Skill level of Big-4 staff conducting 404 testing 1221



  • Hello,
    I work for a big-4 firm. I was recently hired to do 404 testing and walkthroughs right out of grad school.
    I have been surprised by the general lack of skill level by many of the staff working around me. Many of them are new to the firm, or they are doing the work on a short-term basis simply because they have nothing else to do—which tends to mean that they are unfamiliar with the information that are dealing with.
    My question is whether this is typical for 404 work that is going on with other firms. Shouldn’t these first few rounds of 404 testing be a priority for accounting firms, in light of the template that is being created for future years of work? Isn’t staffing a consistent set of well-qualified staff a MUST, at this early stage in the Sarbanes Oxley world? There are so many assumptions that are being made at this stage that it seems essential to have the 404 work standardized and well-managed to the greatest extent possible.
    Please respond, with comments regarding your own experiences. Thanks.



  • To be honest, I have to say that what you describe has been on my mind too.
    It’s not that they do not know their job, it just feels that they do not understand the real world.



  • I have found that there is generally a dearth of competent SOx consultants or internal auditors available, for a variety of reasons. Chiefly among these reasons is the low value that corporate management placed on the control environment. Also, Internal Audit has often been a revolving door from which a CPA can move from public accounting to internal accounting by getting an overview of the company.
    While there are many career internal auditors who are great, it is also true that there are internal auditors who never made it out of the revolving door into management. Again, these IAs languished since their skills were not valued. Many companies view the accounting department as a useless appendage. Internal Audit is even worse since it’s the IA’s job to point out deficiencies and investigate fraud.
    Having said that, I don’t think that having someone straight from graduate school is a bad person to have on a SOx gig. Newly minted graduates should be in a position to have a fresh look and the ability to think critically and communicate well. Just as the best place to learn public accounting (financial auditing) is from the ground up (substantive testing account balances and performing analytical reviews).
    I don’t think that someone without audit/project management should be leading a SOx project, but SOx work is fairly labor intensive and requires staff that can communicate (with process owners and managment alike), follow istructions and document their work.
    Also, just because someone is a great accounting/auditing technician does not always mean that they are a good (or even adequate) audit/accounting manager…it’s a different skill set. But, to that extent, it’s no different than any other profession.
    Final words: welcome to the real world. You may be surprised to find how widespread incompetence is, let alone ‘under-qualified’.



  • Having said that, I don’t think that having someone straight from graduate school is a bad person to have on a SOx gig. Newly minted graduates should be in a position to have a fresh look and the ability to think critically and communicate well. Just as the best place to learn public accounting (financial auditing) is from the ground up (substantive testing account balances and performing analytical reviews).

    I’m the ‘straight from graduate school’ person you’re talking about, with the learning by doing accounting knowledge, but somewhere along the line when talking to auditors, you start questioning where they got their ‘real world’ logic from.
    Final words: welcome to the real world. You may be surprised to find how widespread incompetence is, let alone ‘under-qualified’.
    There’s more ‘under-qualified’ labour than ‘over-qualified’ around at the moment.



  • Agreed. Part of the problem is that the control-environment work was undervalued for so long, that there are just too few people to do it (well).
    It’s one of the reasons why SOx work has been so expensive.
    But, that’s a different soapbox.



  • hi all
    interesting set of observations …
    I was wondering whether qualification alone can do the job. I do agree that qualifications like CPA, CISA etc equip a person in conducting an audit or systems audit for that matter and even SOX to some extent, But doesnt a thing called EXPERIENCE and EXPOSURE put u in a better place w.r.t. audits.
    Having said that, sox is only 3 yrs old now( - few months), Like John mentioned, its the lack of importance attached to control environment which has made a big issue out of SOX. Keeping the above in mind, how can we expect guys to be so experienced and exposed to ‘SOX’ within such a short span of time.
    My point is, everyone is a newcomer to SOX and control environment( relatively at least), it makes little difference between a pro and a novice, till a clear UNDERSTANDING IS BORN FOR THIS TIRESOME, VOLUMNOUS, FASTTRACK( at least wrt passing in the house) act.
    cheers guys 😛



  • We are (at least not I am) not saying that they should be more experienced with SOx, because we all know that that is impossible.
    My point is that when you get auditors that cannot match our control activity with their control objectives because 3 or 4 words are different, then you start to wonder.



  • My point is that when you get auditors that cannot match our control activity with their control objectives because 3 or 4 words are different, then you start to wonder.
    thats where the money starts flowing for the Big four audit firms 😄
    even if there is one word mismatch, they wont accept,
    known fact that this is nonsense, but world believes only the auditors and not us( and they are the one who shred our documents 😢 )
    cheers



  • I have noticed this as well. For me it is not an issue of recent grads or lack of real world knowledge, I can get past that a few times. It is that every year I have to train new recent grads and give them real world knowledge. So it did not help going over it in 2004 or several times in 2005. Here we are at Q1 close 2006 and I have all new auditors for the same big 4 company that I have to go over the same information with. They ask the basic questions that are already answerd in our templates, but have not seen them.



  • You might consider the following to avoid future issues:

    1. Before accepting a meeting with an auditor, ask the auditor to send you a brief meeting agenda and a list of the auditor’s interview questions in advance so that you can establish the purpose of the meeting. This creates a written record of the auditor communication and you can complete the questions in advance to be retained for future use.
    2. While meeting with the auditor, make use of a scribe if possible to take notes from the meeting. You can use the meeting notes to read them for accuracy, address any unclear items, and the meeting notes can be distributed to others as appropriate.
    3. Send yourself an e-mail that contains the meeting agenda, interview questions and responses, and meeting notes. If you archive your e-mails, you will have a complete record of the auditor communications and results, and the e-mail will be time dated/stamped. If you use a descriptive subject header, it will help to organize your records for later refernce.
    4. The next time an auditor asks to meet with you, obtain the items as listed in #1 above, and simply conduct a search from within your e-mail application (Outlook, Notes, etc.) to relevant items. It might be necessary to update some information based on changed business processes, but at least, you will not need to conduct ‘voluntary’ training again. Worst case, a future meeting with the audit will be shorter and more efficient…well…shorter at least.
      Hope this helps,
      Milan


  • working for a European subsidary of a large US company I have been staggered at how little knowledge is held within the external auditors. To the extent I have had to brief them on what they needed to do.
    OK that made my life easier but does make you wonder why you are paying so much money for so little support or advice.
    The US team has been better - but even so have either diliberately mis-read the act to increase their work load or just don’t get it.
    I’m hoping year 3 will be better as least some of last years team are coming back in so I won’t have to start from scratch again


Log in to reply