Summary of New Audit Standards and their Impact on Nonprofits
2 Pages
English

Summary of New Audit Standards and their Impact on Nonprofits

Downloading requires you to have access to the YouScribe library
Learn all about the services we offer

Description

Summary of New Audit Standards and their Impact on Nonprofits The AICPA's Auditing Standards Board recently established a number of new auditing standards. As discussed in our February newsletter issue, two of the standards, SAS 103 and 112, are already in effect for December 31, 2006 year end audits. The remaining eight, SAS 104-111 and collectively referred to as the "risk assessment standards," are required to be implemented for December 31, 2007 year end audits. In summary, these eight standards provide guidance to auditors concerning their assessment of the risks of material misstatements, whether caused by error or fraud. With respect to internal controls, the risk assessment standards require auditors to perform their risk assessment around the five elements of internal control outlined by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Integrated Framework. These five elements include the control environment, the risk assessment process, communication and information, monitoring, and control activities. Intended to enhance the auditor's assessment of risks, the new standards require auditors to: 1. Develop a more in-depth understanding of the entity and its environment, including its internal control, to identify and asses the risks of material misstatement in the financial statements 2. Make more rigorous assessments of risks regarding where and how financial statements could be materially misstated ...

Subjects

Informations

Published by
Reads 32
Language English
Summary of New Audit Standards and their Impact on Nonprofits
The AICPA's Auditing Standards Board recently established a number
of new auditing standards.
As discussed in our February newsletter
issue, two of the standards, SAS 103 and 112, are already in effect for
December 31, 2006 year end audits.
The remaining eight, SAS 104-
111 and collectively referred to as the "risk assessment standards,"
are required to be implemented for December 31, 2007 year end
audits.
In summary, these eight standards provide guidance to auditors concerning their assessment of
the risks of material misstatements, whether caused by error or fraud.
With respect to internal
controls, the risk assessment standards require auditors to perform their risk assessment around
the five elements of internal control outlined by the Committee of Sponsoring Organizations of the
Treadway Commission (COSO) Integrated Framework.
These
five elements
include the
control
environment, the risk assessment process, communication and information, monitoring,
and control activities
.
Intended to enhance the auditor's assessment of risks, the new standards require auditors to:
1.
Develop a more in-depth understanding of the entity and its environment
, including
its internal control, to identify and asses the risks of material misstatement in the financial
statements
2.
Make more rigorous assessments of risks
regarding where and how financial
statements could be materially misstated based on the auditor's expanded understanding
of controls and other risk assessment procedures
3.
Establish a stronger linkage between the assessed risks and the audit procedures
performed in response to those assessed risks.
The changes mandated by these new standards will nonetheless, affect
both audit firms and their clients.
Accordingly, organizations need to have a
clear expectation of how these new standards may affect their individual
audit and should begin making preparations as soon as possible to minimize
any negative repercussions resulting from implementation of these new
procedures.
See the table on the next page for a brief summary of each
new standard and its potential impact on nonprofit organizations.
In preparing for next year’s audit, we recommend that organizations have clear and concise
documentation of the internal control structure in place, which should include how COSO’s five
elements of internal control are being addressed within the control structure.
T
ATE
& T
RYON
S
UMMARY OF
N
EW
A
UDIT
S
TANDARDS AND
T
HEIR
I
MPACT ON
N
ONPROFITS
S
TD
.
N
O
.
T
OPIC
I
MPACT ON
A
UDITOR
I
MPACT ON
N
ONPROFIT
103
Audit Documentation
Increases audit firm's responsibility for subsequent
events. Must document what audit evidence you
have and its source (inquiry alone is not sufficient
but can enhance other audit evidence).
More inquiries of non-financial personnel. Date of
auditor’s report will occur only after management
has accepted responsibility for the financial
statements.
104
Reasonable Assurance
Reasonable assurance means a high, but not
absolute level of assurance.
More audit evidence is required so that risk is
limited to a low level.
105
Auditing Standards
Must understand the entity and its environment,
including its internal control to assess the risk of
material misstatement.
Audit firm must understand the nonprofit industry
as well as the specific organization’s particular
internal controls.
106
Audit Evidence/Risk
Assessment
Risk assessment procedures must be performed as
a basis for assessing the risk of material
misstatement and tests of controls may now
required.
Accounting records must be internally consistent,
and consistent with non-accounting information.
Reliable internal controls will generate more reliable
information.
107
Audit Risk & Materiality
The concept of
reasonable
assurance is clarified
to mean a
high level
of audit assurance. Assessed
risks and the basis for those assessments must be
documented. Materiality is based not only on
dollar amount but also on other facts and
circumstances.
Management should respond appropriately when
misstatements are identified and must consider
misstatements from prior year’s uncorrected
misstatements. Risk & materiality are considered
based on the needs of users as a group not
individually.
108
Planning & Supervision
Preliminary engagement activities, including audit
plan strategy and planning should include a
description of the nature, timing, and extent of
planned risk assessment procedures.
Early appointment of auditor is preferable so that
audit strategy, timing, and limitations can be
discussed with management and the audit
committee, without making procedures too
predictable.
109
Understanding the Entity and
its Environment and
Assessing the Risks of
Material Misstatement
Describes risk assessment procedures, including
the determination of the audit approach.
Auditor will expand documentation of internal
controls including identification of key control
activities. The auditor will no longer be able to
accept inquiry regarding controls; documentation of
controls should be present in order to pass a test of
controls.
110
Performing Audit Procedures
in Response to Assessed
Risks and Evaluating the
Audit Evidence Obtained
Consideration and evaluation of the nature, timing,
and extent of further audit procedures including
tests of controls must be documented. Substantive
procedures alone may no longer sufficient.
Internal controls must be reliable and documented
and should follow the COSO Framework (refer to
the COSO's guidance for small companies).
111
Audit Sampling
Guidance on a tolerable misstatement and on
determining sample size.
Tolerable misstatements will be reviewed
individually and in the aggregate. The threshold for
misstatements will likely be reduced.
112
Communicating Internal
Control Related Matters
Defines the terms "control deficiency", "significant
deficiency" and “material weakness” and provides
structure to auditors for what is required to be
reported in writing to governing bodies.
More “significant deficiencies” and “material
weakness” may be reported to governing bodies.