Download full Audit risk alert: general accounting and auditing developments 2019/2020 aicpa ebook a

Visit to download the full and correct content document: https://ebookmass.com/product/audit-risk-alert-general-accounting-and-auditing-devel opments-2019-2020-aicpa/

More products digital (pdf, epub, mobi) instant download maybe you interests ...

Beyond Audit: Auditing Remotely and Delivering Value (Wiley Corporate F&A) 1st Edition Robert L. Mainardi

https://ebookmass.com/product/beyond-audit-auditing-remotely-anddelivering-value-wiley-corporate-fa-1st-edition-robert-lmainardi/

Auditing: A Risk Based-Approach 11th Edition JohnstoneZehms

https://ebookmass.com/product/auditing-a-risk-basedapproach-11th-edition-johnstone-zehms/

2020 Not-for-Profit Accounting and Auditing Update

Melisa F. Galasso

https://ebookmass.com/product/2020-not-for-profit-accounting-andauditing-update-melisa-f-galasso/

The British General Election of 2019 Robert Ford

https://ebookmass.com/product/the-british-general-electionof-2019-robert-ford/

Introduction to General, Organic, and BiochemistryCengage Learning (2019) 12th Edition Frederick March

https://ebookmass.com/product/introduction-to-general-organicand-biochemistry-cengage-learning-2019-12th-edition-frederickmarch/

(eBook PDF) Using Sage 50 Accounting 2019 by Mary Purbhoo

https://ebookmass.com/product/ebook-pdf-usingsage-50-accounting-2019-by-mary-purbhoo/

eTextbook 978-1305947771

Century 21 Accounting: General Journal, Copyright Update

https://ebookmass.com/product/etextbook-978-1305947771-century21-accounting-general-journal-copyright-update/

(eTextbook PDF) for Auditing: A Risk Based-Approach 11th Edition by Karla M Johnstone

https://ebookmass.com/product/etextbook-pdf-for-auditing-a-riskbased-approach-11th-edition-by-karla-m-johnstone/

Auditing & Assurance Services (Auditing and Assurance Services) 7th Edition, (Ebook PDF)

https://ebookmass.com/product/auditing-assurance-servicesauditing-and-assurance-services-7th-edition-ebook-pdf/

2019/20 | General Accounting and Auditing Developments

Strengthening Audit Integrity Safeguarding Financial Reporting

© 2019 by American Institute of Certified Public Accountants. All rights reserved.

For information about the procedure for requesting permission to make copies of any part of this work, please email copyright-permission@aicpa-cima.com with your request. Otherwise, requests should be written and mailed to Permissions Department, 220 Leigh Farm Road, Durham, NC 27707-8110 USA.

1 2 3 4 5 6 7 8 9 0 AAP 1 9

ISBN 978-1-94830-690-4

NoticetoReaders

ThisAuditRiskAlert(alert)replaces GeneralAccountingandAuditingDevelopments—2018/19.

Thisalertprovidesauditorsoffinancialstatementswithanoverviewofrecent economic,industry,technical,regulatory,andprofessionaldevelopmentsthat mayaffecttheauditsandotherengagementstheyperform.Also,anentity's internalmanagementcanusethisalerttoaddressareasofauditconcern.

Thispublicationisanotherauditingpublication,asdefinedinAU-Csection 200, OverallObjectivesoftheIndependentAuditorandtheConductofanAudit inAccordanceWithGenerallyAcceptedAuditingStandards.1 Otherauditing publicationshavenoauthoritativestatus;however,theymayhelptheauditor understandandapplygenerallyacceptedauditingstandards.

Inapplyingtheauditingguidanceincludedinanotherauditingpublication, theauditorshould,usingprofessionaljudgment,assesstherelevanceandappropriatenessofsuchguidancetothecircumstancesoftheaudit.Theauditing guidanceinthisdocumenthasbeenreviewedbytheAICPAAuditandAttest StandardsstaffandpublishedbytheAICPAandispresumedtobeappropriate.Thisdocumenthasnotbeenapproved,disapproved,orotherwiseactedon byaseniortechnicalcommitteeoftheAICPA.

Recognition

TheAssociationofInternationalCertifiedProfessionalAccountantsgratefully acknowledgesthosemembersoftheAuditingStandardsBoardandtheTechnicalIssuesCommitteewhohelpedidentifytheinterestareasforinclusionin thisalert.TheAssociationalsogratefullyacknowledgesJeremyDillardand MandaDinkelfortheirreviewofthispublication.

Staff MaoChen Manager ProductManagementandDevelopment

Feedback

TheAuditRiskAlert GeneralAccountingandAuditingDevelopments ispublishedannually.Asyouencounterauditorindustryissuesthatyoubelievewarrantdiscussioninnextyear'salert,pleasefeelfreetosharethemwithus.Any othercommentsyouhaveaboutthealertwouldalsobeappreciated.Youmay emailthesecommentstoA&APublications@aicpa-cima.com. 1

TABLEOFCONTENTS

GeneralAccountingandAuditingDevelopments— 2019/20—continued

ASUNo.2018-18, CollaborativeArrangements (Topic808):ClarifyingtheInteractionbetween Topic808andTopic606

HowThisAlertHelpsYou

.01 Thisalerthelpsyouplanandperformyourauditsandcanbeusedby anentity'sinternalmanagementtoidentifyissuessignificanttotheindustry. Italsoprovidesinformationtoassistyouinachievingamorerobustunderstandingofthebusiness,economic,andregulatoryenvironmentsinwhichyour clientsoperate.Thisalertisanimportanttooltohelpyouidentifytherisksthat mayresultinthematerialmisstatementoffinancialstatements,includingsignificantrisksrequiringspecialauditconsideration.Fordevelopingissuesthat mayhaveasignificantimpactinthenearfuture,the"OntheHorizon"section providesinformationonthesetopics.Refertothefulltextofaccountingand auditingpronouncementsaswellasthefulltextofanyrulesorpublications thatarediscussedinthisalert.

.02 Itisessentialthattheauditorunderstandthemeaningof auditrisk andtheinteractionofauditriskwiththeobjectiveofobtainingsufficientappropriateauditevidence.Auditorsobtainsufficientappropriateauditevidence onwhichtobasetheiropinionbyperformingthefollowing:

• Riskassessmentprocedures

• Furtherauditproceduresthatcomprisethefollowing:

—Testsofcontrols,whenrequiredbygenerallyacceptedauditingstandards(GAAS)orwhentheauditorhaschosen todoso

—Substantiveproceduresthatincludetestsofdetailsand substantiveanalyticalprocedures

.03 Theauditorshoulddevelopanauditplanthatincludesthenature andextentofplannedriskassessmentprocedures,asdeterminedunderAU-C section300, PlanninganAudit.1 AU-Csection315, UnderstandingtheEntity andItsEnvironmentandAssessingtheRisksofMaterialMisstatement,defines riskassessmentprocedures as"theauditproceduresperformedtoobtainanunderstandingoftheentityanditsenvironment,includingtheentity'sinternal control,toidentifyandassesstherisksofmaterialmisstatement,whetherdue tofraudorerror,atthefinancialstatementandrelevantassertionlevels."A relevantassertion "hasareasonablepossibilityofcontainingamisstatement ormisstatementsthatwouldcausethefinancialstatementstobematerially misstated.Thedeterminationofwhetheranassertionisarelevantassertion ismadewithoutregardtotheeffectofinternalcontrols."Aspartofobtaining therequiredunderstandingoftheentityanditsenvironment,paragraph.12 ofAU-Csection315statesthattheauditorshouldobtainanunderstandingof the"industry,regulatory,andotherexternalfactors,includingtheapplicable financialreportingframework"relevanttotheentity.Thisalertassiststheauditorwiththisaspectoftheriskassessmentproceduresandfurtherexpands theauditor'sunderstandingofotherimportantconsiderationsrelevanttothe audit.

1 AllAU-CsectionscanbefoundinAICPA ProfessionalStandards.

EconomicandIndustryDevelopments

TheCurrentEconomy

.04 TheCurrentEconomyEconomicconditionsnotonlyaffectexecutives'andstakeholders'viewsofeconomicgrowthandprofitability,butalso challengeauditors'judgmentanddecision-makingregardingriskassessment. Whenplanninganauditorreviewengagement,auditorsneedtounderstand theeconomicconditionsfacingtheindustryandmarketplaceinwhichanentityoperates,aswellastheeffectsoftheseconditionsontheentityitself.These externalfactors,suchasinterestrates,availabilityofcredit,consumerconfidence,volatilityincapitalmarkets,overalleconomicexpansionorcontraction, inflation,andlabormarketconditions,arelikelytohaveaneffectonanentity'sbusinessand,therefore,ultimatelyhavefinancialreportingimplications. Obtaininganunderstandingoftheentityanditsenvironmentistheveryfirst stepinconsideringtheeffectsofexternalforcesonanentity.Recognizingthat economicconditionsandotherexternalfactorsrelevanttoanentityanditsenvironmentconstantlychange,auditorsshoulddeterminewhetherchangeshave occurredsincethepreviousauditthatmayaffecttheirrelianceonanyinformationobtainedfromtheirpreviousexperiencewiththeentity.Thesechanges mayaffecttherisksandriskassessmentproceduresapplicabletothecurrent year'sengagement.Ascomplexityandsophisticationofenvironmentalfactors increase,sodoestheneedforauditorstomaintainprofessionalskepticism.

