Audit regulators are putting down early notions that a new rule on internal reviews requires copious documentation.

The Public Company Accounting Oversight published a single question and answer addressing implementation of Auditing Standard No. 7: Engagement Quality Review addressing the new standard’s documentation requirements. The Securities and Exchange Commission called for the guidance when it approved the new standard in early January.

AS7 replaces earlier professional standards established by the American Institute of Certified Public Accountants for how audit firms should review their audit work internally before publishing their audit reports. The standard provides more rigorous requirements for all accounting firms auditing public company financial statements to review engagements internally in the hope that it will reduce audit deficiencies before reports are issued.

The PCAOB developed the standard in response to observations by inspectors that audit firms weren’t putting enough elbow grease into the internal review process, causing audit reports to be issued that should have been cleaned up internally before they were issued. Critics of the new standard worried the new requirements would lead to redundant audit work, driving unnecessary audit costs for public companies.

The standard is in effect for audits of interim and annual periods beginning after Dec. 15, 2009. When the SEC issued its order approving the new standard, it instructed the PCAOB to provide implementation guidance to address questions about how much documentation should be provided to comply with the review standard.

The resulting guidance addresses a single question in less than three pages. It says audit firms should not read language in the release adopting the standard to mean that they are required to provide documentation of all the interactions between the engagement quality reviewer and the engagement team, including those that take place before an audit deficiency is identified.

Instead, the PCAOB says, the new standard focuses on how to document interactions once a significant engagement deficiency is identified. The documentation should contain enough information “to enable an experienced auditor, having no previous connection with the engagement, to understand the procedures performed by the engagement quality reviewer, and others who assisted the reviewer, to comply with the provisions of this standard,” the PCAOB wrote.

Based on initial comments to seven proposed standards on assessing and responding to risk, the Public Company Accounting Oversight Board has reworked the package and is asking for public comment on the revisions.

The board unanimously approved the revisions suggested by the staff of Chief Auditor Marty Baumann and agreed to put them out for a 75-day comment period. According to Dan Goelzer, acting chairman of the PCAOB, the revised standards are “not fundamentally different in approach” from the original seven proposed standards, but they provide for numerous enhancements and clarifications.

The most significant changes, said Goelzer, focus on better aligning the proposed new requirements with existing requirements in Auditing Standard No. 5, which governs the audit of internal control over financial reporting, and on emphasizing the auditor’s duty to evaluate financial statement disclosures in addition to data. The new standards also provide “beefed up requirements” regarding considering the possibility of fraud, Goelzer said.

The suite of seven risk standards focus on audit risk, audit planning and supervision, the consideration of materiality in planning and performing the audit, identifying and assessing the risks of material misstatement, the appropriate audit response to risks of material misstatements, evaluating audit results, and audit evidence.

The PCAOB originally proposed the package in October 2008 and accepted comments through late February. Goelzer said the seven standards are meant to serve as a “bedrock” for much of the board’s future standard setting. “The standards will provide a base that focuses on appropriate risk identification and on auditing planning tailored to those risks,” he said.

Board member Steven Harris said he’s hopeful the PCAOB will hear from more investors on the revised standards, noting the first proposal raised only one investor reaction from a grand total of 33 comment letters. “Since these standards were first proposed last year, the world has witnessed firsthand the consequences of ineffective risk management,” he said.

The new standards more explicitly describe the auditor’s responsibility to consider business risk as an important element of audit risk, said Harris. “The standards require the auditor to do the homework necessary to identify and to assess the risk of error or the risk of fraud in the financial statements,” he said.

PCAOB member Charles Niemeier, who is remaining on the board past his term until the SEC names his replacement, said he’s not “completely comfortable” with all the decisions in the seven-standard package, but he’s comfortable seeing it exposed for further comment.

The 252-page proposal provides an appendix comparing the proposed standards with prevailing international requirements, the International Standards on Auditing written by the International Audit and Assurance Standards Board. Niemeier said he would prefer to see more attention focused on improving the board’s own standards than comparing them to standards in other jurisdictions.

Both in the United States and abroad, audit rule makers are developing new guidance on how to audit fair-value measurements.

