By Anne Sherry, J.D.
A PCAOB report identifies significant deficiencies in auditors’ compliance with risk assessment standards. These Auditing Standards were adopted in 2010 to address the auditor’s assessment of and response to risks of material misstatements. The report discusses the findings for inspections conducted in 2012, 2013, and 2014, examines potential root causes of deficiencies, and suggests steps for registered firms and audit committees.
Deficiencies. PCAOB’s inspections staff found that, in about a quarter of engagements where Audit Standards No. 8 through No. 15 applied, an audit deficiency contributed to an insufficiently supported audit opinion. Most frequently, these deficiencies related to AS No. 13 (responses to the risks of material misstatement), 14 (evaluating audit results), and 15 (audit evidence). For example, auditors failed to perform substantive procedures specifically responding to fraud and other identified risks, failed to evaluate the accuracy and completeness of financial statement disclosures, and failed to test the accuracy and completeness of information provided by the company.
Root causes. The report suggests several factors that may be root causes of noncompliance: firms’ lack of understanding of the issuer and its processes; tools that were not appropriately designed to tailor risk assessment procedures; inadequate design and performance of audit procedures; insufficient supervision or due care; and inadequate emphasis on, or training with respect to, testing journal entries. "Because risk assessment underlies the entire audit process, it is critical that audit firms address these findings of weaknesses in compliance with the risk assessment standards," said PCAOB Chairman James R. Doty.
Remediation. PCAOB urges registered firms to review the report and undertake root cause analyses to determine whether similar deficiencies could manifest themselves in their audits. The report cites numerous examples of remedial efforts that other firms have undertaken, including enhancing audit methodologies and processes, developing technical guidance targeted to specific issues, developing and requiring training targeted to specific issues, developing new audit tools, and requiring additional audit procedures to provide reasonable assurance of compliance with PCAOB standards. The report may also guide audit committees in fulfilling their responsibilities relating to independent auditors.