.05 During2019andinto2020,U.S.economicgrowthwillmoderatelycontinue.Theslowerpacein2019waslikelythesideeffectoftradetensionsand FederalReservemoves.Thenewtariffshaveaffectedtaxes;hence,theslowing ofU.S.economicgrowth.Meanwhile,themarketrespondedtothedissipated FederalReservetighteningwithwidenedcorporatebondspreads.Thismay affectfinancialstabilitywhencorporatedebtmarketisvulnerable.Although labormarketconditionsarestrong,theU.S.grossdomesticproduct(GDP)fell inthesecondhalfof2019.Consumerspendingcontinuestogrow,supported bythelabormarketandrisingincome.Also,theimpactofbudgetresolution fromCongresswillpartiallyoffsettheimpactofthetradewar.Becausethe possibilityofamarketslowdownandpolicyuncertaintyareanticipated,despitethecontinuedeconomicexpansion,thepotentialriskofconsumerbudget constraintrequireshighersavingsinthefuture.

KeyEconomicIndicators

.06 Thefollowingkeyeconomicindicatorspointouthowtheeconomyis functioningduring2019andinto2020:stockmarkets,GDP,unemployment, thefederalfundrate,andconsumerspending.TheDowJonesIndustryAverage (DJIA)hadarisingtrendandreachedarecordhighofover28,000inNovemberof2019.2 ConsumeroptimismcontinuestopushtheDJIAsince2018.The NASDAQcompositeindexhashadsimilarmovement.ItpeakedinJulyand experiencedsimilarvolatilityinAugust.Astradeuncertaintyextendedtothe stockmarket,U.S.stocksreboundedaccordingly.

.07 RealGDPmeasuresoutputofgoodsandservicesproducedbylabor andpropertywithintheUnitedStates.RealGDPincreasesastheeconomy

2 Seewww.marketwatch.com/investing/index/djia/charts.AccessedNovember20,2019.

growsanddecreasesasitslows.AccordingtotheBureauofEconomicAnalysis,realGDPincreased2.1%inthesecondquarterof2019,downfromthe firstquarter'sincreaseof3.1%.TheincreaseinrealGDPinthesecondquarter,attributedtopositivecontributionsfrompersonalconsumptionexpenditures,federalgovernmentspending,andstateandlocalgovernmentspending,werepartiallyoffsetbyprivateinventoryinvestments,exports,andfixed investments.

.08 Unemploymentremainedlowinthethirdquarterof2019.Accordingto theBureauofLaborStatistics(BLS),theunemploymentratedeclinedto3.5% inSeptember,nearitslowestlevelin50yearsandinlinewithmarketexpectations.Notablejobgainsoccurredinprofessionalandtechnicalservices,health care,socialassistance,andfinancialactivities.Duringthatsametimeperiod, thenumberoflong-termunemployed(thosejoblessfor27weeksormore)increasedto1.3millionandaccountedfor22.7%oftheunemployed.3 According totheBLS,thenumberofpeopleemployedpart-timeforeconomicreasonsincreasedby397,000inAugustto4.4million.Overthepast12months,thenumberofinvoluntarypart-timeworkershasdeclinedover600,000.Together,these aspectsoftheunemploymentratemirrortheeconomicclimate.

.09 Thefederalfundsraterepresentstheinterestrateatwhichbanks tradebalancesheldattheFederalReserveonanovernightbasis.Itisthekey economicindicatorbecauseitaffectsmonetaryandfinancialconditions.The BoardofGovernorsoftheFederalReserveSystemloweredthetargetforthe federalfundsrateto2%aftertheFederalOpenMarketCommittee(FOMC) metinJuly2019.AccordingtotheFederalReserve'sSeptemberpressrelease, althoughthelabormarketcontinuestostrengthen,theeconomicconditionwas moreaccommodativeinthefirstandsecondquartersoftheyear.Ithasslowed fromitsfastpaceinearly2019,whichreflectsamarketadjustmentofweak globaleconomicgrowth,tradepolicyuncertainty,andinflationpressure.4 The FOMCconsidersthisasustainedexpansionofeconomicactivity;however,uncertaintiesaboutthisoutlookremain.

.10 Theconsumerpriceindex(CPI)measuresthechangeofpricesofconsumergoodsandservicespurchasedbyconsumers.Itreflectsspendingpatternsforeachoftwopopulationgroups—all-urbanconsumersandurbanwage earnersandclericalworkers.Theall-urbanconsumersrepresentthemajority ofthetotalU.S.population.AccordingtotheBLS,theConsumerPriceIndexfor AllUrbanConsumers(CPI-U)increased1.7%overthelast12monthsended August2019.TheConsumerPriceIndexforUrbanWageEarnersandClerical Workers(CPI-W)increased1.5%overthelast12monthsendedAugust2019. Theindexforallitemslessfoodandenergyrose2.4%overthelast12months, andthefoodindexincreased1.7%.Theenergyindexdeclined4.4%overthelast 12months.Thisindicatesthatconsumerconfidenceremainsatamoderately favorablelevelintheshort-termoutlook.

.11 Becauseeconomicconditionsposeuniquechallengestotheentity's objectivesandstrategies,itisimportanttoreassesstheappropriatenessofthe plannedauditstrategy,materialitylevel,fraudrisks.Forinstance,theauditor mayconsiderwhethertheentityhasestablishedsufficientcontrolstomonitorthemarketfluctuation,whethertheorganizationisinfluencedbytheinflatedconsumerconfidence,orwhethertheduediligencemeasureofavendor's

3 Seewww.bls.gov/home.htm.AccessedOctober4,2019.

4 2019FOMCMeetingStatement,TheFederalReserve(www.federalreserve.gov).

contractualliabilityunderpotentialeconomicdownturnisdifferent.Economic conditionsgiverisetomanyauditconsiderations,particularlytheevaluationof management'sassessmentofanentity'sabilitytocontinueasagoingconcern.

ExecutiveReviewofTopRisksfor2019

.12 TheAICPAhaspartneredwithNorthCarolinaStateUniversityto conductanannualsurvey, ExecutivePerspectivesonTopRisks. 5 Thepurposeof thissurveyistoseekexecutive-levelperceptionofthetopriskslikelytobeon thehorizonfororganizations.Insummary,for2019,individualsrespondingto thesurveyindicatedthattheoverallglobalbusinesscontextisslightlymore risky,withrespondentsinmostregionsoftheworldsensinganincreasein themagnitudeofrisksandlackofmarketawareness.Keyobservationsareas follows:

• Mostexecutivesfeelthatuncertaintiesinbusinesssuchasregulatorychanges,successionchallenges,cyberthreats,anddisruptive innovationsareleadingtomorecomplexrisksthataffectexisting operations.

• Boardsofdirectorstendtodelegateriskoversighttoaboardcommittee,ratherthanretainingitforthefullboard.Toenhance effectivenessandefficiency,ortoaddressspecificregulatoryrequirements,riskoversightresponsibilitiescanbeallocatedtovariouscommitteesoftheboard(finance,strategy),althoughthefull boardofdirectorsshouldretaintheriskoversightresponsibilities.

• Mostorganizationsdonothaveasystemandcorrelatingprocessestablishedbetweenriskmanagementactivitiesandmanagementcompensationplans.Executiveshaveincentivestomeet short-termobjectivesandignoretheincreaseofriskexposure ifriskmanagementactivitiesandcompensationplansarenot aligned.

• Abouthalfoftheorganizationsengageinriskidentificationand riskassessmentprocesses.Organizationshaveestablishedrisk managementpoliciesandmaintainedriskinventories.Someorganizationsalreadyconsidertheriskappetitealignedwiththe riskprofileandriskexposureassociatedwithactivities.

• Someorganizationshavenotimplementedriskmanagementprocessesbecausetheyfeelthatthebenefitsofriskmanagementdo notexceedthecosts,especiallybecausethebenefitsofriskmanagementaccrueinthefuture,whereasthecostsareupfront.The costofmitigatingriskcanbehigh,butthecostoftheeffectof unmitigatedriskscanbeevenhigher.

LegislativeandRegulatoryDevelopments

TaxCuts&JobsAct

.13 TheTaxCutsandJobsAct(TCJA)wasenactedinDecember2017 andmadesomelargechangestoU.S.taxlaw.Thecorporateincometaxrate waspermanentlyloweredto21%.TCJAeliminatedthecorporatealternative

5 Seethereportontheresultsofthesurvey, 2019:TheStateofRiskOversight,atwww.aicpa.org/ interestareas/businessindustryandgovernment/resources/erm.html.

minimumtax(AMT)andloweredtheindividualincometaxratesthrough2025. Thenewtoprateis37%,from39.6%.Thelawkeepsthesamenumberofbracketsasundercurrentlaw.ItalsokeepstheindividualAMT,withahigherexemptionthanundercurrentlaw.

