PCAOB Audit Tradecraft for the External Auditor - Proficiency as an
External Auditor About this Event The PCAOB recognizes that however
capable a person may be in other fields, including business and
finance, he/she cannot meet the requirements of the PCAOB auditing
standards without proper education and experience in the field of
auditing based on the standards. The PCAOB inspectors' goal is to
analyze how the audit was performed and to answer key questions, such
as- . Whether the firm followed the procedures required under the
PCAOB's auditing standards. . Whether the firm identified any areas in
which the financial statements did not conform to GAAP in a material
respect. . How the firm handled potential adjustments to the financial
statements. . Whether there was any indication that the firm was not
independent, as required under SEC and PCAOB rules. This event
provides the participant with an overview of the PCAOB audit standards
and regulatory actions related to accounting and auditing for public
companies. Specifically, the event covers the regulatory activities of
the PCAOB including: . Auditing standards, . Ethics, . Independence
standards, . Quality control standards, . Attestation standards.
Continued Professional Education, or CPE, has changed over the past
several years and now focuses on a more dedicated learning and
development process for firms and their employees. It is essential
that firms respect the PCAOB guidelines, adhere to these standards and
adopt a method and training program for the audit staff as a result.
This timely, two day CPE training seminar is designed for the CPA firm
staff members who will be working on PCAOB regulated audits. The
attendees will learn how to create effective audit workpapers that
will stand up well under a PCAOB inspection. Seminar Highlights . What
are the PCAOB Audit Standards? . What are the typical inspection
report issues? . What are the key audit planning issues? . How does
the COSO Framework fit together? . What is contained in an "ICFR"
assessment program? . How should the "client" be documenting "ICFR"
assessments? . How does this testing work? Learning Objectives -
Attendees will understand the PCAOB's key audit standards. - Attendees
will understand risk assessment from the external audit viewpoint. -
Attendees will have examples of client documentation. - Attendees will
know how the components and principles are integrated within COSO
framework. - Attendees will have an approach to issues concerning
PCAOB compliance. Key Issues on the Agenda Day One Introductions and
Background . Introductions . History of Auditing . Sarbanes-Oxley Act
of 2002 - Section 404 . Concepts Behind Internal Controls over
Financial Reporting (ICFR) . COSO 2013 Definition of Internal Control
. Concepts Behind Financial Audits Section 1 - Sarbanes-Oxley and the
PCAOB . What is "SOX" for the CPA Firm? . What is the "PCAOB"? . What
is the PCAOB's viewpoint of the CPA Firm based on the last inspection?
. Typical PCAOB Inspection Report Issues Section 2 - Current PCAOB
Auditing Standards . General Auditing Standards . PCAOB Standard 1000
- General Principles and Responsibilities . PCAOB Standard 1100 -
General Concepts . PCAOB Standard 1200 - General Activities . PCAOB
Standard 1300 - Auditor Communications . Audit Procedures . PCAOB
Standard 2100 - Audit Planning and Risk Assessment . PCAOB Standard
2200 - Auditing Internal Control Over Financial Reporting . PCAOB
Standard 2300 - Audit Procedures in Response to Risks - Nature,
Timing, and Extent . PCAOB Standard 2400 - Audit Procedures for
Specific Aspects of the Audit . PCAOB Standard 2500 - Audit Procedures
for Certain Accounts or Disclosures . PCAOB Standard 2600 - Special
Topics . PCAOB Standard 2700 - Auditor's Responsibilities Regarding
Supplemental and Other Information . PCAOB Standard 2800 - Concluding
Audit Procedures . PCAOB Standard 2900 - Post-Audit Matters . Audit
Reporting . PCAOB Standard 3100 - Reporting on Audits of Financial
Statements . PCAOB Standard 3300 - Other Reporting Topics Section 3 -
Audit Planning and Risk Management . Core Audit Planning Elements .
Four Stages of Competence . The Big Three - Objective to Risk to Key
Control Relationships . High Level Audit Client Risk Factors .
