ASB addresses audits of ICFR integrated with financial statement audits

By Ken Tysiac

The AICPA Auditing Standards Board (ASB) issued a new standard Tuesday to establish requirements and provide guidance that apply only when an auditor is engaged to perform an audit of internal control over financial reporting (ICFR) that is integrated with an audit of financial statements.

Statement on Auditing Standards No. 130, An Audit of Internal Control Over Financial Reporting That Is Integrated With an Audit of Financial Statements, takes effect for integrated audits for periods ending on or after Dec. 15, 2016.

The new standard states that although the objectives of an audit of ICFR and an audit of financial statements are not the same, the auditor should plan and perform the integrated audit to achieve the respective objectives simultaneously. Under the guidance, the auditor should design tests of controls:

  • To obtain sufficient appropriate audit evidence to support the auditor’s opinion on ICFR as of the date specified in management’s assessment of ICFR, and
  • To obtain sufficient appropriate audit evidence to support the auditor’s control risk assessments for purposes of the audit of financial statements.

When the new standard takes effect, the ASB will withdraw Statement on Standards for Attestation Engagements No. 15, An Examination of an Entity’s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements. Also withdrawn will be a related attestation interpretation, “Reporting Under Section 112 of the Federal Deposit Insurance Corporation Improvement Act.”

At the same time, amendments to various sections in SAS No. 122, Statements on Auditing Standards: Clarification and Recodification, will take effect.

At a later date, the ASB will consider developing an attestation standard addressing examinations of internal control other than ICFR that is integrated with an audit of financial statements.

Ken Tysiac (ktysiac@aicpa.org) is a JofA editorial director.

SPONSORED REPORT

Cybersecurity threats proliferating for midsize and smaller businesses

This report details how SMBs can properly protect private information from breaches, design and implement a cybersecurity policy, and create safeguards for training and education.

QUIZ

Test yourself on these often confused words

The spelling checker on your word processing program can do only so much to flag problems. Your best insurance is to learn the troublesome words that trip up writers and use them correctly by the standards of formal, written English.