.14 Section199A,enactedintheTCJA,providesadeductionofupto20% of incomefromadomestictradeorbusinessoperatedasasoleproprietorship orthroughapartnership,Scorporation,trust,orestatethroughDecember31, 2025.Section199Awasenactedtoproviderelieftosmallbusinessesthatdonot operateasCcorporationsanddidnotbenefitfromthecorporateincometax ratededuction.FinalregulationswereissuedinJanuary2019thatprovided additionalguidanceonSection199A.

.15 FASBreviseditsoriginalproposalonincometaxdisclosurerequirements duetotaxreform.Therevisedproposal,ProposedAccountingStandardsUpdate(Revised)— IncomeTaxes(Topic740):DisclosureFramework— ChangestotheDisclosureRequirementsforIncomeTaxes,wouldrequireadditionalforeignanddomesticdisclosuresofpretaxincome(orloss)fromcontinuingoperationsandbeforeintra-entityeliminations,andotherdisaggregated disclosureofincometaxexpense(orbenefit)fromcontinuingoperationsand incometaxpaid.Theproposalalsorequirespublicentitiestodiscloseunrecognizedtaxbenefits,valuationallowancerecognized,andtaxcarryforwards.As theseareonlyproposedchangesandstillsubjecttochange,readersareencouragedtoreadthefullguidanceissuedbyFASBwhenavailable.

InspectionsofBroker-Dealers

.16 ThePCAOBissuesanannualreportontheinteriminspectionprogram forbroker-dealers.Inthereport,thePCAOBconductsinspectionstoassessfirms'compliancewithapplicablelaws,rules,andprofessionalstandards whenperformingauditandattestationengagementsforbroker-dealers.Althoughengagementsofbroker-dealersareinspectedbythePCAOB,thefindingsaresimilartothoseofpeerreviewinspections.Auditorsmayusethese findingstoensuretheyarefollowingalltheapplicableguidancewhenperformingauditandattestengagements.

.17 OnAugust20,2019,thePCAOBreleasedthe2019 Annual Reporton theInterimInspectionProgramRelatedtoAuditsofBrokersandDealers.This reportincludesobservationsfromthePCAOB'sinspectionsduring2018,insightsintoapplicablestandards,andexamplesofeffectiveprocedures.Italso includesinformationabouttheselectionoffirmsandengagementsforinspectionandhistoricalresults.ThePCAOBisconsistentlyusingbothrisk-based andrandomselectionmethodstoaddressdeficienciesandindependencefindingsitdiscoveredduringitsfirminspectionin2018.Thedeficienciesnotedby thePCAOBprimarilyconsistofconcernsaboutthenetcapitalrule,thecustomerprotectionrule,revenue,fraudrisk,relatedpartytransactions,financial statementpresentationanddisclosure,receivablesandpayables,andfairvalue measurements.

AuditandAttestationIssuesandDevelopments

• Developingacomprehensiveexaminationforlicensure

• Establishingauditingstandardsfornonpublicentities

• Supportingfirmswitheducationalguidance,tools,resources,and implementationmaterials

• Monitoringthequalityofperformancewhilerequiringappropriateremedialactionwhereneeded

• EstablishingandenforcingtheAICPACodeofProfessionalConduct(thecode)

.19 In2015,theAICPAissued EnhancingAuditQuality—A6-PointPlan toImproveAudits. 6 Thisplanisaroadmapofcontinueddevelopmentofthe professiondesignedtoenhanceauditqualityinanincreasinglycomplexbusinessenvironment.TheEnhancingAuditQualityinitiative(EAQ)takesadatadrivenapproach.TheAICPAcollectsauditdatafromvarioussources,analyzingdatatouncoverauditqualitytrends.Next,ittakestargetedactions,suchas reviewingauditingstandards,toidentifywhereclarificationisneededandraisingawarenessamongauditorsandauditees.Basedonitsresearch,theAICPA thendevelopsfreetoolsandresourcessuchaspracticeaids,websites,articles, andtoolkits.

.20 ThefollowingareEAQareasoffocusfor2019.

.21 Internalcontrol. Failuretogainanunderstandingofanentity'sinternalcontroloverfinancialreportingisthemostcommonnoncomplianceissue withAU-Csection315andAU-Csection330, PerformingAuditProceduresin ResponsetoAssessedRisksandEvaluatingtheAuditEvidenceObtained.The understandingofinternalcontrolassiststheauditorindesigningandimplementingproceduresforriskassessment.Withoutproperunderstanding,the auditormaynotbeabletoidentifyriskassociatedwiththeclient'sinternal control,regardlessofthesizeoftheentity.

.22 Auditorssometimesdefaulttocontrolriskassessmentsatthemaximumlevelwithoutgaininganunderstandingoftheclient'sinternalcontrol. ThisisnotpermittedunderAU-Csection315,evenwhentheauditordoesnot intendtorelyoncontrols.Commonmisstepsthathavebeenidentifiedinclude thefollowing:

• Assumingtheclienthasnocontrols

• Notunderstandingwhichcontrolsarerelevanttotheaudit

• Stoppingafterdeterminingwhethercontrolsexist

• Defaultingcontrolriskassessmenttoacertainlevelwithoutevaluatingthedesignandimplementationofcontrols

• Failingtodesignandperformfurtherauditproceduresthateffectivelymitigateidentifiedrisksofmaterialmisstatement

.23 Becauseofthenatureandimportanceofinternalcontrol,auditors shouldfocusonavoidingthesemisstepsandobtainathoroughunderstanding ofinternalcontrolandperformappropriateproceduresinpractice.

.24 Riskassessment. Riskassessmentisakeyelementofanauditin accordancewiththestandards,anditunderliestheentireauditprocessin

6 www.aicpa.org/advocacy/state/downloadabledocuments/eaq-6-point-plan-to-improve-audits .pdf

identifying,assessing,andrespondingtorisksofmaterialmisstatement.However,arecentsurveyofpeerreviewersindicatedoverhalfof400auditswere noncompliantwiththeriskassessmentstandard.Themisconceptionthatthe auditorcanperformaqualityauditwithoutproperlyconsideringtheclient's risksofmaterialmisstatementisthedriverofnoncompliancewithprofessional standards.

.25 ProfessionalstandardsrelevanttoriskassessmentincludeAU-Csection 300,AU-Csection315,andAU-Csection330.Riskassessmentprocedures aredesignedtogatherandevaluateinformationabouttheclientandarenot specificallydesignedassubstantiveproceduresorastestsofcontrols.These proceduresmayincludecheckingwhethercorporateculture,digitaldisruption, cybersecurity,andotherkeyissuesareadequatelyconsideredintheentity's riskoversight,aswellasassessingthecomponentsandmaturityoftheentity'scyberriskassessment.Intoday'sdisruptiveenvironment,developinga dynamicauditplanbasedonthecurrentyear'sriskassessmentiskeytoa successfulaudit.

.26 Auditingaccountingestimates.Auditingaccountingestimatesof credit losses,leases,andrevenuerecognitionbecomesmorechallengingfollowingtherecentupdatesoftherelevantaccountingstandards.

.27 Threeofthebiggestchallengesareasfollows:

• Determiningwhethertheassumptionsunderlyingthoseestimatesarereasonable.Thisrequirestheapplicationofprofessional skepticismandmayincludetestingwhethertheunderlyingdata iscomplete,accurate,andrelevant.

• Understandingtherelationshipbetweenaccountingestimates andinternalcontrol.Reviewofaccountingestimatesbymanagementisanimportantprocedureforinternalcontroloverfinancial reporting.Athoroughunderstandingofwhatmanagementdoes whenreviewingaccountingestimateshelpstheauditorassessthe riskofmaterialmisstatementsrelatingtoaccountingestimates.

• Understandingthedatausedtodeveloptheaccountingestimates, especiallywhenathird-partyspecialistisinvolved.Itisessential fortheauditortoevaluateifthecompanyusedinformationappropriatelyandwhetheritprovidessufficientappropriateevidence. Itisalsoessentialfortheauditortounderstandtheprocessof gatheringtheinformationandanycontrolsoverthatprocessand totesttheaccuracyandcompletenessofthedataprovidedtothe specialist.

Theauditorshouldevaluatetheresultsofauditproceduresperformedonaccounting estimates,andidentifywhetherindicatorsofpossiblemanagement biasexist.

.28 Documentation. TheAICPAPeerReviewProgramhasfoundthat alackofdocumentationisthemostcommoncauseofmaterialnoncompliance withprofessionalstandardsinaudits.AU-Csection230, AuditDocumentation, containstheoveralldocumentationrequirements,andotherAU-Csectionsincludeincrementalspecificrequirements.Commonmisstepsincludedocumentationthatdoesn'tlinktheriskassessmentproceduresperformedwiththeproceduresperformedinresponsetotheassessedriskofmaterialmisstatement andtheresultsofthoseprocedures,andtheauditevidenceobtained.Theauditprogramsignoffmaymeetpartofthespecificrequirements;however,itis

insufficienttomeettheoverallrequirementsofthestandard.Gooddocumentationenablesanexperiencedauditortounderstandthefollowing:

• Thenature,timing,andextentofproceduresperformed.Theauditorshouldrecordthecharacteristicsofthespecificitemstested, whoperformedtheauditworkandwhensuchworkwascompleted,whoreviewedtheauditwork,andthedateandextentof review.