The Public Company Accounting Oversight Board recently asked its Standing Advisory Group for its input on the board’s preliminary ideas around developing a new standard that would govern how to audit fair-value measurements. The board so far has given auditors staff guidance on auditing fair-value measurements, first in 2007 and again in 2009, but now is developing a standard that would carry more authority over the audit process.

The board asked its advisory group whether auditors should be instructed to automatically assume that if there’s heightened uncertainty a measurement, there must also be a heightened risk of fraud. In a small group discussion that was closed to the public, advisers said that’s probably taking it a bit too far, said Jennifer Rand, deputy chief auditor for the PCAOB.

Advisors generally agreed that there’s an inherent risk associated with measurements that are reached amid some uncertainty, said Rand, such as those that involve a great deal of estimation and judgment. Auditors should give those items some additional audit attention, but “there were pretty strong feelings that those types of measurements should not be labeled as fraud risks,” she said.

The staff told its advisory group that inspection and enforcement efforts indicate auditors typically aren’t skeptical enough when reviewing such measurements, which led the board to begin to develop an authoritative standard. A new standard could provide new direction on identifying and assessing risks of material misstatements, evaluating disclosures, and supervising specialists hired by auditors to help assess fair-value measurements.

Dan Goelzer, acting chairman for the PCAOB, said a fair-value measurement standard is being developed along with standards on auditing related-party transactions, communications with audit committees, risk assessments, and confirmations as part of a “very ambitious standard setting agenda” for the coming year. “The coming months are likely to see more activity with more potential impact on financial statement auditing than any similar period in the board’s existence,” he said.

While the PCAOB gets started on a fair-value measurement standard, the International Auditing and Assurance Standards Board has published a consultation paper looking for views on developing international guidance. The paper acknowledges strong demand from auditors and preparers for guidance on how to audit complex financial instrument measurements, especially in illiquid markets. The IAASB is looking for feedback that will help in the revision of its Practice Statement 1012 on auditing derivatives.

Although the audit engagement quality review will soon be subject to new rules, it has not been a common target for enforcement action, according to a recent academic analysis.

Since 1993, only 28 enforcement cases at the Securities and Exchange Commission or the Public Company Accounting Oversight Board have resulted in sanctions against the audit partner in charge of the quality review, according to the analysis. Of those only eight arose from one of the major international audit firms. “It’s surprising to me that there weren’t more,” said William Messier, accounting professor at the University of Nevada, Las Vegas, who led the research.

The SEC began calling in the 1990s for more rigor in the engagement quality review, which audit firms perform internally to review their own audit work before issuing audit reports. The PCAOB is revising the rules with a proposed new standard that would generally require the engagement quality reviewer to take a closer, more skeptical look at the audit engagement team’s work.

In the handful of cases since the early 90s that led to enforcement, engagement quality reviewers typically relied too heavily on management’s representations without obtaining corroborating evidence, the research showed. They also commonly made bad calls around materiality or failed to show enough skepticism, Messier said.

Too often, the research shows, the reviewing partner overlooked unresolved audit issues, didn’t require enough additional audit work, or relied too heavily on the audit team or management. In about half of the cases, the sanction against the reviewing partner involved denial of the right to practice before the SEC or PCAOB for three or more years.

Messier said the PCAOB’s proposed new standard on engagement quality review provides more specific guidance on what’s expected of the engagement quality reviewer, which should address some of the shortcomings that have led to sanctions in the past. “No standard is foolproof,” he said. “But the new standard should help improve engagement quality review and reduce the kinds of actions that have occurred in the past.

Although the research offers insight into where quality reviews have gone wrong in the past, it doesn’t answer any question about why the number of enforcement cases is low, Messier said.

Corporate audit committee members are getting more tuned in to risk and demanding better quality information in light of recent economic events.

In a recent survey, three-fourths of audit committee members said they are working more “hands on” with management to assess risk management and oversight as a result of economic turmoil. Audit committee members said risks related to the financial crisis and the company’s oversight of risk management are the top two agenda priorities for 2009.

