It is my habit to send my course materials to all of my clients a few weeks in advance so they have time to make copies for the participants. Usually clients look over them and don’t say anything about what they see. This year, one of my clients took the time to read the materials and send an email asking me to take out any references to the AICPA. She reminded me that her shop is subject to the Yellow Book and that her team conducts performance audits in state government.
I refused to take the references to the AICPA out because what the AICPA does is relevant to her shop. Why? Four main, interrelated reasons:
1. All audit standards are simplyan accumulation of best practices that a committee or group has decided to adopt as standardized behavior or rules.
I saw an original version of the GAO’s Yellow Book late last year (I think it was originally published in the 70s). And man, was it thin! It was poorly written and horribly vague–much like my early writings (I certainly hope no one is hanging on to those!)
When I first started working with the Yellow Book in the late 80s, it was a brilliant tome compared with the AICPA auditing standards. As of 2013, however, the AICPA has surpassed the Yellow Book in many key areas, including fraud and risk assessment.
So our standards are constantly evolving because the brainiac-muckity-mucks who sit on the standard setting committees contribute new ideas to make things better every time the standards are revised.
2. The standard setters all influence each other.
As you can imagine, the standard setters are all watching each other to see who has their act together regarding a certain topic. So when one moves, the others move too.
The relationship between the AICPA and the GAO is especially tight. They actually meet with each other to sync up their standards on a regular basis.
The GAO has to match the concepts of the AICPA because they require the use of AICPA standards on financial audits. And, to keep internal consistency between chapters in the Yellow Book, the GAO uses the same principles for financial audits (which are often copied straight from the AICPA) in the performance audit standards. So whether performance auditors like it or not, the AICPA influences their work.
3. An audit is an audit is an audit.
I have the opportunity to work with all sorts of auditors–auditors in government, CPA firms, corporate internal auditors, you name it–and what I know for sure is that an audit is an audit is an audit. Everyone goes through the same basic process. The audit subject matter will differ and the criteria will differ, but everyone is going down the same paths. It is no use acting like the ‘other guys’ are way different than us. They are not.
4. Audit professionals should seek to find out who has the best guidance and follow that, not simply follow mandatory rules.
Lastly, I think professionals shouldn’t be ‘rule followers’ but seek the best for themselves and their clients. Don’t get frustrated when you deal with people who say things like, “That’s not my job,” “No one makes me do that,” and “I don’t want to do that, so there!”
Imagine going to a doctor and telling her that you have a serious condition. She turns her back to you, types your diagnosis in a computer and then repeats instructions for treatment she found off the Internet. Wouldn’t you rather she use her massive brain to figure out several alternatives for you and then recommend the absolute best treatment and care she is aware of?
Now, I am not equating auditors to doctors, but we are both professionals. And to me, being a professional means that you are aware of more, share more, and seek to learn more. Professionals are always seeking to improve, and they aren’t resistant to innovation.
So, although the AICPA isn’t ‘technically’ required for many auditors, I think they are worth keeping an eye on because – either directly or indirectly – the PCAOB, the AICPA, the GAO, and the IIA impact each other and thus impact most auditors in the US.