• Theresultsofthoseproceduresandevidenceobtained. Foraudit proceduresrelatedtotheinspectionofsignificantcontractsor agreements,theauditorshouldincludeabstractsorcopiesofthose agreementsintheauditdocumentation.

• Anysignificantfindings,issuesidentified,orprofessionaljudgmentsmade.Theauditorshoulddocumentdiscussionsofsignificantfindingsorissueswithmanagement,thosechargedwithgovernance,andothers,includingthenatureofsuchdiscussionand whenandwithwhomthediscussiontookplace.

.29 Auditdocumentationistheevidenceoftheauditor'sbasisforconclusioninanauditreport.ItisalsoevidencethattheauditwasplannedandperformedinaccordancewithGAASandapplicableregulatoryrequirements.Oral explanationbytheauditordoesnotrepresentsufficientappropriateevidence oftheworktheauditorperformedorconclusionsreached;however,itmaybe usedtoexplainorclarifyinformationcontainedintheauditdocumentation.

HelpDesk: Foradditionalinformationondocumentation,pleasevisit www.aicpa.org/documentationforfreeresources,includingaworkingpaper template,FAQs,anInternalInspectionaid,andstafftrainingmaterial.

ContacttheAICPAA&AHotlinewithquestionsat877.242.7212.

.30 Systemandorganizationcontrols(SOC).7 SOCengagementsare asuiteofserviceofferingsCPAscanprovideinconnectionwithsystem-level controlsofaserviceorganizationorentity-levelcontrolsofotherorganizations. SOCforCybersecurityisthemostrecentadditiontotheSOCsuiteofservices.

.31 Manyorganizationsfunctionmoreefficientlyandprofitablybyoutsourcingtasksorentirefunctionstootherorganizations(orserviceorganizations)thathavethepersonnel,expertise,equipment,ortechnologytoaccomplishthesetasksorfunctions.Asareminder,organizationsthatusetheservices ofserviceorganizationsareknownas userentities.Whenauserentityengages aserviceorganizationtoperformcontractactivitiesonbehalfoftheuserentity, theuserentityexposesitselftoadditionalrisksrelatedtotheserviceorganization'ssystem.Toassesstherisksassociatedwithanoutsourcedservice,managementoftheuserentityneedsinformationabouttheserviceorganization's controlsoveritssystemusedtoprovidetheservices.Forinstance,management ofauserentitymayasktheserviceorganizationforaserviceauditor'sreport

7 In2017,theAICPAintroducedthetermsystemandorganizationcontrols(SOC)torefertothe suiteofservicespractitionersmayproviderelatingtosystem-levelcontrolsofaserviceorganization andsystemorentity-levelcontrolsofotherorganizations.Formerly,SOCreferredtoserviceorganizationcontrols.Byredefiningthatacronym,theAICPAenablestheintroductionofnewinternal controlexaminationsthatmaybeperformed(a)forothertypesoforganizations,inadditiontoservice organizations,and(b)oneithersystem-levelorentity-levelcontrolsofsuchorganizations.

onadescriptionoftheserviceorganization'ssystemandthedesignandoperatingeffectivenessofcontrolsovertheserviceorganization'ssystem.Obtaining aserviceauditor'sreportfromaserviceorganizationprovidesmanagementof theuserentitywithinformationthatmaybeusefulinassessingriskwhencarryingoutitsvendoroversightandduediligence.ASOC1® reportaddresses internalcontrolsrelevanttoanauditofaserviceorganization'sclient'sfinancialstatements.ASOC2® reportaddressesaserviceorganization'scontrols thatarerelevanttoitsoperationsandcompliance.Duetothedifferencesin scopeandpurposebetweenSOC1andSOC2reports,therelatedriskconsiderationsandcontrolsthataddressidentifiedrisksaredifferent,aswell.Fora SOC1report,theriskconsiderationswouldfocusonrisksaffectingthecompletenessandaccuracy(integrity)offinancialdata;however,inaSOC2report, theriskconsiderationsmightcovertherisksoflossorunauthorizedaccessto systemsanddata.

.32 FivekeycomponentsthatareassessedinaSOC1orSOC2engagementareasfollows:

• Infrastructure.Thephysicalstructures,IT,andotherhardware

• Software.TheapplicationprogramsandsupportingITsystem software

• People.Thepersonnelinvolvedinthegovernance,operation,and useofasystem

• Processes.Theautomatedandmanualprocedures

• Data.Transactions,files,databases,andoutputofthesystem

HelpDesk: ForadditionalinformationonSOCforCybersecurity, pleasevisittheAICPASOCforCybersecuritywebsiteatwww.aicpa .org/interestareas/frc/assuranceadvisoryservices/aicpacybersecurity initiative.html.

EmergingTechnologies:WhatPractitionersNeedtoKnow

Introduction

.33 Newtechnologiesareevolvingatanexponentialrate.Thisevolutionisdirectlyaffectingtheaccountingprofessionandcreatingdisruptionon severallevels.Recenttechnologicaladvancesofferbothchallengesandopportunitiesthatwillchangethewaypractitionersoperateintotheforeseeable future.Evolvingtheauditofthefuturetowardreal-timeauditingthrough adata-drivenapproachusingnewtechnologiesanddataanalyticswillhelp maintainandenhancetherelevanceandvalueoftheauditprofession.Underpinningtheachievementofthisevolutionaretechnologiessuchasblockchain, artificialintelligence,androboticprocessautomation.Thesetechnologiesmay enablethepractitionertoperformreal-timereporting,real-timeanalysis,and havecontinuousaccesstodata.Asstatedinthearticle,"Blockchain,machine learning,andafutureaccounting"intheAugust2018issueofthe JournalofAccountancy, "Whenyoucombinemachinelearningandblockchain,yougetnothingshortofatechnologicalrevolution.It'spossibletoenvisionaworldwhere accountingandauditinghappeninrealtime,withallrelevantpartiesbeing informedeverystepoftheway—atruecontinuousaudit."

HelpDesk: Foradditionalinformationonhowemergingtechnologieshave aneffectontheaccountingprofession,seethe JournalofAccountancy article,"Blockchain,machinelearning,andafutureaccounting"online athttps://www.journalofaccountancy.com/newsletters/2018/aug/blockchainmachine-learning-future-accounting.html.

Inaddition,forinformationonhowsmallbusinessesareusingcontinuousauditingtechnology,seethe JournalofAccountancy article,"Highlightsofinternalauditresearch"(July1,2019)athttps://www.journalof accountancy.com/issues/2019/jul/internal-audit-research.html.

TheFutureAudit:MovingTowardReal-TimeAuditingWitha Data-DrivenApproach

.34 Auditingiscurrentlyatacriticaljuncture.Specifically,advancesin technology,inconjunctionwithreal-timeapproachestoconductingbusiness, arechallengingtheauditingprofession.Giventherecentadvancesinbusiness technologies,itistimetoconsiderwhetherthewaytheauditorauditshistorical financialinformationcontinuestobeappropriate.Instead,real-timesolutions maybemoresuitable. Continuousauditing isamethodologythatenablesauditorstoprovideassuranceonasubjectmatterforwhichanentity'smanagement isresponsiblebyusingacontinuousopinionschemaissuedvirtuallysimultaneouslywithorwithinashortperiodoftimeaftertheoccurrenceofevents underlyingthesubjectmatter.Althoughtheconceptofcontinuousauditingis notnewandhasbeenafocusforfirmsforseveralyears,theemergenceofnew technologiesmaymakethisareality.

.35 Traditionalauditinghaschangedconsiderablyasaresultofchanges intechnology,includingmoreadvancedenterpriseresourceplanningsystems, increaseduseofonlinetransactionswithbothcustomersandsuppliers,theuse ofthecloud,andtherapidexpansionofdataavailableforusebymanagement andauditors.Inaddition,theclient'suseoftechnologiessuchasblockchain, artificialintelligence,androboticprocessautomationaffectstheoverallaudit approach.Itisimportantthatpractitionersunderstandthesenewtechnologies soonerratherthanlater.Thecontinuouslyevolvingtechnologylandscapeleads toavarietyofauditchallengesthatcompoundovertime.However,thesenew technologiesalsocreateopportunitiesfortheintroductionofinnovativeaudit toolsandmethodologies,especiallyasfinancialsystemshavemovedtowarddecentralization,distribution,onlineposting,real-time(oratleastdaily)closing ofthebooks,andpaperlessrecordkeeping.

.36 Firmsthatsuccessfullyexploreuseofcomputer-assistedaudittools mayeventuallyconsidermoreadvancedprogramsthatcontainfunctionalities resemblingtheauditofthefuture.Theauditprocessesneedtobedesignedfrom thestarttomakeoptimaluseoftoday'stechnologytoenableauditorstoprovide themosteffectiveandefficientservicepossiblewithintheboundsofeconomic viability.Manyoftoday'sauditprocedurescanbedeconstructedintotasksthat canbeperformedwhereverismosteffective.Cloudcomputingisoneexample ofhowtasksaredeconstructedintoseparateprocessesthatmigrateoverthe internettowheretheycanbeperformedmosteffectively.Itispossiblewith today'stechnologytocontinuouslymonitor100%ofanentity'stransactionsin almostrealtimeoratleastatfrequentintervals.Thisabilitymaybeusedto

assesstheoperatingeffectivenessofautomatedinternalcontrolsortoperform substantivetests.

