Transcript GASB 63 - Gilbert Associates, Inc.

SM
The NEW Yellow Book
What Every School District Auditor
Needs to Know
Thomas M. Gilbert, CPA
SM
Objectives
• Background
• Summary of Major Changes
• Threats to Independence
• Routine Activities vs. Nonaudit Services
vs. Prohibited Nonaudit Services
• Evaluating Nonaudit Services
• Case Study
• Additional resources
SM
Background
• What is the Yellow Book?
• Synonymous with Government Auditing
Standards
• Professional standards and guidance
contained in Yellow Book are called
generally accepted government auditing
standards (GAGAS)
• Issued by the Comptroller General of the
US, of the US Government Accountability
Office (GAO)
SM
Background
• When is an audit a Yellow Book Audit?
• When the entity is required to have a single
audit (could be GOV, NPO, etc.)
• When required by laws, regulations,
agreements, contracts, or other
authoritative sources
• When requested by the client
SM
Background
• What are the differences in a Yellow Book
Audit?
• Emphasis on ethical principles
• Additional fieldwork & documentation standards
• Additional requirements related to competency and
CPE
• Required documentation of consideration of
independence (separate presentation on this later
today)
• Additional reporting requirements
• Specific ways to report internal control and
compliance findings
SM
Major Changes in 2011
Yellow Book
• Conceptual framework for independence
• Means for the auditor to assess
independence
• Requirements for performing nonaudit
services
• Assessment of whether management
possesses Suitable skills, Knowledge or
Experience (SKE) to oversee the nonaudit
services and document that assessment
SM
Major Changes in 2011
Yellow Book
• Revisions to nonaudit services that
may be permitted under appropriate
conditions
• Guidance on nonaudit services that
always impair independence
• Added documentation requirements to
support adequate consideration of audit
independence
SM
Threats To Independence
• Management participation threat
• Self-review threat
• Self-interest threat
• Bias threat
• Familiarity threat
• Undue influence threat
• Structural threat
Refer to Paragraphs 3.14 of Government Auditing Standards (2011
Yellow Book) for definitions of threats
SM
Routine Activities
• Routine Activities are not
nonaudit services and do
not need to be evaluated
• Provide advice and respond to questions
as part of the audit
• Educating on matters within the auditor’s
technical expertise
• Providing information that is readily
available to auditors, such as best
practices
SM
NonAudit Services
• Nonaudit services that may
be permitted under appropriate
conditions
• Common nonaudit services for LEAs:
• Preparing financial statements
• Preparing journal entries other than
proposed entries
• Preparing reconciliations
• Preparing conversion entries
SM
Prohibited NonAudit
Services
• Prohibited Nonaudit services that
always impair independence. Some
prohibited nonaudit services to look out for!
• Deciding which of the auditors’ or outside 3rd parties’
recommendations to implement
• Determining or changing journal entries without
management approval
• Preparing or making changes to source documents
without management approval
• Performing procedures that form part of the internal
control
Refer to Paragraphs 3.36, 3.50 & 3.53-3.58 of Government Auditing
Standards (2011 Yellow Book) for additional prohibited services.
SM
Evaluating NonAudit
Services
• Preconditions for Nonaudit Services
• Evaluate Threats and Identify
Significant Threats
• Safeguards
SM
Preconditions for
NonAudit Services
• Make sure it is not a routine activity or a
prohibited nonaudit service
• Management must do all of the
following:
• Assume all management
responsibilities
• Oversee and evaluate
adequacy and results
SM
Preconditions for
NonAudit Services
• Auditor must do all of the following:
• Establish and document understanding
with management
• Assess and document whether there is a
designated individual that possesses
suitable SKE to oversee
SM
SKE:
Suitable
Skills
Knowledge
Experience
Preconditions for
NonAudit Services
• Assess and document whether there is a
designated individual that possesses suitable
SKE to oversee
• Must do for ALL nonaudit services performed
regardless of whether threats to independence are
determined significant
• If no one at the audited entity is willing and able to
oversee the nonaudit service = Impaired
Independence because no safeguards would be
sufficient to overcome impairment
• SKE is not a safeguard, but a mitigating factor in
determining the safeguards to eliminate or reduce
significant threats to an acceptable level
SM
Preconditions for
NonAudit Services
• Assess the following for the SKE individual:
• Understanding of the nature of the nonaudit service
• Knowledge of audited entity’s business & industry
• General business knowledge
• Experience, education, licenses and accreditations
• Can be a combination of individuals to get
your SKE
SM
Examples of a Double SKE
• LEA has CPA on BOD who can assist the
bookkeeper assume responsibility and
oversee financial statement preparation
• Auditor might conclude that together they
have SKE
• LEA has complex debt refunding transactions.
