPC? (not all-inclusive)
Withholding client records, inserting indemnification agreements in engagement agreements, sharing employer confidential information, false self-advertising.
What are the rules regarding furnishing client records?
1) Client is entitled to the records they provided, CPA-prepared schedules to F/S, and engagement deliverables.
2) They are not entitled if such records are incomplete, fees are outstanding, their is ongoing litigation with the client, etc.
3) The CPA is allowed to charge reasonable fees to produce records, and retain copies of records.
4) The records should be produced as soon as practicable, and within 45 days.
What is the Confidential Client Info Rule under the AICPA CPC?
Members cannot disclose confidential info without client consent.
What are Contingent Fees Rules under the AICPA CPC?
1) Prohibited for assurance and tax engagements (paraphrased)
2) Certain instances are allowed
What are the Commission and Referral Fees Rules under the AIPCA CPC?
1) Prohibited for assurance and tax engagements (paraphrased)
2) Otherwise allowed if disclosed
What is the Organization Form & Name Rule under the AIPCA CPC?
Don’t be misleading
What is the Conceptual Framework under the AIPCA CPC?
Threats - safeguards must equal an acceptable level
What was the objective of the 1933 Securities Act?
To provide information and prohibit misrepresentation and fraud in securities sales
What does the 1933 Securities Act regulate?
Public offerings of securities
What are the requirements under the 1933 Securities Act?
A company must file a registration statement and investor prospectus.
What are 5 exemptions of registration for security sales under the 1933 Securities Act?
1) Regulation D Rule 504 (private sales under $5 million)
2) Regulation D Rule 506 (restricted securities to accredited investors)
3) Bank, government, and charity stocks
4) In-state stock sales
5) Letter stock (private insiders)
What does Section 11(A) of the Securities Act of 1933 say in regard to litigation liability?
CPA is liable to any THIRD PARTY investor WITHOUT REGARD TO PRIVITY for FALSE MATERIAL statements or omissions in INITIAL REGISTRATION FILINGS due to fraud or SIMPLE NEGLIGENCE
All BURDEN OF PROOF ON CPA to establish innocence
What is the phrase that summarizes CPA responsibilities according to Section 11(A) of the Securities Act of 1933?
A CPA owes third parties a due diligence standard of care
Who does the burden of proof fall upon for litigations under the Securities Act of 1933 Section 11(A)?
CPA: burden to prove innocence
What are a CPA’s defenses (7) to a lawsuit under the Securities Act of 1933 Section 11(A)?
1) F/S true and not misleading
2) Misstatement is immaterial
3) Registration records were not relied upon (other records)
4) CPA used due diligence
5) plaintiff knew falsity
6) damages are unrelated to records
7) 3-year statute of limitations has passed
What did the Securities Exchange Act of 1934 create?
1) The SEC
2) Requirement for additional filings to SEC
What is the purpose of the SEC?
To regulate public securities
What are the additional filings required under the Securities Exchange Act of 1934?
10-K annual audited reports
10-Q quarterly reports
8-K current report
Proxy statements
What is required in an 8-K current report?
A disclosure of major subsequent events within 15 days of occurrence
What does Rule 10b-5 of the Securities Exchange Act of 1934 say?
Fraud and deceit of securities purchases is prohibited
Scienter must be proven to reach a CPA in litigation
What does Section 18 of the Securities Exchange Act of 1934 say in regard to litigation liability?
A CPA is liable to THIRD PARTIES for FALSE/MISLEADING statements in ALL REQUIRED SEC FILINGS
SCIENTER must be proven to reach CPA
Third party must establish RELIANCE, PRICE of security AFFECTED by false statement, and DAMAGES
When was the Dodd-Frank Act established?
2010
How does the Dodd-Frank Act affect auditors?
No specific rules for auditors, but amends prior regulation applicable to their work
What 6 areas did Dodd-Frank Act of 2010 affect & reform?
SEC & PCAOB
Investor protections
Asset securitization process
Credit rating agencies
Corporate governance
Municipal Securities
How did the Dodd Frank Act of 2010 affect the SEC? (5)
Increased size, offices, authority and powers of SEC
Added whistleblower protections
Allowed ability to charge and collect fees
Allowed foreign auditor reach by SEC and PCAOB
Increased Congressional oversight of SEC with annual reports (of I/C and exams performed) and tri-annual review of employees by US Comptroller General
How did the Dodd Frank Act of 2010 regulate credit rating agencies?
