planning document

advertisement
AUDIT PLANNING FOR PROFITS IN TOUGH TIMES
By Larry L. Perry, CPA
CPA Firm Support Services, LLC
A FOUNDATION OF LITERATURE
Planning and Supervision, SAS No. 108, requires the auditor to:







Obtain an engagement letter.
Evaluate client continuance.
Develop an overall audit strategy.
Develop a written audit plan (audit program).
Determining the extent of involvement of professionals possessing specialized
skills
Inform assistants of their responsibilities.
Review the work of assistants.
Engagement planning is an on-going process; it takes place throughout an engagement.
Original plans are often modified as additional information and unusual matters come to
our attention while performing the engagement. SAS No.108 requires these specific
components of the audit plan:



A description of the nature, extent and timing of planned risk assessment
procedures considering the requirements of:
SAS No. 107—Audit Risk and Materiality in Conducting an Audit
SAS No. 109—Understanding the Entity and its Environment and
Assessing the Risks of Material Misstatements
A description of the nature, extent and timing of planned further audit procedures
at the relevant assertion level for each material class of transactions, account
balance and disclosure as determined under:
SAS No. 110—Performing Audit Procedures in Response to Assessed
Risks and Evaluating the Audit Evidence Obtained
A description of other audit procedures to be carried out for the engagement to
comply with generally accepted auditing standards.
Statements on Quality Control Standards (SQCS), applicable to audits, compilations and
reviews, require that a firm’s quality control policies and procedures cover all phases of a
firm’s engagements, including planning. The peer review and quality review processes
monitor and evaluate compliance with these requirements. SQCS No.7, A Firm’s System
of Quality Control, effective January 1, 2009, requires a firm to document each element
of its quality control system. The extent of the documentation will depend on the size,
structure and nature of the firm’s practice. Illustrative guidance is included in the
AICPA’s publication, Establishing and Maintaining a System of Quality Control for a
CPA Firm’s Accounting and Auditing Practice, which is available for purchase from the
AICPA.
1
Do We Really Have to Plan Small Audits?
We used to do our audit planning in the back seat of the car on the way to the client’s
office. I once worked for one partner who planned the audit of a bank located in our
office building as we rode the elevator to the first floor! In my early years, we didn’t do
much planning because audit procedures were designed on the fly. By that I mean we
obtained an understanding of a client’s business and industry, internal controls and
operations and targeted the areas where risks were high. Sure, we wrote programs but
mostly after the audit was done!
But then times began to change. SAS No. 22, Planning and Supervision, said we should
plan the audit before it began. Most of us continued to follow the audit approaches of the
past and, again, filled out the required planning forms after the audit was done (we had to
pass peer review you know!). It wasn’t long, however, until peer reviewers began to ask
us when we filled out those planning forms and we could not tell a lie! So we began to
plan a little.
SAS No. 99 on fraud risk assessment accelerated our planning pace. We had to
“brainstorm” fraud risks. Most people, except for some of us sole practitioners, have to
meet with another person to brainstorm. If you’re a sole practitioner like me, we’re used
to talking to ourselves anyway (now we can call it brainstorming)! So we brainstormed
and planned some more.
Only when the so-called risk assessment standards became effective in 2007 did some of
us finally become believers. We began to recognize that effective planning actually
reduced engagement performance time! Now we’re at the bottom of the barrel with our
headline question, “Do We Really Have to Plan Small Audits?” The answer is a
resounding “yes.” Not only do we have to plan to satisfy the requirements of SASs, we
have to plan if we are to have hope of engagement profits!
The Root of Audit Requirements and Documentation
There is good news and bad news. First, the good news: for over two decades, publishers
of auditing practice aids have supplied us with forms, checklists and programs to comply
with existing professional standards. The bad news: the volumes of accounting and
auditing pronouncements have increased exponentially causing huge stacks of paper or
long lists of electronic forms for even the smallest audits.
When the new audit risk assessment standards were effective in 2007, the length and
number of audit practice aids from most publishers increased substantially. Because it
became very difficult to determine which documentation was required to comply with the
new standards, conservatism ruled and many auditors used all the practice aids available.
Audit quality was good but budget overrun was high!
2
Here is a foundational principle of audit efficiency. The root of audit requirements is not
the practice aids purchased from a provider. Audit requirements for non-public and nonprofit entities are rooted in the Statements on Auditing Standards (SASs) published by
the Auditing Standards Board of the AICPA. Audit efficiency begins with choosing
documentation that, first, satisfies the applicable requirements in SASs and, second, is the
most efficient considering engagement circumstances.
