. 20
( 82 .)


Services available

External Auditors

Compliance with
Internal Auditors

Legal Counsel
Follow-up Meeting
” ” ”
Management letter
Evaluation of the external auditors ” ”
Appointment of the external

” ” ”
Audit and nonaudit fees
” ”
Auditor™s independence letter
Evaluation of the internal auditors
” ”
and selection or reappointment
Internal audit plan for the next

fiscal year
” ”
Outsourcing activities
” ”
Evaluation of financial management
Compliance with laws and
” ”
regulations (disclosure matters)
Impact of proposed legislation on
” ”
the financial statements
Other Matters
” ”
Special investigations
Information technology
(computer security, EDI,
” ” ”
business continuity plan)
Conflict of Interest
Corporate perquisites (officers™
” ” ”
expense accounts, etc.)
” ” ” ”
Corporate contributions
” ” ”
Code of conduct
” ” ” ”
Related party transactions
Illegal, improper or sensitive
” ” ”
Quarterly Reporting Process
” ”
Quality of earnings and disclosures

Income tax assessments
” ”
Pre-acquisition audits
Material transactions and contracts
” ”
(e.g., restructuring charges, etc.)
Reporting to the Board of Directors

Formal report
Reporting to the Stockholders
” ”
Proxy-statement disclosures
Reporting to the national stock
” ”
The External and Internal Auditing Process 91

Likewise, management is responsible for a system of internal control. Audit commit-
tees may request management and auditors to present a review of the COSO components
of internal control in order to ensure that internal controls provide a reasonable assurance
that the financial accounts are maintained and accounted for under the entity™s policies. For
financial reporting purposes, audit committees need assurance that management is man-
aging identified risks so that financial statement assertions will not be misstated.
Internal auditing. As part of the monitoring component of the entity™s system of in-
ternal control, the scope of the internal audit effort extends to several types of audits: fi-
nancial, operational, compliance, ethics and fraud, systems, and risk audits. Audit
committees should review the internal audit plan as well as the organizational structure and
composition of the internal audit group. Audit committees want assurance that the entity™s
comprehensive internal audit program evaluates the adherence to management™s policies
and procedures.
External auditing. The audit committee™s meetings and agendas should be directly
linked to the auditing cycle, consisting of a pre-audit interview, an optional interim audit
interview, a post-audit interview, and a follow-up interview.
During the pre-audit interview, the agenda ordinarily includes a review and discussion
of matters such as the audit plan, accounting and auditing developments that impact the fi-
nancial statements, risk assessment and related risk control processes, an analytical review,
the personnel assigned to the audit team, an internal financial audit plan, and estimated
audit and nonaudit fees.
Audit committees or external auditors might request an interim audit interview to ad-
dress problem areas and discuss the progress of the audit.
The major objective of the post-audit interview is to review the audit findings and the
draft of the annual stockholders™ report. Typically, audit committees focus on deviations
from the audit plan, the analytical review, significant discoveries, resolved and unresolved
matters, and disagreements with management, and material audit adjustments as well as
immaterial uncorrected misstatements. Additionally, audit committees should review the
appropriateness of accounting policies (e.g., conformity with industry practice and alter-
native accounting principles) and any changes in accounting principle.
During the follow-up interview, audit committees generally focus on recommendations
for improvement in internal control, approving the internal audit plan for the following
year, and recommending the appointment of the external auditors. They might also engage
in a performance review of management, the internal audit group, or the external auditors.
Audit committees might also review the external audit and nonaudit fees that must now be
disclosed in the annual proxy statement.
Legal process. Both in-house general counsel and outside legal counsel interact with
audit committees on various issues:
– The standard of independence for the audit committee members
– The committee™s written charter, as described in the entity™s annual proxy statement
– Significant litigation, claims, and assessments against the entity
– Any pending litigation against the external auditors, as well as any impairment of their
– Compliance with key legislative acts (e.g., the Foreign Corrupt Practices Act, the Private
Securities Litigation Reform Act)
– Proposed special investigations
– Material contracts, related party transactions, and contingencies
– Compliance with the entity™s code of conduct and conflict of interest statements.
Communications. During the audit committee™s audit cycle interviews, the internal
communication process consists of both executive and joint sessions. Executive sessions
may be used for the audit committee™s performance reviews of management, the internal

92 Audit Committees: Basic Roles and Responsibilities

Exhibit 2.5 (Continued)

auditing group, and the external auditors, as well as a discussion of external audit and
nonaudit fees, and any disagreements with management.
With respect to external communications, audit committees are required to disclose the
following items in the entity™s annual proxy statement:
– A review and discussion of the entity™s consolidated financial statements with manage-
ment and the independent auditors
– A review of management™s representations that the consolidated financial statements
were prepared in accordance with GAAP
– Discussion with the independent auditors about SAS 61 matters
– Written disclosures and the ISB 1 letter from the external auditor regarding their inde-
pendence from the entity
– A consideration of whether the external auditors™ provision of nonaudit services is con-
sistent with independence
– A recommendation of whether the audited financial statements should be included in
SEC filings
– A recommendation as to the selection of the audit firm
– Presentation of an audit committee charter
– A letter to the appropriate stock exchange certifying the number and qualifications of in-
dependent audit committee members.