Proactive Client Risk Management Process . Pareto's Principle - The 80
- 20 Rule . Pareto's Principle and the SEC Standards for Internal
Control Weaknesses . Examples of SEC SOX Material Weaknesses . Audit
Risk Management Basics . Financial Statement Risk Assessment .
Financial Statement Elements . Financial Statement Account and
Disclosure Risk Ranking Criteria . Financial Statement Materiality
Defined . Financial Statement Complexity Defined . Financial Statement
History Defined . Financial Statement Propensity Defined . PCAOB View
of Assertions . Three Other Viewpoints on Assertions . Inherent Risk
to Residual Risk . Risk Summaries within the Audit Planning Section 4
- COSO Framework: Control Environment Entity-Level Controls . Internal
Controls over Financial Reporting (ICFR) . COSO 2013 Pyramid from the
External Auditor's Viewpoint . COSO Organizations . COSO 2013:
Auditor's Summary . COSO 2013 Control Environment (CE) Component and
Five Principles . Examples of Entity Level Controls by Point of Focus
in CE . PCAOB Viewpoint on Entity Level Controls . How the Control
Environment Created? . The Client's Definition of Internal Control .
COSO 2013 Internal Control Concepts . COSO 2013: CE Key Controls .
Compliance Strategy vs. Integrity Strategy . The Big Three Connection
Concept Section 5 - COSO Framework: Risk Assessment Entity-Level
Controls . COSO 2013 Risk Assessment (RA) Component and Four
Principles . Layers of a Client's Objectives for SOX . Examples of
Entity Level Controls by Point of Focus in RA . R.A and C.E. Entity
Level Controls Effects . Internal Control Attributes . Typical R.A and
C.E. Entity Level Controls . Mapping the Integration of Entity Level
Controls . Concepts Behind Control Design & Operating Effectiveness
Section 6 - COSO Framework: Supporting Components . COSO 2013 Control
Activities (CA) Component and Three Principles . Examples of Entity
Level Controls by Point of Focus in CA . COSO 2013 Information &
Communication (IC) Component and Three Principles . Examples of Entity
Level Controls by Point of Focus in IC . COSO 2013 Monitoring
Activities (MA) Component and Three Principles . Examples of Entity
Level Controls by Point of Focus in MA Section 7 - PCAOB Auditing
Standard 5 . 2007 PCAOB Auditing Standard #5 . External Auditor's
Perspective on AS5 . External Auditor's Planning . External Auditor's
Risk Assessment Concerning Period End . External Auditor's Assessment
of IT Controls Section 8 - PCAOB Audit Alert #11 . Risk Assessment and
the Audit of Internal Control . Selecting Controls to Test . Testing
Management Review Controls . Information Technology Controls .
Roll-Forward of Controls Tested at Interim . Using the Work of Others
. Evaluating Identified Control Deficiencies Section 9 - The Client's
Approach to SOX Documentation . Client's Top Down Assessment
Methodology . All Risk Events - Negatives - Positives - Unintended
Consequences . Is the Client's SOX Compliance Working Effectively? .
COSO 2013: "Effectiveness of Internal Controls" . Client Provided SOX
Program Documentation . Client Provided Risk Assessments . Client
Provided Mapping to COSO 2013 . COSO Component Evaluation . COSO 2013
Toolkit: "Component Evaluation" . COSO 2013 Toolkit: "Principle
Evaluation" . Client's Significant Business Processes . Typical
Business Cycles and Processes . Client's Business Process Narratives .
Client's Segregation of Duties Matrix . Client's Business Process
Testing and Certification . Management's "Continuous Monitoring"? .
"Three Lines of Defense" Against Risk . Continuous Controls Auditing
and Monitoring . Management Review of Accounts and Controls .
