|
|
 |
|
Sarbanes Oxley Act -
Auditing Standards |
|
Public
Company Accounting Oversight
Board
Bylaws
and Rules – Standards – AS2
Auditing
Standard No. 2: An Audit of Internal Control
Over Financial Reporting Performed in
Conjunction With an Audit of Financial
Statements
118.
When evaluating the competence and objectivity
of the individuals performing
the
tests
of controls, the auditor should obtain, or
update information from prior years,
about
the
factors indicated in the following paragraph.
The auditor should determine
whether
to
test the existence and quality of those factors
and, if so, the extent to which to
test
the
existence and quality of those factors, based on
the intended effect of the work
of
others
on the audit of internal control over financial
reporting.
119.
Factors concerning the competence of the
individuals performing the tests
of
controls
include:
•
Their educational level and professional
experience.
•
Their professional certification and continuing
education.
•
Practices regarding the assignment of
individuals to work areas.
•
Supervision and review of their
activities.
•
Quality of the documentation of their work,
including any reports or
recommendations
issued.
•
Evaluation of their
performance.
120.
Factors concerning the objectivity of the
individuals performing the tests
of
controls
include:
•
The organizational status of the individuals
responsible for the work of
others
("testing authority") in testing controls,
including—
a.
Whether the testing authority reports to an
officer of sufficient status
to
ensure sufficient testing coverage and adequate
consideration
of,
and action on, the findings and recommendations
of the
individuals
performing the testing.
b.
Whether the testing authority has direct access
and reports
regularly
to the board of directors or the audit
committee.
c.
Whether the board of directors or the audit
committee oversees
employment
decisions related to the testing
authority.
•
Policies to maintain the individuals'
objectivity about the areas
being
tested,
including—
a.
Policies prohibiting individuals from testing
controls in areas in
which
relatives are employed in important or internal
controlsensitive
positions.
b.
Policies prohibiting individuals from testing
controls in areas to
which
they were recently assigned or are scheduled to
be assigned
upon
completion of their controls testing
responsibilities.
121.
Internal auditors normally are expected to have
greater competence with regard
to
internal control over financial reporting and
objectivity than other company
personnel.
Therefore,
the auditor may be able to use their work to a
greater extent than the work of
other
company personnel. This is particularly true in
the case of internal auditors
who
follow
the International Standards for the Professional
Practice of Internal Auditing
issued
by the Institute of Internal Auditors.
If
internal auditors have performed anextensive
amount of relevant work and the auditor
determines
they possess a high degree of competence and
objectivity, the auditor could
use
their work to the greatest extent an auditor
could use the work of others.
On
the other hand, if the internal audit function
reports solely to management, which would
reduce
internal auditors' objectivity, or if limited
resources allocated to the internal audit
function result in very limited testing
procedures on its part or reduced competency of
the internal auditors, the auditor should use
their work to a much lesser extent and perform
more of the testing himself or
herself.
122.
When determining how the work of others will
alter the nature, timing, or extent
of
the
auditor's work, the auditor should assess the
interrelationship of the nature of
the
controls,
as discussed in paragraph 112, and the
competence and objectivity of
those
who
performed the work, as discussed in paragraphs
117 through 121. As the
significance
of the factors listed in paragraph 112
increases, the ability of the auditor
to
use
the work of others decreases at the same time
that the necessary level of
competence
and objectivity of those who perform the work
increases. For example, for
some
pervasive controls, the auditor may determine
that using the work of internal
auditors
to a limited degree would be appropriate and
that using the work of other
company
personnel would not be appropriate because other
company personnel do not
have
a high enough degree of objectivity as it
relates to the nature of the
controls.
123.
Testing the Work of Others. The auditor should
test some of the work of others
to
evaluate the quality and effectiveness of the
work. The auditor's tests of the work
of
others
may be accomplished by either (a) testing some
of the controls that others
tested
or
(b) testing similar controls not actually tested
by others.
124.
The nature and extent of these tests depend on
the effect of the work of
others
on
the auditor's procedures but should be
sufficient to enable the auditor to make
an
evaluation
of the overall quality and effectiveness of the
work the auditor is
considering.
The
auditor also should assess whether this
evaluation has an effect on his or
her
conclusions
about the competence and objectivity of the
individuals performing the
work.
125.
In evaluating the quality and effectiveness of
the work of others, the auditor
should
evaluate such factors as to whether
the:
•
Scope of work is appropriate to meet the
objectives.
•
Work programs are adequate.
•
Work performed is adequately documented,
including evidence of
supervision
and review.
•
Conclusions are appropriate in the
circumstances.
•
Reports are consistent with the results of the
work performed.
|
|
| | |
