Understanding the Entity and Its Environment and Assessing …

1 Statement on October 2021 Auditing Standards 145 Issued by the Auditing Standards Board Understanding the Entity and Its Environment and Assessing the risks of material misstatement (Supersedes Statement on Auditing Standards (SAS) No. 122, Statements on Auditing Standards: Clarification and Recodification, as amended, section 315, Understanding the Entity and Its Environment and Assessing the risks of material misstatement [AICPA, Professional Standards, AU-C sec. 315]; Amends SAS No. 122, as amended Section 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance With Generally Accepted Auditing Standards [AICPA, Professional Standards, AU-C sec.)]

2 200] Section 210, Terms of Engagement [AICPA, Professional Standards, AU-C sec. 210] Section 230, Audit Documentation [AICPA, Professional Standards, AU-C sec. 230] Section 240, Consideration of Fraud in a Financial Statement Audit [AICPA, Professional Standards, AU-C sec. 240] Section 250, Consideration of Laws and Regulations in an Audit of Financial Statements [AICPA, Professional Standards, AU-C sec. 250] Section 260, The Auditor s Communication With Those Charged With Governance [AICPA, Professional Standards, AU-C sec. 260] Section 265, Communicating Internal Control Related Matters Identified in an Audit [AICPA, Professional Standards, AU-C sec. 265] Section 300, Planning an Audit [AICPA, Professional Standards, AU-C sec.

3 300] Section 330, Performing Audit Procedures in Response to Assessed risks and Evaluating the Audit Evidence [AICPA, Professional Standards, AU-C sec. 330] Section 402, Audit Considerations Relating to an Entity Using a Service Organization [AICPA, Professional Standards, AU-C sec. 402] Section 501, Audit Evidence Specific Considerations for Selected Items [AICPA, Professional Standards, AU-C sec. 501] Section 505, External Confirmations [AICPA, Professional Standards, AU-C sec. 505] Section 530, Audit Sampling [AICPA, Professional Standards, AU-C sec. 530] Section 550, Related Parties [AICPA, Professional Standards, AU-C sec. 550] Section 600, Special Considerations Audits of Group Financial Statements (Including the Work of Component Auditors) [AICPA, Professional Standards, AU-C sec.

4 600] Section 620, Using the Work of an Auditor s Specialist [AICPA, Professional Standards, AU-C sec. 620] Section 805, Special Considerations Audits of Single Financial Statements and Specific Elements, Accounts, or Items of a Financial Statement [AICPA, Professional Standards, AU-C sec. 805] Section 930, Interim Financial Information [AICPA, Professional Standards, AU-C sec. 930] SAS No. 128, Using the Work of Internal Auditors [AICPA, Professional Standards, AU-C sec. 610] SAS No. 130, An Audit of Internal Control Over Financial Reporting That Is Integrated With an Audit of Financial Statements, as amended [AICPA, Professional Standards, AU-C sec. 940] SAS No.

5 134, Auditor Reporting and Amendments, Including Amendments Addressing Disclosures in the Audit of Financial Statements, as amended Section 701, Communicating Key Audit Matters in the Independent Auditor s Report [AICPA, Professional Standards, AU-C sec. 701] SAS No. 136, Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA, as amended [AICPA, Professional Standards, AU-C sec. 703] SAS No. 137, The Auditor s Responsibilities Relating to Other Information Included in Annual Reports, as amended [AICPA, Professional Standards, AU-C sec. 720] SAS No. 142, Audit Evidence [AICPA, Professional Standards, AU-C sec. 500] SAS No.

6 143, Auditing Accounting Estimates and Related Disclosures, as amended [AICPA, Professional Standards, AU-C sec. 540]) 2021 American Institute of Certified Public Accountants, Inc. All rights reserved. For information about the procedure for requesting permission to make copies of any part of this work, please email with your request. Otherwise, requests should be written and mailed to Permissions Department, 220 Leigh Farm Road, Durham, NC 27707-8110. Statement on Auditing Standards, Understanding the Entity and Its Environment and Assessing the risks of material misstatement Executive Summary Overview The Auditing Standards Board (ASB) has issued Statement on Auditing Standards (SAS) No.

7 145, Understanding the Entity and Its Environment and Assessing the risks of material misstatement , to supersede SAS No. 122, as amended, section 315 of the same title, and to amend various AU-C sections in AICPA Professional Standards. SAS No. 145, for example, enhances the following: Requirements and guidance related to the auditor s risk assessment, in particular, obtaining an Understanding of the Entity s system of internal control and Assessing control risk Guidance that addresses the economic, technological, and regulatory aspects of the markets and Environment in which entities and audit firms operate SAS No. 145 also includes, among other things, the following: Revised requirements to evaluate the design of certain controls within the control activities component, including general IT controls, and to determine whether such controls have been implemented New requirement to separately assess inherent risk and control risk New requirement to assess control risk at the maximum level such that, if the auditor does not plan to test the operating effectiveness of controls.

8 The assessment of the risk of material misstatement is the same as the assessment of inherent risk A revised definition of significant risk New guidance on scalability New guidance on maintaining professional skepticism A new stand-back requirement intended to drive an evaluation of the completeness of the auditor s identification of significant classes of transactions, account balances, and disclosures Revised requirements relating to audit documentation A conforming amendment to perform substantive procedures for each relevant assertion of each significant class of transactions, account balance, and disclosure, regardless of the assessed level of control risk (rather than for all relevant assertions related to each material class of transactions, account balance, and disclosure, irrespective of the assessed risks of material misstatement , as previously required).

9 SAS No. 145 does not fundamentally change the key concepts underpinning audit risk, which is a function of the risks of material misstatement and detection risk. Rather, SAS No. 145 clarifies and enhances certain aspects of the identification and assessment of the risks of material misstatement to drive better risk assessments and, therefore, enhance audit quality. The SAS becomes effective for audits of financial statements for periods ending on or after December 15, 2023. Introduction This executive summary provides an overview of SAS No. 145. This document aims to highlight changes that are viewed to be of most interest (but is not inclusive of all changes). Background Deficiencies in the auditor s risk assessment procedures is a common issue identified by practice monitoring programs in the United States and worldwide.

10 In 2020 peer reviews, AU-C section 315 was the leading source of matters for further consideration (MFCs), constituting 25 percent of The ASB s project to enhance the auditing standards relating to the auditor s risk assessment through the issuance of SAS No. 145 was intended to enable auditors to appropriately address the following: a. Understanding the Entity s system of internal control, in particular, relating to the auditor s work effort to obtain the necessary Understanding b. Modernizing the standard in relation to IT considerations, including addressing risks arising from an Entity s use of IT c. Determining risks of material misstatement , including significant risks Convergence The ASB has a strategic objective to converge with the International Standards on Auditing (ISAs).