External Audit PCAOB testing requirements 1630



  • We are currently negotiating audit fees with our external auditor for our first live year. Up until now they have been happy to place strong reliance upon our independent testing for low and medium risk processes. Now they are stating that they can only do that for test of operating effectiveness but that they must complete a 100% walkthrough for every process irrespective of its risk or the testing we have completed ourselves. This is because it is a requirement of the PCAOB. %0ACan anyone confirm that this is true and refer me to the relevant PCAOB requirement?



  • Hi,
    Auditor requirement for a walkthrough is addressed in the PCAOB document, Audit Standard No. 2 (AS2)*.
    Specifically, it states,
    79. Performing Walkthroughs. The auditor should perform at least one walkthrough for each major class of transactions (as identified in paragraph 71). In a walkthrough, the auditor traces a transaction from origination through the company’s information systems until it is reflected in the company’s financial reports. Walkthroughs provide the auditor with evidence to:
    -Confirm the auditor’s understanding of the process flow of transactions;
    -Confirm the auditor’s understanding of the design of controls identified for all five components of internal control over financial reporting, including those related to the prevention or detection of fraud;
    -Confirm that the auditor’s understanding of the process is complete by determining whether all points in the process at which misstatements related to each relevant financial statement assertion that could occur have been identified;

    • Evaluate the effectiveness of the design of controls; and
    • Confirm whether controls have been placed in operation.
      Note: The auditor can often gain an understanding of the transaction flow,
      identify and understand controls, and conduct the walkthrough simultaneously.
      Hope this helps,
      Milan
      *Source: Public Company Accounting Oversight Board Bylaws and Rules Standards
      AS2
      As of June 18, 2004
      Page 162


  • Now they are stating that they can only do that for test of operating effectiveness but that they must complete a 100% walkthrough for every process irrespective of its risk or the testing we have completed ourselves. %0AThey need to be sure that you have adressed all the risks relevant for your company to be able to rely on your testing of operating effectiveness.%0AWe’re in the same process at the moment.



  • Thanks, this certainly answers the question and at least I know their reasoning for doubling our fees this year then… I suppose the questions in my mind though are:

    1. What is a major class of transaction? My imediate thought was that is was all the high risk elements but I guess inreality it means all the key processes that are in scoped irrespective of risk.
    2. The second is why is there no relaince on the walkthroughs they did last year as part of our dry run and will we have to be recipients of walkthroughs every year for each process.
      I agree that theu need to satisfy themselves regarding the robustness of our testing and our risk assessment. We have shown them our testing framework and templates and they have shown us theirs to make sure at least we are all working in the same direction, so I am happy that they have been very constructive in that respect.


  • Our externals do annual walkthroughs of all our major processes. This is necessary because of employee turnover, process change, etc. The second and subsequent rounds of walkthroughs should be quicker because they have the previous year’s documentation and usually only need to note minor changes. i.e. a new payroll manager, or changes to a delegation of authority.
    Hope this helps


Log in to reply