HelpDesk: Foradditionalinformationonthefutureofauditsandcontinuous auditing,seetheAICPApublication, AuditAnalyticsandContinuousAudit: LookTowardtheFuture.

Thisbookisacompendiumofessayswrittenbydifferentsubjectmatterexpertsthatexpandsuponthe1999CICAandAICPAresearchreporttodiscuss topicssuchasauditanalytics,thetheoryofmoderncontinuousassurance,the currentstateofcontinuousauditingandcontinuousmonitoring,theevolution ofauditingandwhatthefuturecouldlooklike,andcontinuousriskmonitoringtechniques.

Goonlinetohttps://www.aicpa.org/interestareas/frc/assuranceadvisory services/continuousassuranceworkinggroup.htmlformoreinformation.

AuditDataAnalytics

.37 Datascienceandrelatedtechnologieshaveadvancedenormouslyin recentyears,incorporatingtheories,techniques,andsoftwareapplicationsfrom manyfields,includingdataanalysis;businessintelligence;mathematicsand probability;statisticallearning,includingpatternrecognition;datavisualization;gamification;bigdataanalytics;andtextandprocessmining. Auditdata analytics isthescienceandartofdiscoveringandanalyzingpatterns,identifyinganomalies,andextractingotherusefulinformationindataunderlying orrelatedtothesubjectmatterofanauditthroughanalysis,modeling,and visualizationforthepurposeofplanningorperformingtheaudit.Auditdata analyticshasthepotentialtotransformthewayfinancialstatementaudits areconducted,makingthemsignificantlymoreeffectiveandpossiblymoreefficient.Theemphasisofintroducingtechnologytotheauditprocesshasbeen onimprovingbotheffectivenessandefficiency.Althougheffectivenesshasimproved,therehasnotbeenthequantumleapthattechnologyhasthepotential toenable.Asstatedinthearticle,"WhatI'velearnedbuildingablockchainbusiness,"fromtheAugust2019issueofthe JournalofAccountancy,"Asauditors andaccountants,wecannowgatherandverifyinformationinrealtime,which furtherenablesimprovedtransparencyandbetterdataforanalyticsandbusinessdecisions.OurrolesasCPAswillnotgoaway,buttheywilllikelychange significantly."

.38 Whatisdifferentnowisthatrecentadvancesinfundamentaldata science,vastincreasesincomputerpower,andaccesstohugeamountsofdata andinformationhaveconvergedtoprovideanenvironmentripefordataanalyticsthatcan,andis,transformingindustries.Thekeyforauditorsnowisto leveragethesecapabilitiestoincreasetheeffectivenessandefficienciesintheir auditprocesses.

HelpDesk: Foradditionalinformationonfirst-handexperiencesfrom accountingfirms,financedepartments,andothersputtingcutting-edge technologiestoworktoday,seethe JournalofAccountancy article, "WhatI'velearnedbuildingablockchainbusiness"(August1,2019). Onlineathttps://www.journalofaccountancy.com/issues/2019/aug/blockchainservices-jagruti-solanki-cpa.html

Foradditionalinformationondataanalytics,seetheAICPA's GuidetoAudit DataAnalytics,whichisintendedtoencourageauditorstovoluntarilymake moreuseoftechnology-basedauditdataanalytics.Theuseofauditdataanalyticshasthepotentialtoenhancetraditionalauditprocedures,contribute toeveryphaseoftheaudit,andofferanewwayofvisualizingandanalyzing results.

Theguideincludesvariousillustrativeexamplesdetailinghowauditdata analyticscanbeusedthroughoutthefinancialstatementaudit.

Goonlinetowww.aicpa.org/interestareas/frc/assuranceadvisoryservices/ auditdataanalyticsguide.htmlformoreinformation.

Inaddition,theAICPAAssuranceServicesExecutiveCommittee(ASEC) EmergingAssuranceTechnologiesTaskForceestablishedtheAuditData StandardWorkingGrouptodevelopastandardizeddatamodelthatfacilitatestheuseofenhancedanalytics.Duringthefirstquarterof2019,two informationalvideoswerecreatedandpostedontheAICPAwebsitebythe workinggrouptopromotethedevelopmentanduseofauditdataanalytics andillustratehowithasthepotentialtotransformandinnovatethecurrent financialstatementaudit.

AuditDataStandardsandtheFinancialStatementAudit

ThisvideoshowcasestheAICPA'sAuditDataStandardsandsomeofthe otherprojectsandinitiativesgoingonintheareaofauditdataanalytics.

UpgradetheFinancialStatementAuditWithAuditDataAnalytics

ThisvideoillustrateshowPython,anopensourceprogramminglanguage, canbeusedtoapplytheAICPA'sAuditDataStandardformattingtoadata setandhowtodeveloproutinestofurtheranalyzetheAuditDataStandard standardizeddataset.

Toaccessthetwovideosandforadditionalinformationontheauditdata standards,seewww.aicpa.org/interestareas/frc/assuranceadvisoryservices/ auditdatastandards.html.

Blockchain

.39 Blockchainisanothertechnologythatislikelytosignificantlyaffect thewaypractitionersperformaudits.A blockchain isadigitalledgercreatedto capturetransactionsconductedamongvariouspartiesinanetwork.Itisapeerto-peer,internet-based,distributedledgerthatincludesalltransactionssince itscreation.Allparticipantsusingtheshareddatabaseare"nodes"connected totheblockchain,eachmaintaininganidenticalcopyoftheledger.Everyentry intoablockchainisatransactionthatrepresentsanexchangeofvaluebetween participants.

.40 Blockchaintechnologyoffersthepotentialtoaffectawiderangeofindustries.Themostpromisingapplicationsexistwhentransferringvalueorassetsbetweenpartiesthatarecurrentlycumbersome,expensive,andrequireone ormorecentralizedorganizations.Applicationsofblockchaintechnologyare beingimplementedinmanyindustries,includingsupplychains,healthcare, andfinancialservices.Blockchaintechnologyoffersanopportunitytostreamlinefinancialreportingandauditprocesses.Today,accountreconciliations,trial balances,journalentries,subledgerextracts,andsupportingspreadsheetfiles areprovidedtoanauditorinavarietyofelectronicandmanualformats.Each

auditbeginswithdifferentinformationandschedulesthatrequireanauditor toinvestsignificanttimewhenplanninganaudit.Inablockchainworld,theauditorcouldhavenearreal-timedataaccessviaread-onlynodesonblockchains. Thismayallowanauditortoobtaininformationrequiredfortheauditinaconsistent,recurringformat.However,acautionisnecessaryhere.Beforeauditors canuseinformationobtainedfromtheblockchain,auditprocedureswillneed tobeperformedtodeterminethereliability,accuracy,andcompletenessofthe informationcontainedontheblockchain;inotherwords,theauditorwillneed toaudittheblockchaintechnology.Applicationofhealthyprofessionalskepticismisnecessarytopreventundueoverrelianceonuntestedtechnology.Althoughtheauditprocessmaybecomemorecontinuous,auditorswillstillhave toapplyprofessionaljudgmentwhenanalyzingaccountingestimatesandother judgmentsmadebymanagementinthepreparationoffinancialstatements.In addition,forareasthatbecomeautomated,theywillalsoneedtoevaluateand testinternalcontrolsoverthedataintegrityofallsourcesofrelevantfinancial information.

.41 Manyunknownsstillexistwithrespecttohowblockchainwillaffect theauditandassuranceprofession,includingthespeedwithwhichitwilldoso. Blockchainisalreadyaffectingauditorsofthoseorganizationsusingblockchain torecordtransactions,andtherateofadoptionisexpectedtocontinuetoincrease.Inaddition,auditorsshouldbeawareofopportunitiestoleveragetheir clients'adoptionofblockchaintechnologytoimprovedatagatheringduringthe audit.Asstatedinthe JournalofAccountancy article,"Blockchain,machine learning,andafutureaccounting":"There'snogettingaroundthefactthat technologieslikeblockchainandmachinelearningarenolongeratinydoton thehorizon.Thefutureishere,andaccountingprofessionalsmustbewilling toadapt."

HelpDesk: Foradditionalinformationonwhatblockchaintechnologyis andhowitisaffectingtheprofession,seethewhitepaper,"Blockchain TechnologyandItsPotentialImpactontheAuditandAssuranceProfession,"onlineatwww.aicpa.org/interestareas/frc/assuranceadvisoryservices/ blockchain-impact-on-auditing.html

YoucanalsotakeCPEcoursesrelatedtoblockchaindevelopedbytheAICPA. VisittheAICPAStoreatwww.aicpastore.com/careerpersonaldevelopment/ blockchain-fundamentals-for-accounting-and-finance/prdovr∼pcwcblcf18001/pc-wcblcf18001.jsp.

Inaddition,searchforblockchainepisodesatourGoBeyondDisruptionpodcastseriesatwww.aicpa-cima.com/disruption.