Audit Committee™s Quality Assurance Review
The major objective of this third step in the evaluative process is to effectively strive for
zero defects in performing the first two steps. The audit committee™s oversight role is to en-
sure efficiency and effectiveness in these processes, which, in turn, should lead to a high
level of assurance of the board™s corporate accountability. Given the demand for strong
boards and audit committees, the audit committee should reflect and assess their overall
operating performance and that of each committee member. This assessment process may
be accomplished through a series of targeted questions that effectively address financial
accounting and auditing issues affecting the financial statements. For example, audit
committees might benchmark their performance review against their formal written char-
ter. Exhibit 3 contains six quality assurance elements that enable the committee to develop
an effective oversight strategy. Comprehensive reporting, combined with an ongoing dia-
logue between audit committee members and all interested parties, is the key to effective
The External and Internal Auditing Process 93


Quality Assurance Policies &
Elements Purpose Procedures
Independence Avoid a relationship with the entity
that would interfere with the director™s
exercise of independent judgment. A
Financial knowledge Directors need to be financially literate. B
Written charter Provides a clear understanding of the
committee™s oversight role, responsi-
bilities, and organization. C
Performance review Work performed meets the audit
committee™s charter. D
Continuing education Directors need an ongoing program
of additional courses. E
Monitoring Annual review for each of the
above elements. F

Examples of related policies and procedures that an audit committee might implement include:
A: Provide for legal counsel™s monitoring compliance with independent rules.
B: Establish review procedures for information about new accounting and auditing standards.
C: Communicate the scope of oversight responsibilities to audit committee members.
D: Establish procedures for benchmarking the audit committee™s performance review.
E: Establish review procedures for a continuing education program.
F: Provide for reporting monitoring activities to the full board of directors.

Source: This discussion is adapted from an article by Louis Braiotta, Jr., “Corporate Audit
Committees: An Approach to Continuous Improvement,” CPA Journal 72, No. 7 (July 2002), pp.
48“51. Reprinted with permission from CPA Journal, Copyright © 2002, New York State Society of
Certified Public Accountants, 530 Fifth Avenue, New York, NY 10036-5101. All rights reserved.
94 Audit Committees: Basic Roles and Responsibilities

In this overview of the audit committee™s role in the auditing process, it is in-
teresting to note some general observations:

• The audit committee has become an integral part of the corporate framework
to help fulfill the board of directors™ stewardship accountability to its outside
• The work of the audit committee is dynamic since the accounting and auditing
processes are subject to change.
• Authoritative bodies at home and abroad, such as the U.S. Congress, the na-
tional stock exchanges, the Cadbury Committee, the Hampel Committee, and
the Committee on Corporate Governance (UK), have established standards for
both the board of directors and the auditors to improve the financial reporting
process. (See Appendix D on this book™s website.)
• The audit committee is fundamental to the concept of corporate accountability.

American Bar Association, Corporate Director™s Guidebook (Chicago: ABA, 1978).
American Bar Association, Corporate Director™s Guidebook (Chicago: ABA, 1994).
American Institute of Certified Public Accountants, Audit Committees, Answers to Typical
Questions about Their Organization and Operations (New York: AICPA, 1978).
American Institute of Certified Public Accountants, Professional Standards, U.S. Auditing
Standards/Attestation Standards, Volume 1. New York, 2003.
American Society of Secretaries, Current Board Practices (New York: ASCD, 1996).
American Society of Corporate Secretaries, Current Board Practices, 2nd Study (New
York: ASCD, 1998).
Atkins, Paul S., “The Sarbanes-Oxley Act of 2002: Goals, Content, and Status of Imple-
mentation.” (Washington, DC: SEC, February 5, 2003).
Bacon, Jeremy, The Audit Committee: A Broader Mandate, Report No. 914 (New York: The
Conference Board, Inc., 1988).
Barlas, Stephen, “Auditors Must State Independence.” Management Accounting 80, No. 7
(January 1999), p. 10.
Bass, Bernard M., Leadership and Performance Beyond Expectations (New York: Free
Press, 1985).
The Business Roundtable, The Role and Composition of the Board of Directors of the
Large Publicly Owned Corporation (New York: The Business Roundtable, January 1978).
Carcello, Joseph V., Dana R. Hermanson, and Terry L. Neal, “Disclosure in Audit Com-
mittee Charters and Reports.” Accounting Horizons 16, No. 4, (December 2002), pp.
Committee of Sponsoring Organizations of the Treadway Commission, Internal Control-
Integrated Framework (New York: AICPA, 1992).
Ernst & Whinney, E&W People, Booklet No. 46302.
Ferrara, Ralph C., and Philip S. Khinda, “A Workable Audit Committee Charter.” Directors
and Boards 25, No. 1 (Fall 2000), p. 14.


. 20
( 82 .)