Small Audit Documentation that Satisfies SASs
For all audit engagements, documentation must evidence compliance with the
requirements of applicable SASs. Because SASs are written to be applicable audit
engagements of all sizes, compliance for a small audit will likely be different than for a
large audit. Audit documentation of compliance, therefore, is also likely to be different.
Here is a list of annual “key” documentation that will support most small audit strategies:
 Client acceptance and retention evaluations
 General ledger analysis worksheet
 Small audit internal control questionnaire, flowcharts or memos by financial
statement classification
 Systems walk-through memo or other documentation
 Analytical procedures worksheets for engagement planning and review
 Risk of material misstatements evaluation by financial statements classification
 Linking working paper to guide the selection of tests of controls and tests of
balances procedures based on risk
 Tolerable misstatements calculation by financial statements classification
 Sampling and non-sampling decisions worksheet
 Audit planning document summarizing audit strategies
 Small audit programs tailored for audit risk
 Small audit client representation letter
It’s important to note that as we begin to think outside the box in planning, performing
and documenting small audits our CPA firm’s quality control document must give us the
authority to make modifications that are tailored to the nature, size and complexity of a
small client entity. The engagement performance section should not be written with
reference to a major publisher’s practice aids as the firm’s system of quality control.
Instead, this section should specify that the top line authority on each engagement has the
latitude to design and use audit strategies, plans and documentation that is appropriate in
the engagement’s circumstances. This section should also specify any audit guides or
practice aids from major publishers that firm personnel use for reference.
The Foundation for Audit Documentation
Underpinning the small audit documentation outlined above, a CPA firm’s operating
philosophies can contribute significantly to engagement efficiency. First on the list is
the involvement of leadership on engagements.
3
Involvement on audit engagements for many CPA firm partners or sole practitioners is
often limited to a brief meeting with staff personnel before the engagement begins and a
review of the working papers and report after the engagement is finished. While this may
limit the executive’s time charges on an audit, it also limits the opportunities to train
personnel, to set the tone at the top, to ensure audit quality and to deal with engagement
problems throughout the job. Limited executive participation usually results in increased
time charges during the wrap-up phase to clean up review points and resolve problems
after the fieldwork is finished.
Auditing standards now require participation of the top line authority in planning
meetings on all audit engagements. Many executives also require in-charge accountants
to communicate the status and problems of engagements throughout the performance
phase. Some executives perform their engagement reviews in stages to avoid last minute
problems. The result of all these practices is that engagement problems are dealt with
early and engagement procedures are done correctly the first time! On large or small
audits, much wasted time is eliminated and higher profitability is achieved when
executives are involved in all phases of engagements.
Approaches to Planning
In the table that follows, approaches and responsibilities for on-going planning have been
presented for audit engagements. This table identifies some of the forms published by
Practitioners Publishing Company (PPC) and descriptions of small audit documentation
discussed in this webcast series. The accompanying SAS Compliance Matrix for Small
Audits provides lists of additional documentation from PPC and related small audit
alternative documentation.
4
APPROACH TO PLANNING TABLE
RESPONSIBILITY
FUNCTION IN-CHARGE EXECUTIVE SMALLER AUDITS DOCUMENTATION
Preplanning:
1. Pre-engagement planning
conference.
2. Understand
client’s business and industry and
internal control
system design
and operation.
1. Discuss prior
year results and
general strategy
for current
audit
engagement.
2a. Review
prior year’s
working papers,
report and internal control
communication
letter.
1. Advise incharge of any
current developments.
1. In-charge important issues memo.
2a. Discuss.
2. In-charge important issues memo.
2b. Prepare or
update Engagement Acceptance and/or
Continuance
Forms—CX1.1 and 1.2.
2b. Review
and
approve Engagement Acceptance and/
or
Continuance
Forms.
2c. Review
and
approve engagement risk
assessment at
the financial
statement
level.
3. Meet with
management,
discuss letter
and obtain
signature.
Communicate with
those charged
with
governance.
2bi. Client Acceptance and Continuance Form.
2bii. Fraud Risk Memorandum.
2biii. Small Audits Engagement Letter
4a. Review
documentation.
4ai. General Ledger Analysis Worksheet.
4aii. Internal Control Flowcharts, Memos, Systems
Walk-through Documentation Form and/or Small
Audits Internal Control Questionnaire.
2c. Assess engagement risk at
the financial
statement
level—CX-7.1.
3. Engagement
letter and communication
with persons
changed with
governance.
Planning:
4a. Obtain an
understanding
of client’s business and industry and
internal control.
3. Identify the
nature of the
engagement
and additional
services to be
performed. Prepare letter.
4a. Complete
Client Info
Form--CX-3.1,
Fraud Risk ID
Form—CX-6.1
and/or Control
Activities
Forms—CX-5.
2ci. Planning Document.
2cii. Fraud Risk Memorandum.