ImplicationsoftheUseofBlockchainTechnologybyService OrganizationsonSOCforServiceOrganizationExaminations

.42 InAugust2018,theImplicationsofBlockchainonSOC1andSOC 2WorkingGroupwasformedunderthedirectionofASEC.Thepurposeof theworkinggroupistodevelopguidancetohelpserviceauditorsunderstand thetypicalrisksandotherrelatedconsiderationsassociatedwithperforming aSOC1orSOC2examinationforaserviceorganizationthatusesblockchain technology.

.43 Theguidancedocumentwilladdressanexaminationinwhichtheserviceauditorwillissueanopinionontheserviceorganization'ssystem,which

usesblockchaintechnology;itdoesnotaddressanexaminationofaspecific blockchainnetworkinaccordancewiththeattestationstandards.

HelpDesk: ReadersareencouragedtobeonthelookoutforthedocumentdevelopedbytheImplicationsofBlockchainonSOC1andSOC 2WorkingGrouponceitispublished.

DigitalAssets

.44 TheAICPAformedtheDigitalAssetsWorkingGroup,ajointworkinggroupundertheAICPA'sFinancialReportingExecutiveCommitteeand ASEC,withtheobjectiveofdevelopingguidanceforfinancialstatementpreparersandauditorswithafundamentalknowledgeofblockchaintechnology onhowtoaccountforandauditdigitalassetsunderU.S.generallyaccepted accountingprinciples(GAAP)andGAAS,respectively.Theworkinggroupis splitintotwosubgroups:onefocusingonaccountingtopics,andonefocusing onauditingtopics.

.45 Eachsubgroupisdevelopingaccountingandauditingpapersthatwill bepostedtoaicpa.org.Theformatofeachoftheaccountingandauditingtopics willvarybasedonthecontextnecessarytobeprovidedtothereader.Forexample,sometopicswillbeaddressedinquestionandanswerformat,whereas othersrequiringmorecontextwillbepresentedinanarrativeformat.

AccountingSubgroup

.46 TheAccountingSubgroupisfocusedondevelopingnonauthoritative guidanceonaccountingfordigitalassetsunderGAAP.Thescopeofthecontent willincludethosedigitalassetsthataredefinedbroadlyasdigitalrecordsmade usingcryptographyforverificationandsecuritypurposesonadigitaldecentralizedledger(referredtoasa blockchain)thatkeepsarecordofalltransactions thattakeplaceacrossablockchainnetwork.Theguidanceinthispaperwill notaddressthedifferentaccountingrequirementsthatmayresultfromdifferencesintherightsandobligationsalongwithotherfactorssuchascompliance withlawsandregulations.

.47 Althoughmanydifferenttermsaregenerallyusedinthedigitalasset ecosystem,akeyconceptisthattheaccountingtreatmentforadigitalasset willultimatelybedrivenbythespecificterms,form,underlyingrights,and obligationsassociatedwiththedigitalasset.

AuditingSubgroup

.48 TheAuditingSubgroupisfocusedondevelopingnonauthoritative guidanceonauditingfinancialstatementsinaccordancewithGAAS(nonauditattestengagementsarenotcurrentlycontemplated)thatincludedigitalassets.Thecontentforeachtopicgenerallywilladdressvariousparticipantsin thedigitalassetecosystem(forexample,entitiesthatholddigitalassets,custodiansorwalletcompanies,exchanges,fundsthatinvestindigitalassets,vendorsacceptingdigitalcurrency,andminers).Eachauditingtopicwillcoverthe relevantauditingstandards,applyingthosestandardswithinthedigitalasset ecosystem,challengesspecifictotheecosystem,andproceduresanauditormay considertoaddressthoseuniquechallenges.Althoughauditorindependence andethicalrequirementsshouldbeconsideredpriortotheperformanceof

acceptanceorcontinuanceproceduresforallengagements,suchconsiderations arenotwithinthescopeofthisguidance.

HelpDesk: Forinformationregardingindependenceandethics, seetheAICPACodeofProfessionalConductatpub.aicpa.org/ codeofconduct/ethics.aspx.

ArtificialIntelligence

.49 Artificialintelligence,orAI,isthescienceofteachingprogramsand machinestocompletetasksthatnormallyrequirehumanintelligence.Artificialintelligenceisakeytechnologicaldriverthatenablesthecontinuousauditanddataanalysis—itischangingthefutureoftheauditing.Advancesin artificialintelligencetechnologyareautomatingtasksthatpreviouslyonlyhumanscouldperform,includingaccounting,tax,andauditdatagathering.Entitiesareembracingthesetechnologicaladvancesanddevelopingnewskillsets. Theyaregettinginvolvedinbigdataanddataanalytics,includingtheuseofAI technology.Itpresentsanopportunitytoautomatesystemsthatinvolvelarge amountsofnumbersanddataandprovidenewservicestocustomers.Entities arealreadyusingAItoimproveauditprocessesandpredictiveanalytics.

.50 Asstatedinthearticle,"What's'critical'forCPAstolearninanAIpoweredworld"intheJune2019issueofthe JournalofAccountancy, Artificialintelligence—andthetechnologiesinandaroundtheAI space—wasoneofthetwokeyissuesattheheartofoureighth annualgatheringofaccountingtechnologyexperts.Alsotakingcenterstageduringthediscussion:education—specifically,thetypesof skillsaccountantsmustlearntoflourishinaworldwhereAI-powered algorithmsautomatetraditional,time-consumingtasksanddatapoweredanalyticsrevealnewinsightstothosewhocaninterpretthe numbers.

HelpDesk: ForadditionalinformationonhowAIisaffectingtheprofession, seethe JournalofAccountancy articles,"What's'critical'forCPAstolearn inanAI-poweredworld"(June1,2019)and"Whypatienceisimportantwith AI"(July1,2019)onlineatthefollowinglinks: https://www.journalofaccountancy.com/issues/2019/jun/critical-cpa-skills-forai-powered-world.html https://www.journalofaccountancy.com/issues/2019/jul/artificial-intelligencetechnology-roundtable.html

.51 Inaddition,theCharteredProfessionalAccountantsofCanadaand theAICPAdevelopedawhitepaper,"ACPA'sIntroductiontoAI:FromAlgorithmstoDeepLearning,WhatYouNeedtoKnow"tobeusedasafoundational resource.Itexplainsthebuzzwordsandtermsyouhavelikelybeenhearing;discussestheevolutionofdata,AI,andcomputingpower;andhelpsyoutobegin tothinkaboutAIandhowitmightaffectyourwork.FuturepublicationsdedicatedtoAIwillrefertothisresource,asitisthefirstofaplannedseriesof publicationstoexploreAIanditseffectontheCPAprofession.

HelpDesk: Foraccesstothewhitepaper,seethefollowinglink: www.aicpa.org/content/dam/aicpa/interestareas/frc/assuranceadvisory services/downloadabledocuments/cpas-introduction-to-ai-from-algorithms .pdf

.52 AsecondAIwhitepaperintheseriesisbeingdeveloped.Readersare encouragedtobeonthelookoutforthewhitepapertitle"TheData-DrivenAudit:HowautomationandAIarechangingtheauditandtheroleoftheauditor." ThiswhitepaperwillexplorewhatauditorscanexpectfromanAI-enabledauditintermsofbenefitsandhowtheauditandtheroleoftheauditorwillevolve.

.53 AlthoughAIpresentsopportunitiesforsignificantadvancesintheway thatauditsareperformed,auditorsshouldbeawarethatnewskillsandexpertisemayberequiredandtheauditorshouldnotplaceunduerelianceonAI.

RoboticProcessAutomation

.54 Roboticprocessautomationisacombinationofroboticsandprocess automation.Althoughroboticsisusedundertheartificialintelligencebanner, itdiffersfromartificialintelligencebecauseitdoesnotencompassmachine learning,itmerelyautomatesamanualprocess.Amachineperformsworkby itself,followingasetofrulesprogrammedviacomputer.Today,thistypeofautomationismuchmorewidelyused,suchasinthetransferofdataorsystems speakingtooneanother. Processautomation isavirtualizedrobotthatmanipulatesexistingapplicationsoftwareinthesamewaythatapersoncompletes theprocess.

.55 Asstatedinthearticle,"HowCPAscanprepareforauditinginthe future,"intheDecember2017issueofthe JournalofAccountancy: Roboticprocessautomation(RPA)isalreadyrevolutionizingtheworkplace,ascomputerstakeoverclericalchoresandaccountingtasks manyprofessionalswouldhappilyhandoff.

AutomatedbusinessprocessusingRPAnotonlyexpandsauditors'capacity,but alsointroducesnewriskstothecontrolenvironment.Therefore,designingnew testingapproachesisthenewchallengeforauditors.

.56 AsisthecasewithAI,roboticspresentsopportunitiesforsignificant advancesinthewaythatauditsareperformed;however,auditorsshouldbe awarethatnewskillsandexpertisemayberequiredandtheauditorshould notplaceunduerelianceonroboticprocessautomation.

