Wrapping up audits is a chore. But today's post will help you do just that.
Do you ever have the almost-done illusion? You think you’re almost done, but you’re not—and you’re not even close. Frustrating!
What? I’m Not Done?
I remember my boss asking me, “what’s the status of the audit?” I answered, “oh, I’m about 90% done.” But actually I was—at best—75% through. Why the miscalculation? I mistakenly thought if the planning and transaction areas (e.g., cash) were complete, that I was nearly finished. I was wrong. Wrapping up audits takes (or least can take) a significant amount of time.
Wrapping Up Audits — An Overview
In the final stages of an audit, we are (among other things):
- Updating subsequent events
- Considering going concern
- Creating final analytics
- Providing audit entries to the client
- Summarizing passed journal entries
- Reviewing the file
- Creating financial statements
- Completing the disclosure checklist
- Reviewing financial statements
- Obtaining a management representation letter
- Creating your audit opinion
- Creating a management letter
- Communicating control deficiencies
There is no required order for these steps. The sequence provided below is simply my normal method.
Let’s start with subsequent events.
Updating Subsequent Events
The financial statements should disclose material subsequent events such as legal settlements, the issuance of debt, the adoption of a benefit plan, or the sale of stock. And while disclosure is important, subsequent events—such as legal settlements—can affect the year-end balance sheet. Some subsequent events trigger the accrual of liabilities.
Here are common subsequent event procedures:
- Inquire of management and company attorneys about subsequent events
- Review subsequent receipts and payments
- Read the minutes created after period-end
- Review subsequent interim financial statements
- Review the subsequent year’s budget
- Obtain an understanding of management’s methods for accumulating subsequent event information
In performing these procedures, obtain subsequent event information through the audit report date.
If you’ve sent attorneys’ letters asking about potential litigation, you may need to get an update to coincide with the audit report date. You want the attorney’s written response to be as close to the audit report date as possible. How close? Usually within two weeks. If there are significant issues, you may want to bring the written response through the audit report date.
Another critical issue in wrapping up audits is going concern.
Considering Going Concern
Even in the planning stage, auditors should consider going concern, especially if the entity is struggling financially. But as you approach the end of the audit, going concern should crystallize. Now you have your audit evidence, and it’s time to determine if a going concern opinion is necessary. Also, consider whether going concern disclosures are sufficient. If substantial doubt is present, then the entity should include going concern disclosures (even if substantial doubt is alleviated by management’s plans).
And what is substantial doubt? The Financial Accounting Standards Board defines it this way:
Substantial doubt about the entity’s ability to continue as a going concern is considered to exist when aggregate conditions and events indicate that it is probable that the entity will be unable to meet obligations when due within one year of the date that the financial statements are issued or are available to be issued.
So, for nongovernmental entities, ask “Is it probable that the company will meet its obligations for one year from the opinion date?” If it is probable that the entity will meet its obligations, then substantial doubt does not exist. If it is not probable that the entity will meet its obligations, then substantial doubt exists.
And what is the period of time to be considered when assessing going concern? One year from the audit report date—unless the entity is a government. If the entity is a government, then the evaluation period is one year from the financial statement date (though this period can lengthen in certain circumstances).
The going concern evaluation is one that management makes as it considers whether disclosures are necessary.
Then the auditor considers going concern from an audit perspective. If substantial doubt is present, the auditor issues a going concern opinion. Also, if going concern disclosures are incorrect or inadequate, the auditor may need to modify the opinion.
Wrapping up audits also includes the creation and review of final analytics.
Creating Final Analytics
Auditors create planning analytics—the comparison of key numbers—early in the audit. Why? To look for the risk of material misstatement. Unexpected changes in numbers are indicators of potential error or fraud. They create questions. When unexpected variations exist, auditors plan procedures to test why.
So, what is the purpose of final analytics? To determine whether unanswered questions still exit. Auditors want to know, given the audit evidence in hand, that the numbers are fairly stated.
What analytics should you use? Audit standards don’t specify particular analytics. Some auditors read the financial statements (when comparative periods are presented). Others review key ratios. And some compare current year trial balance numbers with the prior year.
My final analytics are often the same as those in the beginning. For example, if my planning analytics include a comparison of trial balance numbers, so will my final analytics. Why do I use the same analytics? I want to know that the questions raised in the beginning are now answered.
In wrapping up your audits, consider the numbers important to your clients. Many auditors—in an exit conference—provide key analytics to management and board members, such as performance indicators or liquidity ratios. Consider whether these numbers should be a part of your final (and planning) analytics.
