Audit Partners' Judgments and Challenges in the Audits of Internal Control over Financial Reporting

Jeffrey R. Cohen; Jennifer R. Joe; Jay C. Thibodeau; Gregory M. Trompeter

doi:10.2308/ajpt-18-088

Audit Partners' Judgments and Challenges in the Audits of Internal Control over Financial Reporting

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-18-088 ◽

2020 ◽

Vol 39 (4) ◽

pp. 57-85

Author(s):

Jeffrey R. Cohen ◽

Jennifer R. Joe ◽

Jay C. Thibodeau ◽

Gregory M. Trompeter

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Data Availability ◽

Audit Committees ◽

Structured Interviews ◽

Material Weakness ◽

The Public ◽

National Office ◽

Evaluation Task ◽

Public Company

SUMMARY Internal control over financial reporting (ICFR) audits have been the subject of intensive examination by the Public Company Accounting Oversight Board (PCAOB) and researchers but the process through which auditors make ICFR judgments is largely a “black box.” To understand ICFR judgments, we conducted semi-structured interviews with 20 audit partners. Common themes in our interviews suggest that the subjectivity inherent in the ICFR evaluation task contributes to resistance against ICFR audit findings and cougnterarguments from management. Moreover, auditors perceive that their judgments are being second-guessed by PCAOB inspectors. Auditors believe that managers have difficulty accepting that material weaknesses can exist without a detected error, that management's reflexive reaction is to deny/avoid a material weakness finding, and managers routinely claim that management review controls (MRCs) would have caught the detected control deficiency. Auditors cope with management's defenses by consulting with their national office and leveraging support from strong audit committees. Data Availability: Requests for the data should be accompanied by a description of intended uses.

Download Full-text

Integration of Internal Control and Financial Statement Audits: Are Two Audits Better than One?

The Accounting Review ◽

10.2308/accr-52197 ◽

2018 ◽

Vol 94 (2) ◽

pp. 53-81 ◽

Cited By ~ 10

Author(s):

Lori Shefchik Bhaskar ◽

Joseph H. Schroeder ◽

Marcy L. Shepardson

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Audit Quality ◽

Internal Controls ◽

Data Availability ◽

Financial Statement ◽

Auditor Judgment ◽

Public Company ◽

Better Than

ABSTRACT The quality of financial statement (FS) audits integrated with audits of internal controls over financial reporting (ICFR) depends upon the quality of ICFR information used in, and its integration into, FS audits. Recent research and PCAOB inspections find auditors underreport existing ICFR weaknesses and perform insufficient testing to address identified risks, suggesting integrated audits—in which substantial ICFR testing is required—may result in lower FS audit quality than FS-only audits. We compare a 2007–2013 sample of small U.S. public company firm-years receiving integrated audits (accelerated filers) to firm-years receiving FS-only audits (non-accelerated filers) and find integrated audits are associated with higher likelihood of material misstatements and discretionary accruals, consistent with lower FS audit quality. We also find evidence of (1) auditor judgment-based integration issues, and (2) low-quality ICFR audits harming FS audit quality. Overall, results suggest an important potential consequence of integrated audits is lower FS audit quality. Data Availability: Data are publicly available from the sources identified in the text.

Download Full-text

Controls, Security, and Audit in Online Digital Accounting

Digital Accounting ◽

10.4018/978-1-59140-738-6.ch010 ◽

2011 ◽

pp. 318-383

Author(s):

Ashutosh Deshmukh

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Annual Report ◽

Control Structure ◽

Internal Controls ◽

Section 404 ◽

Checks And Balances ◽

The Public ◽

Sarbanes Oxley ◽

Public Company

Internal controls have existed since the dawn of business activities. Internal controls are basically systems of checks and balances. The purpose is to keep the organization moving along desired lines as per the wishes of the owners and to protect assets of the business. Internal controls have received attention from auditors, managers, accountants, fraud examiners and legislatures. Sarbanes Oxley Act 2002 now requires the annual report of a public company to contain a statement of management’s responsibility for establishing and maintaining an adequate internal control structure and procedures for financial reporting; and management’s assessment of the effectiveness of the company’s internal control structure and procedures for financial reporting. Section 404 of the Act also requires the auditor to attest to and report on management’s assessment of effectiveness of the internal controls in accordance with standards established by the Public Company Accounting Oversight Board (PCAOB).