3i. Small Audits Engagement Letter.
3ii. Planning Document.
3iii. Partner Participation Memorandum.
3iv. Small Audits Governance Communication Letter.
5
5a. Risk Assessment
Summary
6. Establish financial statement
materiality
limits and tolerable misstatement by
financial statement classification..
7a.Determine
audit plan and
make sampling
decisions.
4b. Complete
Financial Reporting System
Documentation
Form—CX-4.2
and/or flowcharts and
system
walkthrough
memos or table.
5a. Perform
preliminary
analytical
procedures—
CX-9.1/9.2.
5b. Complete
Risk Assessment Forms—
CX-4.1, 7.1,
7.2.
6. Complete
Financial Statement Materiality Work
sheet—CX-2
7a. Complete
Sampling Planning and
Evaluation
Form—Substantive Tests—
CX-8.1.
5a. Review
documentation.
5ai. Risk of Material Misstatements Form.
5aii. Linking Working Paper.
6. Review and
approve limits.
6a.. Tolerable Misstatements Computation Form.
7a. Review all
documentation.
7a. Sampling Analysis Worksheet.
7b. Determine
affect of risk on
decisions to
sample; prepare
detailed audit
program.
7c. Complete
Test of
Controls
Form—CX10.1, Test of
Controls Sampling Planning
and Evaluation
Form—CX10.2, as in audit
strategy.
7bi. Risk of Material Misstatements Form.
7bii. Linking Working Paper.
7biii. Small Audits Standard Program.
7biv. Standard Working Papers.
7c. Small Audits Tests of Controls Form.
6
8. Time budget
preparation.
8. Prepare
Audit Budget
and Status
Form.
8. Review and
approve budget.
8. Budget preparation as directed by executive.
9. Document
planning
decisions.
9. Prepare Planning Memorandum.
9. Review and
approve Planning Memorandum.
9a. Update Fraud Risk Assessment Memorandum.
9b. Update Planning Document.
10. Pre-interim
or yearend
work
conference with
engagement
team, including
engagement
executive.
10. Discuss
numbers 2-9
with engagement team including
executive.
10. Discuss
numbers 2-9
with engagement team.
10a. Finalize Fraud Risk Assessment Memorandum.
10b. Finalize Planning Document.
11. Pre-interim
or pre-yearend
meeting with
engagement
staff .
11. Discuss
staff work
responsibilities
and provide onthe-job training.
11. Observe.
11. Larger audits only.
12. Test of
controls.
12. Perform
tests of controls
if a part of audit
strategy.
Review work of
assistants.
12. Discuss
results.
12. Modify Small Audits Standard Program.
13. Communicate significant
deficiencies and
material weaknesses in
internal control.
13. Prepare
Management
Point Development Worksheet—CX-15.
13. Review
results.
13a. Control Deficiencies Worksheet.
13b. Small Audits Internal Control Communication
Letter.
7
14. Perform
substantive
analytical
procedures.
14. Prepare
trend analysis
worksheets and
perform other
proced-ures
linked to risk
assess-ment.
14. Discuss
results and any
resulting audit
program modification.
14. Small Audits Analytical Procedures Worksheet.
15. Yearend
work.
15a.. Complete
Audit Programs
and review work
of assistants.
15b. Complete
Audit Difference Evaluation Form—CX
12.2
16. Discuss
evidence collected and resulting conclusions with
executive.
15. Review
results of procedures and
Audit
Difference
Eval-uation
Form..
15a. Small Audits Standard Program.
15b. Small Audits Error Analysis Form.
15c. Working Papers and Memos.
16. Discuss
same with incharge.
16. Complete Partner Participation Memorandum.
17a. Prepare
management
representation
letter.
17b. Tie up
loose ends,
finalize working
papers, prepare
reports and tax
returns.
18. Post-engagement meeting
with staff.
17. Complete
engagement,
obtain executive final
review, client
approval of
financials and
signed
representation
letter.
18. Discuss
engagement
results and plans
for next year.
17. Make final
review of engagement and
deliver draft of
financials to
client.
17a. Small Audits Management Representation
Letter.
17b. Subsequent Events Review Memorandum.
18. Observe.
18. In-charge memo of plans for next year.
19. Internal
control
communication
and meeting
with persons
charged with
governance.
19. Prepare
internal control
letter for
manage-ment
and communicate with
persons charged
with
governance.
19. Review
letter and
deliver to
management
and persons
charged with
governance.
19a. Finalize Small Audits Internal Control
Communication Letter.
19b. Finalize Small Audits Governance
Communication Letter.
