Utilizing internal audit: a CFO's guide.

• Author: Keizer, Henry
• Position: AUDIT - Public Company Accounting Oversight Board

Public companies and their external auditors currently are planning for their fiscal year 2010 financial statement audits. And, after one of the most trying economic periods in memory, there will be a lot to discuss.

Rapidly shifting economic conditions, significant regulatory changes and an uncertain future should lead to lively planning sessions on a host of important topics, from International Financial Reporting Standards (IFRS) considerations to fair value discussions and deeper conversations about risk and enterprise risk management.

There's no question companies will be relying on their auditors to find additional cost efficiencies for next year's audit--and that auditors will be working hard to ensure their resources are properly focused in ways that enhance audit quality.

As auditors and their clients approach planning for future audits, it is appropriate to consider whether the company has provided for an internal audit (IA) function that can benefit the company's internal control and risk management processes as well as external audit efficiency.

Since passage of The Sarbanes-Oxley Act in 2002, public companies have bolstered their IA function to ensure that it tests and enhances internal controls over financial reporting. Now, many IA groups are fully engaged with their companies' financial reporting systems, and are looking to broaden their scope of responsibilities and improve their own return on investment. This presents an opportunity to improve company and auditor efficiencies while maintaining appropriate external auditor independence.

C-suite executives and boards of directors looking to achieve audit efficiencies should consider whether their IA function is capable of enabling their outside auditor to use internal work in connection with external audit procedures

Based on that consideration, discussion and planning should begin about how IA's work can be used to realize efficiencies and improve audit quality.

Auditing Standards Considerations

The Public Company Accounting Oversight Board's auditing standards address the circumstances that must be considered by the auditor in this regard. PCAOB's Auditing Standard No. 5 (AS5) discusses how external auditors may consider the work of others in connection with the completion of an audit.

AS5 requires auditors to evaluate the extent to which they will use the work of others--including internal auditors--in their audit, and PCAOB AU Section 322 deals specifically with auditor consideration of the work of a company's IA function.

These standards spell out the considerations by the auditor in assessing the extent to which the work of 1A can be used in connection with audit procedures in a way that does not compromise auditor independence and/or audit quality.

Many auditors will recommend that the company's chief financial officer, controller and audit committee be closely involved in discussions on the impact of using IA's work in connection with the audit before they will consider plans to utilize the work of the IA group.

While not an exhaustive list, the...