| During 2005 and 2006, the American Institute | | | | |
| of Certified Public Accountants issued | | | | SAS No. 107 - Audit Risk and Materiality in |
| several new standards to improve and clarify | | | | Conducting and Audit |
| auditing standards in general. | | | | |
| | | | SAS No. 108 - Planning and Supervision |
| There were two statements that were issued | | | | |
| and became effective upon issuance: | | | | SAS No. 109 - Understanding the Entity and |
| | | | Its Environment and Assessing the Risks of |
| Statement on Auditing Standards (SAS) Numbers | | | | Material Misstatement |
| 102 and 103. | | | | |
| | | | SAS No. 110 - Performing Audit Procedures in |
| SAS No.102, Defining Professional | | | | Response to Assessed Risks and Evaluating the |
| Requirements in Statement on Auditing | | | | Audit Evidence Obtained |
| Standards, clarifies steps in auditing | | | | |
| standards that are "unconditional | | | | SAS No. 111- Amendment to SAS No. 39 - Audit |
| requirements" defined by works such as "must" | | | | Sampling |
| and "is required to"; and steps that are | | | | |
| "presumptively mandatory requirements" | | | | A greater understanding of the entity is |
| defined by words such as "should". | | | | required. Auditors are no longer able to |
| | | | assess control risk at maximum without a |
| SAS No. 103, Audit Documentation, provides | | | | basis for that determination. |
| guidance on audit documentation as an | | | | |
| essential element of audit quality. This | | | | There are several steps auditors must take in |
| standard also gives guidance on the date of | | | | applying the Risk Assessment Standards. |
| the audit report which cannot be earlier than | | | | |
| the date on which the auditor has obtained | | | | Gathering Information - The auditors must |
| sufficient appropriate audit evidence to | | | | begin with gathering information about the |
| support the opinion. As a result, the audit | | | | entity and its environment, including its |
| report date will need to be close to the date | | | | internal control. Information gathering |
| the reports are released | | | | should include at minimum information |
| | | | obtained from external factors; information |
| The American Institute of Certified Public | | | | about the nature of the client; information |
| Accountants also issued the Risk Assessment | | | | in connection with the objectives and |
| standard in March 2006. The project | | | | strategies and related business risks of the |
| originated as a joint project with SAS No. | | | | client; information regarding the client's |
| 99, Consideration of Fraud in a Financial | | | | measurement parameters including a review of |
| Statement Audit. These standards were issued | | | | the client's financial performance; and |
| because the Accounting Standards Board | | | | information in connection with the client's |
| believes that they will strengthen auditing | | | | internal controls. |
| standards and provide a more in depth | | | | |
| understanding of the entity and its | | | | Understand the Entity - The auditor must also |
| environment, a more rigorous assessment of | | | | understand the entity and its environment, |
| material misstatements and improved linkage | | | | including its internal control. The auditor |
| between assessed risk and the nature, timing | | | | must anticipate and evaluate what could go |
| and extent of audit procedures performed. | | | | wrong, and be able to synthesize the |
| | | | information gathered to determine how it |
| The following standards are in the suite of | | | | might affect the financial statements. The |
| SASs issued in connection with the Risk | | | | auditor must also evaluate the design of the |
| Assessment standards: | | | | client's controls and determine if those |
| | | | controls have been implemented (which is |
| SAS No. 104 - Amendment to SAS No.1- | | | | different than test of controls). In |
| Codification of Auditing Standards and | | | | evaluating whether controls have been |
| Procedures | | | | implemented, the auditor should determine if |
| | | | there is an awareness of the existence of the |
| SAS No. 105 - Amendment to SAS No.95 - | | | | procedure in question and if the staff |
| Generally Accepted Auditing Standards | | | | implementing the control have a working |
| | | | knowledge of how the procedure should be |
| SAS No. 106 - Audit Evidence | | | | performed. |