All Posts by Charles Hall

Follow

About the Author

Charles Hall is a practicing CPA and Certified Fraud Examiner. For the last thirty years, he has primarily audited governments, nonprofits, and small businesses. He is the author of The Little Book of Local Government Fraud Prevention and Preparation of Financial Statements & Compilation Engagements. He frequently speaks at continuing education events. Charles is the quality control partner for McNair, McLemore, Middlebrooks & Co. where he provides daily audit and accounting assistance to over 65 CPAs. In addition, he consults with other CPA firms, assisting them with auditing and accounting issues.

risk of material misstatement at the assertion level
Jan 16

Risk of Material Misstatement at the Assertion Level

By Charles Hall | Accounting and Auditing

In this post, I address whether auditors should assess the risk of material misstatement at the assertion level. 

Assertion Level or Transaction Level Assessments

Should auditors assess the risk of material misstatement at the assertion level? Or is it better assess risk at the transaction level (for example, all cash assertions are assigned a moderate level of risk)? Those who assess risk at the transaction level think they are saving time. But are they? It might be more effective and economical to assess risk for each individual assertion. 

risk of material misstatement at the assertion level

Assess the Risk of Material Misstatement at the Assertion Level

Why should you assess the risk of material misstatement at the assertion level? In two words: effectiveness and efficiency. 

We know the purpose of risk assessment is to design responsive audit procedures. When the auditor identifies risk at the assertion level, that person is better able to build effective responses. Therefore, it is wise to avoid assessing risk at the transaction level.

Why? 

  • Assessing risk at the transaction level may lead to unnecessary work
  • Assessing risk at the transaction level results in assessing irrelevant assertions

Risk Assessment for Accounts Payable — An Example

Suppose, for example, the auditor assesses risk at the transaction level, assessing all accounts payable assertions with a high risk of material misstatement. What does this mean? It means the auditor should perform further audit procedures to respond to the high risk assessments for all assertions. Why? The risk assessment for valuation, existence, rights and obligations, completeness, and all other assertions is high. Logically, substantive procedures must now address all of those risks. And, obviously, this is not efficient. Moreover, some of the assertions might not be relevant such as valuation. So why create audit steps for irrelevant assertions?

Alternatively, what if the accounts payable completeness assertion is assessed at high and all other assertions are at low to moderate? How does this impact the audit plan? Now the auditor will create substantive procedures that respond to the risk that payables are not complete such as conducting a search for unrecorded liabilities. (This is normally appropriate since the directional risk for liabilities is an understatement.) Additionally, the auditor may not perform some existence procedures such as sending vendor confirmations. Why? The existence assertion deals with potential overstatement issues, not understatement. 

Do you see the advantage? Rather than using a scattered approach—let’s audit everything—the auditor pinpoints his audit procedures. Assertion level risk leads you to assertion level procedures. This is more effective and efficient. 

Assertion Level Risk

Before we delve deeper, let’s answer two questions: What is the definition of assertion level risk? And what is a relevant assertion?

Assertion level risk is the probability that a risk of material misstatement is present for a particular assertion. The risks are the result of the nature of the account balance, transaction balance, and disclosure (inherent risk) and the related controls (control risk). Complex transaction areas without appropriate controls, for example, are more likely to be misstated. 

A relevant assertion is one that has a meaningful bearing upon whether the account balance, transaction balance, and disclosure is appropriately stated or communicated. The existence assertion for cash has a meaningful bearing upon whether the balance is properly stated. It is therefore, relevant. The valuation assertion, by contrast, is normally not relevant when a company has no foreign currencies.  

Now, let’s examine assertion level risk in light of a receivables example. 

Assessing Risk at Assertion Level for Receivables — An Example

Each financial statement account balance, transaction cycle, and disclosure has relevant assertions. For example, a company asserts that its accounts receivable balance is correctly stated at $2,105,012. This means the company asserts at least two things: the existence of the balance is real and the valuation of the balance is correct. Thus, we have at least two assertions in play: existence and valuation. Since these two assertions are relevant, we need to define the assertion level risk for each. 

The assertion level risk for existence is that not all of the receivable balance is real. Maybe $300,000 of the total is an intentional overstatement by management. This is a fraud risk, and it affects the assertion level risk assessment for existence. 

The assertion level risk for valuation is that the allowance for uncollectible is improperly stated. Maybe the valuation is intentionally understated at $100,000 but the true amount is $350,000. This is a fraud risk, and it affects the assertion level risk assessment for valuation. 

The risk of material misstatement for each assertion is made up of two risks: inherent risk and control risk. Let’s pretend, in this receivables example, that control risk is assessed at high. Based on the fraud risks mentioned in the previous two paragraphs, the auditor would assess inherent risk at high. So control risk and inherent risk are assessed at high, resulting in a high risk of material misstatement for the existence and valuation assertions. This is an example of assessing risk at the assertion level.

But, as we are about to see, some auditors bypass risk assessment, thinking it a waste of time.

Planners or Doers

Some auditors are planners. Some are doers

The planners like to perform risk assessment procedures—such as reviewing internal controls and preliminary analytics. They want to know where the risks are before they plan and perform substantive procedures. 

But the doers say, “Let’s get on with it.” These folks like a balance sheet audit approach. They see value in procedures such as sending debt confirmations, searching for unrecorded liabilities, and vouching additions to fixed assets. 

If I, on the first day of the audit, perform substantive procedures such as reviewing year-end bank reconciliations or sending receivable confirmations, then I am a doer. The audit standards do not smile upon this disposition. Why? Because those standards call for the following (and in this order):

  1. Perform risk assessment procedures
  2. Assess risks of material misstatement
  3. Create an audit plan
  4. Perform the audit plan
  5. Consider whether the initial risk assessment and audit plan is appropriate (if not, amend it)

Many auditors start with step 4. Why? Because we think we already know what the risks are. Or worse yet, we are just doing the same as last year without considering current-year risk.

And some of the hurry to perform substantive procedures leads to a lack of regard for risk assessment. 

Linkage with Further Audit Procedures

So why do auditors assess risk at the transaction level and not the assertion level? Sometimes, it’s because we plan to do the same as last year without considering risks. And we think it’s a waste of time to document risk assessments. Such thinking is dangerous and not in the spirit of the audit standards.

Some firms say to me, “I know I over-audit, but I’m not sure how to lessen what I do.” And then they say, “How can I reduce my time and still perform a quality audit?” 

My answer: “Perform real risk assessments and document the risk of material misstatement at the assertion level. Then tailor—yes, change the audit program—to address the risks. And slap yourself every time you even think about same as last year.”

After your risk assessment is complete, link it to your further audit procedures.

A good auditor does the following: identify, assess, plan, perform. First, we identify risk with risk assessment procedures. Second, we assess the risks, whether they are high or low, so we can see what needs attention. Third, we plan our response by preparing our audit program and linking it to our risk assessment. And fourth, we perform the planned procedures. That’s auditing in a nutshell.

Part of risk assessment is assessing risks at the assertion level (the focus of this article) so we can properly plan the audit.


Linkage with Further Audit Procedures

And what are the benefits of assessing risk at the assertion level

  • We think more and work less
  • We make higher profits in our engagements
  • We audit in conformity with professional standards

In addition to assertion level risks, consider financial statement level risks. 

Risks at the Financial Statement Level

Financial statements have financial statement level risks such as management override or the intentional overstatement of revenues. These sometimes affect assertion level risk. For example, the intentional overstatement of revenues has a direct effect upon the existence assertion for receivables and the occurrence assertion for revenues. Therefore, even when you identify financial statement level risks, consider whether they might affect assertion level risks as well. 

Your Files

Look at two or three of your audit files and review your risk assessments. Are you assessing risk at the transaction level or at the assertion level? Plan to spend more time in performing risk assessment procedures and documenting risks at the assertion level. The payoff: potentially less time performing substantive procedures, but, at a minimum, you are auditing in conformity with professional standards. 

five books to read in 2021
Jan 11

Five Books for CPAs to Read in 2021

By Charles Hall | Accounting and Auditing

Are you looking for books to read in 2021? Here are five suggestions. Each will make you a better CPA—and person.

five books to read in 2021

Digital Minimalism – Want to stop wasting time on Facebook, Twitter, LinkedIn and other social media platforms? Read this book. Full of helpful tips to help you regain your life.

Ultralearning – This book provides practical steps to increase your ability to learn new skills and rapidly gain knowledge. Lifetime learning is a necessary skill for CPAs.

The Bullet Journal Method – Bullet journaling is a blend of planning, journaling and project management. I have read dozens of time management books, and this is the best. All you need is a blank notebook, and you can plan your days, weeks, months and years. Of my five suggested books, this is the one that has helped me most. 

The Coaching Habit – Do you want to make your employees better? Do so with questions, not answers. This short read is chock full of simple but effective questions to ask those you work with. It will make you wise (or at least, wiser). 

Essentialism – Are you trying to master too many things? So many that you aren’t effective in any. Greg McKeown’s book will help you focus on the important and forget the rest. This is a classic.

Perform compilation engagement
Jan 08

AR-C 80: How to Perform Compilation Engagements

By Charles Hall | Preparation, Compilation & Review

Knowing how to perform compilation engagements is important for CPAs. Below I provide an overview of the salient points of AR-C 80, Compilation Engagements. I also provide a sample compilation report.

Compilation Guidance

The guidance for compilations is located in AR-C 80, Compilation Engagements.

Applicability of AR-C 80

The accountant should perform a compilation engagement when he is engaged to do so.

A compilation engagement letter should be prepared and signed by the accountant or the accountant’s firm and management or those charged with governance. An engagement letter to only prepare financial statements is not a trigger for the performance of a compilation engagement.

Previously (in the SSARS 19 days), the preparation and submission of financial statements to a client triggered the performance of a compilation engagement. Now, compilation engagement guidance is applicable only when the accountant is engaged to (requested to) perform a compilation.

Objectives

The objectives of the accountant in a compilation engagement are to:

  • Assist management in the presentation of financial statements
  • Report on the financial statements in accordance with the compilation engagement section of the SSARSs

Reports

In a compilation engagement, a compilation report is always required. A compilation engagement is an attest, nonassurance service. Nonassurance means the accountant is not required to verify the accuracy or completeness of the information provided by management or otherwise gather evidence to express an opinion or a conclusion on the financial statements.

Compilation reports look distinctly different from audit or review reports (which include paragraph titles such as Management Responsibility and Accountant’s Responsibility). The standard compilation report is one paragraph with no paragraph titles. (See the Sample Compilation Report section below.)

Compilation Financial Statements

The accountant prepares financial statements as directed by management or those charged with governance. The financials should be prepared using an acceptable reporting framework including any of the following:

  • Cash basis
  • Tax basis
  • Regulatory basis
  • Contractual basis
  • Other basis (as long as the basis uses reasonable, logical criteria that are applied to all material items)
  • Generally accepted accounting principles (GAAP)

All of the above bases of accounting, with the exception of GAAP, are referred to as special purpose frameworks. The description of special purpose frameworks may be included in:

  • The financial statement titles
  • The notes to the financial statements, or
  • Otherwise on the face of the financial statements

Management specifies the financial statements to be prepared. The most common financial statements created include:

  • Balance sheet
  • Income statement
  • Cash flow statement

The accountant can, if directed by management, create and issue just one financial statement (e.g., income statement).

Some bases of accounting (e.g., tax-basis) do not require the issuance of a cash flow statement.

The financial statements can be for an annual period or for a shorter or longer period. So, financial statements can be for a fiscal year, quarterly, or monthly, for example.

Should a reference to the compilation report be included at the bottom of each financial statement page (including supplementary information)? While not required, it is acceptable to add a reference such as:

  • See Accountant’s Report
  • See Accountant’s Compilation Report, or
  • See Independent Accountant’s Compilation Report

Why add such references? The accountant’s report may become detached from the financial statements. The reference notifies the reader of the financial statement that a compilation report exists.

Compilation Documentation Requirements

The accountant should prepare and retain the following documentation:

  • The engagement letter
  • The financial statements, and
  • The accountant’s compilation report

The accountant should document any significant consultations or judgments.

If the accountant departs from a presumptively mandatory requirement, it is necessary to document the justification for the departure and how the alternative procedures performed are sufficient to achieve the intent of the requirement. (The SSARSs use the word should to indicate a presumptively mandatory requirement.)

Compilation Engagement Letter

compilation engagements

While it is possible for the accountant to perform only a compilation and not prepare the financial statements, most compilation engagement letters will state that the following will be performed by the accountant:

  1. Preparation of the financial statements (a nonattest service)
  2. A compilation service (an attest service)

Since a nonattest service and an attest service are being provided, the accountant will add language to the engagement letter describing the client’s responsibility for the nonattest service.

AICPA independence standards require the accountant to consider whether he is independent when he performs an attest service (e.g., compilation) and a nonattest service (e.g., preparation of financial statements) for the same client. If management does not possess the requisite skill, knowledge, and experience to oversee the preparation of the financial statements and accept responsibility, the accountant may not be independent.

Compilation Procedures

The accountant should:

  • Read the financial statements in light of the accountant’s understanding of the selected financial reporting framework and the significant accounting policies adopted by management
  • Consider whether the financial statements appear appropriate in form and free from obvious material misstatements

Here are examples of inappropriate form and obvious material misstatements:

  • An equity account is shown in the liability section of the balance sheet
  • The balance sheet does not reflect the accrual of receivables though the financial statements were supposedly prepared in accordance with GAAP
  • Total assets as reflected on the balance sheet do not equal the individual items on the statement (an addition error)
  • The financial statements omit a material debt disclosure, though the statements were prepared in accordance with GAAP and substantially all disclosures were to be included

Given that the focus of a compilation is the reading of the financial statements to determine if they are appropriate in form and free from obvious material misstatements, what are some procedures that are not required?

  • Confirmation of cash
  • Testing of subsequent receipts
  • Analytical comparisons with the prior year
  • Substantive analytics
  • Confirmation of debt
  • A search for unrecorded liabilities

Is it permissible to perform audit or review procedures while conducting a compilation engagement? While not required to do so, such procedures are allowed. If you perform audit or review procedures, be careful not to imply to the client or other parties that you are performing a service other than a compilation.

The accountant is not required to perform procedures to ensure the completeness of the client-supplied information, but what if the client provides information that is obviously not complete or contains material errors? If management-supplied information is not complete or appears incorrect, the accountant should request corrections.

Also, the accountant should request corrections if:

  • The financial statements do not appropriately refer to the applicable financial reporting framework
  • Revisions are necessary to comply with the selected reporting framework, or
  • The financial statements are otherwise misleading

If requested or corrected information is not received or if the financial statements are not corrected, the accountant should consider withdrawing from the engagement and may wish to consult with legal counsel.

If the accountant decides not to withdraw and a material departure from the reporting framework exists, he should modify the compilation report to disclose the departure. See the example below in Reporting Known Departures from the Applicable Financial Reporting Framework.

Sample Compilation Report

The following is a sample compilation report:

Management is responsible for the accompanying financial statements of XYZ Company, which comprise the balance sheets as of December 31, 20X2 and 20X1 and the related statements of income, changes in stockholder’s equity, and cash flows for the years then ended, and the related notes to the financial statements in accordance with accounting principles generally accepted in the United States of America. I (We) have performed a compilation engagement in accordance with Statements on Standards for Accounting and Review Services promulgated by the Accounting and Review Services Committee of the AICPA. I (we) did not audit or review the financial statements nor was (were) I (we) required to perform any procedures to verify the accuracy or completeness of the information provided by management. I (we) do not express an opinion, a conclusion, nor provide any assurance on these financial statements.

[Signature of accounting firm or accountant, as appropriate]

[Accountant’s city and state]

[Report Date]

Minimum Compilation Report Elements

The compilation report should:

  • Include a statement that management (owners) is (are) responsible for the financial statements
  • Identify the financial statements
  • Identify the entity
  • Specify the date or period covered
  • Include a statement that the compilation was performed in accordance with SSARS
  • Include a statement that the accountant did not audit or review the financial statements nor was the accountant required to perform any procedures to verify the accuracy or completeness of the information provided by management, and does not express an opinion, a conclusion, nor provide any assurance on the financial statements
  • Include the signature of the accountant or the accountant’s firm
  • Include the city and state where the accountant practices and
  • Include the date of the report (which should be the date the accountant completes the compilation procedures)

You may have noticed that a compilation title and salutation are not required. Can they be included? While AR-C 80 does not require a report title or a salutation, it is permissible to add them. Here’s a sample report title and salutation:

                        Accountant’s Compilation Report

To the Board of Directors and Management

XYZ Company

The signature on the compilation report can be manual, printed, or digital.

If the accountant’s letterhead includes the city and state where the accountant practices, then the city and state can be omitted from the bottom of the compilation report.

The date of the compilation report should be the date the accountant completes the compilation procedures.

Omission of Substantially All Disclosures

Can the accountant omit all disclosures (notes to the financial statements) in a compilation engagement? Yes. Alternatively, the accountant can provide selected disclosures or if needed, full disclosure. In short, the accountant can do any of the following:

The compilation report should disclose the omission of substantially all disclosures with language such as the following:

Management has elected to omit substantially all the disclosures ordinarily included in financial statements prepared in accordance with the tax-basis of accounting. If the omitted disclosures were included in the financial statements, they might influence the user’s conclusions about the company’s assets, liabilities, equity, revenue, and expenses. Accordingly, the financial statements are not designed for those who are not informed about such matters.

The engagement letter should describe the level of disclosure to be included in the financial statements.

Reporting Known Departures from the Reporting Framework

Compilation report

If the accountant becomes aware of a material departure from the basis of accounting that is not corrected, he should modify the compilation report to disclose the departure. For example:

Management is responsible for the accompanying financial statements of XYZ Company, which comprise the balance sheets as of December 31, 20X2 and 20X1 and the related statements of income, changes in stockholder’s equity, and cash flows for the years then ended, and the related notes to the financial statements in accordance with accounting principles generally accepted in the United States of America. I (We) have performed compilation engagements in accordance with Statements on Standards for Accounting and Review Services promulgated by the Accounting and Review Services Committee of the AICPA. I (we) did not audit or review the financial statements nor was (were) I (we) required to perform any procedures to verify the accuracy or completeness of the information provided by management. I (we) do not express an opinion, a conclusion, nor provide any assurance on these financial statements.

Accounting principles generally accepted in the United States of America require that material impairments in the fair value of owned property be recognized in the balance sheet. Management has informed us that a recent appraisal of its Fumbleton office reflected a fair value of $2.25 million less than carrying value. If accounting principles generally accepted in the United States of America were followed, the buildings and equity accounts would have decreased by $2.25 million.

[Signature of accounting firm or accountant, as appropriate]

[Accountant’s city and state]

[Report Date]

The effects of the departure, if known, should be disclosed in a separate paragraph of the compilation report. If the effects of the departure are not known and cannot be readily determined with the accountant’s procedures, the compilation report should include a statement that the determination has not been made by management.

The accountant may not issue a compilation report that states the financial statements (as a whole) are not presented in accordance with the applicable financial reporting framework. Doing so is considered, in effect, an adverse opinion. An adverse opinion can only be expressed in an audit engagement.

Reporting When There are Other Accountants

Other accountants might perform a compilation of a subsidiary. What is your reporting responsibility if you are performing a compilation of a consolidated entity that includes the subsidiary? The compilation report for the consolidated entity is not altered to make a reference to the other accountant. AR-C 80 is silent in regard to whether you are required to obtain a copy of the other accountant’s compilation report.

Going Concern in Compilations

If the accountant becomes aware of uncertainties with regard to an entity’s ability to continue as a going concern, he may suggest additional disclosures. Without the additional going concern disclosures, it is possible that the financial statements could be misleading.

If substantially all disclosures are omitted from the financial statements, disclosure of the going concern uncertainty is not required. Even so, the accountant should be careful not to issue financial statements that are misleading. If needed, ask management to include the requisite going concern disclosures.

If the necessary going concern disclosures are not added and the financial statements are misleading, the accountant should consider withdrawing from the engagement.

Is it permissible to include an emphasis-of-a-matter paragraph in a compilation report? Yes.

The following is an example of a going concern uncertainty paragraph that could be added to a compilation report:

Going Concern

As discussed in Note H, certain conditions indicate that the Company may be unable to continue as a going concern. The accompanying financial statements do not include any adjustments that might be necessary should the Company be unable to continue as a going concern.

When Independence is Lacking

Where should an accountant’s lack of independence be noted in the compilation report? The accountant can disclose his lack of independence in the last paragraph of the compilation report with wording such as:

I am (We are) not independent with respect to XYZ Company.

The reason for the lack of independence need not be included, but if the accountant includes one reason for a lack of independence, then all such reasons should be included.

If independence is impaired and the accountant desires to provide the reason independence is impaired, the compilation report may include wording such as:

We are not independent with respect to XYZ Company as of and for the year ended June 30, 2019, because an engagement team member made management decisions on behalf of XYZ Company.

Special Purpose Frameworks and Compilations

compilation engagements

The compilation report should highlight the use of a special purpose framework when one is used.

If a special purpose framework is used and disclosures are included, then the compilation report should include a separate paragraph such as the following:

We draw attention to Note X in the financial statements, which describes the basis of accounting. The financial statements are prepared in accordance with the tax-basis of accounting, which is a basis of accounting other than accounting principles generally accepted in the United States of America.

If disclosures are omitted, the separate paragraph could read as follows:

The financial statements are prepared in accordance with the tax-basis of accounting, which is a basis of accounting other than accounting principles generally accepted in the United States of America.

Unless the entity elects to omit substantially all disclosures, the compilation report should be modified to describe departures when the financial statements do not contain:

  1. A description of the special purpose framework
  2. A summary of significant accounting policies
  3. A description of how the special purpose framework differs from GAAP
  4. Disclosures similar to those of GAAP

The description of the special purpose framework can be included in the titles of the financial statements or the notes. If the financial statements omit notes, the financial statement titles should include the special purpose framework; for example, Statement of Revenues and Expenses—Tax Basis.

If substantially all disclosures are omitted, then 2, 3, and 4 above are not necessary. However, the accountant should include a separate paragraph in the accountant’s compilation report stating that management elected to omit substantially all disclosures. (See the preceding section titled Omission of Substantially All Disclosures.)

Click here for more information about which special purpose framework you should use.

Other Historical Information

In addition to historical financial statements, AR-C 80 may be applied to the following:

  • Specified elements, accounts, or items of a financial statement, including schedules of:
    • Rents
    • Royalties
    • Profit participation, or
    • Income tax provisions
  • Supplementary information
  • Required supplementary information
  • Pro forma financial information

Prospective Information and Compilations

AR-C 80 can be applied to prospective information.

Prospective financial information is defined as any financial information about the future.

Prospective financial information can be presented as:

  • A complete set of financial statements, or
  • One or more elements, items, or accounts

If you prepare prospective financial information, the summary of significant assumptions must be included Why? It is considered essential to the user’s understanding of such information.

If you prepare a financial projection, you should not exclude:

  • The identification of hypothetical assumptions, or
  • The description of the limitations on the usefulness of the presentation

The compilation report should include statements that:

  • The forecasted or projected results may not be achieved and
  • The accountant assumes no responsibility to update the report for events and circumstances occurring after the date of the report

AR-C 80 references the AICPA Guide Prospective Financial Information as suitable criteria for the preparation and presentation of prospective financial information.

Prescribed Forms and Compilations

Is it permissible to perform a compilation engagement with regard to prescribed forms?

Yes. There is nothing in the SSARSs that prohibits the accountant from performing a compilation engagement with regard to prescribed forms (e.g., bank personal financial statement).

When a bank, credit union, regulatory or governmental agency, or other similar entity designs a prescribed form to meet its needs, there is a presumption that the required information is sufficient. What should be done if the prescribed form conflicts with the applicable basis of accounting? For example, what if the prescribed form requires all numbers to be in compliance with GAAP with the exception of receivables? Follow the form, and no departure from the applicable reporting framework exists. In effect, the form and its related directions are treated as though they are the applicable reporting framework. The accountant must report departures from the prescribed form and related instructions as a departure from the applicable financial reporting framework. Include any significant departures in the compilation report. (See the preceding section titled Reporting Known Departures from the Applicable Financial Reporting Framework.)

If the prescribed form includes a compilation report not in conformity with AR-C 80, the report should not be signed. Append an appropriate compilation report to the prescribed form.

Compilation Engagements Conclusion

There you have it. Now you know how to perform a compilation engagement.

The main things to remember are (1) you need a signed engagement letter, (2) always include a compilation report with the financial statements, and (3) read the financial statements to determine if they are appropriate.

If you desire to issue financial statements without a compilation report, read my article about the use of AR-C 70, Preparation of Financial Statements.

If you desire to issue financial statements in conjunction with a review engagement, read my article about the use of AR-C 90, Review Engagements.

Excuses for unnecessary workpapers
Nov 29

Seven Excuses for Unnecessary Audit Work Papers

By Charles Hall | Auditing

Unnecessary audit work papers create clutter and potential legal problems.

I see two problems in most work paper files:

(1) Too much documentation, and
(2) Too little documentation

I have written an article titled: Audit Documentation: If It’s Not Documented, It’s Not Done. Since I’ve already addressed the too little documentation issue, I’ll now speak to the other problem: too much documentation.

unnecessary audit work papers

Unnecessary Audit Work Papers

Over the last thirty-five years, I have reviewed audit files for CPA firms and have commonly asked this question: Why is this work paper in the file?

Here are a seven answers I’ve received.

1. It was there last year.

But is it relevant this year? Resist the temptation to mindlessly bring forward work papers from the prior year. Performing a proper audit entails risk assessment (e.g., walkthroughs, analytics), planning (i.e., creating an audit plan), and execution (i.e., carrying out the audit plan). Likewise, compilations and reviews should reflect current year planning and performance.

2. The client gave it to me.

Inexperienced auditors tend to put everything given to them in the file. Some auditors believe “if the client gave it to me, it must be important.” But this is not necessarily true. Every work paper needs a purpose.

3. I may need it next year.

Then save it for next year—somewhere other than in the current file. If the information does not provide current year engagement evidence, then it does not belong in the file.

Consider creating a file for next year and placing next year’s information in that file. Or create a folder in the current year file titled: Next year’s work papers. Then move this section to next year’s file as you close the engagement.

4. I might need it this year.

Before going paperless (back in the prehistoric days when we moved work papers with hand trucks ), I kept a manila folder titled: File 13. The physical folder was my hang-on-to-it-in-case-I-need-it repository.

Since my files are now paperless, I create an electronic folder titled Recycle Bin that sits at the bottom of my file. If I receive information that is not relevant to the current year (but there is a chance I will need it), I move it to the recycle bin, and when I am wrapping up the engagement, I dispose of the folder.

5. It’s an earlier version of a work paper.

Move earlier versions of work papers to your recycle bin—or delete them.

6. I need it for my tax work.

Then it belongs in the tax file (unless it’s related to your attest work – e.g., deferred taxes).

7. We always do this.

But why is it being done this year? Maybe a fraud was missed ten years ago and the partner said, from now on we will…

Are these procedures still relevant?

The test of details, substantive analytics, and test of controls should be in response to the current year audit risk assessment and planning.

Reducing Legal Exposure

The most important reason for minimizing work paper content is to reduce your legal exposure. Excess work papers may provide ammunition to an opposing attorney: “Mr. Hall, here’s a work paper from your own audit file that reveals fraud was occurring, and you didn’t see it?” (So don’t, for example, leave the full general ledger in your work papers.)

What are your thoughts about removing unnecessary audit work papers?

1 2 3 40
>