HelpDesk: Foradditionalinformationonhowroboticprocessautomation ischangingthefutureofauditing,seethe JournalofAccountancy article, "HowCPAscanprepareforauditinginthefuture,"(December6,2017)atthe followinglink:

www.journalofaccountancy.com/news/2017/dec/auditing-in-the-future201717986.html

Foradditionalinformationonmachinelearning,seethe JournalofAccountancy article,"Therobotsarenotjustcoming,theyarealreadyhere,"(April 30,2018)atthefollowinglink:

www.journalofaccountancy.com/newsletters/2018/apr/robots-alreadyhere.html

.57 Asfirmsmoveinthedirectionofreal-timeauditingandimplement auditdataanalytics,astrongunderstandingoftheunderlyingtechnologies suchasblockchain,AI,androboticprocessautomation,whichenablethismove towardthefutureofauditing,mustbeobtained.Thefutureoftheauditing landscapeischangingatarapidpace,withtheultimategoalofimplementing moreeffectiveandefficientauditprocesses.Readersareencouragedtostayup todatewithrapidlychangingtechnologiesbyvisitingwww.aicpa.org/imta.

HelpDesk: Foradditionalinformationonemergingtechnologiesandtheeffectofthemovementtowardautomatedtasks,seethe JournalofAccountancy article,"RiseoftechrequiresCPAstotrustinhumanabilities,"(March25, 2019)atthefollowinglink:

https://www.journalofaccountancy.com/newsletters/2019/mar/tech-requirescpas-trust-human-abilities.html

Inaddition,theAICPA'sInformationManagementandTechnologyAssuranceSectionhasbeencarefullycraftedtosupportallmemberswhoofferassuranceservicesandinformationmanagementsupporttotheirclientsand decisionmakerswithintheirorganization.Youwillhaveaccesstoresources thatwillenableyoutounderstandhowtheuseofdataandreportingsystemscanleadtoimprovedbusinessdecisions.Inaddition,youwillbeina uniquepositiontogainunderstandingabouthowtechnicalskillsandfinancialacumencanbeusedtoevaluatetechnologyrisksinsupportofbusiness objectives.

Cybersecurity

.58 Maliciouscyberattacksagainstpublicandprivatecompaniesandvariousagenciesofthefederalgovernmenthavehighlightedthegrowingcybersecurityrisktoorganizationsofallsizes,inallsectors.Astrustedadvisers,CPAs playamultifacetedroleincybersecurityriskmanagement:

• Theyprotectclientandcustomerdata.Withcybersecurityattacks ontheriseandCPAfirmsofallsizeshavingadditionalriskdue tocentralizinginformationformanyclientsinasinglelocation, CPAfirmsmustincreasetheirawarenessofpotentialinternal risksandtakeproactivestepstosafeguardvaluableclientand customerinformation.

• Theyadviseclients.CPAs,especiallythosewithaspecializationin ITinternalcontrols,cansharetheirexpertiseandbestpractices withclientsandhelpthemaddressrisksassociatedwithcybersecurity.

• Theyprovideassurance.Astrustedbusinessadvisers,CPAswith cybersecurityspecializationexperienceareuniquelypositionedto provideanexaminationofanentity'scybersecurityriskmanagementprogramtohelpinstillconfidenceinanentity'seffortsto addresscybersecurityrisks.

HelpDesk: AnewAICPAattestationguide, ReportingonanEntity'sCybersecurityRiskManagementProgramandControls,hasbeendevelopedto assistpractitioners.Itisavailableatwww.aicpastore.com.

AdditionalresourcesarealsoavailableattheAICPACybersecurityResource Centeratwww.aicpa.org/interestareas/frc/assuranceadvisoryservices/pages/ cyber-security-resource-center.aspx.

AuditingStandardsBoard

AuditorReportingandAmendments,IncludingAmendments AddressingDisclosuresintheAuditofFinancialStatements

.59 InMay2019,theAuditingStandardsBoard(ASB)issuedStatement onAuditingStandards(SAS)No.134, AuditorReportingandAmendments,IncludingAmendmentsAddressingDisclosuresintheAuditofFinancialStatements,aimedatenhancingtherelevanceandusefulnessoftheauditor'sreport.

SASNo.134replacesAU-Csections700, ForminganOpinionandReporting onFinancialStatements;705, ModificationstotheOpinionintheIndependent Auditor'sReport;and706, Emphasis-of-MatterParagraphsandOther-Matter ParagraphsintheIndependentAuditor'sReport.SASNo.134introducesanew section,AU-Csection701, CommunicatingKeyAuditMattersintheIndependentAuditor'sReport. SASNo.134,whichalsoamendsvariousotherAU-Csections,addressestheauditor'sresponsibilitytoformanopiniononthefinancial statementsandtheformandcontentoftheauditor'sreportissuedasaresult ofanauditoffinancialstatements.Italsoaddressestheauditor'sresponsibilities,andtheformandcontentoftheauditor'sreport,whentheauditorconcludesthatamodificationtotheauditor'sopiniononthefinancialstatementsis necessary,andwhenadditionalcommunicationsarenecessaryintheauditor's report.

.60 SASNo.134wasdevelopedinconsiderationofthefollowingissues:

• Althoughusersvaluethe"pass/fail"natureoftheauditor'sopinion,theywouldliketheauditor'sreporttoprovidegreatertransparencyintotheaudit.

• Userswouldliketheauditor'sreporttoincludemoreinformation aboutareaswithhigherassessedrisksofmaterialmisstatement, areasthatinvolvesignificantjudgmentbymanagementandthe auditor,andareasthatrelatetosignificanteventsortransactions.

• Toaddressthelong-standing"expectationsgap,"usersandother stakeholderswouldliketheauditor'sreporttoexpandthedescriptionsoftheauditor'sresponsibilitiesinfinancialstatementauditingandmanagement'sresponsibilitiesinfinancialstatement preparation.

.61 SASNo.134isdesignedtoenhancethecommunicativevalueofthe auditor'sreportandalignGAASwiththestandardsissuedbytheIAASBand PCAOB.SASNo.134willbenefitusersofauditedfinancialstatementsbyplacingtheauditor'sopinionatthefrontofthereportforaddedvisibilityandprovidingnecessarytransparencyintothebasisfortheauditor'sopinionandthe responsibilitiesofbothentitymanagementandauditors.

.62 SASNo.134requiresthatthe"Opinion"precedethe"BasisforOpinion" sectionintheauditor'sreport,andthe"BasisforOpinion"sectionshould includeastatementthattheauditorisrequiredtobeindependentoftheentityandtomeettheauditor'sotherethicalresponsibilities.Keychangesmade inregardtoAU-Csection700includeenhancementofauditorreportingrelatingtogoingconcern.Also,adescriptionoftheauditor'sresponsibilitieshas beenexpanded.Theseresponsibilitiesincludeprofessionaljudgmentandprofessionalskepticism,andtheauditor'scommunicationwiththosechargedwith governance.

.63 AU-Csection701addressestheauditor'sresponsibilitytocommunicate keyauditmatters(KAMs)intheauditor'sreportwhentheauditorisengagedtodosounderthetermsoftheengagement.GAASdoesnotrequirethe communicationofKAMs.WhenengagedtoincludeKAMs,AU-Csection701 addressesboththeauditor'sjudgmentaboutwhattocommunicateintheauditor'sreportandtheformandcontentofsuchcommunicationofKAMs.

.64 AU-Csection705alignstheformandcontentofthereportwiththe changesinAU-Csection700whentheauditorconcludesacleanauditor'sopinioninaccordancewithAU-Csection700isnotappropriate(qualified,adverse, ordisclaimerofopinion).AU-Csection705doesnotchangetheexistingrequirementsregardingcircumstancesinwhichamodificationoftheauditor's opinionisrequiredandfordeterminingthetypeofmodificationtotheauditor's opinion.

.65 AU-Csection706addressesadditionalcommunicationsintheauditor'sreport(emphasis-of-matterandother-matterparagraphs).Thissection clarifiestherelationshipbetweenemphasis-of-matterparagraphsandthecommunicationofKAMs.WhenAU-Csection701applies,theuseofanemphasisof-matterparagraphisnotasubstituteforincludingthematterintheKAM sectionifthemattermeetsthedefinitionofKAM.Thissectionalsorequiresthe auditortousetheappropriateheadingfortheemphasis-of-matterparagraph.

.66 SASNo.134alsocontainsotheramendmentstocertainAU-Csections:

• AmendsAU-Csection260, TheAuditor'sCommunicationWith ThoseChargedWithGovernance.Theseamendmentsrequirethe auditortocommunicatewiththosechargedwithgovernance aboutcircumstancesthataffecttheformandcontentoftheauditor'sreport.Theamendmentsalsoincludeapplicationmaterial thatprovidesexamplesofmattersforwhichcommunicationwith thosechargedwithgovernancemaybeimportantpriortoissuance oftheauditor'sreport.

• AmendsAU-Csection210, TermsofEngagement.Theamendmentsmodifytheapplicationmaterialrelatingtotheformand contentoftheengagementletterandtheexampleauditengagementlettertobeconsistentwiththechangestotheelementsof theauditor'sreportinAU-Csection700.

