There’s a cabal. I mean, there are probably a lot of cabals, depending on who you talk to. To be clear, I’m not talking about Cabela’s. I’m talking about a secretive, powerful organization of elites, changing the way the world works through shadowy operations.
Now, maybe you don’t think IFAC (International Federation of Accountants), which has an office on 5th Avenue in New York City and is “open to professional accountancy organizations that have an interest in the international accountancy profession,” counts as a cabal. You’re probably right.
Still, the organization does pack a punch and it is responsible for a lot of the regulations and guidelines that make accounting tick. One of IFAC’s sub-units is the IAASB (International Auditing and Assurance Standards Board), which develops the International Standards on Auditing.
What are the International Standards on Auditing (ISAs)
The International Standards on Auditing (ISAs) are auditing guidelines developed by the IAASB. As the name implies, the ISAs are international standards devised to align auditing around the globe. While not all countries require compliance with the ISAs, most at least use the standards as a guide for their own home-brewed systems.
While the ISAs have been in existence for much longer, the newest, “clarified” version of the standards was released in 2009. This clarification gave the standards more relevance and clearer guidance on some of the motivations behind auditing.
The clarified standards are supposed to make it easier for users of audits—the people who initiate the audit or look at the results—to understand what’s being said and why it’s being said. Giving more transparency and clarity to the user means that, hopefully, you’ll have fewer Enrons and more Buffers.
IFAC runs this town
As an auditor, CPA, or student, understanding the role ISAs play is of vast importance. Auditors will live and die—professionally—on the back of the standards, while CPAs will often find themselves on the receiving end of an audit, having their work judged by the same standards.
For students, passing the CPA exam requires a solid working knowledge of the ISAs and their implementation.
Today, we’ll look at how the standards are structured and how you can better understand just what the ISAs mean in practice.
Structure of the standards
The ISAs are divided into 36 different standards, all grouped into six categories—General Principles, Risk Assessment and Response, Audit Evidence, Using the Works of Others, Conclusions and Reporting, and Specialized Areas.
The sum total of these things is a 961-page handbook. It’s a bit much, if I’m being honest.
- Application and other explanatory material
The introduction to each standard is largely just a summary of the standard’s scope. Each piece of the ISAs covers a slice of the overall audit process, and not every standard is going to be applicable in every situation.
Here’s the introduction to ISA 210, “Agreeing the Terms Of Audit Engagements.”
“This International Standard on Auditing (ISA) deals with the auditor’s responsibilities in agreeing the terms of the audit engagement with management and, where appropriate, those charged with governance. This includes establishing that certain preconditions for an audit, responsibility for which rests with management and, where appropriate, those charged with governance, are present. ISA 2201 deals with those aspects of engagement acceptance that are within the control of the auditor. (Ref: Para. A1)”
Pretty cool, right? In short, this is saying that the “agreeing terms” standard comes into play when you’re agreeing terms.
The introduction is the lightest bit of the standard, clearly.
Objective is where the interesting stuff starts to happen. This is the section of each standard where you start to figure out why the standard is in place. What questions is it going to answer, why is it a step in the auditing process, and what is the user going to get out of it?
For 210, we’re told the standard is “establishing whether the preconditions for an audit are present” and “confirming that there is a common understanding between the auditor and management.”
The user is now in the story. Before moving on, the auditor should confirm the audit’s setup with management. Now the standards are showing off the value they have. Now, management can look back and say, “We never agreed to a system (or goal or scope or whatever) ahead of time.”
As IFAC indicated back in 2002, “Failure to recognize the primacy of integrity has been a major contributor to the financial scandals of recent years.”
Everything about the ISAs is centered on building back the trust of the public in financial reporting. That means engaging all the stakeholders along the way and setting clear objectives from the very start.
The objective section of the standards is less complex than most of what follows, but understanding it is of vital importance.
This section is incredibly dry and super important. The definitions laid out here are going to help make the scope of the standard make more sense.
For instance, in standard 210, management is defined as “management and, where appropriate, those charged with governance.”
I would read this section before you even dive into the scope, as many terms will have clear borders defined here though they’ve already appeared in the document.
The requirements are the real meat of the standard. This is where you’ll find detailed guidelines for how the scope and objective are to be complied with and met.
If you think of a more basic standard, like how to build a computer, the requirements would be the part where the materials and steps are detailed. If you have an objective saying, “ensure monitor can display 4K video,” this is where you would find out that you need to use materials x,y, and z to make that a reality, and they need to be combined in these specific ways.
In standard 210, we get guidance around determining who will be involved in the audit, what documents are going to be delivered by whom, how liability works out for an audit, and how to comply with local regulations.
The ISAs aren’t self-contained, by the way. In ISA 210, you’ll see references to standards 200, 220, 580, 700, 705, 706, and 800. The ISAs are meant to be a interconnected system, with each piece supporting the larger project.
That means you can follow an idea through the ISAs. This gives users a more coherent system and means that, when an idea is introduced, it’s likely to stick around for the duration. A coherent system is part of the integrity IFAC mentioned back in 2002. It’s staking a claim and following through at every opportunity, not just when it’s convenient.
ISAs: Application and other explanatory material
This section is often longer than the requirements section, as it gives more details around special circumstances, considerations, and regulations. The application section of each ISA will detail things to be on the lookout for and how to deal with those when they show up.
Most of the entries in this section start with something like “in some jurisdictions” or “in some cases.” The application of an ISA is always going to be more complex than a document—even a 961 page document—can account for. The extra material in each standard gives users and auditors guidance on how to navigate the stickier situations.
The ISAs in practice
If you work in finance but you’re not an auditor or overseeing auditors, it’s unlikely that you’ll ever read through the standards in any depth—after the CPA exam, of course.
“Candidates are expected to demonstrate an awareness of: (1) the International Auditing and Assurance Standards Board (IAASB) and its role in establishing International Standards on Auditing (ISAs), (2) the differences between ISAs and U.S. auditing standards, and (3) the audit requirements under U.S. auditing standards that apply when they perform audit procedures on a U.S. company that supports an audit report based upon the auditing standards of another country, or the ISAs.”
The Auditing and Attestation portion of the CPA exam is often considered the most difficult. According to Roger CPA Review, fewer than 50% of CPA candidates pass the auditing portion of the test. If you can master the ISAs, you’ll be in a very good spot.
If you are a practicing auditor, it pays to remember that the ISAs are largely devised to help the users of your reports—the people who are your clients. They give people a place to find additional information and give you a place to find help building a clear auditing story.
Let the principles behind the standards guide your actions and you’ll end up with happy customers and better audits.
For more tips on living the financial life, check out Capterra’s finance blog. We cover software, professional tips, and industry trends—it’s your go-to spot for everything accounting.
Looking for Accounting software? Check out Capterra's list of the best Accounting software solutions.