How to rate external auditors

By Sabine Vollmer

Audit committees of public companies are under increasing regulatory pressure to ensure external auditors are doing a quality job. Considering these factors should help them fufill their oversight role.

Evaluate the technical skill and experience of the audit team's primary members. Specific considerations include whether (1) the external auditor has demonstrated a sound understanding of the company's business and the economic environment's impact on the company and sought feedback on the quality of the services provided; (2) the lead auditor discussed with the audit committee the audit plan and how it addressed areas of accounting and audit risk specific to the company; (3) the lead auditor provided information about the technical skills, experience, and professional objectivity of other auditor teams who also performed services and about their oversight; and (4) the auditor identified and responded to any auditing and accounting issues that arose from changes in the company or changes in applicable accounting and auditing requirements.

Check the external auditor's sector experience to assess the value of the service. Specific considerations include whether the cost of the external audit was reasonable and sufficient for the company's size, complexity, and risks and whether any external auditor communicated an inspection's results, including findings regarding companies in similar industries with similar accounting or audit issues, and how to respond to the comments from regulators.

Consider resources made available to the external auditor. Specific considerations include whether the audit team had sufficient access to specialized expertise during the audit and whether additional and appropriate resources were made available to complete the audit work in a timely manner.

Examine independence, objectivity, and professional skepticism. Specific considerations include whether (1) the external auditors reported to the audit committee all matters that might reasonably be thought to bear on the audit firm's independence and safeguards in place to detect independence issues; (2) any differences in views between management and the external auditors were resolved in a professional manner; and (3) the lead auditor discussed safeguards in place to protect the independence, objectivity, and professional skepticism as part of the audit committee's preapproval for all nonaudit services.

Survey key employees to rate the external auditor's services. Company employees who have substantial contact with the external auditors can rate their service on a five-point scale. The survey can probe whether (1) the auditor met commitments such as agreed-upon performance delivery dates; and (2) the auditor asked questions about business risk or issues that might impact the audit plan, identified opportunities and risk proactively by anticipating and providing insights, and delivered value for the fees charged.

This checklist is based on information available in External Auditor Assessment Tool: A Reference for Audit Committees Worldwide, a resource prepared by the Audit Committee Collaboration, a partnership of corporate governance and policy organizations whose members include the AICPA-affiliated Center for Audit Quality. More information is available at

­—By Sabine Vollmer (, a JofA senior editor.


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.