• AmendsAU-Csection570, TheAuditor'sConsiderationofanEntity'sAbilitytoContinueasaGoingConcern.Newamendments requireaseparatesectionintheauditor'sreportwhensubstantialdoubtabouttheentity'sabilitytocontinueasagoingconcern exists(orhasevenbeenalleviatedbymanagement'splans),but thefinancialstatementsdonotadequatelydisclosethismatter.

• AmendsvariousAU-Csectionstofocusauditorattentionondisclosuresthroughouttheauditprocessandtoenhanceapplication materialtoassistauditorsinaddressingchallengesarisingfrom theevolvingnatureofdisclosures.

.67 SASNo.134becomeseffectiveforauditsoffinancialstatementsfor periodsendingonorafterDecember15,2020.Earlyimplementationisnot permitted.

HelpDesk: NewSASs,includingSASNo.134,areavailableforauditorstoreadandconsiderinordertoadequatelyprepareforimplementation.TheycanbeviewedonAICPA'swebsiteunderrecentlyissued standards.

OmnibusStatementonAuditingStandards—2019

.68 InMay2019,theASBissuedSASNo.135, OmnibusStatementon AuditingStandards—2019.SASNo.135isintendedtoalignASBguidance morecloselywiththatofthePCAOB.TheomnibusSASincludesamendments toAU-Csection550, RelatedParties;AU-Csection240, ConsiderationofFraud inaFinancialStatementAudit;andAU-Csection260.

.69 TheamendmentstoAU-Csection550addoramendrequirements andapplicationmaterialwithafocusonrelatedpartiesandrelationshipsand transactionswithrelatedparties.Theamendmentaccomplishesthefollowing:

• Enhancesrequirementstoidentifypreviouslyunidentifiedor undisclosedrelatedpartiesorsignificantrelatedpartytransactions

• Enhancestheauditor'sresponsetotherisksofmaterialmisstatementassociatedwithrelatedpartyrelationshipsandtransactions,includingprocedurestotesttheaccuracyandcompleteness oftherelatedpartyrelationshipsandtransactionsidentifiedby theentity,takingintoaccounttheinformationgatheredduring theaudit

• Providesapplicationmaterialregardingtheenhancedrequirementsaswellasadditionalexamplesofsignificantrelatedparty findingsandissuesthatmaybecommunicatedtothosecharged withgovernance

.70 SASNo.135incorporatesmaterialfromthePCAOB'sAuditingStandard(AS)1301 8 intoAU-Csection260.Theamendmentsrequiretheauditor tocommunicatewiththosechargedwithgovernancetheauditor'sreviewsof policiesandpracticesthatmanagementusestoaccountforsignificantunusual transactionsandtheauditor'sunderstandingofthebusinesspurposeforsignificantunusualtransactions.Theamendmentsalsoaddrequirementstocommunicatethepotentialeffectsofuncorrectedmisstatementsonfutureperiod financialstatementsunderaudit.

.71 TheamendmentstoAU-Csection240includetheterm significant unusualtransactions andaddrequirementsrelatedtothepotentialexistence

8 AllASsectionscanbefoundin PCAOBStandardsandRelatedRules.

ofthosetransactions.SASNo.135defines significantunusualtransactions as "significanttransactionsthatareoutsidethenormalcourseofbusinessforthe entityorthatotherwiseappeartobeunusualduetotheirtiming,size,ornature."Thisamendmentaddsrequirementsforbasicproceduresforobtaining informationforevaluatingsignificantunusualtransactions,andguidanceand conformingchangesrelatedtosignificantunusualtransactions.Aspartofthe existingrequirementtoaddresstheriskofmanagementoverrideofcontrols, SASNo.135requirestheauditortoevaluatewhetherthebusinesspurpose(or lackthereof)ofsignificantunusualtransactionssuggeststhattheymayhave beenenteredintotoengageinfraudulentfinancialreportingortoconcealmisappropriationofassets.Theproceduresshouldincludethefollowing:

• Readingtheunderlyingdocumentationandevaluatingwhether thetermsandotherinformationaboutthetransactionareconsistentwithexplanationsfrominquiriesandotherauditevidence aboutthebusinesspurpose(orlackthereof)ofthetransaction

• Determiningwhetherthetransactionhasbeenauthorizedand approvedinaccordancewiththeentity'sestablishedpoliciesand procedures

• Evaluatingwhethersignificantunusualtransactionsthattheauditorhasidentifiedhavebeenproperlyaccountedforanddisclosed inthefinancialstatements

.72 TheSASbecomeseffectiveforauditsoffinancialstatementsforperiods endingonorafterDecember15,2020.Earlyimplementationisnot permitted.

ForminganOpinionandReportingonFinancialStatementsof EmployeeBenefitPlansSubjecttoERISA

.73 InJuly2019,theASBissuedSASNo.136, ForminganOpinionand ReportingonFinancialStatementsofEmployeeBenefitPlansSubjecttoERISA (AU-Csec.703),toaddresstheauditor'sresponsibilitytoformanopinionon thefinancialstatementsofemployeebenefitplanssubjecttotheEmployeeRetirementIncomeSecurityActof1974(ERISA).Italsoaddressestheformand contentoftheauditor'sreportissuedasaresultofanauditofERISAplan financialstatements.

.74 ThisSASappliestoanauditofacompletesetofgeneralpurposefinancial statementsofemployeebenefitplanssubjecttoERISA.Althoughall AU-Csectionsapply,thisSASaffectstheguidanceincertainAU-Csections. Therefore,thefollowingAU-CsectionsarenotapplicabletoanauditofERISA planfinancialstatements:

• AU-Csection700

• Paragraph.09ofAU-Csection725, SupplementaryInformation inRelationtotheFinancialStatementsasaWhole

.75 ThenotablechangesofSASNo.136includetheamendmentsofSAS No.119, SupplementaryInformationinRelationtotheFinancialStatementsas aWhole;varioussectionsinSASNo.122, StatementsonAuditingStandards: ClarificationandRecodification,asamended;andSASNo.132, TheAuditor's ConsiderationofanEntity'sAbilitytoContinueasaGoingConcern.SASNo. 136includesnewrequirementsforauditsofERISAplanfinancialstatements relatedtothefollowing:

• Engagementacceptance. SASNo.136addsrequirementsinadditiontothosealreadyinAU-Csection210fortheauditortoobtain theagreementofmanagementthatitacknowledgesandunderstandsitsresponsibilityrelatedtothefinancialstatements.

• Auditriskassessmentandresponse.SASNo.136requirestheauditortoobtainandreadthemostcurrentplaninstrumentforthe auditperiod,andwhendesigningandperformingauditprocedures,theauditorshouldconsiderrelevantplanprovisionsthat affecttheriskofmaterialmisstatement.

• Communicationswiththosechargedwithgovernance.Theauditor shouldcommunicateinwritingtothosechargedwithgovernance, onatimelybasis,reportablefindingsfromtheauditprocedures performed.

• SpecialprovisionsforERISASection103(a)(3)(C)audits.When managementelectstohaveanERISASection103(a)(3)(C)audit, theauditorshouldevaluatemanagement'sassessmentofwhether theentityissuingthecertificationisaqualifiedinstitutionunder DepartmentofLaborrulesandregulations.

• Writtenrepresentations.Inadditiontothewrittenrepresentation requirementsinAU-Csection580, WrittenRepresentations,the auditorshouldrequesttherequiredwrittenrepresentationfrom managementintheauditofERISAplanfinancialstatements.

• Reporting.Thenotablechangeincludesthenewformofopinion whenanERISApermittedauditscopelimitationexists.However, thelimitedscopelimitationdoesnotexempttheplanfromthe requirementtohaveanaudit.

.76 EffectiveforauditsofERISAplanfinancialstatementsforperiods ending onorafterDec.15,2020,SASNo.136appliesonlytoauditsofemployee benefitplansthataresubjecttoERISA.Earlyimplementationisnotpermitted.

TheAuditor’sResponsibilitiesRelatingtoOtherInformationIncludedin AnnualReports

.77 InJuly2019,theASBissuedSASNo.137, TheAuditor'sResponsibilitiesRelatingtoOtherInformationIncludedinAnnualReports (AU-Csec. 720).SASNo.137addressesenhancingtransparencyrelatingtotheauditor's responsibilitiesforotherinformationincludedinannualreportsandreducingdiversityinpractice.Italsoincludesauditorperformanceandreporting requirements.SASNo.137providesthatotherinformationisfinancialornonfinancialinformation(otherthanfinancialstatementsandtheauditor'sreport thereon)includedinanentity'sannualreport.Otherinformationmayinclude amountsorotheritemsthatareintendedtobethesameas,tosummarize,orto providegreaterdetailaboutamountsorotheritemsinthefinancialstatements andotheramountsoritemsaboutwhichtheauditorhasobtainedknowledge intheaudit.

.78 SASNo.137supersedesSASNo.118, Other InformationinDocuments ContainingAuditedFinancialStatements,amendedandcodifiedinAU-Csection720, TheAuditor'sResponsibilitiesRelatingtoOtherInformationIncluded inAnnualReports.Thechangesmadeincludethefollowing:

• ClarifyingthescopeofdocumentstowhichtheauditorshouldapplytheproceduresrequiredinAU-Csection720.