CONTACT US

Risk Assessment Standards - A Look Back At The Initial Implementation Year

RISK ASSESSMENT STANDARDS 

  • What did we gain?
    • Effective Planning
    • Better understanding of clients
    • Better understanding of controls
    • Linkage – risks and audit procedures
    • More forms!
    • Efficiency?
     
  • What really surfaced from risk brainstorming?
    • Better interaction amongst engagement teams
    • Understanding of assertions
    • Audit approach changes
    • Risk determination
      • Plan transfers, increased rollovers, plan expenses
       
     
  • Applying the Audit Risk Model
    • Gather Information about the Plan and its environment, including internal control
    • Understand the Plan and its environment, identify what could go wrong
    • Assess the risk of material misstatement; risk identification and description; consideration of significance and likelihood
    • Design overall responses and further audit procedures
     
  • Understand the design and implementation of internal controls on every audit
    • Walkthroughs
    • ALSO assess the operating effectiveness if placing reliance on the controls and thus testing controls
     
  • Applying the Audit Risk Model
    • Gather Information and understand the Plan and its environment
    • 2008 market volatility will impact planning in regards to this understanding and general economic conditions
      • impact of market risk on all plans
      • consideration of discount rates for DB Plans
      • funding requirements for DB Plans
      • impact of market conditions on Plan Sponsors
        • timeliness issues
         
       
     

RISK ASSESSMENT AND AUDIT STRATEGY 

  • Key areas to consider in a plan audit when assessing risk:
    • Plan governance
    • Contributions received and receivable
    • Participant account activity (contributions, distributions, allocations.)
    • Expenses (DOL substandard audit area)
    • Investments, existence of alternative investments
    • Plan changes; Plan sponsor changes
    • Competence of third party service providers and plan personnel
    • Prior period misstatements
     
  • Assessment of risk of material misstatement is addressed as it relates to:
    • Financial statement-level risks and
    • Assertion-level risks
     
  • Financial statement-level risks:
    • Relate pervasively to the financial statements taken as a whole
    • Affect many relevant assertions
    • Addressed in terms of the materiality determined at the financial statement level
     
  • Identify risks relating to structure and governance
    • Does the plan have a complex operating structure or design?
    • Multiemployer plan
    • Plan merger
    • Changes in plan management or service providers
     
  • Plan governance
    • Powerful impact on Plan operations and the Plan audit
    • Same service providers and different levels of governance amongst plans impacts risk
     
  • Identify risks related to the plan sponsor’s:
    • Financial condition
    • Economic environment
    • Specific plan investments
    • Financial reporting
    • Information technology
    • Personnel
    • New developments in accounting or industry
     
  • Relevant assertion-level risks – risks of material misstatement relating to specific:
    • Classes of transactions (did the activity in participant accounts actually occur during the period covered by the financial statements, etc.)
    • Account balances (investments, receivables, payables) and disclosures
    • Disclosures
     
  • Audit areas encompass the related account balances, transaction classes and disclosures
  • Major audit areas include:
    • Material account balances (investments, contributions receivable)
    • Material transaction classes based on size or volume of transactions (participant level activity)
    • Susceptibility to fraud
    • Areas usually requiring audit adjustments
     
  • Risk assessment should identify significant risks which are risks that require special audit consideration:
  • Significant risks arise on most audits
    • Fraud risks are normally significant risks
     
  • Areas with potential significant risk in a Plan audit could be:
    • Investments without readily determinable market value
    • New investments
    • Operational Defects
    • SAS 70 Errors
    • Non routine transactions
    • Completely paperless transactions
    • Timeliness of deposit of participant deferrals
    • Parties in interest and prohibited transactions
    • Accounting estimates (actuarial, IBNR, post retirement)
     

RISK ASSESSMENT STANDARDS 

  • What to do for 2008 Plan year ends
    • Keep the planning going!
    • Further streamline forms
    • Look ahead to SAS 115! Communicating Internal Control Related Matters Identified in an Audit – supersedes SAS 112.
    • Start dialogue on FASB 157 NOW!
Have Questions or Comments?

If you have any questions about this media item, we'd like to hear your opinion. Please share your thoughts with us.

Contact EisnerAmper

* Required