|
Peer
Review Guide > Documentation Requirements
Documentation Requirements
for Audit and Accounting Engagements
(Updated as of May 28, 2006)
CONTENTS:
Documentation of nonattest services performed for attest
clients
Audit Documentation Requirements
Audit Documentation - Areas Where the Form or Extent of Documentation Is Not Specified
Compilation and Review Documentation Requirements
Overview
The charts below outline common documentation requirements
based on references within the auditing and accounting standards. The section
references identify the location in AICPA Professional Standards where
the requirement is located.
Each chart lists critical
documentation requirements and shows the related citation where you can
research the matter in greater detail. The charts are not intended to establish
a safe harbor of minimum documentation. An adequately documented audit requires
more documentation than just the items listed. The nature and extent of this
documentation is a matter of auditor judgment. The ultimate measure for the
adequacy of documentation is whether the auditor has sufficient documentation to
support the critical audit procedures performed and conclusions reached.
For peer review purposes, due to the extensive requirements
of SAS No. 96 and SAS No. 99, an audit that does not contain sufficient
documentation to meet the requirements of SAS No. 96 or SAS No. 99 will
ordinarily be considered to be substandard—even if the peer reviewer concludes
that the underlying procedures were performed. As such, this situation will
ordinarily be included in Section IV. J of the peer reviewer's Summary Review
Memorandum.
AU and AT § references are to AICPA Professional Standards, Vol. 1.
Consideration of New Auditing Standards. The charts below do not
reflect the new documentation requirements of SASs No. 103 -111 since these will
not become effective until audits performed for periods ending on or after
December 31, 2006. This page will be updated during 2006 to summarize the
new requirements.
Documentation of Nonattest Services Performed for Attest Clients
AICPA
Ethics
Interpretation 101-3 added documentation requirements with respect to
nonattest engagements performed for attest clients. The documentation
requirement is effective for any nonattest services performed for an attest
client on or after January 1, 2005, including services already in progress at
that date. Prior to beginning a nonattest service engagement the member
must be satisfied that the client is both willing and able to perform all
management functions related to the engagement. Specifically the client must:
- Assign a competent individual to be responsible for overseeing the
services.
- Set the scope of the services.
- Evaluate and accept responsibility for the results of the services.
- Establish and maintain internal controls over the services.
Once the client’s willingness and ability to perform these duties are
assessed, the member must document his or her understanding with the client, a
new requirement under the rules. The documentation must include a description of
the services, the engagement objectives, any limitations of the engagement, the
member’s responsibilities, and the client’s agreement to accept its
responsibilities. In addition to the AICPA rules, members are now required to
comply with more restrictive nonattest services independence rules of other
authoritative regulatory bodies, where applicable (e.g. state boards of
accountancy and the Securities and Exchange Commission).
Audit Documentation Requirements
Top of page
|
Audit Area |
AU § |
Comments |
|
Understanding with the client
|
310
|
|
|
Written audit programs
|
311.05
|
|
|
Understanding of internal control components
|
319.61
|
The understanding of the entity’s internal control components
necessary to plan the audit and the basis for conclusions about the assessed
level of control risk should be documented. |
|
Assessed level of control risk
|
319.83
|
Where control risk is assessed at the maximum for a given
assertion, that conclusion should be documented, but the basis for the
conclusions need not be. When control risk is assessed
at a level below the maximum level, auditors should document the basis for the
conclusion that the effectiveness of the design and operation of controls
supports that assessed level. The nature and extent of the documentation are
influenced by the assessed level of control risk, the nature of the entity's
internal control, and the nature of the entity's documentation of internal
control. |
|
Consideration of fraud:
- Audit planning discussion among engagement personnel regarding the
susceptibility of material misstatement due to fraud, including how and when
the discussion occurred, the audit team members who participated, and the
subject matter discussed.
- Procedures performed to obtain information to identify and assess the
risks of material misstatement due to fraud.
- Specific risks of material misstatement due to fraud that were identified,
and a description of the auditor’s response to those risks.
- If the auditor has not identified in a particular circumstance, improper
revenue recognition as a risk of material misstatement due to fraud, the
reasons supporting the auditor’s conclusion
- The results of procedures performed to address the risk of management
override of controls.