The LEA hires another CPA firm who can
prepare the refunding journal entries and also
assist the bookkeeper assume responsibility
and oversee the financial statement
preparation
• Auditor might conclude that together they
have SKE
SM
Evaluate Threats and ID
Significant Threats
• At an acceptable level OR reduced
to an acceptable level by application
of safeguards
• Not acceptable level if either:
• Could affect ability to audit without being affected by
influences that compromise professional judgment, or
• A reasonable informed party could conclude that
integrity, objectivity, or professional skepticism has
been compromised
• Evaluate individually and in aggregate
• Reevaluate throughout the engagement
• If threat deemed significant, must apply safeguards
SM
Safeguards
• Safeguards can be in place to reduce the
threat to an acceptable level
• Example of potential safeguards to reduce or
eliminate significant threats:
• Using another audit firm
• Obtain 2nd review by a professional who is not a
member of the audit engagement team
• Educate management
• Designated individual with SKE reviews the
financial statements and completes the disclosure
checklist
SM
Safeguards
• MUST document when safeguards have been
applied
• Proper professional judgment is important in
determining proper safeguards
• Often threats require combinations of one or more
safeguards
• Some safeguards have higher level of mitigation
than others
• Safeguards that involve professionals independent
of the audit process and/or audit firm are more
effective
SM
Case Study
Gilbert Associates Inc.
has been requested to
prepare the financial statements
for Howdy School District.
SM
Case Study
• Is this a routine activity?
• NO (if yes, do not need to evaluate)
• Is this a prohibited nonaudit service?
Required for
all nonaudit
services
regardless if
there is a
significant
threat
• NO (if yes, independence impaired)
• Is there a designated individual that
possesses suitable SKE to oversee and did
you complete the required documentation?
• Yes (if no, independence impaired)
SM
Required
for all
nonaudit
services
regardless
if there is a
significant
threat
Case Study
• Did you establish and document
the understanding with audited entity
regarding nonaudit services?
• Yes – Included in the engagement letter (if no,
independence impaired)
• Are threats to independence identified?
• Yes, management participation and self-review threat
• Is this a significant threat?
• Yes (if no, applied safeguards are not necessary)
SM
Case Study
• Can safeguards be established, applied and
documented?
• Yes, the designated individual that possesses suitable
SKE will review the financial statements and complete
the disclosure checklist. In addition, Peggy Vande
Vooren, CPA, an audit partner with industry expertise
not assigned to this engagement will do a technical
review of the financial statements. (If no,
independence impaired)
• Will the application of the safeguard
eliminate or reduce the significant threat to
an acceptable level?
• Yes (if no, independence impaired)
SM
Source:
Appendix II
2011 Yellow
Book
SM
Additional Resources
• Government Auditing Standards, December
2011 Revision (GAO-12-331G)
http://www.gao.gov/products/GAO-12-331G
• Summary of Major Changes/Listing of Technical
Changes: GAO list of changes in Government
Auditing Standards, December 2011 Revision
http://www.gao.gov/yellowbook
• Archived Web Event on the 2011 Yellow Book
http://www.aicpa.org/InterestAreas/GovernmentalAuditQ
uality/Resources/Pages/TheNew2011YellowBook.aspx
SM
Additional Resources
• Archived Web Event on the GAQC 2011
Yellow Book Independence Practice Aid
http://www.aicpa.org/InterestAreas/GovernmentalAudit
Quality/Resources/Pages/UnderstandingtheAICPA%2
7sYBPracticeAidMemberWebEvent.aspx
• AICPA Member Only: 2011 Yellow Book
Independence - Non audit Services
Documentation Practice Aid
http://www.aicpa.org/InterestAreas/GovernmentalAudit
Quality/Resources/AuditPracticeToolsAids/Pages/Yello
wBookAuditToolsandAids.aspx
SM
For More Information:
Thomas M. Gilbert, CPA
Gilbert Associates, Inc.
[email protected]