16. End-offieldwork confernce and executive review.
8
THE PARAMOUNT PICTURE OF QUALITY CONTROL
In the planning section of these materials, we discussed times at which the in-charge
accountant should meet with the engagement executive:
1. Before the planning begins to discuss the engagement, anticipated
problems and a tentative audit strategy.
2. During an engagement team planning meeting, before the main
fieldwork is begun.
3. After procedures have been performed, during the executive’s
review of working papers.
These “key points” represent the pinnacle of the quality control system for a CPA firm.
They provide opportunities for the executive to input his/her expertise at crucial times
during the engagement. Without these meetings at appropriate times, engagement
problems become reasons for time budget overruns!
Documentation of timely meetings will provide evidence of performance of the
executive’s quality control functions on engagements. In fact, the more evidence of the
executive’s involvement throughout the engagement, the less working paper
documentation of standard procedures that may be necessary! The more executive
involvement the greater the compliance with the substance of the quality-control
standards.
Using the Planning Document
The Planning Document is a vehicle for guiding planning activities and the engagement
team’s brainstorming meeting. A standardized format, such as outlined in the
illustrations at the end of this section, ensures uniformity of the planning activities among
engagements and provides executives assurance that the in-charge has considered all
aspects of planning. The Planning Document can be presented to the executive during or
after the engagement team meeting or, to save time, a draft can be submitted in advance
for the executive’s reading. During the meeting, changes in information or approaches
can be reflected in the document for the executive’s final approval before fieldwork
begins. Creating the planning document on a word-processing template will facilitate its
revision and completion.
In the remainder of this section, we’ll discuss how to “fine-tune” the planning process to
maximize engagement profitability.
PLANNING FOR TIME-SAVINGS OPPORTUNITIES
The final phase of engagement planning should include a review of planned procedures
to determine the required amount of work will be accomplished in the least time. Here
are some suggestions that will pay enormous dividends:
9





Finding alternative methods for performing clerical tasks can result in
cumulative time savings on every engagement. A few examples:
 Use a rubber stamp to imprint the client’s name on hardcopy working
papers.
 Use adding machine tapes taped to working papers instead of detail
lists.
 Photocopy client schedules and documents and tape to standard paper.
 Use computer software to prepare memoranda, prepare “to do” lists,
write review notes, write letters or prepare other written
documentation.
 Use computer software to prepare working papers that will replace
working papers prepared with pencil and paper.
 Scan client documents into electronic file container systems.
Request and use client-prepared working papers and/or electronic files. Be
careful to request only those papers that are necessary for the evidence
requirements of each engagement. Working papers prepared by the client and
later found to be unnecessary should be discarded, preferably at our office not
theirs!
During the review of the prior year’s working papers, the necessity of each
paper should be challenged. If a paper is necessary, our question should be,
“Is there a faster way to accomplish the objectives it documents?” Remember
that the “SALY” method can also become the “MILY” method (missed it last
year!).
Determine the auditing procedures that can be performed prior to the
engagement date:
 Performing various risk assessment procedures.
 Performing tests of controls if necessary.
 Reading minutes of directors’ meetings.
 Substantive tests for such accounts as property and equipment, longterm debt, deferred charges, expenses, etc..
 Analytical procedures based on interim information.
 Cycle counts of inventories maintained on perpetual systems.
 Accounts receivable confirmations.
 Other special procedures relative to certain industries, e.g., loan file
exams for banks and site inspections for construction contractors.
 Various other procedures.
Paraprofessional persons, either temporary or permanent employees, should
be used for performing accounting services (providing independence is not
impaired under ET 101-3), preparing trial balances and working paper
schedules and other clerical functions on engagements when client personnel
are not available. Paraprofessionals can also assist engagement personnel by
performing many clerical tasks such as loading data into auditing software,
checking calculations on client-prepared schedules and records, pulling client
documents for inspection and performing compliance tests such as loan file
examinations for banks. Under no circumstances, however, should the
paraprofessional person perform judgmental auditing procedures. Full-charge
10









bookkeepers, accounting technical school graduates or persons with degrees in
fields other than accounting or business may be considered for these purposes.
Prioritize procedures in engagement areas by performing the most important
first to accommodate ongoing planning. For example, perform any required
procedures for the largest general and payroll accounts first so increases or
decreases in procedures for other accounts can be made based on the results of
tests of the larger accounts.
Coordinate work in related areas, such as inventories and accounts payable to
prevent duplication of work effort by different persons.
Encourage the client to minimize supplementary information included with
the financial statements. Plan to issue the lowest level of assurance on
supplementary information whenever possible.
Teach staff to thoroughly self-review all work.
Frequently accumulate time spent on engagements, make estimates of time to
complete and compare to budgeted time. Staff personnel should be taught to
communicate progress to the in-charge at least halfway through the budgeted
time for an engagement area (more beneficial on larger audits).