- Other conditions and analytical relationships that caused the auditor to
believe that additional auditing procedures or other responses were required
and any further responses the auditor concluded were appropriate, to address
such risks or other conditions.
- Nature of the communications about fraud made to management, the audit
committee, and others.
|
316.83
|
(SAS No. 99) |
|
Confirmation process:
Oral confirmations
Accounts receivable
Long-term investments
|
330.29
330.35
332.21
|
(SAS No.67) The decision not to request confirmations in the examination of
accounts receivable should be documented as to how the auditor overcame the
presumption that the auditor will request the confirmation of accounts
receivable, since this is a generally accepted auditing procedure. |
|
Confirmation of inventory in public warehouses
|
331.14
|
(SAS No. 1) |
|
Management representation letter
|
333.13
|
(SAS No. 85) Refusal to issue a representation letter is generally a scope
limitation. |
|
Attorney representation letter, if corroboration of management's assessment about litigation, claims and assessments is necessary. |
337.09-.10
337.13
|
(SAS No.12) Documentation is also required if the lawyer’s response is oral
rather than written.
(Refusal to furnish information is generally considered a scope limitation)
|
|
Audit documentation to show:
- Work has been adequately planned and supervised.
- Sufficient understanding of internal control has been obtained to plan the
audit and to determine the nature, timing, and extent of tests to be performed.
- Sufficient audit evidence obtained, procedures applied and testing performed to provide sufficient, competent evidential matter to afford a reasonable basis of opinion.
|
339.04
|
(SAS No. 96) |
|
Engagements subject to Government Auditing Standards
(Yellow Book
section
4 with specific references at 4.24.) The general
requirement is: Audit documentation related to planning, conducting, and
reporting on the audit should contain sufficient information to enable an
experienced auditor who has had no previous connection with the audit to
ascertain from the audit documentation the evidence that supports the auditors’
significant judgments and conclusions. Audit documentation should contain
support for findings, conclusions, and recommendations before auditors issue
their report. |
|
Specific requirements:
- Objectives, scope, and methodology of the audit.
- Auditors’ determination that certain additional government
auditing standards do not apply or that an applicable standard was not
followed, the reasons therefore, and the known effect that not following the
applicable standard had, or could have had, on the audit.
- Auditors’ consideration that planned audit procedures are
designed to achieve audit objectives when evidential matter obtained is highly
dependent on computerized information systems and is material to the objective
of the audit and that the auditors are not relying on the effectiveness of
internal control over those computerized systems that produced the
information. The audit documentation should specifically address (1) the
rationale for determining the nature, timing, and extent of planned audit
procedures; (2) the kinds and competence of available evidential matter
produced outside a computerized information system and/or plans for direct
testing of data produced from a computerized information system; and (3) the
effect on the audit report if evidential matter to be gathered does not afford
a reasonable basis for achieving the objectives of the audit.
- Evidence of supervisory review, before the audit report is
issued, of the work performed that supports findings, conclusions, and
recommendations contained in the audit report.
|
|
Documentation of significant contracts or agreements
|
331.08
|
(SAS No. 96) |
|
Documentation of items tested in tests of operating effectiveness of controls or substantive tests of
details that involve inspection of documents or confirmation.
|
331.08
|
(SAS No. 96) |
|
Documentation of significant audit findings or issues, actions taken to address
them and basis for final conclusions reached. |
331.09
|
(SAS No. 96) |
|
Aggregated misstatements.
|
312.40
|
(SAS No. 96) |
|
Substantive analytical procedures.
|
329.22
|
(SAS No. 96) |
|
Documentation of indicators of substantial doubt about an entities ability to
continue as a going concern.
|
341.17
|
(SAS No. 96) |
|
Documentation of communicating reportable conditions.
|
325.09
|
(SAS No. 60) If information of reportable conditions is communicated orally,
the communications should be documented by appropriate memoranda or notations in
the audit documentation. |
|
Documentation of communication with audit committees or equivalent formally designated group.
