Risky business? Discussing vulnerabilities with your auditors

Jun 4, 2019

Business people in suits talking at meeting

Estimated reading time: 2 minutes

National audit standards require every audit to include a formal inquiry with key staff and a member of the governing body to discuss their views on risks the government faces. While this is a routine part of every audit, we sometimes receive questions about the process, what to expect in these conversations, and why we do them. Here's what you should know about these discussions:

The inquiry is one of several risk assessment procedures we perform when planning an audit. Our audits do not examine every transaction, activity or area because that would be time- and cost-prohibitive for governments. Instead, during our planning procedures we assess areas to examine that represent the highest risk of fraud, abuse or noncompliance.

Shortly after we arrive onsite, we schedule to meet. Meetings usually take place in person. We often select staff in key departments or who perform a key process in financial reporting. We might ask to speak with a different person than we spoke with in a prior year. This helps us form a more robust picture of your entity.

The inquiry is an opportunity to discuss with auditors any changes or risks you see, and your thoughts on how your government has responded to them. We have some standard questions we ask to get the conversation started, such as: Have there been any new laws or regulations since our last audit? Did the government obtain a new grant or funding source? Have there been any changes in programs or services, or turnover in key staff?

You can also use the meeting to share any improvements that have occurred. Did the government add staff or change a process to improve a control? Did staff address a prior audit recommendation? This should be a meaningful, dynamic conversation. You know your entity best. Your thoughts and insights help us evaluate where to focus our work to provide the best value. The more you can tell us about the health and practices of your organization, the more effective our work will be.

Effective communication is vital to building a constructive working relationship. If you have questions about the audit process, we encourage you to reach out to your audit manager. Additionally, we invite you to explore our website at: https://sao.wa.gov/about-audits/anatomy-of-an-audit

Resources

AU-C Section 240 – Consideration of Fraud in a Financial Statement Audit: https://www.aicpa.org/research/standards/auditattest/downloadabledocuments/au-c-00240.pdf

AU-C Section 315 – Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement:
https://www.aicpa.org/research/standards/auditattest/downloadabledocuments/au-c-00315.pdf