In: Accounting
What is the auditor's responsibility for communicating control deficiencies that are severe enough to be considered significant deficiencies or material weaknesses?
The auditor responsibility is to report significant deficiencies and material weakness to management and the board of director in writing. Can anyone expound on this matter? Thanks!
Ans:Communications to Management and with Those Charged with
Governance
If the auditor has identified a fraud or has obtained information
that indicates that a fraud may exist, the
auditor shall communicate these matters on a timely basis to the
appropriate level of management in order to
inform those with primary responsibility for the prevention and
detection of fraud of matters relevant to their
responsibilities.
Unless all of those charged with governance are involved in
managing the entity, if the auditor has
identified or suspects fraud involving:
(a) Management;
(b) Employees who have significant roles in internal control;
or
(c) Others where the fraud results in a material misstatement in
the financial statements.
The auditor shall communicate these matters to those charged
with governance on a timely basis. If the
auditor suspects fraud involving management, the auditor shall
communicate these suspicions to those
charged with governance and discuss with them the nature, timing
and extent of audit procedures necessary
to complete the audit.
In accordance with SA 260, Communication with Those Charged with
Governance13, the auditor shall
communicate with those charged with governance any other matters
related to fraud that are, in the auditor’s
judgment, relevant to their responsibilities. (Ref: Para.
A63)
Communications to Regulatory and Enforcement Authorities
If the auditor has identified or suspects a fraud, the auditor
shall determine whether there is a
responsibility to report the occurrence or suspicion to a party
outside the entity. Although the auditor’s
professional duty to maintain the confidentiality of client
information may preclude such reporting, the
auditor’s legal responsibilities may override the duty of
confidentiality in some circumstances.
Documentation
The auditor’s documentation of the understanding of the entity and
its environment and the
assessment of the risks of material misstatement required by SA
shall include:
(a) The significant decisions reached during the discussion among
the engagement team regarding the
susceptibility of the entity’s financial statements to material
misstatement due to fraud; and
(b) The identified and assessed risks of material misstatement due
to fraud at the financial statement level
and at the assertion level.
The auditor’s documentation of the responses to the assessed risks
of material misstatement required
by SA shall include:
(a) The overall responses to the assessed risks of material
misstatement due to fraud at the financial
statement level and the nature, timing and extent of audit
procedures, and the linkage of those
procedures with the assessed risks of material misstatement due to
fraud at the assertion level; and
(b) The results of the audit procedures, including those designed
to address the risk of management
override of controls.
The auditor shall document communications about fraud made to
management, those charged with
governance, regulators and others.
When the auditor has concluded that the presumption that there is a
risk of material misstatement due
to fraud related to revenue recognition is not applicable in the
circumstances of the engagement, the auditor
shall document the reasons for that conclusion.
Note* Fraud refers to deficiencies or material weaknesses
2.Those charged with governance includes Board of directors.