The SEC has approved the PCAOB’s risk assessment standards, effective for audits of fiscal years beginning on or after December 15, 2010. The risk assessment standards are designed to benefit investors by enhancing the effectiveness of the auditor’s assessment of and response to the risks of material misstatement in an audit. In approving the standards, the SEC emphasized that assessing and responding to risks underlies the entire audit process. Release No. 34-63606.
The new risk assessment standards replace interim standards in large part written twenty to thirty years ago and grandfathered by the Board when it began operations. Key changes made to the standards include an increased emphasis on fraud risks and disclosure, the inclusion of multi-location audit requirements, an alignment of the standards with AS No. 5 on internal controls, and inclusion of a concept of materiality more specifically grounded to that used in the federal securities laws.
The Commission received two comment letters: one from Deloitte & Touche, LLP and one from the Center for Capital Markets Competitiveness of the U.S. Chamber of Commerce, both of which expressed concern with the PCAOB’s general approach to standard-setting. Specifically, both commenters noted as concerns the Board’s divergence from IAASB standards, the prescriptive nature of the Board’s standards, and the lack of a codification of PCAOB standards.
The SEC noted that the PCAOB did consider IAASB audit standards when adopting its risk assessment standards. The Commission appreciates that in order to be consistent with the federal securities laws, and the PCAOB’s own statutory mandate, the Board’s standards may have to reasonably differ from IAASB standards.
Regarding the concern over prescriptiveness, the SEC recognizes that the Board endeavors to strike a proper balance in auditing standards between providing minimum requirements and allowing auditors to apply judgment in determining the nature and extent of audit procedures given the particular circumstances of an individual audit engagement. PCAOB standards recognize that the auditor uses judgment in planning and performing audit procedures and evaluating the evidence obtained from those procedures. At the same time, overly broad standards without an appropriate balance of necessary requirements could lead to a level of discretion that may limit the effectiveness of audits. While approving the balance that the PCAOB’s struck in the risk assessment standards, the SEC encouraged the Board to monitor implementation and evaluate the input received during the development of future standards to continue to strive to achieve an optimal balance.
Regarding codification of the auditing standards, the Commission noted that the Board
recently added this project to its strategic plan and amended its performance measure on standard-setting activities to reflect this new initiative.