Tax Law

Balancing audit scope and complexity with SAS 145

The AICPA’s Auditing Standards Board has issued SAS 145 to provide additional guidance on a number of audit-related topics. The first blog in this series focused on the new guidance around risk assessment under SAS 145, and the second on improved documentation and skeptical analysis.

In this third blog, we’ll examine balancing the scope of an audit with the complexity of an entity’s activities.

Clarifying audit scope

SAS 145 defines significant class of transactions, account balance, or disclosure, which is important for firms as it helps to clarify scope and improve efficiencies.

Although the term significant class of transactions, account balance, or disclosure is not new, it was not previously defined. In SAS 145, this is now defined as: “A class of transactions, account balance, or disclosure for which there is one or more relevant assertions.” A relevant assertion is defined as an assertion for which there is identified risk of material misstatement, even if that risk is low.

What is the significance and why is this important for firms? It is intended to “clarify the scope of the auditor’s understanding of the entity’s information-processing activities as well as the auditor’s responsibilities related to the identification and assessment of, and responses to, risks of material misstatement,” according to the Executive Summary. In other words, it tells auditors where to focus.

Many firms may not have identified this as an issue, but ask your audit team if they have ever performed a lot of work around a particular area that didn’t seem significant, and if they were not really certain why they dedicated the amount of work that they did. Maybe it pertained to fixed assets even when there were no material additions, or prepaids even though there weren’t many changes. The point is that clarifying scope and driving efficiencies are key.

A conforming amendment to SAS 145 requires substantive testing for each relevant assertion of each significant class of transactions, account balance, and disclosure, regardless of the assessed level of control risk. Previous guidance required the auditor to design and perform substantive testing for all relevant assertions related to each material class of transactions, account balance, and disclosure, irrespective of the assessed risks of material misstatement. The shift from material to significant presents opportunities for efficiency.

Complex audits drive scalability

With SAS 145 comes enhanced and new guidance on scalability. Why? Because the size and complexity of an entity don’t always correlate.

Under the new standard, the complexity of an entity’s activities is the primary driver of scalability. Not the size of an entity, as in extant guidance.

SAS 145 recognizes that, although the size of an entity may be an indicator of its complexity, some smaller entities may be complex, and some larger entities may be less complex.

Therefore, when applying SAS 145, it is important to consider such factors as internal controls, including information systems, industry, accounting systems, etc.

Auditors should use their professional judgment to determine the nature and extent of the risk assessment procedures.

There’s also a recognition that some aspects of an entity’s system of internal control may be less formal, but still present and functioning. When there is a lack of formality, the auditor may still be able to perform risk assessment procedures through a combination of inquiries, inspection of documents, and observations.

When working with an entity that has informal controls, say, for instance, a small entity that doesn’t employ many staff and there’s a lot of owner involvement, it may be helpful for auditors to step back and reframe their questions. Using audit language doesn’t always resonate with people outside of the profession.

To help draw out information on what internal controls an entity may have in place, consider asking questions like the following:

  • What do you lose sleep over at night?
  • What are you doing about it?
  • How do you prevent bad things from happening in your business?

The bottom line: effective risk assessment is achievable even in smaller entities that have informal controls.

Conclusion

In balancing the scope of an audit with the complexity of an entity’s activities, auditors must use their professional judgment and consider a multitude of factors to ensure a quality audit. To learn more, view our webinar offering early guidance on SAS No. 145.

This is the third in a four-blog series about SAS 145 and its impact on tax and accounting professionals. Stay tuned for future posts.

Story originally seen here

Editorial Staff

The American Legal Journal Provides The Latest Legal News From Across The Country To Our Readership Of Attorneys And Other Legal Professionals. Our Mission Is To Keep Our Legal Professionals Up-To-Date, And Well Informed, So They Can Operate At Their Highest Levels.

The American Legal Journal Favicon

Leave a Reply