Download Full-text

The Influence of Audit Committee Expertise on Firms' Internal Controls: Evidence from Mergers and Acquisitions

Accounting Horizons ◽

10.2308/horizons-19-076 ◽

2020 ◽

Vol 34 (3) ◽

pp. 193-211

Author(s):

Mikhail Sterin

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Audit Committee ◽

Internal Controls ◽

Data Availability ◽

Audit Committees ◽

First Year ◽

Opt Out ◽

Indirect Path ◽

Control Decision

SYNOPSIS This study examines how audit committee expertise influences firms' key internal control scoping decisions. Using a unique merger and acquisition (M&A) setting where the internal control audit is voluntary, I study whether audit committee expertise is associated with the deferral of internal control testing for acquired firms. I also examine whether this internal control decision provides a channel through which audit committee expertise leads to positive financial reporting outcomes. I find that audit committees with greater specialized expertise (industry and legal) are less likely to opt-out of first-year target internal control over financial reporting (ICFR) integration. In my second analysis, I find that target ICFR integration provides an indirect path through which industry and legal expertise reduce the likelihood of misstatement. This study contributes to the audit committee and internal controls literature by providing evidence on audit committee influence over firms' internal control decisions and related financial reporting outcomes. JEL Classifications: M41; M42; M48. Data Availability: The data are publicly available from the sources identified in the paper.

Download Full-text

Auditors' Internal Control over Financial Reporting Decisions: Analysis, Synthesis, and Research Directions

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-50345 ◽

2012 ◽

Vol 32 (Supplement 1) ◽

pp. 131-166 ◽

Cited By ~ 33

Author(s):

Stephen K. Asare ◽

Brian C. Fitzgerald ◽

Lynford E. Graham ◽

Jennifer R. Joe ◽

Eric M. Negangard ◽

...

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Future Research ◽

The Public ◽

Road Map ◽

Sarbanes Oxley ◽

Environmental Attributes ◽

Public Company ◽

Reporting Decisions ◽

Five Phases

SUMMARY We synthesize the literature on auditors' evaluation of, and reporting on, internal control over financial reporting (ICOFR), as required by the Sarbanes-Oxley Act. The purpose of the synthesis is (1) to provide information on how and how well auditors perform the task, which serves as feedback to the Public Company Accounting Oversight Board on implementation issues and problems related to auditors' application of the professional standards on ICOFR; and (2) to identify gaps in the current literature and fruitful areas of future research. Consistent with Auditing Standard No. 5, we delineate five phases of the ICOFR audit: (1) planning; (2) scoping; (3) testing; (4) evaluation; and (5) reporting. We structure our synthesis using a framework that classifies the determinants of performance in each phase into five broad areas: (a) the auditor's attributes, (b) the client's attributes, (c) the interaction between the auditor and the client, (d) task attributes, and (e) environmental attributes. Key contributions include providing an ICOFR tasks taxonomy, proposing a model of the determinants of performance for each task, evaluating auditors' performance of the tasks in our taxonomy, highlighting findings and gaps of importance to regulators, and providing a road map for future research.

Download Full-text

Determinants of the Persistence of Internal Control Weaknesses

Accounting Horizons ◽

10.2308/acch-10266 ◽

2012 ◽

Vol 26 (2) ◽

pp. 307-333 ◽

Cited By ~ 38

Author(s):

Bonnie K. Klamm ◽

Kevin W. Kobelsky ◽

Marcia Weidenmier Watson

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Management Training ◽

Internal Controls ◽

Senior Management ◽

Data Availability ◽

The Public ◽

Sarbanes Oxley ◽

Material Weaknesses ◽

Specific Control

SYNOPSIS This paper analyzes the degree to which material weaknesses (MWs) in internal control reported under the Sarbanes-Oxley Act of 2002 (SOX) affect the future reporting of MWs. Particularly, we examine information technology (IT) and non-IT MWs and their breakdown into specific IT-related entity-level, non-IT-related entity-level, and account-level deficiencies. Analysis reveals that most account-level and entity-level deficiencies occur at a significantly higher rate in SOX 404 reports with at least one IT MW than in MW reports with only non-IT MWs. Further, the presence and count of both types of MWs and all three types of deficiencies are associated with increased future MWs, as are lower profitability, non-Big 6 auditor, and firm complexity. Specific control deficiencies related to senior management, training, and IT control environment have the strongest impact on future MWs. These results indicate that effective corporate governance of both the IT and non-IT domains is pivotal in establishing and maintaining strong internal controls over financial reporting. Data Availability: Data are available from the public sources identified in the paper.