Management Review of Accounts Balances . Management Review of
Financial Ratio Analysis . Entity-Level Assessment Presentation
Example . "Overall Assessment of a System of Internal Control" . COSO
2013 Toolkit: "Summary of Deficiencies" . SEC Definitions for Internal
Control Deficiencies . Client's "Summary of Internal Control
Deficiencies" . Layers of "Cause"? . Proactive Root Cause Analyst .
Root Cause Analysis (RCA) . Client's Effectively Remediate and Re-Test
. COSO 2013 Four Different Client Produced Deliverables Section 10 -
Auditor's Approach to RA & CE Entity Level Controls . Risk Review of
the Client . Client's Mission Statement - Explicate Values - Business
Model . Risk Factors Relating to the Business Model . PCAOB & SEC View
on Entity Level Controls Issues . Risk Factors Relating to the
Corporate Culture . Financial Statement Risk Assessment . Financial
Statement Red Flags . Auditor's Risk Assessment of the Closing Process
. Auditor's Assessment of IT Risk . Information Technology General
Controls . Review IT Standards and Procedures . Recommended Tests for
ITGC Compliance . Auditor's Assessment of Financially Significant
Spreadsheets . Auditor's Assessment of Fraud Risk . Entity Level
Control Questionnaire Section 11 - Auditor's Approach to Process
Controls . Business Process Internal Controls . Preventative and
Detective Controls . How are Internal Controls Labeled? . Client
Identified "Business Processes" . Typical Business Cycles and
Processes . A "Walk Through" . Auditor Goals in Conducting a "Walk
Through" . Conducting a "Walk Through" . Four Stages of Competence .
Using "SPIN" in the Walk Through Interview . Is the Interviewee Being
Honest? . Deception-Detection Methodology . What Deception Sounds Like
. What Deception Looks Like . Sort Through the "Walk Through"
Interviews . What are the "Three Sources" to establish a "Fact"? .
Business Process Documentation . The Assertions and the Key Control .
COSO 2013: Methods Used for Control Testing . "How Reliable is Our
Audit Evidence?" . Sample Size for Control Testing? . Select the
Samples to Test? . Evaluate the COSO Stages of "Control Effectiveness"
. Evidence Sufficient to Support Our Conclusion? Section 12 - Auditor
Tradecraft Summary . Opining to the SEC for the External Auditor .
Assessment of ICFR . Client Defensive Strategies . The Client with a
"Culture of Compliance" . Top COSO 2013 Key Control Programs .
"Overall Assessment of a System of Internal Control" Corporate
Compliance Seminars has been created by experts who enjoy providing
CPE classroom training, workshops and consulting on internal controls,
internal auditing, information technology and accounting related
subjects. We have focused on SOX, COSO, PCAOB, COBIT, GRC, IFRS,
AICPA, GAO and IIA Standards. Our programs are CPE for professionals
with CPA, CGA, CIA, CFE, CISA, CMA, PMP and CA designations. Corporate
Compliance Seminars presents CPE to auditors, compliance staff,
engineers, and IT professionals, Boards of Directors and Audit
Committees. We examine the details of risk management, Sarbanes-Oxley
Act compliance, Model Audit Rule compliance, auditing, internal
controls, IT security and compliance, project management, and fraud
prevention and detection. Corporate Compliance Seminars allows the
attendee to earn Official NASBA CPE credit. Our seminars focus on the
details of the Institute of Internal Auditor's IPPF, Committee of
Sponsoring Organizations of the Treadway Commission (COSO) Internal
Control Frameworks, ISACA's Control Objectives over Information
Technology (COBIT), Information Technology Infrastructure Library
(ITIL), Open Compliance & Ethics Group's (OCEG) Governance, Risk &
Compliance (GRC) methodology, PCAOB's Auditing Standard 5 (AS5), AICPA
auditing standards, Sarbanes-Oxley Act of 2002 (SOX), NAIC Model Acts,
and the future conversion from GAAP to the International Financial
Reporting Standards (IFRS). Our seminars provide CPE for the CPA, CFE,
CIA, CISA, auditors and others with effective and engaging training.
culture
436
Views
23/09/2020 Last update