SEC Trends & Developments - Winter 2011 - PCAOB Adopts Risk Assessment

Are your auditors asking you new questions, performing different procedures or looking at business units they may have previously appeared to pay little attention to differently? The following may explain why.


Over five years ago, the Auditing Standards Board (“ASB”) adopted a set of standards (SAS 104-111) that were known as the Risk Assessment Standards. These standards formalized a process used by many auditors in performing audits and caused many other auditors to adopt new processes to comply with the new requirements. These standards were, however, only applicable to audits of private companies.

As a result of the formation of the Public Company Accounting Oversight Board (PCAOB) in 2003, and their subsequent decision to set their own standards rather than rely on the ASB or other auditing standard setters, auditors of public companies follow different sets of standards when auditing public companies and private companies. Except for the release of the Risk Assessment Standards by the ASB, and the internal control audit standards (AS 2 then AS 5) issued by the PCAOB, the differences between the two sets of standards were fairly minimal, primarily because the PCAOB adopted the ASB standards in effect at their formation as “interim” standards.


Those differences are on the verge of getting much larger because of two different sets of circumstances. The ASB has been working on a project to make their standards more consistent and more closely aligned with International Standards of Auditing (“ISA”). The project is known as the Clarity Project. Also over the last few years, the PCAOB has been working on a set of standards which are similar in nature and scope to the ASB's Risk Assessment Standards, but designed with both the protection of investors and the public interest, as well as their inspection process, in mind. These set of eight new standards are the PCAOB Risk Assessment Standards.

One observation audit clients may have when going from ASB audit standards to PCAOB standards is there are more rigorous documentation requirements under PCAOB standards. Audit clients can expect more of that under the PCAOB Risk Assessment Standards. Other new requirements will bring greater scrutiny of smaller and more geographically diverse business units and evaluations of amounts and disclosures which may be more sensitive to investors but may have been previously considered immaterial.  Also, for companies not subject to an audit of their internal control over financial reporting, auditors will be paying more attention to, and testing, internal controls.

A note of caution for clients and auditors is that the PCAOB cited the Supreme Court's interpretation of material as the context for its discussion of material misstatements and materiality.


For many audit clients, the changes their auditor makes in their audit plan will vary depending on how they dealt with the existing dichotomy between public and private company auditing. If their auditor applied the risk assessment process in all of their audits, then the changes will likely be rather small. If their auditor elected to follow a risk assessment process only for their private clients and not for their public clients, then the changes may be more extensive. Only your auditor knows for sure.

SEC Trends & Developments - Winter 2011 Issue  

Have Questions or Comments?

If you have any questions about this media item, we'd like to hear your opinion. Please share your thoughts with us.

Contact EisnerAmper

* Required