Auditing standards and norms are set by various authorities with one common goal: to give assurance to the public that work is carried out in a professional manner, that misstatements are avoided, and that financial results are communicated clearly. However, auditors do not just audit financial information. They may be called upon to verify various economic data, or even non-financial information such as the quality of a company’s internal controls.
In establishing the auditing standards, which comprise the basic rules that guide the performance of the professionals in the auditing area, three (3) normative organizations are involved:
a) Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA)
The ASB is one of the regulators of auditing standards in the USA, together with the PCAOB, and is responsible for publishing auditing standards for publicly traded companies that are registered with the SEC.
b) Public Company Accounting Oversight Board (PCAOB)
The PCAOB is one of the regulators of auditing standards in the USA, together with the ASB, and is responsible for publishing auditing standards for publicly traded companies that are registered with the SEC. In addition to publishing auditing standards, the PCAOB is responsible for overseeing the work of independent auditing firms.
Also called the Public Company Accounting Oversight Board, the PCAOB is a public body created under the jurisdiction of the SEC to set standards for audits of public companies, to promote peer reviews of external accounting firms, and to oversee the audit process for public companies.
c) International Auditing and Assurance Standards Board (IAASB) of the International Federation of Accountants (IFAC)
The IAASB is responsible for issuing ISA standards, which are standards for all auditors who are complying with international auditing standards. In addition, the IAASB, which is also called the International Auditing and Assurance Standards Board, comprises part of IFAC, which is responsible for promulgating auditing and assurance standards.
2) Applying the Standards
The standards issued by the ASB, the AICPA, and the PCAOB, apply to professionals and their independent audit work on financial statements of U.S. companies, or foreign companies that have securities traded on the U.S. stock exchange. The standards issued by IFAC‘s IAASB are of international application, for countries adhering to them.
In Brazil, the Federal Accounting Council (CFC – Conselho Federal de Contabilidade), the official body that regulates the accounting profession (and, consequently, the activity of independent auditing), with the support of the Institute of Independent Auditors in Brazil (Ibracon), issues the standards for independent auditing. As of 2009, the CFC has fully adopted the international auditing standards issued by IFAC‘s IAASB, translating their content ipsis litteris (“with the same letters”).
In summary, the application of standards can be seen as follows:
a) For privately held companies
- Auditing standards issued by the AICPA.
b) For public companies
- Auditing standards issued by the PCAOB.
- Auditing standards issued by the ASB of the AICPA that have not been superseded or amended by the PCAOB.
c) International standards
- Auditing standards issued by IFAC and IAASB.
3) Audit Standards Board (ASB)
The ASB, formed in 1978 as a committee of the AICPA, is authorized to issue auditing standards and regulations under Rule 202 of the AICPA Code of Professional Conduct. This rule requires AICPA members providing professional services to comply with the ASB‘s standards. Failure to comply will result in auditors violating the Code of Professional Conduct and may result in the loss of their license to practice as certified public accountants.
The Audit Standards Committee’s mission is to develop and communicate comprehensive performance, reporting and quality control standards and practice guidelines to enable non-issuers auditors to provide high quality audit and certification services at a reasonable cost and in the best interests of the profession and the beneficiaries of those services. It thus seeks to serve the public interest by improving existing services and enabling new audit and certification services.
The AICPA is the world’s largest member association representing the Certified Public Accountant (CPA) profession. Its members represent many practice areas, including business and industry, public practice, government, education, and consulting. It sets ethical standards for its members and U.S. auditing standards for private companies, non-profit organizations, and federal, state, and local governments. It also develops and grades the Uniform CPA Examination, provides specialized credentials, builds the pipeline of future talent, and drives the development of professional skills to promote the vitality, relevance, and quality of the profession.
The preface to Auditing Standards describes the fundamental principles that govern an audit. According to those principles, the purpose of an audit is to enhance the credibility that external parties place on financial statements.
The auditor achieves this confidence by issuing an opinion on the financial statements that states whether or not they have been prepared in accordance with an applicable financial reporting framework. In other words, the opinion states whether or not the company has followed accounting standards (the applicable financial reporting framework) when preparing the financial statements.