Now, you are ready to provide your proposed audit entries.
Providing Audit Entries to the Client
Give your audit entries to your client. Hopefully, you discussed these adjustments with your client when you discovered them. If you did, this part is easy. You’re just giving your client the entries. If not, review the proposed adjustments with the client and see if they agree.
Your client may desire to pass on (not post) some immaterial entries.
Summarizing Passed Journal Entries
Prior to creating the representation letter, the auditor needs to summarize passed journal entries. Why? Audit standards require management to provide a written assertion regarding whether the uncorrected misstatements are material. The summary assists in that determination.
Once you summarize the uncorrected misstatements, you should consider whether they are material. Review your audit materiality and consider whether the passed adjustments are acceptable. If material uncorrected misstatements exist, consider the effect on your opinion.
In addition to all of the above, you need to review the audit file to make sure everything is in order.
Reviewing the File
Perform your final review of the work papers and sign off as the reviewer. All preparer and reviewer dates must precede or coincide with the representation letter date (which is the opinion date). Why? Reviews are a part of your evidential matter. Documentation—including reviews—must exist no later than the opinion date.
See my article titled Seven Excuses for Unnecessary Audit Work Papers.
Once the audit file is ready, it’s time to create the financial statements (if you’ve been engaged to do so).
Creating Financial Statements
Larger entities usually create their own financial statements, but smaller organizations sometimes outsource this work to their auditors.
If the auditor creates the financial statements, the following needs to occur:
- The audit firm creates the financial statements.
- The audit firm reviews the financial statements
- The client reviews the financial statements
If you (the auditor) are engaged to create the financial statements, complete them on time. Why? Management must read and take responsibility for the financial statements prior to signing the representation letter.
Also, the auditor’s review of the financial statements needs to be completed prior to the date of management’s representation letter. Why? All evidential matter, including the audit firm’s review of the financial statements, must be complete before the opinion is issued.
So, management and the auditor must review the financial statements before the opinion is issued. We’ll discuss the financial statement review process for auditors in a moment, but before we do, let’s take a look at completing the disclosure checklist.
Completing the Disclosure Checklist
Whether you or your client creates the financial statements, a disclosure checklist helps ensure the completeness and propriety of the notes. Remember your audit opinion covers the financial statements and the disclosures.
Since new accounting standards are issued throughout the year, make sure you use a current checklist. Otherwise, you may not be aware of new or amended disclosure requirements.
Now it’s time to review the financial statements.
Reviewing Financial Statements
If your audit firm creates the financial statements, at least two people should be involved—one creating and one reviewing. Why? Two reasons: (1) the self-review threat (an independence issue) and (2) blind spots.
So, what is a self-review threat? It’s the idea that the person creating something (e.g., the financial statements) will not be independent in reviewing the same. Why is this a problem? Well, we are issuing an independent auditor’s opinion. That’s why we need a second-person review of the financial statements—to mitigate the self review threat.
Additionally, a second-person review is useful in overcoming blind spots. If I create financial statements with errors, I may not see my own mistakes. I have a blind spots. Such errors are often readily apparent to a second person.
See my post about reviewing financial statement on a computer screen.
Once the financial statements have been prepared and reviewed by your audit firm and your client, it’s time to obtain the management representation letter, another step in wrapping up audits.
Obtaining a Management Representation Letter
The management letter is usually prepared by the audit firm and is provided to the client for signing. In the letter, the client is making certain assertions regarding issues such as the following:
- Management’s responsibility for the financial statements
- Management’s responsibility for internal controls
- Assurances that all transactions have been recorded
- Whether known fraud has occurred
- Whether known non-compliance with laws or regulations occurred
- The effects of uncorrected misstatements
- Litigation
- The assumptions used in computing estimates
- Related party transactions
- Subsequent events
- Supplementary information
- Responsibility for nonattest services
The representation letter should cover all financial statements and periods referred to in the auditor’s report. If management refuses to provide the management letter, then consider the effect upon the auditor’s report. Such a refusal constitutes a scope limitation and will usually preclude the issuance of an unmodified opinion.
Another part of wrapping up audits is creating your audit opinion.
Creating Your Audit Opinion
You’ve planned and performed your audit.
Now you need to consider the type of opinion you’ll issue. If an unmodified opinion is merited, no problem. Use the standard opinion. But if you are going to qualify the opinion, or issue a disclaimer or adverse opinion, there’s more work to be done. Additionally, sometimes you need to add an emphasis-of-matter paragraph or an other-matter paragraph to your opinion.