Consider using the client’s computer system, data extraction software or
service bureau to perform certain tests, to prepare engagement schedules or to
select and print confirmations.
Make sure all time spent on tax or accounting functions is identified and
coded specifically to facilitate billing these charges separately.
Use the “ten-minute rule” on all engagements; i.e., don’t do any work that
doesn’t provide specific evidence to verify financial statement assertions or to
comply with other professional standards, even if it only takes ten minutes!
Plan for all levels of review to be conducted in the field whenever possible.
As I’m sure you sense by this time, increasing profits through effective planning is much
more than a few techniques designed to save time. It is a holistic approach to planning
that depends on performing every engagement procedure in the most efficient way. The
Planning Document is the tool that will help us accomplish this objective.
11
PLANNING DOCUMENT
Client: _________________________________________________________________
Engagement Date: _______________________________________________________
INSTRUCTIONS:
This document should be completed by the engagement in-charge accountant and
reviewed by the engagement executive before engagement personnel begin fieldwork. It
should describe engagement procedures accomplished or planned.
I.
ENGAGEMENT ADMINISTRATION:
A. Delivery of Engagement Letter:
The engagement letter is one of our primary tools for obtaining client understanding
of their responsibilities and ours. A good understanding before the engagement
begins will prevent misunderstandings from arising later. To accomplish a good
understanding, the engagement executive should deliver the letter and discuss its
contents with the client’s CEO or owner. Discussion of the letter with the client’s
owner or manager, president, superintendent or director should be one of the primary
sources for discovering potential misstatements, fraud or illegal acts.
B. Use of Client Assistance or Paraprofessionals:
We should use client assistance to the maximum extent possible on every
engagement. When client personnel are unavailable, we should consider
firm paraprofessionals to perform accounting services and clerical work in
connection with the engagement. (See Possible Client Assistance at end of
this section)
C. Planning for Proper Workspace:
The engagement in-charge has responsibility to arrange adequate
workspace before the fieldwork begins. Poor lighting, lack of adequate
heat or air conditioning, desks or tables that are too small or work
locations that are not near client accounting personnel are examples of
situations that hinder the efficient completion of an engagement and that
should be avoided.
D. Assignment of Staff Personnel:
12
A basic element of a good quality control system is assigning personnel to
engagements and tasks that are commensurate with their capabilities. A
primary audit response to risk at the financial statement level is also
assigning experienced staff persons to the high-risk area or providing more
supervision to lesser experienced persons. Assigning the right people to
engagements also helps complete the engagements in the minimum
amount of time. SQCS No. 7, effective January 1, 2009, requires CPA
firm documentation of this element of quality control.
E. Target Dates:
Setting target dates during planning is the first step to achieving timely
engagement completion. These target dates should also become the input
to the firm’s staff scheduling system.
F. Use of Specialists:
We should consider using outside specialists whenever we perform any
auditing procedures in circumstances outside our firm expertise. Such
circumstances may include actuarial computations for pension funds,
questions of law, observations of inventories of products or materials,
required tests of client accounting software, and complex accounting and
auditing problem situations. When the auditor out sources any services in
connection with an engagement, the engagement letter should contain a
paragraph notifying the client. The auditor is also required to obtain a
confidentiality agreement from the person or organization performing out
sourced services.
G. Electronic Auditing Opportunities:
Trial balance and financial statement preparation software, electronic
practice aids, file container software, spreadsheets, word processing
software, document scanners and data extraction software should be used
to the maximum extent possible on all engagements. This section should
list the specific, planned applications for discussion with the engagement
executive.
H. Audit Budgets:
The audit budget should be prepared during engagement planning. The
budget should be based on circumstances, not fees. The budget should be
summarized here for discussion with the executive.
II.
TECHNICAL AUDIT PLANNING DECISIONS:
A. Risk of misstatement at the financial statement level:
Use of Statements:
High-risk uses of statements should be described.
13
Potential for Going-Concern Problems:
Continued losses, high debt and external situations that threaten the
continued existence of the company should be described.
Integrity of Management:
Specific information that could cast doubt on management’s
integrity, or lack thereof, should be discussed here.
An overall evaluation of risk at the financial statement level should be
made and the subjective impact on engagement procedures should be
recorded for use in audit program modification.
A1. The risk of misstatements evaluation at the assertion level, and the impact
on the audit strategy, by major financial statement classification should be
documented in this document.
B. Materiality Judgments:
A summary of the tolerable misstatement calculations and reasoning
should be presented here.
C. Sampling Decisions:
This section should describe the reasons for making decisions to sample or
not sample. If decisions are made to sample, the rationale for sample size
calculations should be explained.
