Understanding SAS No. 112; audit risk alert developed to help members.To help practitioners better understand and implement the requirements of Statement on Auditing Standards No. 112, Communicating Internal Control Related Matters Identified in an Audit, the AICPA AICPA See American Institute of Certified Public Accountants (AICPA). has developed an audit risk alert entitled en·ti·tle tr.v. en·ti·tled, en·ti·tling, en·ti·tles 1. To give a name or title to. 2. To furnish with a right or claim to something: Understanding SAS (1) (SAS Institute Inc., Cary, NC, www.sas.com) A software company that specializes in data warehousing and decision support software based on the SAS System. Founded in 1976, SAS is one of the world's largest privately held software companies. See SAS System. No. 112 and Evaluating Control Deficiencies: A Companion to SAS No. 112, Communicating Internal Control Related Matters Identified in an Audit. This audit risk alert summarizes the important aspects of the new standard and presents a number of short case studies designed to guide the auditor through the process of evaluating identified control deficiencies. To obtain this new risk alert, go to www.cpa2biz biz n. Informal Business. biz Noun Informal business Noun 1. .com/stores/sas112. During this past summer and fall, the Audit & Attest To solemnly declare verbally or in writing that a particular document or testimony about an event is a true and accurate representation of the facts; to bear witness to. To formally certify by a signature that the signer has been present at the execution of a particular writing so as Team became aware that some practitioners may be misunderstanding certain concepts that are important to SAS No. 112. The most common misunderstanding is the belief that the auditor's drafting of the client's financial statements automatically results in a material weakness. Asking the auditor to draft the financial statements does not cause a control deficiency; however, it may be the result of a control deficiency. A control deficiency exists if the client does not have controls over the preparation of the financial statements, including the footnote Text that appears at the bottom of a page that adds explanation. It is often used to give credit to the source of information. When accumulated and printed at the end of a document, they are called "endnotes." disclosures, which would prevent or detect a misstatement mis·state tr.v. mis·stat·ed, mis·stat·ing, mis·states To state wrongly or falsely. mis·state  ment n. in
the financial statements. This misunderstanding and others are debunked
in the audit risk alert.
Keeping a few simple but important underlying concepts in mind will help auditors successfully implement the new standard. The following are some key underlying concepts of SAS No. 112: * The auditor cannot be part of a client's internal control. Becoming part of a client's internal control impairs the auditor's independence. * What the auditor does is independent of the client's internal control over financial reporting. Therefore, the auditor cannot be a compensating control for the client. * The client's designation of an individual who possesses suitable skill, knowledge and/or experience to oversee a service performed by the CPA (Ethics Interpretation 101-3, Performance of Nonattest Services) is not a control. Therefore, having such a designated person does not mean that the client does not have a control deficiency * SAS No. 112 does not require the auditor to search for control deficiencies, but rather to evaluate them if they have been identified. * A system of internal control over financial reporting does not stop at the general ledger General Ledger A company's accounting records. This formal ledger contains all the financial accounts and statements of a business. Notes: The ledger uses two columns: one records debits, the other has offsetting credits. ; rather it includes controls over the preparation of the financial statements. * To properly apply SAS No. 112, the auditor has to have a working knowledge of the COSO COSO Committee of Sponsoring Organizations of the Treadway Commission COSO Church of Spiral Oak COSO Corporate South COSO Class of Service Override COSO Combat Oriented Supply Operations (USAF) framework. COSO's Internal Control-Integrated Framework describes the elements of internal control over financial reporting. SAS No. 112 directs the auditor to evaluate control deficiencies when identified, and communicate certain deficiencies to management and those charged with governance. [contact] clandcs@aicpa.org |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion