The Balance Sheet Audit Approach: Slaying a Sacred Cow

By Charles Hall | Auditing

Apr 18

Sacred cows make great steaks. Richard Nicolosi.

Risk-based audit standards have existed for years, but I still see a resistance to risk assessment procedures. Why? A reliance on the traditional balance sheet audit approach. I think many auditors prefer to test a bank reconciliation (ticking off each cleared transaction) to interviewing the company’s CFO. They enjoy the certainty of vouching payables (yep, the invoice agrees with the payable detail) and disdain the difficulty of walking a transaction through the accounting system. Regardless, many CPA firms struggle to slay the sacred cow of balance sheet audits.

What is a Balance Sheet Audit?

So what is a balance sheet audit approach?

It’s the examination of period-end balance sheet totals (the results of accounting processes) rather than the accounting processes themselves. For example, the auditor might confirm receivables and not perform a walkthrough of billing and collections. The balance sheet audit approach lacks any significant focus on the income statement.

While it is true that nailing down (or “beating up”) the balance sheet provides helpful audit evidence, there are some downsides.

The Downside of Balance Sheet Audits

So what are the weaknesses of a balance sheet audit approach?

First, the balance sheet approach does not address the income statement. Consequently, income statement line items may be misclassified (e.g., expenses netted with revenues). If the balance sheet is correct, net income (the result of revenues and expenses) is correct. But revenues and expenses can still be misclassified. (I once saw grant revenue of $300,000 netted with related grant expenses resulting in a $0 impact to revenues and expenses.)

Secondly, and more importantly, the balance sheet audit method does not address the possibility of theft (and some forms of fraudulent reporting of revenues and expenses). Sure we can confirm cash and reconcile the balance to the general ledger. So what? If someone steals $1 million in cash receipts (or $10 million or whatever number you want to use), the balance sheet approach may not address the risk of theft.

The same is true if the CFO steals money by cutting checks to himself (or to fictitious vendors). The accounts payable balance can be reconciled to a detail, and a search for unrecorded liabilities can be performed–typical balance sheet audit steps–but these procedures don’t address theft.

Finally, audit standards require walkthroughs, fraud inquiries, planning analytics, and an understanding of the business. Without these steps, we cannot truly understand audit risks that lie hidden in accounting processes.

balance sheet audit

Picture from

The Upside of Risk-Based Audits

I still believe that auditors can save time using a risk-based audit approach.

Understanding the business and its processes requires time, but doing so can lead to a leaner audit. You can decrease some substantive procedures when you know where your risks are. We can also mitigate audit risk (because we know what the risks are).

And this is the beauty and logic of risk-based audits. We determine where the risks are, and then we perform procedures to address those risks. We cease to blindly focus on the balance sheet. 

Less time, less risk.

Sounds good to me–but slaying a sacred cow is necessary. I like my steaks medium rare. How about you?

Agree or disagree? Please let me know.

Learn from my CPA Hall Talk newsletter!

Get my free accounting and auditing digest with the latest content.

Powered by ConvertKit

About the Author

Charles Hall is a practicing CPA and Certified Fraud Examiner. For the last thirty years, he has primarily audited governments, nonprofits, and small businesses. He is the author of The Little Book of Local Government Fraud Prevention and Preparation of Financial Statements & Compilation Engagements. He frequently speaks at continuing education events. Charles is the quality control partner for McNair, McLemore, Middlebrooks & Co. where he provides daily audit and accounting assistance to over 65 CPAs. In addition, he consults with other CPA firms, assisting them with auditing and accounting issues.

  • Jeremy Weaver says:

    This is a great read. I do agree. It’s interesting because the PCAOB is requiring more of this to the point of absurdity.

    I think the biggest flaw of the risk based approach is the lack of real understanding by the staff and seniors. They know how to tick and tie. The higher lever risk based analysis seems to never be “apprenticed” down to the young guys so it resembles the balance approach longer. The leverage model of the hourly billing model does not help.

    IN FACT, if firms would adopt risk based pricing and stop tracking hours, I bet things would change quite a bit. Yes, Ron Baker ruined me.

    Another problem is the university community has been slow to adopt the risk based approach so students are coming out knowing how to vouch, and not assess the effectiveness of controls.

    Great read!

  • Charles – I agree with your article. I have been applying the risk based audit approach for 9 years now and in most of my audits I find client errors that would not be found in a balance sheet audit approach. Sure I audit the balance sheet via confirmations, testing year end amounts as needed, but performing walkthroughs of billing, cash receipts, cash disbursements and payroll has given me a deeper knowledge of the Organization (all my clients are nonprofits) and led to recommending processes to strengthen internal control which only makes a stronger well run Organization and less susceptible to fraud and potential client errors.

  • Jeremy, I have wondered for while now why auditors are hesitant to embrace the risk-based method. I think it has something to do with accountants and auditors being “black and white” decision makers. We like binary decisions. It seems many auditors don’t enjoy making judgments. We want debits and credits.

  • Kim, I agree. One of the added benefits of risk-based auditing is the ability to make value-add recommendations. Auditors can better see weaknesses in systems and make suggestions for improvement. I guess I’m strange, but I love doing walkthroughs. Thanks for your comment.

  • Linda Swick says:

    I see it from the client side because I’m the CFO. I want my organization to get at least some value from the big bucks we’re paying for the audit. If the auditors don’t do walk throughs or try to have some understanding of our procedures, I know they aren’t going to have any helpful comments for us. Walk throughs may be time consuming for our staff and they might complain, but too bad! In my experience, the first year or two with a new audit firm, they’ll do more risk assessment procedures. After that, they come in and ask if anything changed from the prior year. We say, “no”. They check off the box on their checklist and move on. Disappointing.

  • Linda, yes, indeed. If auditors don’t perform risk assessment procedures such as walkthroughs, then they are taking short-cuts. And yes, the value of the audit decreases, because the auditor is less aware of weaknesses in the client’s accounting system. The result: no management letter or a standard letter with little content.

  • Anonymous says:

    Hi Charles,

    I like your book so much. I am an English as a second language accounting student in Canada. I find the audit textbook is so difficult to understand because I do not have auditing experience. After I read your book, I find it helps me to understand the theory in the textbook.I regret I did not find this blog and the book earlier. I will keep on reading your posts, please post more

  • Thanks for your kind comments. Glad you found the book helpful. A review on Amazon would be much appreciated.

  • >