D. Audit Strategies:
Detailed substantive tests of balances, risk assessment procedures, tests of
controls and/or extensive analytical procedures are options for the general
audit strategy.
E. Nature of Procedures:
Descriptions of the nature, extent and timing of tests of balances
procedures and analytical procedures for material financial statement
classifications should be described here.
F. Significant Time-Savings Opportunities:
Opportunities to save time on the engagement not discussed elsewhere
should be detailed here.
G. Engagement Team Meeting:
This section should document the significant potential risks of
misstatement due to error or fraud, planned audit responses and other
matters discussed at the team meeting. All engagement personnel,
including partners or directors, are required to attend this meeting.
14
I. Potential Risks of Misstatement due to Errors or Fraud:
From risk assessment procedures:
Potential risks of misstatement discovered during the risk assessment
procedures, and the planned audit responses, should be documented here.
From reading the general ledger account activity and performing
other analytical procedures:
Unusual matters, variances or other potential risks, and the planned audit
responses, should be documented here.
Factors discovered throughout the engagement, along with audit
responses and their results:
From inquiries of management personnel:
From inquiries of staff personnel:
From communication with persons charged with governance:
From performing fieldwork and other auditing procedures:
Prepared by:________________________________Date:_________________________
Reviewed by:_______________________________ Date:_________________________
15
POSSIBLE CLIENT ASSISTANCE CHECKLIST
_______
_______
_______
_______
_______
Working trial balance of general ledger or
leadsheets.
_______
_______
_______
_______
_______
Schedule of cash on hand.
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
Schedule of receivables from, or payable
to related parties.
_______
_______
_______
_______
_______
Schedule of notes receivable.
_______
_______
_______
_______
_______
Schedule of prepaid insurance and
insurance in force.
(Have policies ready for inspection)
_______
_______
_______
_______
_______
Letter to insurance company regarding
cash surrender value of life insurance
(preprinted forms).
_______
_______
_______
_______
_______
Inventory sheets including pricing and
extensions that tie into the general ledger.
_______
_______
_______
_______
_______
Letter to attorney regarding claims against
the client and fees owing to him.
_______
_______
_______
_______
_______
Schedules of marketable securities.
_______
_______
_______
_______
_______
Letter to brokers asking for detailed list of
securities held by them.
_______
_______
_______
_______
_______
Schedules of investments and other
assets.
_______
_______
_______
_______
_______
Schedule of officers’ life insurance.
_______
_______
_______
_______
_______
Schedule of current year fixed asset
additions and disposals.
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
Bank reconciliation for each bank account.
Aged trial balance of accounts receivable:
Current; 31 to 60 days;
61 to 90 days; over 90 days.
16
_______
_______
_______
_______
_______
Depreciation schedules.
_______
_______
_______
_______
_______
Schedule of accounts payable
(Save all regular statements as of
engagement date.)
_______
_______
_______
_______
_______
Schedules of accrued expenses other than
income taxes.
_______
_______
_______
_______
_______
Schedule of notes payable and long-term
debt.
_______
_______
_______
_______
_______
Analysis of the following income and
expense accounts:
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_________________________
____
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
_________________________
____
_______
_______
_______
_______
_______
_______
_______
_______
_______
_______
a. Investment income.
b. Miscellaneous income.
c. Repairs, maintenance and
supplies.
d. Taxes paid.
e. Contributions.
f. Miscellaneous expense.
g. Schedules of rental income and
expense account payments.
h. Bad debts expense.
i. Officer’s salaries and expense
account payments.
j. Professional fees.
Others:
_________________________
____
Personnel available to:
Pull invoices, prepare confirmations,
reconcile accounts receivable and
payable confirmations under our
control, etc.
Typing assistance for engagement
correspondence.
17
FRAUD RISK ASSESSMENT MEMORANDUM
Client: ___________________________________
Date: ____________________________________
(Instructional Copy)
INSTRUCTIONS:
This memorandum can be used to facilitate compliance with SAS No. 99 and the fraud
risk assessment process that should continue throughout an engagement. Potential fraud
risks that are documented in this memorandum should be used to formulate audit
responses that will result in audit program modification. This memorandum may be used
as the primary documentation of the fraud risk assessment process and supplemented by
PPC Fraud Risk Assessment Forms, PPC Inherent and Combined Risk Assessment Form,
Risk of Potential Errors Form, Systems Walk-Through Procedure Form, Analytical
Procedures Program, Planning Memorandum and/or Planning Matrix. This
memorandum can also be used to support or complement any of the documents listed
above. Each section should describe the fraud risk assessment activities utilized on the
engagement. If no activities were conducted, or there were no fraud risk factors
discovered, the auditor should document this fact in the applicable sections of the
memorandum.
