Should the auditor disclose elements of governance related audit programs to the audit committee and others--what do you think? | AccountingWEB

Should the auditor disclose elements of governance related audit programs to the audit committee and others--what do you think?

By Dave Tate, CPA, Esq. - I am going to stick my neck out a little on this one. Your comments are welcome. Perhaps I am off base a little. Perhaps not. However, here goes.

Various auditing standards now require the outside auditor to evaluate the effectiveness of governance oversight and related performance. Historically, audit programs have been considered confidential. They are proprietary in nature, and, arguably, disclosing areas of inquiry could better allow the audited entity to avoid or hide the detection of financial misstatement and fraud.

But, what is, or what should be the intent of the old and new auditing standards that require auditor inquiry and evaluation regarding governance related matters? It seems to me that the intent is different from the historical intent of audit programs. With respect to governance, does the auditor have a concern that the audit committee, or the board, or even the CFO will become aware of the areas of inquiry and evaluation, and that as a result, any of those people will be able to circumvent the governance related auditing process? Instead, for example, if an audit committee knew what governance areas will be evaluated, and what questions would be asked, wouldn’t the audit committee work to ensure that those areas of governance are in accord with requirements that the auditor will be looking for? And, shouldn’t that be the intent of governance audit and evaluation--to better ensure that prudent or best practices are followed?

Of course, the audit committee, the board, or the CFO could misrepresent the truth of the sufficiency of governance, but they could do so even if they did not have prior knowledge of the areas of inquiry. In any event, regardless of the responses provided, the auditor may still want to independently confirm that the responses are in fact correct.

So, what are some of the possible governance areas in the auditing standards for which disclosure of auditing program inquiry areas and specific inquiries might be beneficial? The following are possible examples:

SAS 114, The Auditor's Communication with Those Charged with Governance, states in part that other planning matters that the auditor may consider discussing with those charged with governance include:

-The views of those charged with governance about the appropriate people in the entity’s governance structure with whom to communicate; the allocation of responsibilities between those charged with governance and management; the entity's objectives and strategies, and the related business risks that may result in material misstatements; matters those charged with governance consider warrant particular attention during the audit, and any areas where they request that additional procedures to be undertaken; significant communications with regulators; and other matters those charged with governance believe are relevant to the audit of the financial statements.

-The attitudes, awareness, and actions of those charged with governance concerning the entity's internal control and its importance, including how those charged with governance oversee the effectiveness of internal control, and the detection or possibility of fraud.

-The actions of those charged with governance in response to developments in financial reporting, laws, accounting standards, corporate governance practices, and other related matters.

-The actions of those charged with governance in response to previous communications with the auditor.

SAS 99, Consideration of Fraud in a Financial Statement, states that the auditor should inquire directly of the audit committee (or at least its chair) regarding the audit committee's views about the risks of fraud and whether the audit committee has knowledge of any fraud or suspected fraud affecting the entity. The auditor also should obtain an understanding of how the audit committee exercises oversight of the entity's assessment of the risks of fraud and the programs and controls the entity has established to mitigate those risks.

SAS 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement, provides that during the process of an audit, the outside auditor should obtain an understanding of the five components of internal control sufficient to assess the risk of material misstatement of the financial statements whether due to error or fraud, and to design the nature, timing and extent of further audit procedures.

Statement on Auditing Standards 109 describes control environment as setting the tone of the organization, and influencing the control consciousness of its people. The primary responsibility for the prevention and detection of fraud and error rests with those charged with governance and the management of the entity. In evaluating the design of the entity's control environment, the outside auditor is required to consider the entity's processes in the following areas:

-Communication and enforcement of integrity and ethical values;

-Commitment to competence;

-Participation of those charged with governance, including the audit committee and possibly the board of directors;

-Management's philosophy and operating style;

-Organizational structure;

-Assignment of authority and responsibility; and

-Human resource policies and practices.

With respect to evaluation of the participation of those charged with governance, SAS 109 specifically identifies independence from management, the experience and stature of those charged with governance, the extent of their involvement in and scrutiny of activities, the information that those charged with governance are provided, the degree to which difficult questions are raised and pursued with management, the ability of those charged with governance to evaluate the actions of management, interaction with internal and outside auditors, communications between management and those charged with governance, and the ability of those charged with governance to understand the entity's business transactions and evaluate whether financial statements are presented fairly in conformity with generally accepted accounting principles.

SAS 112, Communicating Internal Control Related Matters Identified in an Audit Statement on Auditing Standards 112, provides in part that each of the following is an indicator of a control deficiency that should be regarded as at least a significant deficiency and a strong indicator of a material weakness in internal control:

-Ineffective oversight of the entity's financial reporting and internal control by those charged with governance;

-An ineffective internal audit function or risk assessment function for an entity for which those functions are important to the monitoring or risk assessment component of internal control; and

-An ineffective control environment.

What do you think?