It recognized the power of agencies and enforced them to public oversight and accountability
It also established Credit Rating Analyst professional qualifications
How did the Dodd-Frank Act of 2010 reform corporate governance? (3)
Requires shareholder approval of executive compensation every 3 years
Required independent compensation committees and more disclosures
Required reasonings for BOD nominations and allowed shareholders to vote by proxy
What are two major goals that the Sarbanes-Oxley Act of 2002 accomplished?
Improved accuracy and reliability of corporate disclosures
Established regulation and accountability for issues and their auditors
What do the first four out of eleven titles for the SOX Act of 2002 cover?
Title I - PCAOB
Title II - Auditor Independence
Title III - Corporate Responsibilities
Title IV - Enhanced Financial Disclosures
What did Title I of the SOX Act of 2002 establish?
The PCAOB
What are five facts about the PCAOB as laid out in Title I of SOX?
1) It’s a nonprofit corporation (directors appointed by SEC)
2) SEC directly oversees PCAOB operations
3) Established public CPA registration and annual requirements
4) PCAOB operates off annual fees (penalties fund ACTG scholarships)
5) PCAOB audits issuer auditors
- annually if >100 issuer clients
- every 3 yrs if <= 100 issuer client
What are four new auditor independence requirements under Title II of SOX?
1) all non-audit services prohibited (limited exceptions)
2) audit partners must rotate every 5 years
3) additional auditor communications to audit committee
4) 1 year disassociation from actg firm before becoming client executive
What are the two exceptions to issuer non-audit services restrictions, and which Title of SOX does it fall under?
1) Approved by audit committee
2) Total non-audit fees < 5% total client fees
3) Title II - Auditor independence
Note: All non audit services must be disclosed
What are four required communications of the auditor to the audit committee under SOX?
1) Critical accounting policies of practices
2) Management’s alternative treatments within GAAP, ramifications, and auditor preferences
3) Material communications between management and auditor
4) Document and discuss auditor independence
What does Title III of SOX prohibit?
Client manipulation/influence over auditor;
enforced by SEC
How does Title IV of SOX enhance financial disclosures?
1) Annual I/C report alongside F/S
2) Enhanced required filing disclosures
3) Disclosures about management and board (CoE, AC Fin Exp., tx w/ SH, etc)
4) SEC reviewal of disclosures every 3 years
What is unique about the PCAOB board?
There are 5 appointed members by SEC who are “of high integrity.”
What does PCAOB Release No. 2015-008 require?
Form AP in filings - discloses audit partners
What does PCAOB Form AP disclose?
Engagement partner name
Details of other accounting firms who have contributed to audit
What is the GAO’s independence requirement?
Independent of mind and in appearance
What are seven various DoL labor laws?
1) FSLA
2) Workers Compensation
3) OSHA
4) ERISA
5) FMLA
6) COBRA
7) HIPAA
What did FLSA establish?
Fair Labor Standards Act - established minimum wage and overtime rates
What general rules do Department of Labor (DoL) Workers Comp laws establish?
1) DoL Office of Workers Compensation Program
2) Employees accept payments in lieu of court lawsuit
3) States require employers to have W/C insurance
How does OSHA enforce their laws?
OSHA - Occupational Safety and Health Act
Inspections and Investigations
Note: also establish whistleblower protections with criminal and civil penalties
What are two requirements under ERISA?
1) IRS Form 5500 filed with DoL
2) Annual audits required for plans with 100 or more participants
What is the rule to FMLA?
FMLA - Family and Medical Leave Act
Companies with more than 50 employees must give 12 weeks unpaid leave if serious illness or birth/adoption of immediate family (self, spouse, parent, child)
What is the EBSA and what two laws do they oversee?
Employee Benefits Security Administration; COBRA and HIPAA
What does COBRA do?
COBRA
Employees keep health insurance after leaving
What does HIPAA do?
HIPAA - Health Insurance Portability and Accountability Act
Protects individual’s health-related information
What are three special DoL independence rules to EBP audits?
1) all auditors performing on audit must be independent (vs just AICPA members), extending to all the firm’s partners & shareholders, and all employees in the main audit office
2) independence extends to plan sponsors
3) impairment exists with direct or immaterial direct financial interest in plan OR plan sponsor
- or auditor maintains records
What is the statement relating to auditors and professional skepticism and judgement?
