independence update -...
TRANSCRIPT
4/23/12
1
+
Yellow Book Independence Update Leita Hart-Fanta, CPA, CGFM, CGAP November 2011
+Ethics
1.01 The concept of accountability for use of public resources and government authority is key to our nation’s governing processes. Management and officials entrusted with public resources are responsible for carrying out public functions and providing service to the public effectively, efficiently, economically, ethically, and equitably within the context of the statutory boundaries of the specific government program.
5 ethical principles 1. The public interest 2. Integrity 3. Objectivity 4. Proper use of government information, resources, and
position 5. Professional behavior
Leita Hart-Fanta, CPA, CGFM www.auditskills.com
2
4/23/12
2
+Buzzwords of the Yellow Book
Transparency Accountability
Service
+2007 Version of Independence
n 3 types of independence n Personal
n External
n Organizational
n Non-audit services n 3 zones
n Green – does not impair
n Yellow – impairs but can be safeguarded
n Red - impairs
4/23/12
3
+2011 ‘CONCEPTUAL FRAMEWORK’
Same old audit trifecta
1. Identify threats
2. Decide if threats are significant
3. Apply safeguards
+7 Threats
"
1. Self-interest threat"2. Self-review threat"3. Bias threat"4. Familiarity threat"5. Undue influence threat "6. Management participation threat"7. Structural threat"
4/23/12
4
+dating
You are a single man actively seeking a wife. Your clock is ticking and you have landed in chick wonderland. Every accounting clerk at this agency is a hottie and you have asked several of them out. One cutie obliged and after two dates you think you are in love. When you asked her for a file, she delivered it personally and attached a post-it note with a smiley face on it. So romantic!
+uber conservative
You were the president of the Young Conservatives of Texas at your alma mater and you want to make a difference in government from the inside. You land a job with a legislative auditor and your first assignment is a compliance audit of the food stamp program at Health and Human Services. Every file you examine makes you angry and you want to recommend a change to state policy. Your audit manager reminds you to simply check for eligibility and move on. He reminds you that you are burning up budget hours and he has other things for you to work on.
4/23/12
5
+‘wanna job?
You are the ultimate professional. You impress everyone you meet with your helpful, can-do attitude. Your current audit client is growing super fast and is looking for a few good folks to help them. You like everyone you have worked with so far, although they do have a series of significant reportable conditions that deserve attention. Today, the executive director dropped by your office to offer you an appealing job with a nice salary. You have been getting a tired of all the travel…
+ 10"
Common safeguards
n Safeguards in the work environment"
n Select non-impaired auditor"n Separate engagement teams (for services that
are not prohibited) "n Secondary reviews"
4/23/12
6
+GAO CAN’T STOP AT AICPA’S STRUCTURE
n Discusses specific services that impair independence
n Requires that you document your thought process
+NON-AUDIT SERVICES
Governing body
Auditee Auditor
client consultant
AUDIT NON-AUDIT SERVICES/CONSULTING
4/23/12
7
+Before you take on a nonaudit service, jump these hurdles
n Management should take responsibility for nonaudit services performed by the auditors"
n Auditors should document their understanding with management regarding the nonaudit service"
n Auditors should assess (AICPA) and document (GAGAS) whether management possesses suitable skill, knowledge, or experience to oversee the nonaudit service"
+drafting
You are auditing a not-for-profit with three employees – the executive director, an administrator, and a counselor. They just received a significant federal grant large enough to trigger Single Audit requirements. You decide to expedite the audit, you will create the financial statements from their QuickBooks trial balance.
4/23/12
8
+Independence Acid Test
If you are both auditing and preparing the financial statements and notes – and you make a material error – would your client notice it?
Leita Hart-Fanta, CPA, CGFM www.auditskills.com
Yellow Book Standards 2010 15
+ 16"
Assessing Management’s Skill, Knowledge, or Experience Factors to document include managementʼs:"
n Understanding of the nature of the service"n Knowledge of the audited entityʼs mission and operations"n General business knowledge"n Education"n Position at the audited entity"
Some factors may be given more weight than others""
GAGAS does not require that management have the ability to perform or reperform the service"
4/23/12
9
+clueless
This same tiny not-for-profit is overwhelmed by the grant’s compliance requirements. You are afraid they are going to fail on every measure because they haven’t read the requirements or thought about how they might comply. You point them to several websites where they can research the compliance requirements.
