CAQ Offers Pointers for Integrated Audits of Internal Control


The Center for Audit Quality (CAQ) issued a report highlighting lessons learned from section 404 audits of internal control over financial reporting. The nonauthoritative report, designed to help audit firms that have not yet conducted an integrated audit, as well as more experienced firms, identifies 21 practical tips for auditors.


The report, CAQ Lessons Learned—Performing an Audit of Internal Control in an Integrated Audit, includes suggestions about identifying material risks to reliable financial reporting and the controls necessary to sufficiently address those risks. The report is based on feedback from a CAQ task force of auditors with extensive experience with integrated audits.

Section 404 of the Sarbanes-Oxley Act requires public company management and auditors to evaluate and assess the effectiveness of the internal controls that contribute to public company financial reports.

“Not all firms handle all audit matters in the same way—nor should they—and task force discussions reflected this diversity in practice,” CAQ Executive Director Cindy Fornelli said in a press release.

The 46-page report is available here.

 

SPONSORED REPORT

Why cybercriminals are targeting CPAs

This free report expands on the most commonly found scams, why education and specialized IT knowledge help to lessen security vulnerabilities, and why every firm should plan carefully for how it would respond to a breach.

PODCAST

How tax reform — and Excel — are changing the CPA Exam

Mike Decker, the vice president of examinations at the AICPA, discusses changes being made to the exam as a result of tax reform — and about how Excel will now be available for use on the test.