The Journal of Accountancy (JOA) has reported that the Center for Audit Quality (CAQ), which is affiliated with the AICPA, recently released risk alert Select Auditing Considerations for the 2015 Audit Cycle, in which the CAQ identifies and discusses areas of significant judgment and complexity facing accounting firms. Professional skepticism and internal control over financial reporting were once again the two key areas for auditors.
JOA provided the summary below of all the audit considerations discussed in the CAQ risk alert:
Professional skepticism. A questioning mind and a critical assessment of the appropriateness and sufficiency of audit evidence are essential for performing a quality audit with due professional care.
Internal control over financial reporting (ICFR). Risks can be minimized in this area by selecting appropriate controls to test, evaluating whether those controls adequately address the risks, and testing the operating effectiveness of those controls.
Risk assessment and audit planning. Procedures for assessing risk should be performed during audit planning and should continue throughout the audit. They are most effective when there is timely participation by the engagement partner and review by the engagement quality review partner.
Supervision of other auditors and multi-location audit engagements. The engagement partner has the responsibility to supervise the work of all engagement team members so that the work is performed as directed and supports the conclusions reached. The auditor is required to assess the risks of material misstatement to the consolidated financial statements associated with the location or business unit and correlate the amount of auditing attention devoted to the location or business unit with the degree of the risk of material misstatement.
Testing issuer-prepared data and reports. When using information produced by the company as audit evidence, the auditor should evaluate whether information obtained is both sufficient and appropriate for purposes of the audit.
Cybersecurity. The financial statement and ICFR audit responsibilities do not encompass an evaluation of cybersecurity risk across a company’s entire IT platform.
Revenue recognition. Although the new accounting standard for revenue recognition has not yet taken effect, the auditor should evaluate management’s required disclosure of the impact the new standard is likely to have on the financial statements, including evaluating the form, arrangement, and content of the disclosure.
Auditing accounting estimates, including fair value measurements. The auditor is responsible for evaluating how accounting estimates have been developed; assessing the reasonableness of accounting estimates made by management in the circumstances; and assessing whether they are presented in conformity with applicable accounting principles and are appropriately disclosed.
Related parties and significant unusual transactions. Performance requirements recently have been enhanced in three key areas: related party transactions; significant unusual transactions; and a company’s financial relationships and transactions with its executive officers.
Source: Journal of Accountancy