We recently updated our systems. If you’re having trouble or something isn’t working quite right, please tell us about it.


Better late than never, part 2: There's help!

November 29, 2018  |  Faye Hayhurst, CPA

Better late than never, part 2: There's help!

My Sept. 4 blog, "Better (12 years) late than never," discussed the new way peer reviewers are evaluating a firm's compliance with audit risk assessment standards. If you're unfamiliar with this new guidance, take a couple minutes to read up on it. 

Now there's help! The AICPA has resources available, at no charge, for firms to use and develop their risk assessment skills. These resources include: 

  • An audit risk assessment tool.
  • A staff training workshop PowerPoint presentation.
  • An internal inspection aid.
  • Links to articles and FAQs.

The top risk assessment violation that's been identified is the failure to understand internal controls when identifying the client's risks. Even the smallest audit engagement requires a development of this understanding.

The other most common risk assessment violations are:

  • Insufficient risk assessment, which can lead to both under-auditing or over-auditing.
  • No linkage between risk assessment and audit procedures. Yes, there should be a connection!
  • Improper control risk. Control risk can only be assessed below maximum when auditors have tested controls and found them operating effectively.

Don't forget: A major culprit in risk assessment violations is the continued struggle of many CPAs in documenting their thoughts and considerations related to audit planning, especially for engagements where there is long tenure and deep knowledge of a client’s business. While there are situations when the phrase, "It goes without saying," is appropriate, performing an audit isn't one of them. Document planning and assessment, and tie together the risk assessment work and the audit procedures.

The focus on audit risk assessment in peer reviews will only increase in the coming years. It is crucial that firms develop a solid understanding of what is required and how to carry it out. It’s up to individual CPAs to ensure that the future is one where risk assessment violations become uncommon. 

Additional resources and self-study educational opportunities

MNCPA Audit Resources page
This page is continually updated with free tools and templates to help ensure compliance and improve efficiency. 

Surgent’s Assessing Risk for a Higher Quality Audit 
(Audit Skills Training – Level 4) (Self-Study)  |  3 CPE

Surgent’s Identifying and Evaluating Audit Risk
(Audit Skills Training – Level 3) (Self-Study)  |  3 CPE

Surgent’s Properly Identifying, Evaluating, and Documenting Results of Presumed Risk Assessment Audit Procedures
(Self-Study)  |  2 CPE

Topics: Peer Review

Faye Hayhurst, CPA

Faye Hayhurst is the MNCPA director of finance and administration. She is committed to using numbers to tell relevant stories, although she also employs words, charts and occasionally clothing to communicate a message. While some have questioned her about the pressures of being the CPA for the MNCPA, Faye considers presenting financial information to fellow CPAs a dream job. Outside of storytelling with numbers, Faye enjoys directing her church's handbell choir, visiting national parks and other scenic places, and checking out the chocolate products at Trader Joe's. Faye can be reached at 952-885-5540 or fhayhurst@mncpa.org.

Posts by this author