Dave Tate, CPA, Esq.

* * * * *

Bloggers crew

Steve Knowles has spent 25 years in business and practice in the UK, but he also worked in the states and the years haven't dulled his way of seeing an alternative view to everyone else, and every day is a new adventure.


Joel M. Ungar, CPA is a lifelong resident of the Detroit area and a graduate of The University of Michigan. He is a principal with Silberstein Ungar, PLLC, a Top 15 auditor of SEC public reporting companies.


Allan Boress, CPA, with over 25 years as a practitioner and consultant to the accounting profession. Mr. Boress is the author of 12 published books in 6 different languages, including a best-seller, The "I-Hate-Selling" Book.


Larry Perry, CPA, CPA Firm Support Services, LLC, is the author of accounting and auditing manuals, author and presenter of live staff training seminars, and author of webcast and self-study CPE programs. He blogs about small audits, reviews, and compilations.

Sandra Wiley, COO and Shareholder, is ranked by Accounting Today as one of the 100 Most Influential People in Accounting as a result of her prominent role as an industry expert on HR and training as well as influence as a management and planning consultant. She is also a founding member of The CPA Consultant's Alliance. Sandra is a certified Kolbe™ trainer who advises firms on building balanced teams, managing employee conflict and hiring staff.

Maria Calabrese, CIR, Human Resources manager for Fazio, Mannuzza, Roche, Tankel, LaPilusa, LLC in Cranford, New Jersey, Maria's topics revolve around the world of: Mentoring, Performance management, and The "Y Generation," a.k.a. "The whY generation".


William Brighenti is a CPA, Certified QuickBooks ProAdvisor, and Certified [Business] Valuation Analyst, operating an accounting, tax, and QuickBooks consulting firm in Hartford, Connecticut, Accountants CPA Hartford.


Ken Garen, CPA, is the co-founder and President of Universal Business Computing Company (, a software development firm of high-volume, high-productivity accounting and payroll technology.


Eva Rosenberg, MBA, EA, is the publisher of, and author of the weekly syndicated Ask TaxMama column. She provides answers to tax questions from taxpayers and tax professionals worldwide.


Amy Vetter, CPA, CITP is the CPA Programs Leader for Intacct Corporation responsible for leading the CPA/BPO Partners nationally.

Brian Strahle is the owner of LEVERAGE SALT, LLC where he provides state and local tax technical services to accounting firms, law firms and tax research organizations across the United States. He also writes a weekly column in Tax Analysts State tax Notes entitled, "The SALT Effect." For more info, visit his website:
Scott H. Cytron, ABC, is president of Cytron and Company, known for helping companies and organizations improve their bottom line through a hybrid of strategic public relations, communications, marketing programs and top-notch client service. An accredited consultant, Scott works with companies, organizations and individuals in professional services (accounting, finance, medical, legal, engineering), high-tech and B2B/B2C product/service sales.

Rita Keller is a nationally known CPA firm management consultant, speaker, author, mentor and blogger. She has over 30 years hands-on experience in CPA firm management, marketing, technology and administrative operations.

Stacy Kildal is the mom of two fantastic kids, an Advanced Certified QuickBooks ProAdvisor, Certified Enterprise Solutions ProAdvisor, Sleeter Group Certified Consultant, a nationally recognized member of the Intuit Trainer and Writer Network, and co-host of RadioFree QuickBooks.
Michael Alter's blog specializes in providing practical advice to those who seek greater profitability and practice management tactics that enhance deeper client relationships.

Sally Glick, CMO, Principal, Marketer of the Year in 2003 and AAM Hall of Famer in 2007, leads a lively discussion of the constantly expanding roles of marketing and the professional marketers that drive this initiative in accounting firms of all sizes.


The IMA Young Professionals Blog features the insights of IMA’s Young Professionals Committee. Committee members share advice and experiences on careers, continuing education, work/life balance, and other issues affecting young accounting and finance professionals.


FEI Financial Reporting Blog provides highlights from SEC, PCAOB, FASB, IASB, and other regulatory news, including reporting under Sarbanes-Oxley Sect 404. It is written by Edith Orenstein, Director of Technical Policy Analysis at FEI.


Sue Anderson has 30 years of experience in continuing education for accountants. Currently she is the program director for online CPE provider CPE Link.


Jim Fahey is COO of Apple Growth Partners, a regional CPA firm in Ohio. His focus is on the effective and efficient use of technology within the firm by all team members.

Caleb Newquist is the Editor-in-Chief of Sift Media US, overseeing content for both AccountingWEB and Going Concern.

Leita Hart-Fanta, CPA, CGFM, and CGAP is the author of "The Yellow Book Interpreted" and owner of a website devoted to training for governmental auditors.


AccountingWEB is more than just a U.S. team of journalists and financial and technology experts - we have an international side, too! Members of our British team who publish share their ideas, insights, and perspectives from across the pond.