The audit itself is conducted in accordance with Generally Accepted Auditing Standards (GAAS). GAAS were created by the ASB and the AICPA. GAAS is used for auditing processes and procedures adopted by public but unlisted companies. The acronym for these standards is SAS (Statements on Auditing Standards).
Auditing standards recognize that management needs to prepare the financial statements and maintain a system of internal control relevant to this process.
In addition, management must provide the auditor with all relevant information and unrestricted access to anyone in the company who can provide further evidence that the auditor needs.
The fundamental principles are listed in three general categories:
b. Performance; and
Descriptions of these specific principles follow:
Auditors are responsible for having the appropriate competence and ability to perform the audit, complying with relevant ethical requirements, including those relating to independence and due care; and for maintaining professional skepticism and exercising professional judgment throughout the planning and conduct of the audit.
To express an opinion, the auditor seeks reasonable assurance that the financial statements overall are free from material misstatement, whether due to fraud or error.
Thus, to obtain reasonable assurance, which is a high but not absolute level of assurance, the auditor:
- Plans the work and adequately supervises any assistants;
- Determines the appropriate level or levels of materiality;
- Identifies and assesses risks of material misstatement, whether due to fraud or error, based on an understanding of the entity and its environment, including the entity’s internal controls;
- Obtains sufficient and appropriate audit evidence on whether material misstatement exists by developing and implementing appropriate responses to the assessed risks.
The auditor is prevented from obtaining absolute assurance that the financial statements are free from material misstatement because of inherent limitations arising from:
- Nature of financial reporting and auditing procedures; and
- Need for the audit to be performed within a reasonable period of time and at an acceptable cost.
The auditor expresses an opinion in accordance with his or her findings, or states that an opinion cannot be expressed, in the form of a written report. The opinion states whether or not the financial statements are prepared, in all material respects, in conformity with the applicable financial reporting framework.
The standards are grouped into the following topic categories:
- General Auditing Standards: standards on auditing principles, concepts, activities and general communications;
- Audit Procedures: standards for planning and performing audit procedures and for obtaining audit evidence;
- Auditor’s Reports: standards for auditor reports;
- Issues related to filings under the Federal Securities Laws: standards on certain auditor responsibilities related to U.S. Securities and Exchange Commission (SEC) filings for securities offerings and reviews of interim financial information; and
- Other Matters Associated with Audits: standards for other work performed in conjunction with an audit of an issuer or a broker or dealer.
Following in the table is a list of PCAOB auditing standards for financial statement audits:
As the table above shows, within each section there are many other subsections. For example, subsection AS 2401 describes the auditor’s responsibilities during fieldwork, such as considering a case of fraud in a financial statement audit.
A (pro)active professional auditor uses the knowledge and material contained in the auditing standards issued by the ASB to determine the procedures performed, the evidence obtained, and the audit report issued for the audit of a closely held (non-issuing) company.
4) Acronyms used in this publication
- AICPA – American Institute of Certified Public Accountants
- AS – Auditing Standards
- ASB – Auditing Standards Board
- CFC – Conselho Federal de Contabilidade
- CPA – Certified Public Accountant
- GAAS – Generally Accepted Auditing Standards
- IAASB – International Auditing and Assurance Standards Board
- Ibracon – Instituto dos Auditores Independentes do Brasil
- IFAC – International Federation of Accountants
- ISA – International Standards on Auditing
- PCAOB – Public Company Accounting Oversight Board
- SAS – Statements on Auditing Standards
- SEC – Securities and Exchange Commission
5) Final considerations
Auditing norms and standards are constantly being updated and improved, and this publication is not intended to be exhaustive, but rather to add and share knowledge.
It is therefore important that professionals understand the context of a specific audit assignment so that they can use the appropriate models. But fortunately, there is a high degree of consistency and synergy between all auditing standards, which is very helpful.
I hope you have enjoyed it. Any questions, suggestions for new topics, or criticisms, feel free to comment on this post or contact me directly.
Post photo: Tima Miroshnichenko at Pexels (image bank)
* * * * *