Statement on Auditing Standards (Sas) No.109 Summary

Statement on Auditing Standards (SAS) No.109

In order for audit professionals to perform their work successfully on an entity and make sure it reaches its objectives, the professional must have a good understanding of certain aspects of the entity. The auditor is primarily interested in identifying and assessing the risks of material misstatements on financial reporting. To be able to identify and assess these risks, the auditor needs to become familiar and understand the entity’s internal control, which consists of several components including the control environment, risk assessment, information and communications, control activities, and control monitoring, and verify that they are being implemented. The understanding of all these components play a vital role in distinguishing and verifying just some of the questions like how these risks are created, why they are created, what effect do they have on financial reporting, what actions are taken upon by management, how to minimize these risks, etc. to then design and perform further audit procedures.

Auditors need to have an understanding of the entity’s control environment seeing that it is the foundation of all internal control and the influence of people’s control consciousness. Auditors are aware that “the prevention and detection of fraud and error rests with those charged with governance and the management of the entity” (SAS No. 68). This means that those with controlling power are responsible for communicating and enforcing integrity and ethical values to those within the entity, making sure that expertise levels with particular jobs are considered accordingly, their involvement, interaction, and problem solving within and outside of the entity, their reasoning and operating style, their framework to achieve its objectives, allocation and establishment of authority and responsibility, and finally, Human resource policies and practices (SAS No.69). Auditors will thus inquire and assess risk...