|
380.03
|
(SAS No. 61) If communication is oral, the communication should be documented
by appropriate memoranda or notations in the audit documentation. |
|
Representation to predecessor auditor from management of a former client and successor
auditor
regarding reissuance of a report previously issued on financial statement of a
prior period.
|
508.71
|
(SAS No. 58) |
|
Representation from management regarding purpose and use of financial statement
prepared in conformity with the accounting principles of another country.
|
534.02
|
(SAS No. 51) |
|
Documentation of communication to management and audit committee
or equivalent when auditor becomes aware of an audit requirement not encompassed
in the terms of the engagement, |
801.23 |
(SAS No. 74) |
Common Audit Areas Where the Form or Extent
of Documentation Is Not Specified
Some documentation stems from "good practice," but is not specifically required in Professional Standards. Although the form and extent of documentation depends on judgment, sufficient documentation should exist to demonstrate the critical tests performed and conclusions reached.
Top of page
|
Audit Area |
AU § |
Comments |
|
Audit risk |
312
316.11-.15 |
Documentation is not addressed, except as noted on the previous page with respect to control risk. |
|
Materiality |
312.10
|
Judgments about materiality
involve both quantitative and qualitative considerations; no documentation is specified. |
|
Preliminary audit planning |
311.04 |
The auditor may wish to prepare a memorandum setting forth the preliminary audit plan. |
|
Communication of errors and fraud |
316.79-.82 |
This is embodied within the documentation requirement for communication to audit committees and includes significant audit adjustments and all but inconsequential irregularities. |
|
Communication of illegal acts |
317.17 |
(SAS No. 54) The requirements are the same as for errors and fraud.
If information of identified illegal acts is communicated orally, the
communications should be documented by memoranda or notations in the working
papers. |
|
Analytical procedures |
329 |
Documentation is not specified for preliminary or final
analytical review procedures. SAS 96 establishes requirements for substantive
analytical procedures.. |
|
Accounting estimates |
342 |
No requirements specified beyond those incorporated within the communication with audit
committees. |
|
Confirmation of unusual transactions |
330.08 |
The auditor should consider confirmation if transaction is associated with high inherent and control risk. |
|
Audit sampling |
350 |
Except for SAS No.96, which requires identification
of items tested, neither the standards nor the AICPA guide, Audit Sampling,
require specific forms of documentation. The guide lists examples of
documentation items to consider for tests of controls and substantive tests. |
|
Going concern |
341 |
No documentation specified unless indicators of going concern are noted in
which case the documentation guidelines under §341.17 should be followed. |
|
Predecessor auditor communication |
315.02 |
No documentation specified; communication may be oral or written. |
Documentation Requirements for Compilations and Reviews
Top of page
|
Documentation Issues |
AR § |
Documentation Required? |
|
Understanding with entity regarding the services to be performed
If the engagement is to compile financial statements not expected
to be used by a third party, a written communication is required (can be
a compilation report or an engagement letter). |
100.08
100.05; 100.20-.21 |
No, but preferable
Yes
|
|
Understanding of the client and industry:
|
100.07-.08
100.26-.28 |
No
No
|
|
Compilation procedures:
- Before submission, read financial statements and consider whether they appear to be appropriate in form and free
from obvious material errors
|
100.10 |
No
|
|
Review procedures:
- Any findings or issues that in the accountant's
judgment are significant
- Matters covered in the accountant's inquiry and analytical procedures
- The analytical procedures performed
-
The expectations, where significant expectations are not otherwise readily
determinable from the documentation of the work performed, and factors
considered in the development of those expectations
-
Results of the comparison of the expectations to the recorded amounts or ratios
developed from recorded amounts
- Any additional
procedures performed in response to significant unexpected differences arising
from the analytical procedure and the results of such additional procedures
-
Unusual matters that the accountant considered during the performance of the review, including their disposition
|
100.36
100.36
100.36
100.36
100.36
100.36
100.36
|
Yes
Yes Yes
Yes
Yes
Yes
Yes
|
|
Management representation letters:
|
N/A
100.36 |
N/A
Yes
|
|
Communication with predecessor accountants |
400.03 |
Not required
|
Peer
Review Guide > Documentation Requirements
Updated: May 28, 2006 |