Seven New Auditing Standards That Will Change the SOX Audits 2660

  • After the current market crisis, the US Public Company Accounting Oversight Board is proposing changes to its auditing standards that describe the rules of any Sarbanes Oxley audit.

    The new challenge for the auditors is to assess and respond to risks during an audit.
    Audit risk is the material risk that the auditors will express an inappropriate opinion when the financial statements are materially misstated.
    The objective of the audits is not to zero this risk, but to limit audit risk to a low level, so that the auditor can provide reasonable assurance that the financial statements fairly present, in all material respects, the financial position, results of operations, and cash flows of a firm.
    The proposed changes are:
    1st Proposed Auditing Standard AS from the PCAOB: Audit Risk in an Audit of Financial Statements
    The auditors must plan and perform the audit to obtain reasonable assurance about whether there is material misstatement in the financial statements due to error or fraud. The auditors must applying due professional care and obtaining sufficient appropriate audit evidence
    2nd Proposed AS: Audit Planning and Supervision
    Planning an audit includes planned risk assessment procedures and responses to the risks of material misstatement. Planning is a continual and iterative process that begins shortly after or in connection with the completion of the previous audit.
    The auditors should develop a written audit plan that should include a description of the nature, timing and extent of the risk assessment, tests of controls, and procedures that are required to be carried out.
    3rd Proposed AS: Identifying and Assessing Risks of Material Misstatement
    The auditor’s assessment procedures apply to both the audit of internal control over financial reporting and the audit of the financial statements. Auditors must obtain an understanding of the company and its environment to find the activities that could have a significant effect on the risks of material misstatement.
    4th Proposed AS: The Auditor’s Responses to the Risks of Material Misstatement
    The auditors should apply professional skepticism in gathering and evaluating audit evidence.
    Professional skepticism includes a questioning mind and a critical assessment of the appropriateness and sufficiency of audit evidence.
    5th Proposed AS: Evaluating Audit Results
    Some definitions here are interesting:
    Error is an unintentional misstatement in the financial statements.
    Misstatement is anything that causes the financial statements not to be presented fairly in conformity with the applicable financial reporting framework.
    Uncorrected misstatements are misstatements accumulated during the audit hat management has not corrected.
    6th Proposed AS: Consideration of Materiality in Planning and Performing an Audit
    The auditors must establish a materiality level for the financial statements as a whole that is appropriate especially in light of the surrounding circumstances. In order to determine the nature, timing, and extent of audit procedures, the materiality level as a whole needs to be expressed as a specified amount.
    7th Proposed Auditing Standard from the PCAOB: Audit Evidence
    There are some important changes here, and surprises. Some of the principles of computer forensics can be found in this auditing standard.
    For example, evidence provided by original documents is more reliable than evidence provided by photocopies or facsimiles, or filmed and digitized documents.

    Documents converted into electronic form are not reliable. In fact their reliability depends on the controls over the conversion and maintenance of those documents.
    The moral of the story:
    We had Enron - 2001
    We needed to restore investor confidence - Immediately
    We needed regulation - Immediately
    We had the era of regulation - 2002 to 2004 SOX to Auditing Standards
    We restored investor confidence
    We needed de-regulation SOX too expensive, too bad
    We started making things easier for firms - 2005-2007
    We had the market crisis - 2007
    We needed to restore investor confidence - Immediately
    We needed regulation - Immediately
    We have the era of regulation - 7 new Auditing Standards
    Do you wonder what is next???

  • While I encourage a thorough review of the new PCAOB audit standards after they have been approved by the PCAOB in their final form, I think any kind of hype is exagerated.
    The International Accounting and Assurance Standards Board ( has passed a suite of risk based audit standards as changes to its international standards on auditing (ISA) a couple of years ago. ISAs are used by most developed countries outside the US. As far as I know, there has not been a big change in those countries that would give reason for consultants to create a hype. The PCAOB has based its new PCAOB audit standards on the ISA’s suite of risk-based standards. Given the additional fact that the US already has a stronger emphasis on risk assessment and internal control with PCAOB auditing standard no. (audit of the effectiveness of internal control over financial reporting), I do not expect much of a change for the companies that are audited according to PCAOB auditing standards.

Log in to reply