Audit News Briefing: 26 July 2016

Audit-is-cool is pleased to accumulate and provide its readers with the news on audit and related topics:

July 20, 2016

Accounting Today (Debits&Credits)

Internal Auditors Move to Combat Cyberattacks

New Report – Institute of Internal Auditors: Growing Role of Internal Audit Profession in Cybersecurity

The kind of support needed:

·         Not simply focused on prevention.

·         Setting and management of expectation.

·         Helping the company assess readiness in dealing with the inevitable.

IIA President and CEO Richard Chambers: “What we continue to find is that cybersecurity is recognized almost universally as one of the most significant risks that organizations face … It’s one that internal auditors have increasingly begun to recognize they have to help address. But what we also find is that in a lot of instances the focus can’t just be on trying to prevent a cyberattack because cyberattacks are virtually inevitable. Anyone who tells their board or their customers that they are immune from a cybersecurity attack is just not being truthful.”

Please follow link for details: http://www.accountingtoday.com/blogs/debits-credits/news/internal-auditors-move-to-combat-cyberattacks-78732-1.html

July 19, 2016

Accounting Today (Accounting Technology)

Internal Audit Function Varies Globally

19-July REPORT – Internal Auditors Research Foundation: Found a variety of factors affecting the maturity levels of internal audit in different parts of the globe, including the:

-       age and size of the internal audit function,

-       the type of industry,

-       the size of the organization, and

-       other variables.

Highlight: technological variation across regions – regions still relying on manual systems and processes (13%) North America (36%) East Asia and Pacific.

Please follow link for details: http://www.accountingtoday.com/news/audit-accounting/internal-audit-function-varies-globally-78716-1.html

June 29, 2016

Accounting Web

PCAOB Issues Staff Guidance for Firms on the New Form AP

(AP) Audit Participants NEW FORM requires disclosure of the following:

·         The name of the engagement partner for all public company audits issued on or after Jan. 31, 2017.

·         Information about other audit firms participating in the audit for all public company audits issued on or after June 30, 2017. That information will include the names, locations, and extent of participation of other accounting firms that took part in the audit, if their work constituted 5 percent or more of the total audit hours. It also will include the number and aggregate extent of participation of all other accounting firms that took part in the audit whose individual participation was less than 5 percent of the total audit hours.

Written Statement of Martin Baumann (PCAOB chief auditor and director of professional standards) – “Form AP will provide transparency to investors about the engagement partner and other accounting firms that took part in the audit… The guidance issued today (29-Jun) will help firms implement the processes required to deliver that information.”

Please follow link for details: http://www.accountingweb.com/aa/auditing/pcaob-issues-staff-guidance-for-firms-on-the-new-form-ap  

Audit Method: Internal Audit Function

ISA 610 explains the relationship between internal audit function and the external auditor. Internal audit function is an appraisal activity established or provided as a service to the entity. Its functions include, amongst other things, examining, evaluating and monitoring the adequacy and effectiveness of internal control.

Preliminary assessment of the internal audit function

When it appears that internal audit is relevant to the external audit of the financial statements in specific audit areas, we make a preliminary assessment of internal audit by obtaining information about matters such as:

• the objectivity of internal audit function i.e. status and reporting of internal audit function in the entity
• the due professional care of internal audit, especially whether the work is adequately planned, supervised and reviewed
• the technical competence of the internal audit function
• whether management acts on internal audit's reports and recommendations and how this is evidenced

Evaluate and test the work of internal audit

When we intend to use specific work of internal audit, we evaluate and test that work to confirm its adequacy for our purposes.

For evaluation, we check that:

• the work is performed by persons with adequate technical training and proficiency.
• the work of assistants is properly planned, supervised, reviewed and documented.
• sufficient appropriate audit evidence is obtained to afford a reasonable basis for the conclusions reached.
• conclusions are appropriate in the circumstances and reports are consistent with the results of the work performed.
• any exceptions or unusual matters disclosed by internal audit are properly resolved by management.

For testing, we may perform any of the procedures below relating to testing of internal audit that may be considered given specific client circumstances. Our tests of the internal audit function's work may include the following procedures.

• Observe the internal audit function perform audit procedures.
• Re-perform some of the audit procedures previously performed by the internal audit function.
• Perform different audit procedures. For example, we may test controls, transactions or balances other than those the internal audit function tested.
• Examine internal audit's working papers.

Practice

Remember that the external auditor has sole responsibility for the audit opinion expressed, and that responsibility is not reduced by the external auditor's use of the work of the internal auditors. Evaluating the internal audit function becomes relevant only when the external auditor has determined, in accordance with ISA 315, that the internal audit function is likely to be relevant to the audit. The internal audit function is considered relevant when the nature of the internal audit function's responsibilities and activities are related to the entity's financial reporting, and the auditor expects to use the work of the internal auditors to modify the nature or timing, or reduce the extent, of audit procedures to be performed.