New Financial Statement Audit Standards Issued to Better Assess Risk and Improve Documentation By F. Jeffrey Kovacs, CPA, Alpern Rosenthal In 2006, the Auditing Standards Board (ASB) issued eight standards requiring auditors to change how they assess risk and internal controls, and as a result, possibly change the nature, extent and timing of audit procedures. These standards were a follow up to Sarbanes-Oxley which was in the wake of the Enron scandal and other business failures. This legislation had a profound effect on both company management and the audit profession of publicly traded companies and large private companies. The ASB’s sweeping set of new standards for nonpublic entities rewrites many of the fundamental principles of a financial statement audit. Though less in scope than the rules for public companies, these new standards parallel many of the key themes of Sarbanes-Oxley, including new requirements that: • Auditors gain a more thorough understanding of their clients’ internal control, including tests of certain controls not previously required. • Auditors obtain more detailed information about their clients’ operations, their business objectives and strategies, and the risks to achieving these objectives. • Auditors request information and documentation from their clients that they may not have requested previously. • Client management clearly accepts responsibility for preparing all financial information and the company’s financial statements. • Auditors must report significant control deficiencies noted during the audit in writing. We may no longer communicate such findings in only an oral manner. • Auditors must communicate certain matters to the audit committee or “those charged with governance.” The main objective of the new auditing standards is to strengthen and maintain the integrity of the independent financial statement audit. The new standards will benefit all stakeholders in the financial reporting process—those who prepare financial information, those who provide assurance on the reliability of that information, and those who use the information to make decisions about your company. Because these standards demand a higher level of performance, there will be changes to the way audits are performed for many companies. Some accounting firms have already been employing a risk-based approach to audit engagements for many years, therefore many professionals are already proficient with most of the Standard’s requirements. However, others have not employed a risk-based approach and those firm’s clients will see dramatic changes. With or without the risk-based approach, most audits will result in an overall increase in the effort by both the audited company and the audit team in order to implement the new standards. The new rules are effective for 2007 year end audits. Most firms have been investing resources to adapt their audit process and train their engagement teams so they are able to address these new standards in their audits as effectively and efficiently as possible. For CFOs, be certain to ask your accounting firm about these new standards, how they are handling the changes and their impact, if you have not already. For more information, contact F. Jeffrey Kovacs, Accounting and Audit Shareholder and Director of Quality Control for Alpern Rosenthal, at 412.281.2545 or at jkovacs@alpern.com.