10 posts categorized "Auditing" Feed

SOC 2 reports get an update

SOC 2 updatesSOC 2® standards have been updated. If you perform these engagements, you need to check out the recently updated SOC 2 guide to make sure you are performing these services according to AICPA standards.

Released last month, the updated guide is a “how to” for service auditors performing SOC 2 examinations to report on a service organization’s system controls relevant to security, availability, processing integrity, confidentially, or privacy. There are three major updates practitioners will want to pay attention to:

  1. Alignment with clarified attestation standards
    The guide conforms with the updated SSAE No. 18 (Clarified Attestation Standards) – meaning it is a vital tool for practitioners to use in developing standards-compliant reports. For example, it includes updated information on requirements related to requesting written assertions and performing risk assessments.

Continue reading "SOC 2 reports get an update" »

4 new opportunities blockchain could create for auditors

Blockchain 2In case you haven’t heard, blockchain technology has the potential to change the auditing profession. A new whitepaper co-authored by the American Institute of CPAs details what opportunities could emerge for auditors.

Not sure what blockchain is? Don’t worry, you’re not alone. It’s a digital, distributed ledger that contains every transaction since its creation. Once transactions are entered, they can’t be changed or deleted. Every user on a blockchain has an identical version of the ledger, and all copies are updated automatically when a new transaction occurs. Each entry refers back to the previous entry across all versions, creating a “chain” of information.

Continue reading "4 new opportunities blockchain could create for auditors" »

Start your audit off right with data analytics

When planning an audit, how do you approach your preliminary analytics? Many auditors perform a variance analysis. They compare current year account balances to the prior year to identify any unexpected fluctuations. While this procedure often yields relevant insights, did you know performing audit data analytics (ADAs) can be even more effective at identifying potential problem areas? ADAs can be quick and painless, and you probably already have the tools on hand to perform them.

Continue reading "Start your audit off right with data analytics" »

Blockchain was made to solve 1 problem. Here’s what that is.

Blockchain“Blockchain is a solution looking for a problem. Unless you want to buy drugs on the internet,” said the instructor in a technology training I recently attended.

While not the first time I had heard such a comment, it was disturbing that a hundred of my fellow practitioners were being misled. Ignoring or dismissing blockchain does the accounting profession no favors. Instead, let’s consider the problem that the technology solves. This will provide a basis for later understanding possible applications to our work.

 What is the problem blockchain is trying to solve?

Blockchain, or distributed ledger technology, set out to solve how we transfer a digital asset between two peers without an intermediary. While there are many applications of this transfer, let’s look at it in the context of money.

Imagine you are selling a bike online. You don’t actually know the person who is buying your bike, so you have no way of knowing if the buyer actually has the money to pay for it. You have to trust an intermediary like PayPal for this information. PayPal is crucial to the transaction because it verifies what you cannot – whether the buyer has enough money in their bank account to make the purchase.

The asymmetry of trust in this transaction is known as the Byzantine General’s Problem. Imagine we have four generals planning to attack a city. At least three of the generals must attack at the same time to overpower the army holding the city. However, the only way they can communicate with each other is via messenger, and they do not know if one of the generals is a traitor. If a general were traitorous, he could modify the attack message and cause the other generals to fail. The only way to overcome a traitorous general is to provide the history of all messages sent and evidence they have not been altered. If the generals see that one of their peers has sent a message different from the others, they would know the general is traitorous and disregard his message. If more generals are good actors than bad in this attack, the correct message will be obvious.

Continue reading "Blockchain was made to solve 1 problem. Here’s what that is." »

7 proposed changes to the auditor’s report

Auditor's reportAn auditor’s report gives lenders confidence that financial statements are free of material misstatement. But does the auditor’s report really tell the story of what the auditor did to gain assurance about the financial statements? Thanks to proposed changes to the auditor’s report, readers will gain a better understanding of what the auditor did and observed.

The AICPA Auditing Standards Board (ASB) has released a set of exposure drafts  aimed at enhancing the relevance and usefulness of the auditor’s report.

  1. Proposed Statements on Auditing Standards: Auditor Reporting and Proposed Amendments―Addressing Disclosures in the Audit of Financial Statements
  2. Proposed Statement on Auditing Standards: The Auditor’s Responsibilities Relating to Other Information Included in Annual Reports
  3. Proposed Statement on Auditing Standards: Omnibus Statement on Auditing Standards—2018

Continue reading "7 proposed changes to the auditor’s report" »

4 financial benefits of single audit specialization

Focus on audit specializationCan a small firm thrive by building a niche within a highly specialized audit area? My firm, Clausell & Associates, P.C., in Decatur, Georgia, has found the answer is a resounding “yes.”

