The CPA Journal

By Louis Braiotta, Jr.

Audit committees today are faced with the sizable task of overseeing both the auditing and financial reporting processes. The final rules of
the SEC, national stock exchanges, and the AICPA’s Auditing Standards Board cover corporate governance of audit committees, including independence, qualifications, charters, external auditor involvement, and reports.

Nonetheless, it remains up to audit committees to ensure that they continuously improve their oversight role. Continuous improvement requires a constructive relationship between audit committees and management, internal auditors, external auditors, and legal counsel. Audit committees should function as team members and be empowered by their boards to ask tough-minded questions about the audit and financial reporting processes as well as to probe into the entity’s affairs. Continuous improvement helps minimize the costs of achieving quality in both financial management services and audit services. Thus, boards of directors are assured that such resources are allocated efficiently and effectively to prevent the costs of poor quality in the board’s corporate accountability process.

Continuous improvement approach. To achieve continuous improvement, audit committees should consider the following three-step approach:

Complete a profile worksheet with details of the committee’s role, responsibilities, and organization;

Develop a customized review and action plan to achieve the committee’s goals in the board-approved charter; and

Develop a quality assurance review based on the elements that guide the committee in adopting quality assurance policies and procedures.

Audit Committee’s Profile Worksheet

Audit committees are now required to disclose their written charter in the entity’s annual proxy statement. This document provides a clear presentation of the committee’s oversight role, responsibilities, and organization. It defines the jurisdictional charge to the committee, minimizing potential litigation risk as well as avoiding the dilution of the committee’s activities. See Exhibit 1 for a suggested format for a profile worksheet.

Audit committees need knowledge about—

the entity’s business and industry,

internal control concepts,

industry accounting practices, and

complex business transactions.

Likewise, audit committees need to review the following:

Industry and business data in terms of vulnerability of the industry to changing economic conditions and operating characteristics of the business. Such a review would usually include the annual stockholders’ report, SEC filings (10Qs, 10Ks, annual proxy statement), the entity’s website, analytical review procedures, absolute data comparisons, and financial ratio data.

Management’s risk assessment process

The components of COSO’s Internal Control–Integrated Framework (control environment, risk assessment, information and communication, control activities, and monitoring)

Industry accounting practices, with particular emphasis on the appropriateness of accounting principles

Complex business transactions (e.g., restructuring charges and pre-acquisition audits).

Additionally, audit committees should perform a review in connection with other matters, such as—

conflict of interest statements (related party transactions);

coorate perquisites;

computer security, business continuity plan, and planned systems modifications; and

biographical information on senior management and financial management.

Audit Committee’s Action Plan

Based on the audit committee’s profile worksheet, the chair can develop a customized review and action plan (Exhibit 2: section 1 and section 2). This plan serves as an oversight compass for the financial management, audit, legal, and communication processes.

Financial management. Responsibility for the integrity and objectivity of the information in financial reports rests with the entity’s management. Audit committees should review background information on the competence and integrity of important members of the financial management group.

Likewise, management is responsible for a system of internal control. Audit committees may request management and auditors to present a review of the COSO components of internal control in order to ensure that internal controls provide a reasonable assurance that the financial accounts are maintained and accounted for under the entity’s policies. For financial reporting purposes, audit committees need assurance that management is managing identified risks so that financial statement assertions will not be misstated.

Internal auditing. As part of the monitoring component of the entity’s system of internal control, the scope of the internal audit effort extends to several types of audits: financial, operational, compliance, ethics and fraud, systems, and risk audits. Audit committees should review the internal audit plan as well as the organizational structure and composition of the internal audit group. Audit committees want assurance that the entity’s comprehensive internal audit program evaluates the adherence to management’s policies and procedures.

External auditing. The audit committee’s meetings and agendas should be directly linked to the auditing cycle, consisting of a pre-audit interview, an optional interim audit interview, a post-audit interview, and a follow-up interview.

