As Public Company Accounting Oversight Board (PCAOB) inspections have grown more intense in the last five years and the bar for audit quality has risen, auditors and public companies face mounting pressure to meet these elevated compliance requirements in a way that’s streamlined and efficient. Reducing redundancy, improving management and internal audit documentation efficiency, and ensuring seamless collaboration between internal teams and external auditors are essential strategies for success.
To help reduce audit costs and strengthen the reliability of your financial reporting, your organization can:
Our webcast, Unlock a More Efficient Approach to PCAOB Audit Success, offered practical, real-world guidance on aligning audit readiness with regulator expectations while reducing time and effort throughout the audit cycle. Here are some key takeaways.
Management review controls often face the toughest scrutiny as they’re the decision-making controls for areas requiring significant judgment, such as inventory reserves, forecasted financial information, and impairment analyses. To strengthen these controls:
Automated controls embedded within business processes aren’t just a convenience—they’re a game-changer for reducing human errors and boosting audit efficiency. Unlike broader IT general controls (ITGCs), IT application controls (ITACs) support specific financial statement assertions, mitigate risks of material misstatement, and include things like system-driven calculations and workflow approvals.
Understanding whether an automated control is inherent or configurable is critical, as this drives the testing approach. For example, if an automated control is inherent the testing approach may include a review of code or proving the system functions as intended. If the automated control is configurable testing might be more focused on security groups, roles, and permissions.
Test controls in live production environments, when possible, to verify accuracy. If you have to test in a development environment, gather additional evidence to support its applicability to the production environment.
You can also leverage benchmarking to reduce testing in subsequent years if configurations remain unchanged.
Common ITAC examples include:
Walkthroughs give auditors a complete picture of how transactions flow from initiation to reporting. To make these sessions effective, come prepared with a current-year example and existing documentation such as flowcharts and narratives.
Regulators are increasingly focused on the data behind your controls. Management must demonstrate that internally produced information used in financial reporting is complete and accurate.
Start early by identifying controls with a data dependency, then embed procedures to validate data and ensure it is complete. This includes extraction from IT systems, report parameters or logic, and any manual edits or transformations, including manipulation in Excel. Address risks at each stage of the process, from initial data entry to parameter-driven outputs and manual exports or manipulation.
Internal audit can be a tremendous asset in easing the burden of external audits—but only if their work meets PCAOB standards.
PCAOB inspections are more than a compliance exercise for auditors; they’re shaping the expectations for management’s internal controls over financial reporting. By investing in sound controls, embracing automation, preparing rigorously, validating data, and leveraging internal resources, your company can meet regulatory expectations and gain a competitive edge through more reliable financial reporting while reducing audit costs.
Watch the full webcast: Upgrade Audit Efficiency While Maintaining Compliance
For more information contact your firm professional.
Baker Tilly US, LLP, Baker Tilly Advisory Group, LP and Moss Adams LLP and their affiliated entities operate under an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable laws, regulations and professional standards. Baker Tilly Advisory Group, LP and its subsidiaries, and Baker Tilly US, LLP and its affiliated entities, trading as Baker Tilly, are members of the global network of Baker Tilly International Ltd., the members of which are separate and independent legal entities. Baker Tilly US, LLP and Moss Adams LLP are licensed CPA firms that provide assurance services to their clients. Baker Tilly Advisory Group, LP and its subsidiary entities provide tax and consulting services to their clients and are not licensed CPA firms. ISO certification services offered through Moss Adams Certifications LLC. Investment advisory offered through either Moss Adams Wealth Advisors LLC or Baker Tilly Wealth Management, LLC.