Auditors must apply ethical requirements, professional skepticism, and professional judgement during planning, performing, and evaluation stages of an engagement.
Describe professional skepticism.
A questioning mind, alertness, and critical assessments.
What does PCAOB SAPA 10 stand for?
SAPA - Staff Audit Practice Alert)
What are three areas of evaluation that require professional skepticism, according to SAPA 10?
1) Uncorrected mistakes
2) Management bias
3) Presentation of F/S
What are four impediments to professional skepticism according to SAPA 10?
1) Inherent audit pressures
2) Inappropriate levels of trust in management
3) Personal bias
4) Lack of training, expertise, and experience
What is a way to limit impediments to professional skepticism? (SAPA 10)
Firm Quality Control policies and procedures
What is professional judgement?
Experience and training to make objective, critical judgements
What is the CAQ?
Center for Audit Quality
What are four things that professional judgements should be?
1) Based on relevant facts/circumstances
2) Made after consideration reasonable alternatives
3) Sensitive to the degree of inherent uncertainty
4) In compliance with professional standards
What are four biases against professional judgement?
1) Confirmation - info confirming initial expectations seem more valid
2) Overconfidence
3) Anchoring - relying improperly on initial #’s and F/S in making assessments by not adjusting properly
4) Availability - preferring available info over relevant
What 3 things should an auditor do before accepting an engagement?
1) Consider client integrity
2) Ensure 3 audit preconditions are satisfied
3) Communications with predecessor auditors
What must the auditor do if the client’s integrity is questioned?
Scope of audit must increase
What are the required rules regarding communications with predecessor auditors for new engagements?
Before acceptance:
1) Cannot accept client until able to communicate with predecessor
2) Cannot communicate with predecessor unless client allows
After acceptance:
1) Specific inquiries or review of predecessor WP’s
What are reporting rules regarding interactions with predecessors?
No reference to prior auditors are allowed as basis for current opinion
What are three reasons an accountant should NOT accept a SSARS 21 engagement?
1) Ethical requirements are not satisfied
2) Info for audit likely unavailable or unreliable
3) Lack of client integrity may affect audit performance
What are the requirements before an accountant accepts a SSARS 21 engagement?
1) Determine if framework is acceptable
2) Ethical requirements regarding professional competence are satisfied
3) Management accepts wide responsibilities
Which SSARS 21 engagements require successor accountants to communicate with the predecessor?
None
What are two prerequisites to acceptance of an attestation engagement?
1) Accountant receiving written acknowledgement by responsible parties
2) Subject matter appropriate (identifiable and consistently evaluatable)
What are the 9 general engagement letter requirements? (5 groupings)
1) List ENGAGEMENT itself & OBJECTIVE (and scope if assurance)
2) Identify FRAMEWORK for presentation (gaap, tax, etc) and CRITERIA for professional service (gaas, gagas, etc)
3) List RESPONSIBILITIES, PROMISES (deliverables, REP, etc), and SIGNATURES of both parties
4) List LIMITATIONS of engagements (express or inherent)
5) Describe any SPECIAL AGREEMENTS (deliverables format, lack of assurance, etc)
note: fees & billing structure are not required to be agreed upon in the engagement letter
When should an accountant change engagement terms?
When reasonably justifiable
What should an accountant consider before changing to lower level engagements?
1) Reasons for request
2) Additional effort/costs required to finish original engagement
What are stated preclusions for lowering engagement levels?
1) Cannot issue review in place of audit if management imposes scope restriction
2) Cannot issue compilation report in place of audit/review if client won’t sign REP
Why do accountants form documentation?
Evidences opinion/conclusion
Evidences compliance with planning/performance regulations
What is the statement for assurance engagements as to the required level of documentation by accountant?
“Documentation should be SUFFICIENT for an EXPERIENCED ACCOUNTANT with NO CONNECTION to the engagement to understand NATURE, TIMING, & EXTENT of PROCEDURES PERFORMED; the RESULTS of procedures;
Any SIGNIFICANT FINDINGS/issues, their CONCLUSIONS, and any significant PROFESSIONAL JUDGMENT APPLIED.”