Download Full-text

What Are the Trends in PCAOB Inspections and the Reported Audit Deficiencies?

Journal of Accounting Auditing & Finance ◽

10.1177/0148558x20934945 ◽

2020 ◽

pp. 0148558X2093494

Author(s):

Ashna L. Prasad ◽

John C. Webster

Keyword(s):

Financial Reporting ◽

Fair Value ◽

Audit Committees ◽

Auditor Judgment ◽

Generally Accepted Accounting Principles ◽

The Public ◽

Audit Firms ◽

Public Company ◽

The Mean ◽

Fair Value Measurements

Although the Public Company Accounting Oversight Board (PCAOB) inspections commenced in 2003, few studies have analyzed the recurring nature of audit deficiencies both within and across U.S. and non-U.S. firms. This study investigates longitudinal trends in PCAOB Part I audit deficiencies and compares these deficiencies between initial and subsequent inspections. We classify the audit deficiencies contained in the inspection reports into three categories relating to Generally Accepted Accounting Principles (GAAP), Generally Accepted Auditing Standards (GAAS), and Internal Controls over Financial Reporting (ICFR). Using 1,551 inspections conducted over the period 2003–2017, we find that 67% of Part I audit deficiencies in the related reports pertain to GAAP and that triennially inspected audit firms have the highest occurrence of these deficiencies. On average, 22% of audit deficiencies relate to GAAS, with the highest incidence of these deficiencies attributable to annually inspected audit firms. Although ICFR has the least audit deficiencies (11%), we find a significant increase from 2009. We find no significant differences in the mean number of GAAP, GAAS, and ICFR audit deficiencies between first- and second-round inspections. However, we find a significant increase in the mean number of ICFR audit deficiencies between the third- to fifth-round inspections. The audit areas of “revenue recognition,”“inventory,” and “fair value measurements” (i.e., those requiring significant auditor judgment) are the most frequent audit deficiencies identified by the PCAOB. This study provides insights into the frequency and nature of audit deficiencies to stakeholders such as investors, auditors, audit committees, and users of financial statements.

Download Full-text

The Effect of Auditing Standard No. 5 on Audit Report Lags

Accounting Horizons ◽

10.2308/acch-51052 ◽

2015 ◽

Vol 29 (3) ◽

pp. 507-527 ◽

Cited By ~ 15

Author(s):

Santanu Mitra ◽

Hakjoon Song ◽

Joon Sun Yang

Keyword(s):

Internal Control ◽

Extended Period ◽

Data Availability ◽

Audit Report ◽

Audit Process ◽

Top Down ◽

The Public ◽

Audit Efficiency ◽

Public Company ◽

The Impact

SYNOPSIS Auditing Standard No. 5 (AS5) introduced by the Public Company Accounting Oversight Board (PCAOB) in June 2007 requires a top-down risk-based approach in auditing and is expected to improve audit efficiency and make the overall auditing process timelier by reducing audit report lags. We investigate the impact of AS5 on audit report lags over an extended period from 2006 to 2011 and find that audit report lags are lower in the AS5 years (2007–2011) relative to the AS2 years (2006–2007). But this reduction is evident mostly for the firms with clean SOX 404 opinions. The presence of material internal control weaknesses (ICW) significantly increases audit report lags, but AS5 does not have any incremental moderating effect on report lags and the ICW relationship. Tests for the firms with company-level and account-specific ICWs demonstrate identical results. Additional analyses show that the learning curve effect takes place rapidly in the early part of the AS5 period and audits continue to remain efficient in terms of reduced report lags in the latter part of the AS5 period relative to the AS2 period. The year-to-year change analyses for the AS5 period further corroborate this result. Overall, our study demonstrates that the top-down, risk-based approach under AS5 makes the audit process more efficient and timelier by decreasing audit report lags. Data Availability: Data are available from public sources identified in the paper.

