Professional skepticism and other 2015 audit focus areas
The auditing process is mechanical in its function but requires a curious mind to prevent and detect misstatements that can hurt a business. Each year, leaders in the industry gather together to discuss ways to make the craft of an audit more deliberate and structured. As a result of these discussions The Center for Audit Quality communicates important processes for firms to follow when performing an audit.
Recently, The Center for Audit Quality released an article detailing ways accountants can strengthen their audits through professional skepticism, internal control over financial reporting, risk assessment, audit planning and many other practices.
Professional Skepticism. Going through the motions when performing an audit not only harms the business but also further entrenches audits as a low-value service that accountants can offer. Therefore, the more an accountant can investigate a business to understand its drivers, the more she or he will be able to provide valuable insight to the business owner or management team. An inquiring mind is certainly useful in these situations. The PCAOB defines professional skepticism as an attitude that includes a questioning mind and a critical assessment of audit evidence.
This attitude helps to create the value that accountants bring to their clients. Assessing the appropriateness and sufficiency of the financial evidence provided in an audit can set your firm apart and help your client’s business grow. Whether your client’s misstatements are due to fraud or lack of internal controls, following these steps can help your audit quality improve.
1. Do not be satisfied with less than persuasive evidence that management is honest when looking at abnormal expenses and assets.
This includes situations where:
• Capital is spent in ways not typical of the business’s usual transactions
• An area of risk that requires a significant amount of management judgment to decipher
2. According to CAQ you should also have a willingness to modify planned audit procedures to obtain reliable evidence regarding the client’s assertions.
Instead of basing the audit off of the “most readily available evidence” an auditor should:
• Have the engagement partner set the tone for professional skepticism, arming the rest of the engagement team with the confidence to challenge the client’s managements financial reporting
• Obtain a third-party examination of the financials to confirm the documentation of the business
Additionally, scheduling times for an engagement partner or senior member of the engagement team to review the engagement team’s findings can not only ensure the audit’s quality but also serve as an opportunity to train the rest of your team.
Internal Control over Financial Reporting. Incorporating tests of controls while performing substantive tests can save time while you accomplish the goals of each test. During these tests, an auditor should not assume that a control is effective when there is no evidence of misstatements.
An auditor should:
1. Identify the flow of transactions through the organization
2. Select the controls that “are intended to address the identified risks of material misstatements”
3. Note the sources and type of material misstatements and identify their risk
Helping the business’s management address a control’s objective, consistency and criteria for further investigation can enable the business to detect “the level of precision” of the control.
Risk Assessment and Audit Planning. The core to risk assessment in audit planning is the involvement of the senior team members and the engagement partner. Spending a significant amount of time in planning the audit and documenting why certain areas of the business will be identified as risky can help save time in the audit’s execution.
Though the auditing team will continue to assess the risks of misstatement and fraud throughout the audit, taking your time during the pre-audit stages will create direction for the rest of the engagement team.
Engagement partners should find direction for identifying areas of risk by referencing:
• Auditing Standard No. 12 – Identifying and Addressing Risks of Material Misstatement (AS 12)
• Auditing Standard No. 13 – The Auditor’s Responses to the Risks of Material Misstatement (AS 13)
For more information on audit planning, see the Sageworks blog post on Avoiding the pitfalls of analytical procedures or What are analytical procedures and when are they used?