| During 2005 and 2006, the American | | | | SAS No. 107 - Audit Risk and Materiality |
| Institute of Certified Public | | | | in Conducting and Audit |
| Accountants issued several new standards | | | | SAS No. 108 - Planning and Supervision |
| to improve and clarify auditing | | | | SAS No. 109 - Understanding the Entity |
| standards in general. | | | | and Its Environment and Assessing the |
| There were two statements that were | | | | Risks of Material Misstatement |
| issued and became effective upon | | | | SAS No. 110 - Performing Audit |
| issuance: | | | | Procedures in Response to Assessed Risks |
| Statement on Auditing Standards (SAS) | | | | and Evaluating the Audit Evidence |
| Numbers 102 and 103. | | | | Obtained |
| SAS No.102, Defining Professional | | | | SAS No. 111- Amendment to SAS No. 39 - |
| Requirements in Statement on Auditing | | | | Audit Sampling |
| Standards, clarifies steps in auditing | | | | A greater understanding of the entity is |
| standards that are "unconditional | | | | required. Auditors are no longer able |
| requirements" defined by works such as | | | | to assess control risk at maximum |
| "must" and "is required to"; and steps | | | | without a basis for that determination. |
| that are "presumptively mandatory | | | | There are several steps auditors must |
| requirements" defined by words such as | | | | take in applying the Risk Assessment |
| "should". | | | | Standards. |
| SAS No. 103, Audit Documentation, | | | | Gathering Information - The auditors |
| provides guidance on audit documentation | | | | must begin with gathering information |
| as an essential element of audit | | | | about the entity and its environment, |
| quality. This standard also gives | | | | including its internal control. |
| guidance on the date of the audit report | | | | Information gathering should include at |
| which cannot be earlier than the date on | | | | minimum information obtained from |
| which the auditor has obtained | | | | external factors; information about the |
| sufficient appropriate audit evidence to | | | | nature of the client; information in |
| support the opinion. As a result, the | | | | connection with the objectives and |
| audit report date will need to be close | | | | strategies and related business risks of |
| to the date the reports are released | | | | the client; information regarding the |
| The American Institute of Certified | | | | client's measurement parameters |
| Public Accountants also issued the Risk | | | | including a review of the client's |
| Assessment standard in March 2006. The | | | | financial performance; and information |
| project originated as a joint project | | | | in connection with the client's internal |
| with SAS No. 99, Consideration of Fraud | | | | controls. |
| in a Financial Statement Audit. These | | | | Understand the Entity - The auditor must |
| standards were issued because the | | | | also understand the entity and its |
| Accounting Standards Board believes that | | | | environment, including its internal |
| they will strengthen auditing standards | | | | control. The auditor must anticipate |
| and provide a more in depth | | | | and evaluate what could go wrong, and be |
| understanding of the entity and its | | | | able to synthesize the information |
| environment, a more rigorous assessment | | | | gathered to determine how it might |
| of material misstatements and improved | | | | affect the financial statements. The |
| linkage between assessed risk and the | | | | auditor must also evaluate the design of |
| nature, timing and extent of audit | | | | the client's controls and determine if |
| procedures performed. | | | | those controls have been implemented |
| The following standards are in the suite | | | | (which is different than test of |
| of SASs issued in connection with the | | | | controls). In evaluating whether |
| Risk Assessment standards: | | | | controls have been implemented, the |
| SAS No. 104 - Amendment to SAS No.1- | | | | auditor should determine if there is an |
| Codification of Auditing Standards and | | | | awareness of the existence of the |
| Procedures | | | | procedure in question and if the staff |
| SAS No. 105 - Amendment to SAS No.95 - | | | | implementing the control have a working |
| Generally Accepted Auditing Standards | | | | knowledge of how the procedure should be |
| SAS No. 106 - Audit Evidence | | | | performed. |