“Audit committees are at an inflection point in their taking oversight responsibilities very seriously,” said Mary Pat McCarthy, executive director of KPMG’s Audit Committee Institute, which conducted the survey with the National Association of Corporate Directors. “They are putting much more time, energy, and thought into exercising oversight in light of the financial crisis.”

One of the daunting challenges facing audit committees in this newfound focus on risk is poor quality information, according to the survey results. Audit committee members said they are concerned about the quality of information they receive, particularly as it relates to financial risks posed by the economic crisis, fraud risk, tax risk, and information technology risk.

Two-thirds of audit committee members said they would they want to see more meeting time devoted to dialogue and questions rather than presentations, and one-third said agendas need to be better prioritized with less box-checking. They also called for pre-meeting materials to be more timely and more consise, with more benchmarking against competitors and less extraneous information.

“Audit committee members want to make sure that timely, important things get to them fast,” said McCarthy. “They want to make sure they have clear, relevant, focused information.”

The Center for Audit Quality is touting the role of auditors in capital markets with a consumer-focused guide to investors explaining what auditors do.

The “Guide to Public Company Auditing” is a broad, basic overview of the auditor’s role in providing assurance that a company’s financial statements are fairly stated. It explains the relationship between company management, the audit committee, and the auditors, and it describes how an audit is performed.

The guide also explains some of the touchy issues around auditing, such as the auditor’s role and limitations in finding fraud and auditors’ requirement to maintain independence from management.

The CAQ said it published the guide with hopes it will help investors and others with roles in public policy to better understand how auditing is done. The guide “is in line with the CAQ’s mission to foster confidence in the audit process and to aid investors and the capital markets,” said Cindy Fornelli, executive director of the CAQ. “By giving market participants the information they need to make informed decisions, public company auditors are responsible for an increasingly invaluable function.”

Auditors have long worked against what has become known as the “expectation gap,” or the perception that investors assume the audit is supposed to provide a guarantee against misstatements or errors in the financial statements. The guide points out that audits provide “reasonable assurance” but not absolute assurance. “Because auditors do not examine every transaction and event, there is no guarantee that all material misstatements, whether caused by error or fraud, will be detected,” the guide says.

The guide also explains that auditors are hired by and report to the audit committee of the board of directors, not management, to assure greater independence from management, which brings more professional skepticism to the audit.

If you’re looking to bend the ear of audit regulators, the Public Company Accounting Oversight Board is accepting nominations—either your own or someone else’s—for its Standing Advisory Group.

The SAG is an advisory body that meets a few times each year to share views and offer ideas on how to address emerging audit issues. Currently consisting of 33 members, the group represents a wide variety of capital market interests, including accounting, auditing, corporate finance, corporate governance, and investing.

The board asks advisers to serve a two-year term, and it seeks nominations annually to reseat half the advisory group. Appointments from the current round of nominees will be announced in October to serve on the advisory panel in 2010 and 2011.

The board typically consults with the Standing Advisory Group on auditing standards it is developing or considering, as well as guidance it might publish. At the most recent advisory group meeting in April, the board asked the advisory group to weigh in on the standard being developed on engagement quality reviews, the audit confirmation process, and whether any new guidance is warranted, and the auditor’s role in concluding that an entity’s ability to continue as a going concern is in doubt.

Nominations are due by June 18.

Regulators have responded to calls from the financial services sector to give auditors new guidance on how to audit fair-value measurements and impairments.

The Public Company Accounting Oversight Board published an audit alert that brings auditors up to speed on new fair-value and impairment guidance recently finalized by the Financial Accounting Standards Board. The alert tells auditors to take into account a package of controversial staff positions recently issued by FASB—one describing how to measure fair value when markets are inactive, a second amending impairment rules for certain debt securities so that only credit-related losses hit earnings, and a third that turns certain annual fair value disclosures into interim disclosures.

The alert describes the new accounting guidance to auditors and tells them it may have rendered some PCAOB standards obsolete. As such, it directs auditors to follow the accounting literature, not the auditing literature, where there may be conflict.

“The accounting standards set by FASB are recognized by the U.S. Securities and Exchange Commission as generally accepted,” says the alert. “Auditors should look to those standards and to the requirements of the SEC, rather than the standards of the PCAOB, for current accounting requirements and disregard descriptions of accounting requirements in PCAOB standards that are inconsistent with the FSPs.”

