Chapter 2

CORPORATE GOVERNANCE,
AUDIT STANDARDS
Define Corporate Governance

 "aprocess by which the owners and

creditors of an organization exert
control and require accountability for
the resources entrusted to the
organization. The owners
(stockholders) elect a board of
directors to provide oversight of the
organization's activities"
Primary parties involved in
corporate governance
 Stockholders
 Boards of Directors
 Audit Committees of the Board
 Management
 Self-Regulatory Accounting Organizations
(e.g. AICPA, FASB)
 Other Self-Regulatory Organizations (e.g.
NYSE, NASD)
 Regulatory Agencies (e.g. SEC)
 External Auditors
 Internal Auditors
What are SEC concerns regarding the
auditing profession?
 Auditors were no longer willing to
confront clients over questionable
accounting practices
 Consulting fees were impairing
auditor independence
 Accountants were using technical
interpretations of GAAP to push the
limits of accounting
What are the Public Oversight
Board (POB) concerns?
 Analytical procedures used inappropriately to
replace direct tests of account balances
 Audit firms not thoroughly evaluating internal
control and applying substantive procedures to
address weaknesses in control
 Audit documentation, especially related to audit
planning, did not meet professional standards
 Auditors ignored warning signs of fraud and other
problems
 Auditors were not providing sufficient warning about
companies that might not continue as 'going
concerns'
Sarbanes Oxley Act of 2002
Significant provisions include:
 Public Companies Accounting Oversight Board
(PCAOB) with broad authority, including the power
to set auditing standards for audits of publicly
traded companies
 Requires the CEO and CFO certify the financial
statements
 Requires management to provide a comprehensive
report on internal controls over financial reporting
and that auditors report on internal controls
 Audit Committees given expanded powers as the
'audit client' and must pre-approve any non-audit
services by its external auditors
 Audit Committees must report their activities to the
public
The Sarbanes Oxley Act of 2002
Continued
 Audit Committees must have at least one financial
expert. Other members must be knowledgeable in
financial accounting and controls
 Audit engagement partners must be rotated off the
engagement every five years
 Requires a "cooling off" period before an audit partner
or manager can take a high-level position with an audit
client without jeopardizing the independence of the
public accounting firm
 Increased disclosure of "off-balance sheet"
transactions or agreements that may have a material
effect.
 Mandated GAO to study issues including:
 Effect of consolidation on competition in the profession
 Analysis of mandatory audit firm rotation.
PCAOB Authority
 PCAOB chose to set audit standards
 PCAOB chose to let the FASB continue to set
financial accounting standards
 Set standards for the reports on internal
control and risk management
 Perform inspections of public accounting
firms and recommend penalties if the firms
fail to perform
 Require all public accounting firms that audit
public companies to register with the PCAOB
and become licensed to perform such audits
What are auditor independence
provisions?
 Prohibits audit firms from performing
consulting work for their audit clients (in
most cases)
 Audit Committee is now the auditor's client
 Requires the Audit Committee to pre-
approve any non-audit services by the
audit firm
 Requires partner rotation on all public
company audits every five years
Discuss Corporate Responsibility for
Financial Reports
 Sarbanes Oxley Act requires the CEO and
CFO to certify the accuracy of the financial
statements and provides criminal penalties
for misrepresentation
 The Act also--
 Requires management to describe whether they
have implemented a Corporate Code of Conduct
 Requires management to report on the
effectiveness of internal control over financial
reporting
What is the enhanced role of audit
committees under Sarbanes?
 Is designated as the audit client
 Has oversight responsibilities over
the internal audit and financial
reporting processes
 Must be comprised of "outside"
directors, i.e. not members of
management or have other
relationships with the organization
 Must report on its activities, annually
Audit Committee Responsibilities
 Be appraised of all significant accounting decisions
made by management
 Be appraised of all significant changes in
accounting systems and system controls
 Have authority to hire and fire the external auditor
 Review the audit plan and discuss audit results with
the auditor
 Have authority to hire and fire the head of the
internal audit function and set the budget for the
internal audit function
 Review the audit plan and discuss all significant
results
 Receive all regulatory audit reports and meet with
regulatory auditors to discuss findings
What are the required communications
to the audit committee?
 Auditing standards (SAS 61) require specific
communications between the audit
committee and the external auditor:
 Auditor's responsibility under GAAS and
PCAOB Standards
 Significant Accounting Policies
 Management Judgments and Accounting
Estimates
 Significant Audit Adjustments
 Other Information in Annual Reports
 Disagreements with Management
Generally Accepted
Auditing Standards