Determine which opinion is appropriate. Most CPAs use sample reports from national publishing companies. Others use sample reports directly from the auditing standards. Regardless, place a copy of the sample report in your audit file. Why? Your peer reviewer—or someone else—might question your report language. Responding to such questions is much easier with the sample report in hand.
Create your opinion and have a second person review the report, comparing the opinion to the sample report. Check and recheck your wording.
Another consideration in wrap-up is whether you’ll issue a management letter.
Creating a Management Letter
While not required, you can provide a written management letter to your audit client. Why would you do so? To add value to the audit.
What is a management letter? Suggestions for improving the business.
What should you include in the letter? It’s up to you (and dependent upon your observations during the audit), but here are a few examples:
- Suggested monthly reports for the owners or management
- Warnings regarding cyber attacks and prevention techniques
- A suggestion that excess cash be used to pay off high interest rate debt
- Procurement and bidding recommendations
- A suggestion that security cameras be installed
- Software recommendations
- A recommendation that all equipment be physically inspected and reconciled to the property ledger
- A suggestion that the company review its property insurance coverage
- Best practices for the implementation of new accounting standards
If you provide a management letter, give the client a draft prior to issuance. Why? To avoid the embarrassment of making inappropriate suggestions—maybe they’ve already done what you are suggesting, for example.
In addition to the management letter, you may also need to communicate significant deficiencies and material weaknesses.
Communicating Control Deficiencies
Audit standards define significant deficiencies and material weaknesses as follows:
- Significant deficiency. A deficiency, or a combination of deficiencies, in internal control that is less severe than a material weakness yet important enough to merit attention by those charged with governance.
- Material weakness. A deficiency, or a combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected, on a timely basis.
Auditing standards require a written communication of significant deficiencies and material weaknesses.
Control deficiencies are often noted during the risk assessment process, particularly as you perform walkthroughs.
You may also note control weaknesses as you prepare audit journal entries, especially if the adjustments are material. Errors are usually the result of weak internal controls.
Regardless of how you become aware of the control weaknesses, capture them immediately. Otherwise, you may forget them later on. Also, if control weaknesses are material, you may need to communicate them to management when they are discovered (and again at the completion of the audit).
As you are wrapping up audits, create your internal control letter based on the weaknesses noted.
Consider providing a draft of the internal control letter to management prior to final issuance. Why? To avoid potential misunderstandings. If there’s a disagreement between the client and the auditor, it’s best to clear the issue prior to final issuance of the internal control letter.
One other suggestion: if there are sensitive issues, the senior audit team member (usually the engagement partner) should make this communication. It’s a time to speak the truth with tactfulness—and experience helps.
I started this chapter by saying that wrap-up can take a significant amount of time. As we have seen, there is much to be done in this closing stage of the engagement.
Wrap Up Procedures in Auditing - A Simple Summary
Here’s a summary of wrap up procedures in auditing:
- Perform subsequent event procedures to ensure that all relevant information is included in the financial statements
- Consider whether going concern disclosures are necessary and, if required, complete; also consider the need for a going concern opinion
- Create final analytics and determine if all significant variations in the numbers have been addressed
- Provide proposed audit entries to the client
- Summarize and review all passed journal entries to ensure that material misstatements are not present
- Review the work paper file
- Create the financial statements (if you have been engaged to do so)
- Complete a current disclosure checklist
- Review the financial statements
- Obtain a signed management representation letter
- Create your audit opinion
- Create a management letter
- Communicate significant deficiencies and material weaknesses
There you have it: the wrap-up process. Now, when your boss asks, “what’s the status of the audit?” you can say, “I’m at 90 percent”—and be sure of it.
This post is a part of a series of articles title The Why and How of Auditing. Check it out. The series is also available as a book on Amazon. Be one of the thousands who have purchased this resource. You'll find it useful as a partner or a staff member.
John, Thanks.
When new staff are involved in an engagement, I think it’s a must for reviews to occur as often as possible. For more experienced staff, those reviews might be done weekly (or every two weeks). It just depends on the level of the personnel. But, yes, it’s good to “touch” the file as few times as possible.
Great article, Charles, thank you. How do we reconcile the concept of “minimizing touches” because of inefficiency to constant monitoring and review-as-you-go? I prefer the second for the reasons you state above, but a lot of productivity guidelines suggest otherwise.