According to CAIMCO insurance statistics, the average audit claim is around $362,000. The highest loss ratio comes from providers that “dabble” in audits, spending less than 15% of time on that particular service area. What are important steps you can take in order to avoid malpractice risk?
- Before accepting any engagement, ensure you understand why the client needs an audit. Fully grasp whom the intended users of the audited financial statements are and to what extent will they rely on them to make economic decisions. What are the critical components of the financial statements that could cause the users to make different economic decisions if they were materially misstated? This question should assist you with making both materiality and audit risk determinations correctly.
- Diligently apply professional skepticism from engagement acceptance through report release. Auditors need to perform services assuming that clients are neither honest nor dishonest. Therefore, it is important to appropriately corroborate management’s verbal assertions, including tailoring the management representation letter when necessary. However, you are also not a fraud investigator, so be alert for obvious inconsistencies in audit evidence. Assess the reason behind any scope limitations or delays in providing supporting documentation. Remember to keep your auditor’s hat on, but don’t hold it down too tight if there are no gusts of wind threatening to blow it off. Focus on the concept of providing reasonable assurance that the financial statements contain no material misstatements due to fraud or error.
- Gather both sufficient and appropriate audit evidence to support conclusions. This includes ensuring that the persuasiveness of evidence is increased when risk of materiality is higher. For example, obtaining external confirmations instead of simply using copies of internally generated client documents when necessary to respond to a specific identified risk. Appropriate audit evidence is both relevant and reliable.
- If you didn’t document it, you didn’t do it. Make sure that you get what is going on inside your head into the audit files. Especially document any key discussions with the client regarding areas of possible misstatement, the results of consultation with experts outside of your engagement team and the basis for more subjective conclusions on the audit.
- Remember that you can sell your time by the hour, but your reputation only once. The auditor needs to understand the importance of such things as obtaining a properly worded engagement letter, conservatively apply independence rules contained in the Code of Professional Conduct, embrace the use of emphasis-of-matter and other-matter paragraphs in the auditor’s report, and other such obligations that are beyond simply ticking, footing and vouching numbers. Make sure that you understand and satisfy the principles that underlie professional and regulatory requirements with which you must comply when you are engaged to perform an audit, particularly when subjectivity is involved.
Follow these steps and avoid any malpractice risk when “dabbling” in audits.