PARTNER’S (DIRECTOR’S) DELIVERY OF ENGAGEMENT LETTER:
Delivery of the engagement letter provides opportunity for discussing the terms and
responsibilities of the engagement, the significant client events that occurred during the
year and potential fraud risk factors with the client’s owner/manager, president,
superintendent or director. This section should document the questions asked and issues
discussed, as well as any matters that require an audit response. Exhibit 2-2 in the
Appendix to these materials contains illustrative inquiries for management about fraud
risks that may be appropriate for use at this meeting.
ENGAGEMENT TEAM MEETING:
Exhibit 2-1 in the Appendix to Chapter Six contains examples of questions for use during
the engagement team discussion. This section should document the significant potential
fraud risks and planned audit responses discussed during the meeting. If the applicable
PPC form is not also prepared to document this meeting, the date of the meeting, how and
where it took place and who attended should be documented here.
18
POTENTIAL FRAUD RISKS FROM UNDERSTANDING CLIENT ACTIVITIES:
Potential fraud risks discovered during preparation of the Engagement Acceptance and
Continuance Forms, the Audit Planning Form and the System’s Walk-Through
Procedures, and their planned audit responses, should be documented here for use on the
PPC Fraud Risk Assessment Form, the PPC Inherent and Combined Risk Form or the
System’s Walk-through Working Paper (see Appendix to these materials). Planned audit
responses can be included here or referenced to the above-mentioned documentation
depending upon your firm’s policies.
POTENTIAL FRAUD RISKS FROM PRELIMINARY ANALYTICAL
PROCEDURES:
Preliminary analytical procedures performed before the fieldwork begins, and analytical
procedures performed throughout the engagement, may reveal unusual relationships
among financial data or other unusual matters that may be potential fraud risks. The
potential risks and their impact on planned auditing procedures should be described here.
FRAUD RISK FACTORS DISCOVERED THROUGHOUT THE
ENGAGEMENT:
This section provides space to document the results of our ongoing fraud risk assessment
process. Potential fraud risks discovered during the course of the engagement, along with
planned audit responses, should be recorded in the appropriate space below.
Inquiries of Management Personnel:
Inquiries of Staff Personnel:
Test of Controls Procedures:
19
Discussions with Audit Committee:
Discussions with Board of Directors:
FIELDWORK PROCEDURES:
Potential fraud risk factors discovered during the conduct of the fieldwork, along with
planned audit responses, should be documented here. If possible, the factors and planned
responses should be grouped by financial statement classifications, i.e., cash, receivables,
inventories, etc.
RESULTS OF PLANNED AUDIT RESPONSES:
The results of planned audit responses from each of the sections above should be
documented here in detail or referenced to a working paper or other memo that describes
the results of the planned audit responses. This section should also contain an overall
conclusion that, based on the audit response procedures performed for potential fraud
risks, the financial statements contain an acceptable level of misstatements due to fraud.
20
CONCERN ABOUT GOING CONCERN
As the effects of the widening economic recession on businesses and other organizations
become more apparent with the news of each day, many CPAs are increasingly
concerned about some of their clients. One practitioner shared that he is concerned about
not only the obvious effects of the economic downturn on his clients but is extremely
concerned about the effects on their customers, suppliers and lenders that may not be
readily apparent. These concerns are important considerations for planning every yearend engagement. After a brief summary of the FASB’s exposure draft, Going Concern,
we’ve included several considerations that may be crucial for all calendar year-end and
future engagements.
FASB Exposure Draft
The FASB has issued an exposure draft, Going Concern, which can be downloaded from
the Exposure Drafts sidebar on www.fasb.org. We recommend you provide a copy of
this exposure draft to all audit and review engagement personnel in your CPA firm. The
objective of this proposed Statement is to (1) provide guidance on the preparation of
financial statements as a going concern and on management’s responsibility to evaluate a
reporting entity’s ability to continue as a going concern and (2) require disclosures when
either financial statements are not prepared on a going concern basis or there is
substantial doubt as to an entity’s ability to continue as a going concern.
It would apply to business entities and not-for-profit entities that prepare financial
statements in accordance with generally accepted accounting principles (GAAP) and
apply to both interim and annual financial statements. It may also be necessary to apply
the contents of the pronouncement to financial statements prepared in accordance with an
other comprehensive basis of accounting to prevent them from being misleading.
Proposed Significant Change
Existing guidance in SAS No. 59 requires an auditor’s consideration of the going-concern
assumption for 12 months following an entity’s fiscal yearend. This proposed Statement
would require that management of a reporting entity consider all available information
about the future which is at least, but is not limited to, 12 months from the end of the
reporting period when assessing whether the going concern assumption is appropriate.