 General Standards provide guidance in

hiring and training of auditors
 Fieldwork Standards help auditors plan
and perform the audit
 Reporting Standards help ensure clear
communication between auditor and
statement users
General Standards
 The examination is to be performed by a
person or persons having adequate
technical training and proficiency as an
auditor
 In all matters relating to the assignment,
the auditor must maintain an independent
mental attitude
 Due professional care is to be exercised
in the performance of the examination
and preparation of the report
Fieldwork Standards
 The work shall be adequately planned and
assistants, if any, properly supervised
 A sufficient understanding of the entity and its
environment, including its internal control, is to be
obtained to assess the risk of material
misstatement of the financial statements whether
due to error or fraud, and to design the nature,
timing, and extent of further audit procedures
 Sufficient appropriate audit evidence is to be
obtained through audit procedures performed to
provide a reasonable basis for an opinion
regarding the financial statements under
examination
Reporting Standards
 The audit report shall state whether
statements are fairly presented in
accordance with Generally Accepted
Accounting Principles
 The audit report shall identify those
circumstances in which accounting
principles have not been applied on a
consistent basis with the preceding period
 Informative disclosures in the financial
statements are to be regarded as
reasonably adequate unless otherwise
stated in the audit report
Reporting Standards
 The audit report shall contain either
expression of opinion regarding the
financial statements, taken as a whole, or
an assertion that an opinion cannot be
expressed. When an opinion cannot be
expressed, the reasons should be stated.
In all cases where an auditor's name is
associated with financial statements, the
report should contain a clear-cut
indication of the character of the auditor's
examination, if any, and the degree of
responsibility the auditor is taking.
Attestation Standards
 Financial statement audits are only a small
part of the demand for assurance services.
 Attestation standards ensure quality for
services beyond financial statement audits.
 Examples:
 Financial forecasts and projections
 Pro forma financial information
 Internal controls
 Compliance with contracts
 Regulatory requirements
 Agreed-upon procedures
Attestation Standards
Similar to GAAS, except:
 Specific to the attestation being performed
 Practitioner must have adequate knowledge
in subject matter
 Assertion(s) must be capable of evaluation
against an established reasonable criteria
and reasonable consistent estimation or
measurement
 Report provides assurance related to
specific assertion(s)
Audit Standard Setters and
Authority
Audit Standard Setter Scope and Basis of Authority
Public Company Authority Base: U.S. Congress: Expressed in the
Accounting Oversight Sarbanes-Oxley Act of 2002
Board (PCAOB)
Scope: Sets audit standards for the audits of all
public companies that are registered with the SEC

American Institute Authority Base: Historical, as self-regulatory

of CPAs (AICPA) organization that had earned the public's trust

Scope:
Auditing standards for the audits of small
non-public companies

Attestation standards for areas other than public

company reports on internal control

Assurance services that are less in scope than an

audit such as reviews and compilations
Audit Standard Setters and
Authority
General Accounting Authority Base: U.S. Congress delegated
Office (GAO) authority to set standards for audits of
governmental entities

Scope: Sets audit standards for the audits

of all governmental entities in the U.S.

International Audit Authority Base: Countries which agreed

Standards Committee to abide by their standards
(IASC)
Scope: Standards for financial statement
audits across most of Europe and many
developing countries
Audit Standard Setters and
Authority
International Audit Authority Base: Developed by the
Standards Board Institute of Internal Auditors as a
(IASB) self-regulatory organization

Scope: Standards for the practice of

internal auditing around the world
Overview of Audit Process:
 Planning the Audit
 Understanding with the Audit Client
 Scope of Services to be Provided
 Management’s Responsibilities
 Coordination of Work with Client Personnel
 Audit fees and Expectations
 Develop an Understanding of Materiality
 Audit must be planned to provide reasonable
assurance that material misstatements will be
detected
Overview of Audit Process:
Develop a Preliminary Audit Program
 Client’s business and industry
 Risks client faces and how they might
affect the company's financial
statements
 Management compensation plans and
motivation for management actions
 Internal controls over financial
reporting
Overview of Audit Process:

 Assess:
 Audit Risk
 Quality of Internal Control
 Accounting assertions
 Materiality
 Accounting policies and procedures
 Anticipate financial statement items likely
to require adjustment
 Identify factors that might require
modification of audit tests
 Determine the type of reports to be issued
Overview of Audit Process:

Gathering Audit Evidence to Test Assertions

 Third Standard of Fieldwork requires auditor
to gather "sufficient appropriate audit
evidence" to reach a conclusion on the fair
presentation of the financial statements
 Audit is Designed to Examine Accounting
Assertions:
 Existence
 Completeness
 Rights and Obligations
 Valuation
 Presentation & Disclosure
Overview of Audit Process:
Summarize Audit Evidence and Reach Audit Conclusion
 If evidence supports fair presentation, auditor can
move on to other areas of investigation.
 If evidence does not support fair presentation, auditor
will gather additional evidence. This will lead auditor
to one of three situations:
 Auditor reaches a conclusion and the client agrees
to adjust the financial statements
 Auditor reaches a conclusion, but the client
disagrees. The auditor will issue a report
describing the differences in opinion
 Auditor is unable to reach a conclusion and the
amounts are so material, the auditor cannot render
an opinion
Overview of Audit Process:

Reach an Audit Conclusion and Issue a Report

 Most engagements - financial statements are
fairly stated resulting in an Unqualified audit
report
 Before issuing the report, the auditor discuss
the audit process and financial statements
with the Audit Committee