The alert is the first under the leadership of the PCAOB’s new chief auditor, Martin F. Baumann. “This alert is intended to remind auditors of their responsibilities in conducting reviews of interim financial information and annual audits in light of the new FSPs related to fair-value measurements and other-than-temporary impairments,” he said in a written statement. “The alert will be helpful to auditors as they conclude their work related to the first quarter of 2009 or prepare for the review of the second quarter and the audit of the financial statements, including the integrated audit.”

The PCAOB said it has a project in development to address standards related to auditing accounting estimates and auditing fair-value measurements. In that context, the board said it plans to remove descriptions of accounting requirements from those standards, taking similar measures as it revises any or all of its interim standards.

The PCAOB told its Standing Advisory Group it was considering audit guidance following FASB’s recent pronouncements. The board also received a letter from 15 financial services and business advocacy groups imploring guidance to assure auditors were in step with FASB and the Securities and Exchange Commission in following more moderate, less pessimistic views on fair-value measurements.

The Public Company Accounting Oversight Board will continue its forums for smaller auditing firms in 2009 with six events throughout the United States.

The forums are intended to help smaller firms keep up-to-date on PCAOB rules and requirements as well as emerging audit issues. The agenda will feature case studies on auditing in the small-business environment as well as discussions around current economic issues and trends affecting auditors’ work, proposed standards on risk assessment and engagement quality reviews, auditing internal control over financial reporting for non-accelerated filers, future standard-setting priorities, and new annual and special reporting rules for registered firms. Staff from the Securities and Exchange Commission also will be on hand to discuss recent SEC activities and observations related to smaller firms.

PCAOB member Dan Goelzer, who is in charge of the small-business forums, said events typically are well attended. The series “provides smaller firms, which typically do not have access to the same resources as larger firms, with the opportunity to discuss their experiences and ask questions about PCAOB rules and standards as well as the inspection and enforcement processes,” said Goelzer. “The forums also provide training for smaller firms and an opportunity for board members and staff to discuss the PCAOB’s rules and standards and expectations for inspections.”

The series begins in Santa Monica, Calif., on April 21 with additional stops planned for Philadelphia, New York, Houston, Denver, and Orlando, Fla.

Auditors may get some new guidance around how to acquire and rely on third-party confirmations.

The Public Company Accounting Oversight Board will meet this week to discuss whether to issue a concept release that would form the basis for a new standard on audit confirmations. The board discussed its concerns about audit confirmations with its Standing Advisory Group in an early April session.

Audit confirmation is a process where auditors seek verification about transactions in an audit client’s books from the client’s bankers, customers, suppliers, or other third-party contacts. It’s an important part of the evidence trail for auditors in reaching their assertions about an entity’s financial statements. It’s also a weak spot in auditing standards that has allowed massive frauds at Parmalat, Sunrise Medical, Health South, and others to proliferate.

PCAOB staff told their advisers that confirmations are a frequent trouble spot when inspectors pore over audit documentation. Auditors often do not receive responses to confirmation requests or do not follow up on confirmations. The staff also noted auditors sometimes rely too heavily on confirmations to reach their assertions.

In a briefing paper to the SAG, the board also notes technology has advanced since the existing standard, AU sec. 330, The Confirmation Process, was written 15 years ago, so it doesn’t adequately reflect modern means of gathering information, including electronic access, e-mail, or even fax.

SAG members generally support the board’s plans to overhaul the confirmation standard. “To me, the big issue as it relates to all confirmations, whether paper or anything else, is knowing who’s responding to the confirmation,” said SAG member Joe Carcello, director of research at the University of Tennessee’s Corporate Governance Center.

Carcello said confirmations can be skewed when coming from an entity’s customer, who may be willing to provide false information to keep a customer happy. “You also need to think about incentives to respond truthfully,” he said. “That affects the quality of audit evidence.”

The American Institute of Certified Public Accountants published a practice alert in 2007 that addresses more modern communication means for facilitating confirmations, and the International Auditing and Assurance Standards Board finalized a new standard on external confirmations in late 2008.