An accountant or auditor reporting on such financial statements would, of course, be
responsible for evaluating management’s representations regarding the entity’s ability to
continue as a going concern.
Presentation
The exposure draft requires management to assess the reporting entity’s ability to
continue as a going concern. An entity is required to prepare financial statements on a
going concern basis unless management either intends to liquidate the entity or to cease
operations, or has no realistic alternative but to do so.
21
Management may identify information about certain conditions or events that, if
considered in the aggregate, indicate there could be substantial doubt about the reporting
entity’s ability to continue as a going concern. The significance of such conditions and
events will depend on the circumstances, and some may have significance only when
viewed in conjunction with other conditions or events.
If, after considering the information in the aggregate, management believes that there is
substantial doubt about the reporting entity’s ability to continue as a going concern,
management shall consider its plans for dealing with the adverse effects of those
conditions and events and whether those plans will mitigate the adverse effects and
whether they can be effectively implemented. Accountants and auditors reporting on
financial statements and footnotes when there is substantial doubt about continued
existence will be required to evaluate the adequacy and effects of management’s plans.
Footnotes Disclosures
When management is aware of material uncertainties about events or conditions that may
cast substantial doubt upon the entity’s ability to continue as a going concern, the entity
shall disclose those uncertainties in the footnotes to its financial statements, along with
their plans to overcome the threat to continued existence.
When an entity does not prepare financial statements on a going concern basis, it shall
disclose that fact, together with the preparation basis and the reasons why the entity is not
regarded as a going concern.
Our Planning Suggestions
Here are some practical questions you may wish to incorporate in the planning
documentation of every audit and review engagement for the foreseeable future.





Does our understanding of the client’s business and industry reveal any
information contrary to the going-concern assumption? Such information may
include current and expected recurring operating losses, cash flow problems,
defaults on debt obligations, inability to obtain financing or renewals of existing
credit lines, an industry significantly affected by the recession, customers and
vendors with going-concern problems, decreasing assets valuations, statutory
noncompliance, and external matters such as lawsuits, loss of franchise or
licenses, etc.
Does management have any concerns about the entity’s ability to continue in
business for at least a year or possibly longer?
What are management’s plans to mitigate any revealed threat to continued
existence?
Are management’s plans realistic and are they capable of carrying them out?
What procedures will be necessary for the engagement team to evaluate
management’s plans to overcome going-concern problems?
22


What effects are the going-concern issues likely to have on the basis of
preparation of the entity’s financial statements?
What effects are the going-concern issues likely to have on the accountant’s or
auditor’s report?
The threats to the continued existence of some entities may be more significant than any
we’ve considered since the 1980s. Our audits and reviews will continue to be evaluated
based on the effectiveness of our engagement planning and procedures. Identifying and
evaluating going-concern issues must be an integral part of every engagement performed
by CPA firms.
Are You Ready?
While presenting a series of seminars recently, I had occasion to visit with three CPAs
that had each made significant business decisions a year ago. These proactive decisions
had earned them hundreds of thousands of dollars, millions in one case. While the signs
of the times a year ago had begun to indicate the need for conservatism in business
practices, these CPAs were all looking beyond what they could see happening in the
economy and marketplace and paying attention to their intuition. Although it didn’t seem
time to sell parts of their businesses, two sold segments before they became worthless a
year later. The other CPA made some personal investment decisions that generated funds
for his early retirement which would not have been possible had he waited. Trusting their
personal assessments of the immediate future, and their intuition, enabled them to prosper
in difficult times.
Management personnel of many smaller CPA firms have begun to look beyond media
rhetoric and politicians’ words to consider the potential impact of the economic and
political environment on their firms and clients. Having an intuitive feeling that the
economy may not improve for a few years, some are changing their normal methods of
operation.
Here are a few changes CPA firms should be considering:
1. Pay daily attention to reliable news sources within our profession. For example,
knowing that proposed changes to the Internal Revenue Code include the
elimination of the LIFO method of accounting, the intangible drilling credit and
percentage depletion may mean opportunities to help clients plan and respond to
such changes to minimize tax burdens.
2. Consider the different services clients may need due to new legislation, changes
in professional standards and the affects of economic downturn on their
operations, customers and vendors.
3. Evaluate clients’ worth to the future of the firm and outplace those that have no or
little potential benefit. Considering both client profitability and their potential in
the future should be part of this decision making.
23
4. Reconsider the nature of services performed by the firm to minimize risk and
meet emerging client needs. Look for opportunities to specialize in “niche” areas
such as cash flow forecasting or accounting for certain proposed tax law changes.
5. Read, evaluate and respond to exposure drafts of new pronouncements that affect
firm services. Current amendments to risk assessment SASs and compilation and
review standards are important examples.
It is time to get ready!
24
Download