IC Audit
SOX 2002 > fairness of FS + effectiveness of IC
section 404 > IC reporting by mgt
404a. Requires mgt assess IC ws FS
a. resp evaluating
b. framework for evaluating
c. assessment effectiveness of IC
d. auditor issued report
404b. Requires Cpa firm to audit IC and Op
1. Plan
'as of date'
understanding the company's industry, regulation
addressing the risk of fraud
- unusual T
- related T
- sig mgt estimate
use the work of other
entity level controls
2. Top-down approach
Entity level( control environment, risk assessment, information communication, monitoring, existing control activity)
FS
significant account/disclosure
Relevant assertions
- existence/occurrence
- completeness
- valuation
ID controls to test
- routine T
- nonroutine T
- estimation T
3. Test design & operating effectiveness of controls
Design, Implementation, suitable > walkthrough (inquiry, inspection, observation)
operating effectively > walkthrough + reperformance
4. Evaluate IDed deficiencies
any deficiencies ided must be considered
indicators of MW
- senior mgt fraud
- restatement to reflect a correction of a misstatement
- id by auditor, not detected by company's IC
- Ineffective oversight of external reporting, IC by audit committee
5. Wrap up
1) Auditor's Report
UQ > no material W
A > one or more W
withdraw/ disclaim > scope limi
* MW in Adverse should be report to mgt, audit committee
* mgt is required to provide assurance regarding IC, but this does not effect auditor with providing opinion on IC
mgt's IC report
strange info > disclaim on that info
imcomplete > + Ex + IC op
2) Rep letter
3) Communication
| ineffective oversight by audit committee | BOD | Written | |
| deficiency | mgt | ||
| SD /MW | mgt, audit committee | prior to report date | Written |
* not corrected > should recommunicated
Test of control (FS vs IC)
| IC related to FS audit | IC over FR | |
| Mgt report | Financial Statement | mgt's assessment a. resp evaluating b. framework for evaluating c. assessment effectiveness of IC d. auditor issued report |
| auditor report | UQ, UQ+EM7/OM5,Q,A,D | UQ, UQ+EM2,A,D |
| purpose | to determine N, T, E of ST | express opinion of effectiveness of IC |
| TOC | may | Must |
| procedure/ scope | similar | more extensive |
| report restriction | restricted ( IC deficiency report) | not restricted ( IC audit report) |
| deficiencies | prevent, detect, correct | prevent, detect |
Report on Internal Controls
| Independent Auditor's Report | |
| O | Audit FS of X company |
| in our opinion | |
| B | Audit accordance w GAAS |
| Refer to A section | |
| independent and ethical | |
| sufficient appropriate evidence | |
| M | FS(GAAP) |
| internal control | |
| Gong concern | |
| A | reasonable assurance |
| Provide an opinion | |
| GAAS, Fraud, MM | |
| Professional judgement, assess risk of MM(test) base | |
| understand IC | |
| appropriate accounting policy & estimate | |
| Gong concern | |
| Report on ICFR(cross refer) |
'회계 세무 공부 > AICPA 공부 요약' 카테고리의 다른 글
| [AUD] Using the work of others (0) | 2024.03.02 |
|---|---|
| [AUD] Errors Fraud illegal acts (0) | 2024.02.29 |
| [AUD] Audit Risk, Sampling Risk, Materiality (0) | 2024.02.29 |
| [AUD] Attestation Standards, SSAE (0) | 2024.02.26 |
| [AUD] Communication with those charged with governance (0) | 2024.02.23 |
댓글