+ 18"
2011: Routine Audit Services and Non-audit Services Routine audit services pertain directly to the audit and include:!n Providing advice related to an accounting matter"n Researching and responding to an audited entityʼs
technical questions"n Providing advice on routine business matters"n Educating the audited entity on technical matters"
Other services not directly related to the audit are considered non-audit services.!
4/23/12
10
+what a mess
A few weeks after pointing the not-for-profit’s executive director to the federal websites, she calls you and admits that she is freaked out. There is no way she will be able to clean house by the time you show up to audit next week. She asks you to put off the audit for a few weeks and come out to help her establish internal controls tomorrow. You tell her your fee and she gratefully agrees to your terms.
+the IIA digs it!
You have finally earned the trust of your board of directors after years of hard work. They support your team’s professional development and encouraged you to go the the IIA regional conference. When you got back, you told them about technologies they could use to continuously monitor programs and they were very excited. They are worried about a new, high risk, high profile program that has already gotten some bad press. Yesterday, they asked you to put this new program on your audit plan and to supervise the program manager in charge of monitoring the program.
4/23/12
11
+how much is that worth?
You are the managing partner of CPA firm that specializes in real estate development. You have a staff of brainiacs whose primary job is estimating the value of high-rise residential developments. Some of these high-rises are developed in partnership with the federal government and are subject to stringent audit requirements. You have another side of your practice that performs these audits annually.
+What you must document
1. The auditorʼs application of safeguards to eliminate threats or reduce them to an appropriate level"
2. Consideration of audited entity managementʼs ability to effectively oversee a nonaudit service to be provided by the auditor"
3. The safeguards required if a audit organization is structurally located within a government entity and is considered independent based on those safeguards (not an engagement-specific requirement)"
4/23/12
12
+Exhibit B of SAS 115 Examples of Circumstances That May Be Deficiencies, Significant Deficiencies, or Material Weaknesses
Paragraph .15 of this section identifies indicators of material weaknesses in internal control. The following are examples of circumstances that may be deficiencies, significant deficiencies, or material weaknesses:
• Employees or management who lack the qualifications and training to fulfill their assigned functions. For example, in an entity that prepares financial statements in accordance with generally accepted accounting principles (GAAP), the person responsible for the accounting and reporting function lacks the skills and knowledge to apply GAAP in recording the entity's financial transactions or preparing its financial statements….
+ 24"
Routine Audit Services and Nonaudit Services
Services that are considered nonaudit services include:"n Financial statement preparation"n Bookkeeping services"n Cash to accrual conversions (a form of bookkeeping)"n Other services not directly related to the audit"
Unless specifically prohibited, non-audit services MAY be permissible but should be documented"
n In relation to the conceptual framework"n In relation to the auditorʼs assessment of managementʼs
skill, knowledge or experience"
4/23/12
13
+Specific Non-Audit Services that concern the GAO
n Preparing Accounting Records and Financial Statements
n Internal Audit Assistance Services Provided by External Auditors
n Internal Control Monitoring as a Non-audit Service
n Information Technology Systems Services
n Valuation Services
n Other!
+Bookkeeping and Financial Statement Preparation
May be performed provided the auditor does not:"
n Determine or change journal entries, account codes or classifications for transactions, or other accounting records without obtaining client approval"
n Authorize or approve transactions"
n Prepare source documents"
n Make changes to source documents without client approval"
Consistent with AICPA ET 101-3"
4/23/12
14
+Prohibitions Related to Internal Control Monitoring
Auditors"
n May not provide ongoing monitoring services"
n May not design the system of internal controls and then assess its effectiveness"
n May evaluate the effectiveness of controls "
Management is responsible for designing, implementing and maintaining internal control!
+IT
External auditors may not"
n Design or develop an IT system that would be subject to or part of an audit"
n Make significant modifications to an IT systemʼs source code "
n Operate or supervise an IT system"
4/23/12
15
+ 29"
Revisions to Timeframes Related to IT and Other Services Q&A guidance prohibited installing or designing a system and subsequently performing an audit"
n This prohibition has been deleted"
"
Other potential considerations "n Independence in appearance for subsequent periods"
Possible Safeguard: One audit cycle performed by another audit organization after the nonaudit service completion date provide a safeguard"
+Valuation Services
External auditors may not provide valuation services that"
n Would have a material effect, "
n Involve a significant degree of subjectivity, and"
n Are the subject of an audit"