During the pre-audit interview, the agenda ordinarily includes a review and discussion of matters such as the audit plan, accounting and auditing developments that impact the financial statements, risk assessment and related risk control processes, an analytical review, the personnel assigned to the audit team, an internal financial audit plan, and estimated audit and nonaudit fees.

Audit committees or external auditors might request an interim audit interview to address problem areas and discuss the progress of the audit.

The major objective of the post-audit interview is to review the audit findings and the draft of the annual stockholders’ report. Typically, audit committees focus on deviations from the audit plan, the analytical review, significant discoveries, resolved and unresolved matters, any disagreements with management, and material audit adjustments as well as immaterial uncorrected misstatements. Additionally, audit committees should review the appropriateness of accounting policies (e.g., conformity with industry practice and alternative accounting principles) and any changes in accounting principle.

During the follow-up interview, audit committees generally focus on recommendations for improvement in internal control, approving the internal audit plan for the following year, and recommending the appointment of the external auditors. They might also engage in a performance review of management, the internal audit group, or the external auditors. Audit committees might also review the external audit and nonaudit fees that must now be disclosed in the annual proxy statement.

Legal process. Both in-house general counsel and outside legal counsel interact with audit committees on various issues:

The standard of independence for the audit committee members

The committee’s written charter, as described in the entity’s annual proxy statement

Significant litigation, claims, and assessments against the entity

Any pending litigation against the external auditors, as well as any impairment of their independence

Compliance with key legislative acts (e.g., the Foreign Corrupt Practices Act, the Private Securities Litigation Reform Act)

Proposed special investigations

Material contracts, related party transactions, and contingencies

Compliance with the entity’s code of conduct and conflict of interest statements.

Communications. During the audit committee’s audit cycle interviews, the internal communication process consists of both executive and joint sessions. Executive sessions may be used for the audit committee’s performance reviews of management, the internal auditing group, and the external auditors, as well as a discussion of external audit and nonaudit fees, and any disagreements with management.

With respect to external communications, audit committees are required to disclose the following items in the entity’s annual proxy statement:

A review and discussion of the entity’s consolidated financial statements with management and the independent auditors

A review of management’s representations that the consolidated financial statements were prepared in accordance with GAAP

Discussion with the independent auditors about SAS 61 matters

Written disclosures and the ISB 1 letter from the external auditor regarding their independence from the entity

A consideration of whether the external auditors’ provision of nonaudit services is consistent with independence

A recommendation of whether the audited financial statements should be included in SEC filings

A recommendation as to the selection of the audit firm

Presentation of an audit committee charter

A letter to the appropriate stock exchange certifying the number and qualifications of independent audit committee members.

Audit Committee’s Quality Assurance Review

The major objective of this third step in the evaluative process is to effectively strive for zero defects in performing the first two steps. The audit committee’s oversight role is to ensure efficiency and effectiveness in these processes, which, in turn, should lead to a high level of assurance of the board’s corporate accountability. Given the demand for strong boards and audit committees, the audit committee should reflect and assess their overall operating performance and that of each committee member. This assessment process may be accomplished through a series of targeted questions that effectively address financial accounting and auditing issues affecting the financial statements. For example, audit committees might benchmark their performance review against their formal written charter. Exhibit 3 contains six quality assurance elements that enable the committee to develop an effective oversight strategy. Comprehensive reporting, combined with an ongoing dialogue between audit committee members and all interested parties, is the key to effective performance.

Louis Braiotta, Jr., CPA, is an associate professor of accounting at the State University of New York at Binghamton and author of The Audit Committee Handbook, 3rd Edition, John Wiley & Sons, Inc. (1999).

Editor:
Robert H. Colson, PhD, CPA
The CPA Journal

This Month | About Us | Archives | Advertise| NYSSCPA

The CPA Journal is broadly recognized as an outstanding, technical-refereed publication aimed at public practitioners, management, educators, and other accounting professionals. It is edited by CPAs for CPAs. Our goal is to provide CPAs and other accounting professionals with the information and news to enable them to be successful accountants, managers, and executives in today's practice environments.