When must audit documentation be locked down and retained for how long? (For issuers and nonissuers)
Within 60 days of report release and retained for 5 years
Issuers: within 45 days of report release and retained for 7 years
What are 4 (broad) things that should be included in documentation? (Stmt +2)
1) Document NTE (+WHO) & RESULTS of PROCEDURES performed sufficient for team and reviewer to understand;
2) SIGNIFICANT FINDINGS & RESOLUTIONS
3) Justification for DEPARTURES from presumptively mandatory requirements
4) REPORT DATE & copies of DELIVERABLES (of both parties)
How and why should auditors communicate planned scope and timing of audits?
Disclose without compromising effectiveness of procedures
It helps management with oversight responsibilities
According to AU-C 265, auditors must communicate what in writing in regard to I/C?
Any significant deficiencies (bad) and material weaknesses (worse) affecting the CY.
What four things should written auditor communications regarding I/C contain?
1) Reminder of auditor responsibilities to F/S and not I/C
2) Identification and definition of deficiencies and their consequences
3) Note that findings are not all-inclusive
4) Restrict use of communication to management and those in charge of governance
What are 8 matters to communicate to governance regarding significant findings? (4 groups)
1) any SIGNIFICANT findings/issues/disagreements discussed with management, auditor viewpoint, management consultation with other auditors
2) Significant difficulties during audit (including with management)
3) All uncorrected mistakes + implications, and material corrected misstatements
4) All representations required from management
What are three categories of misstatements? (from auditor view)
Factual - known misstatements
Judgmental - likely misstatements from disagreements in policies
Projected - likely misstatements due to sampling
What type of fraud must be communicated to the appropriate level of management?
ANY
Why are QC (quality control) systems required for accounting firms?
They ensure compliance where needed
Statements on Quality Control Standards #8 (SQCS 8) states firm QC systems should encompass what 6 areas?
1) Leadership responsibilities for quality
2) Relevant ethical standards
3) Acceptance and continuance of engagements
4) HR
5) Engagement performance, documentation, and reporting
6) Monitoring
What are GAGAS audits requirements relating to peer reviews?
Peer reviews must occur every 3 years
Auditor must provide client with most recent peer review
What are CPE requirement for auditors working on GAGAS engagements?
1) Any auditor: 20 hrs CPE every 2 yrs
2) Auditors allocating more than 20% time annually to CPE: 80 hours CPE every 2 yrs
To whom might the auditor direct fraud-related inquiries to? (4)
1) Authoritative employees
2) Operating personnel, not directly involved in financial reporting process
3) Employees involved with complex transactions
4) In house legal counsel
What are 5 possible PCAOB sanctions?
Temporary suspension
Permanent revocation
Limit allowable engagement activities
Civil penalties
Forced training
Note: there are stricter sanctions or intentional or reckless behavior
What is the focus of a PCAOB audit?
Quality control and performance
What are 5 of the PCAOB responsibilities?
Oversee actg firm registration
Establish relevant standards
Inspect registered firms
Investigate & discipline registered firms
Enforce SOX compliance
What do ERISA audits cover?
Only F/S within IRS 5500. No compliance.
What two things are included in IRS Form 5500?
GAAP-based F/S
Supplemental schedules
What are limited scope ERISA audits?
On qualified plans, an auditor can forego certain detailed audit procedures for underlying information on certified investments. The certificate is a qualified custodian or trustee who warrants complete and accurate information for investment.
When is GAGAS an acceptable framework?
When the auditee is a program that receives federal funding.
What are six functions of the GAO?
1) Support Congress in meeting constitutional responsibilities
2) Evaluate if funds are spent efficient and effectively
3) Evaluate if government programs are meeting objectives
4) Investigate allegations of illegal and improper activities
5) Issue legal decisions and opinions
6) Issue GAGAS
Under GAGAS-based engagements,
1) What standards must and auditor follow?
2) What does an auditor report on?
3) What are auditor responsibilities regarding client compliance?
1) Auditor must follow GAGAS AND GAAS (primarily GAGAS)
2) Auditor reports on F/S according to the acceptable framework, understanding of I/C and risk of material noncompliance, and direct & material noncompliance with regulation
3) Auditor must appropriately plan to ensure material compliance, but opinion is still solely to F/S
What are two threats unique to government audits, and who do they apply to?
