CAQ, others issue update to auditor assessment tool

Audit committees have an updated tool available for use to help them assess their external auditors.

The Audit Committee Collaboration and the Center for Audit Quality have updated their “external auditor assessment tool,” which is meant to help audit committees appoint, oversee, and set compensation for their external auditors. The tool provides audit committees with sample questions to ask around the quality of services and adequacy of resources provided by the external auditor, the quality of communication and interaction with the auditor, and the auditor’s independence, objectivity, and professional skepticism.

The tool also provides a sample form and rating scale for getting input from representatives within the company about the external auditor, in addition to other resources that will help the audit committee and others with duties for corporate governance.

The collaborative group that produced the tool — including the CAQ, the National Association of Corporate Directors, the Association of Audit Committee Members, and others — issued earlier versions of the tool beginning in 2012.

The current update addresses changes in accounting and auditing standards and their associated risks. On the accounting side, that includes changes to rules around revenue recognition, leasing, and credit losses. For auditing, new content is focused on required auditor reporting of the identity of the engagement partner and other participants in the audit, along with proposed changes to the auditor reporting model.

The tool also advises audit committees to ask questions around issues like non-GAAP financial information and cyber-security. Although they are outside the scope of audited financial statements and internal control over financial reporting, audit committees have been drawn into considering risk factors in those emerging areas of concern as well, the assessment tool says.

Non-GAAP, for example, has been a topic of concern at the Securities and Exchange Commission, where a year-long focus on abusive practices has compelled companies to reconsider their approaches. Cyber-security also has landed on the audit committee agenda as companies have wrestled with how best to protect a host of important information, including information critical to the integrity of financial statements.