Our 10-person firm opened in 1987, three years after Congress passed the Single Audit Act. This landmark legislation standardized audit requirements for states, local governments and Indian tribal governments that receive and use federal financial assistance. Our firm’s founders saw an opportunity to establish themselves in this new and growing niche. Today, single audits make up about 60 percent of our practice, so the original decision to specialize in single audits was a great move for our firm. 

For practitioners thinking that specializing may limit their practice, don’t worry. Over the years, our single audit expertise has helped to set us apart in the marketplace and drive our growth. Here are some of the rewards that we have found through single audit specialization. 

Continue reading "4 financial benefits of single audit specialization" »

You asked, we delivered. A more flexible attestation standard.

SlinkyWe heard from members. Their clients want them to perform procedures and report in a format similar to an agreed-upon procedures (AUP) engagement, with more flexibility. To be responsive to the needs of our members and the public, the AICPA Accounting and Review Services Committee (ARSC), got together with the Auditing Standards Board (ASB) and developed a new proposed standard, Selected Procedures. If adopted, it will address several practice issues that CPAs are experiencing today and result in a standard that is in the public interest.

Development of the procedures

In an AUP engagement:

  • The CPA performs procedures that are established by specified parties.
  • The specified parties are responsible for the sufficiency of the procedures for their purposes.
  • The engagement letter is required to include agreement on the procedures.
  • In circumstances where the procedures evolve or are modified over the course of the engagement, the CPA is required to amend the engagement letter to reflect the modified procedures.
  • The practitioner’s report is restricted to the use of those parties that established and agreed on the sufficiency of the procedures

In practice, many CPAs find that the specified parties are unable or unwilling to develop the procedures needed.

Continue reading "You asked, we delivered. A more flexible attestation standard." »

The trait that will prevent robots from stealing your job

RobotsLet’s face it. Artificial intelligence (AI) is going to revolutionize our business environment and the profession. Advancements in AI mean that you will soon spend less time conducting time-consuming and repetitive tasks. However, just because a robot can perform certain tasks traditionally performed by a CPA, does not mean that a robot is going to steal your job. That is because humans possess traits vital to our work that robots just don’t have the bandwidth to handle. One of the most essential traits is professional skepticism.

According to the AICPA Professional Standards, professional skepticism is an attitude that includes a questioning mind, being alert to conditions that may indicate possible misstatement due to fraud or error and a critical assessment of audit evidence. It is a necessary trait that all auditors must have, and is expected of all CPAs. Here are six tips to help you enhance your professional skepticism.

Continue reading "The trait that will prevent robots from stealing your job" »

Why I’m #AuditorProud: Auditors Are Protectors

AuditorProud_2017Auditors have always played an important role in society. We validate information that helps citizens understand how towns and school districts manage their tax dollars. We assist small business owners in getting the financing they need to grow. We provide assurance on the information investors use to make decisions on where best to invest for their futures.

And as communities’ needs have grown, so too have the services auditors provide. Below are just three ways auditors have evolved the way they serve the public – and three reasons why I am proud to represent the auditing profession.

Evaluating Risk Management Programs Designed to Protect Sensitive Information

Businesses big and small are faced with cyberattacks every single day. The Equifax breach affected nearly one-third of the US population, while attacks like WannaCry and Petya impacted millions of people worldwide.

Continue reading "Why I’m #AuditorProud: Auditors Are Protectors" »

Key Facts about a New SAS on Exempt Offerings

SAS 133A municipal government issues a bond offering after the audit report date. Or a franchisor is getting ready to prepare its annual update to its franchise disclosure document. What are the auditor’s responsibilities in each case? Practitioners with governmental clients are probably familiar with long-standing guidelines to address involvement with municipal securities offerings, however a recently issued auditing standard expands those best practices into required guidance for all exempt offerings.  

What’s the Background?

The Auditing Standard Board’s Statement on Auditing Standards (SAS) No. 133, Auditor Involvement With Exempt Offering Documents, applies to exempt securities or franchise agreements when the auditor is involved. The Securities and Exchange Commission (SEC) oversees a significant regulatory framework for publicly traded offerings, setting rules on what types of information and documents must be filed and when, and on auditor involvement. Some offerings, such as municipal securities, franchise offerings, crowdfunding, and short-term commercial paper with a maturity of nine months or less, are exempt from SEC registration rules. Exhibit A in the new SAS includes a list of exempt offerings.

Continue reading "Key Facts about a New SAS on Exempt Offerings" »

Subscribe

Subscribe in a reader

Enter your Email:
Preview

CPA Letter Daily