Final review Flashcards
Objectives ORC
Operations
Reporting
Compliance
CRIME
Control environment
Risk assessment
Information & communication
Monitoring
Existing Control Activities
C = EBOCA
Ethics
Board oversight
Organizational structure
Competence
Accountability
R = SAFR
Specify objectives
Asses changes in the control environment
Fraud
Risk analysis
I = OIE
Obtain information
Internally communicate
Externally communicate
M = SOD
Separate &
Ongoing evaluations
Deficiency communication
E = CATP
Control
Activities
Technology
Policies and procedures
SSARS - Statements on Standards for Accounting and Review Services
(types, assurance for each type, independence for each type, opinion/conclusion/report?)
SSARS - preparation, compilation (of either historical OR proforma) & reviews of historical FS (of unaudited FS for nonissuers)
Statements on Standards for Accounting and Review Services codified in AR-C
Preparation- no assurance, no independence, no opinion/conclusion/report
Compilation- no assurance, no independence but must disclose if not, no opinion or conclusion but yes report
Review- limited (negative) assurance, independence required, no opinion but yes conclusion
SSAE - Statements on Standards for Attestation Engagements
(types, independence for each type, assurance for each type, opinion/conclusion?)
SSAE - agreed-upon procedures, review or examination of proforma projections/forecasts (anything that IS NOT historical FS)
Attest engagements - exam, review, or AUP (agreed upon procedures) on a subject matter or assertion about a subject matter - WRITTEN CONCLUSION/WRITTEN ASSERTION
AUP, forecasts/projections, proforma FS, compliance, MD&A, reporting on controls at a service organization
agreed upon procedures - independence required, no assurance, list of procedures and findings
review (not historical FS) - independence required, limited (negative) assurance, conclusion
examination (not historical FS) - independence required, reasonable (positive) assurance, opinion
Which standards apply to REVIEW engagements?
SSAE - applies to anything that’s not historical financials so applies to review of management assertions
PCAOB - applies to quarterly reviews/interim for issuers that have annual audit
SAS - applies to quarterly reviews/interim for NON-issuers that have annual audit
SSARS - applies to reviews for NON-issuers annual financial statements that do NOT also get audited
Which standards apply to an AUDIT of a NON-issuer?
SAS - Statements on Auditing Standards published by Auditing Standards Board is comprised of Generally Accepted Auditing Standards (GAAS)
performance principle (assurance)
reasonable assurance must be obtained about whether FS as a whole are free of material misstatement, whether due to fraud or error
reporting principle (opinion)
based upon the sufficient appropriate evidence obtained (auditor should issue a written report expressing an opinion or make a statement that an opinion cannot be expressed)
Government Auditing Standards conducted under Government Accountability Office (GAO)
Generally Accepted Government Auditing Standards GAGAS or “Yellow Book”
Single Audit Act threshold?
Type A vs Type B program?
single audit is divided into two areas: compliance and financial
Threshold of $750,000 is related to expenses, not revenues.
Type A program - federal program that exceeds a quantifiable amount of federal awards expended, then determined whether high or low risk
minimum coverage rule:
high risk - recipient that has high risk of noncompliance with federal laws and regulations; audit 40% of total awards expended
low-risk - recipient that has low risk of noncompliance with federal laws and regulations; audit 20% of total federal awards expended
Type B program - any program that doesn’t meet Type A requirement
AICPA Code of Professional Conduct: (“SPROID”)
- scope and nature of services principle
- public interest principle
- responsibilities principle
- objectivity & independence principle
- integrity principle
- due care principle
AICPA Code of Professional Conduct
Adverse threat
Advocacy threat
Familiarity threat
Management participation threat
Self-Interest threat
Self-review threat
Undue influence threat
member’s interests are in opposition of client (litigation)
member will promote client’s interests or position, lack of objectivity/compromise indep
member will be too sympathetic due to long close relationship
member will take on role of client mgmt
member could benefit from interest in or relationship with client
member will not appropriately evaluate results of previous judgment
member will subordinate judgment to client due to coercion or agression
AICPA Code of Professional Conduct
Independence Rule
-unpaid fees threat
-financial interest threat
-mutual funds threat
-retirement/savings account threat
-unpaid fees threat: compliance with independence rule would not/could not be reduced to acceptable level = impaired
-financial interest threat: direct or material indirect financial interest in client or firm employee or their immediate family own >5% of client’s securities = impaired
-mutual funds threat: owns >5% of shares in diversified mutual fund, need to evaluate whether ownership is material indirect financial interest
-retirement/savings account threat: employee or immediate family member self-directs investments or has ability to supervise or participate = direct financial interest = impaired; if interest is defined benefit plan = not considered a financial interest unless they can direct or supervise or participate
AICPA Code of Professional Conduct
Independence Rule
Partnerships
LLC
Trust/estate
Partnerships: direct financial interest = impaired (limited partnership = indirect financial interest as long as no control/supervise/participate)
LLC: managing interest = direct financial interest = impaired; non-managing = indirect interest
Trust/estate: investment decision-making, >10% of client’s securities or total assets = impaired
AICPA Code of Professional Conduct
Independence Rule
-deposit accounts
-loans
-leases
deposits: no self-interest threat if balance is insured by state/fed gov deposit insurance, any uninsured is immaterial
loans: no self-interest threat if unsecured loan is immaterial to net worth or is a home mortgage or is a secured loan; or a collateralized auto loan, collateralized CSV of life insurance policy, cash collateralized loan
leases: must be an operating lease, terms comparable with other leases of similar nature
AICPA Code of Professional Conduct
Independence Rule
(simultaneous employment, honorary director/trustee, appraisal/valuation services, forensic accounting, witness, IA services, tax services)
simultaneous employment with client = independence impaired
honorary director or trustee = independence not impaired as long as position is clearly honorary (no voting)
appraisal, valuation, actuarial services = independence not impaired if service provided was solely for nonfinancial statement purposes, otherwise, independence is impaired
forensic accounting = litigation consultant (not impaired)
expert witness = impaired unless witness for a large group where client is small percentage of group and is not lead
internal audit services = impaired if client outsources IA function to covered member
tax services = not impaired as long as services are prep/submit/pay tax returns and covered member does not have control over client’s funds & client reviews/signs returns
PCAOB Ethics and Independence Rules
FORM AP - (Auditor Reporting of Certain Audit Participants)
filed with PCAOB for each new issuer audit and discloses: name of engagement partner, info of any other audit firm participating in audit whose work constituted at least 5% of total audit hours and aggregate info of any other firms whose participation was less than 5% of total audit hours
filing required no more than 35 days after audit firm files the audit report with SEC; for IPOs filing is required within 10 days after auditor's report is first included in a document filed with SEC
Government Accountability Office
Government Auditing Standards (GAGAS)
Independence of Mind
Independence in Appearance
Independence of mind: (professional judgment not compromised)
Independence in appearance: (professional skepticism not compromised)
Professional skepticism
IMPEDIMENTS & MITIGATIONS
impediments - inherent pressures (maintaining client relationships, keep costs down, avoid conflicts w/mgmt), inappropriate levels of confidence or trust in mgmt, personal bias, lack of training and expertise
mitigate with setting tone at top that emphasizes need for professional skepticism, maintaining promotion and compensation processes that enhance it, assigning personnel with appropriate background
Professional judgment
Professional judgment is the accumulated knowledge that an auditor gains through experience and training to make critical judgments in an objective, professionally skeptical manner. Overlaying this with professional and ethical standards results in ability to make informed decisions