1) Bias (convictions resulting in nonobjective position)
2) Structural (audit organization placement within government entity) - internal auditors
What is planning an audit, and when does it occur?
Developing an overall strategy for audit (determines nature and scope of engagement, and determines audit focus (nature, timing, and extent))
It begins with acceptance and continues through the audit
Leads into detailed audit plan
What drives the detailed audit plan?
The risk assessment procedures that identified RMM
What are two types of internal control deficiencies?
Design deficiency (control unable to meet objective)
Operational deficiency (control not working as designed)
What are two internal control deficiency categories and their definitions?
Material weakness - reasonable possibility of material misstatement to F/S will not be prevented or detected-and-corrected on timely basis
Significant deficiency - issue les severe than M/W, but important enough to merit governance’s attention.
What are an auditors 4 responses to inadequate communication from governance?
Modify opinion for scope limitation
Consult auditor’s legal counsel
Communicate to appropriate third parties or government agencies
Withdraw from engagement
The SQCS require an accounting firm to establish QC systems that provide what two things?
Provide reasonable assurance of compliance w/ legal and ethical requirements
Provide reasonable assurance that reports share proper opinions
What acronym contains the 6 required elements of QC, and what are they?
HEAL ME QC
Human Resources (proper staffing of capabilities and competencies)
Ethical requirements (compliance with)
Acceptance & continuance (engaging with clients with integrity)
Leadership (quality “tone at the top”)
Monitoring (sufficient monitoring)
Engagement performance (proper supervision, review, and performance)
The PCAOB enforces SOX Title III Section 303 by which type of proceedings?
Civil proceedings
PCAOB Rule 3523 permits a CPA to provide tax services to a person with oversight responsibility of an issuer audit client in what 3 exception circumstances?
1) Person is only a board director
2) Audit client is an affiliate to consolidated F/S whose own F/S is immaterial to consol. F/S
3) Person is in that role due to recent employment change (hire, promote, etc)
When a new audit manager comes from an audit client mgmt, when can the new audit manager participate in audit engagement involving old company under SAS?
The audit manager can participate on audits that are ACCEPTED and whose AUDIT PERIOD both occur AFTER completed DISASSOCIATION from the client
(AICPA CPC prohibits simultaneous employment)
What are 4 sections and their content of SOX Title IV “Enhanced Conflict of Interest Provisions?”
Section 402 - Issuers cannot extend personal loans to executives or directors
Section 403 - Disclosures from principal stockholders (>10%) required
Section 404 - Annual report on I/C required
Section 406 - Disclosure about senior mgmt Code of Ethics policy
What types of engagements are independence of CPA required to be assessed?
Attestation engagements (compilation and up)
Suppose during a new audit engagement the successor auditor discovers need for substantial revisions to PY F/S. How should the successor resolve these issues?
Talk to mgmt and request a meeting between all three parties (successor, mgmt, predecessor) to come to understanding and resolve issues
QC policies and procedures for Engagement Performance (and supervision) is assumed to include what procedure?
Critical review of judgements exercised at every level of supervision
What are the 9 specifically completely prohibited non-audit services under SOX?
1) Bookkeeping
2) Financial information system design and implementation
3) Appraisal and valuation services
4) Actuarial services
5) Internal Audit outsourcing
6) Mgmt and HR functions
7) Investment related services
8) Legal and expert services unrelated to audit
9) Anything prohibit later by PCAOB
Who initiates communications with predecessor auditors?
The successor auditor (with client approval)
What methods are allowable for an auditor to communicate with management about fraud or noncompliance?
Oral or written
If oral, must document in WP’s
What is the timing requirement for auditor communications with governance?
When it is timely / as soon as practical
What is one basic required communication of auditors to management & governance?
Auditor responsibilities (opinion to financial statements)
According to GAAS, when can an auditor review interim F/S? (3 requirements)
1) When the latest annual F/S have been audited
2) Auditor was engaged for either the latest F/S or CY F/S
3) Interim F/S use same framework as annual F/S
The AICPA CPC defines attest engagements as what?
An engagement that require independence to be assessed
What is a firm restricted from doing when in violation of the PCAOB or SEC?
Auditor cannot issue the audit report
What are 5 ethical principles under GAGAS?
Public interest
Integrity
Objectivity
Proper use of gov’t info and resources
Professional behavior
