The International Standards on Auditing (ISAs) on communications with those charged with governance are not an easy read for auditors of smaller firms. ISAs 260 and 265 use the language of governance originally developed for larger companies. Applying that language to smaller entities can sometimes seem torturous.
Auditors of entities of all sizes are required to identify those charged with governance, communicate a number of specific issues, and ensure that two-way communications are established. As one practitioner recently put it, “I wish someone would tell my audit clients about that!”
There is oftentimes frustration or confusion on both sides: Some of those charged with governance in smaller companies, such as directors who do not take part in the day-to-day running of the business, may be surprised to know that they are either “charged with governance” or that auditors are required to communicate with them, particularly if they are elderly relatives of the directors who run the business. And the directors who run the business may not be particularly happy with auditors communicating with those elderly relatives! Those charged with governance may often be all too familiar with the detail of what auditors are required to communicate to them in a small company, and wonder why auditors have to spend their (chargeable) time “communicating” these matters. And many auditors are unclear about which matters may be communicated in writing, and which may be communicated orally.
The International Auditing and Assurance Standards Board (IAASB) spent many hours debating whether and how ISA 260 on communication with those charged with governance and ISA 265 on communicating deficiencies in internal control should be applicable to the audit of smaller entities. It concluded, emphatically, that they could and should. The number of specific references to the audit of smaller entities in these ISAs is testament to that fact.
Adrian Gibbons, a director of SWAT UK—a leading training company—and a long-standing auditing lecturer, goes further. He thinks that communicating effectively throughout the audit can improve its technical quality and cost effectiveness for entities of all shapes and sizes. In an article he wrote for ICAEW’s Audit and Assurance Faculty, he highlights, very specifically, who auditors should be communicating with, what they should be communicating, and when, and what records should be kept. He notes that communications are always better “…when you can see the other party and understand their body language.”
Do you agree? Or do you think that ISA 260 doesn’t really work on smaller audits, and that compliance with it is just that—a compliance exercise without any real benefits for audit quality?
Additional Resources to Help Auditors Implement ISAs 260 and 265
- The Global Knowledge Gateway’s Auditing & Assurance Resources
- IFAC SMP Committee’s Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities, Third Edition