Download Full-text

Evidence on the Impact of Internal Control over Financial Reporting on Audit Fees

International Journal of Accounting and Financial Reporting ◽

10.5296/ijafr.v9i3.15001 ◽

2019 ◽

Vol 9 (3) ◽

pp. 1

Author(s):

Mohamed Gaber ◽

Samy Garas ◽

Edward J. Lusk

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Public Information ◽

Audit Fees ◽

Stock Trading ◽

Audit Opinion ◽

The Public ◽

Public Company ◽

Effective Group ◽

The Impact

Introduction: Circa 1992, the dot.com sector created an irrational stock-trading market where the usual “financial” profiles of: Liquidity, Cash Flow from Operations, and Revenue generation were replaced by Ponzi-esque mayhem. To stabilize the markets, the Public Company Accounting Oversight Board [PCAOB] required a second audit opinion: the COSO Opinion on the adequacy of management’s system of Internal Control over Financial Reporting: [ICoFR].Study Focus: Three COSO-[ICoFR] designations are now required as public information: (i) A “clean” opinion [Is Effective], (ii) Deficiencies are noted, and (iii) Weaknesses reported. Our research interest is to determine, for a panel of randomly selected firms traded on the S&P500 for a eleven-year period: 2005 to 2015, the nature of the effect that the COSO deficiency reporting protocol has on (i) Audit Fees and (ii) the Market Cap of traded firms.Method: To this end we collected, using the Audit Analytics Ô[WRDSÔ] database, various categories of reported Audit Fees and also Market Cap information. This random sample was classified into two sets: the first group: Is Effective SEC 302 Designation and No COSO issues & the second group: Is Not 100% Effective for which there were SEC 302 Deficiencies or Weaknesses noted.Results: Inferential testing indicates that failure to attend to the PCAOB-COSO imperatives results in a relational where there are higher Audit Fees and a slippage of the firm’s Market Cap compared to the Is Effective Group. The PCAOB’s protocol to require the Audit of the firm’s ICoFR system and make that evaluation public information seems to be an excellent corrective “Carrot and Stick”.

Download Full-text

IT Does Matter: The Folly of Ignoring IT Material Weaknesses

Accounting Horizons ◽

10.2308/acch-52031 ◽

2018 ◽

Vol 32 (2) ◽

pp. 37-55 ◽

Cited By ~ 7

Author(s):

Gene Kim ◽

Vernon J. Richardson ◽

Marcia Weidenmier Watson

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Negative Impact ◽

Earnings Quality ◽

Audit Fees ◽

Data Availability ◽

The Public ◽

Material Weaknesses ◽

Reporting Systems ◽

Internal Control Weaknesses

SYNOPSIS Information technology (IT) has a large and growing impact on firms and executives. While there are questions about the ability of IT to create a competitive advantage, we make the case that ignoring IT may be to an organization's and its executives' peril. Using the lens of internal control issues associated with financial reporting systems, we illustrate how internal control weaknesses associated with IT (ITMWs) can have both a dramatic and negative impact on the firm and its leadership. ITMWs take longer to remediate; are associated with more subsequent restatements, less accurate forecasts, higher audit fees, and lower earnings quality; and are more likely associated with executives losing their positions than non-ITMWs. We argue that ITMW remediation requires more time to plan, rewrite, and implement IT changes than to implement non-IT changes. Extant literature suggests that executives should focus their efforts on IT vulnerabilities and risks rather than IT opportunities. Data Availability: Data are available from the public sources cited in the text.

Download Full-text

Behind the Numbers: Insights into Large Audit Firm Sampling Policies

Accounting Horizons ◽

10.2308/acch-50921 ◽

2014 ◽

Vol 29 (1) ◽

pp. 61-81 ◽

Cited By ~ 10

Author(s):

Brant E. Christensen ◽

Randal J. Elder ◽

Steven M. Glover

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Data Availability ◽

Future Research ◽

Accounting Firms ◽

Sarbanes Oxley ◽

Big 4 ◽

National Office ◽

Current Sampling ◽

Audit Sampling

SYNOPSIS Changes in the audit industry after the Sarbanes-Oxley Act, including mandatory audits of internal control over financial reporting and PCAOB oversight and inspection of audit work, have potentially changed the nature and extent of audit sampling in the largest accounting firms. However, little academic evidence exists on these firms' current audit sampling policies (Elder, Akresh, Glover, Higgs, and Liljegren 2013). As such, we administer an extensive, open-ended survey to the national office of the Big 4 and two other international accounting firms regarding their firm's audit sampling policies. We find variation among the largest auditing firms' policies in their use of statistical and nonstatistical sampling methods and in inputs used in the sampling applications that could result in different sample sizes. Sampling experts' internal reviews indicate that projecting and resolving identified misstatements is one of the biggest difficulties that audit engagement teams face when using sampling techniques. Finally, we present evidence that some firms have significantly changed their approach to revenue testing due to PCAOB inspections. This evidence provides important insights into current sampling policies and presents opportunities for future research. Data Availability: Please contact the authors.

Download Full-text