Professional Standards for Auditors: AICPA, PCAOB & GAAS Hierarchy Explained

🎧 Listen to more in-depth episodes on Spotify! Professional Standards for Auditors: AICPA, PCAOB & GAAS Hierarchy Explained

Professional Standards for Auditors: AICPA, PCAOB & GAAS Hierarchy Explained

Overview: Auditors must follow professional standards and guidelines based on the type of engagement and entity being audited. This guide breaks down the main standards, who sets them, and how the GAAS hierarchy works in practice.

✅ Key Standard-Setting Bodies and Standards

  • Statements on Auditing Standards (SAS) — Issued by AICPA Auditing Standards Board for nonissuers.
  • PCAOB Auditing Standards (AS) — Issued by the Public Company Accounting Oversight Board for issuers (public companies).
  • Generally Accepted Government Auditing Standards (GAGAS) — Also known as the Yellow Book; used for audits of government entities and entities receiving government funds.
  • Statements on Standards for Attestation Engagements (SSAE) — AICPA guidance for attestation engagements (examinations, reviews, agreed-upon procedures).
  • Statements on Standards for Accounting and Review Services (SSARS) — AICPA guidance for preparing, compiling, or reviewing unaudited financial statements for nonissuers.
  • Quality Control Standards (SQCS) — AICPA standards requiring CPA firms to have policies to ensure compliance with professional standards.
  • Code of Professional Conduct — AICPA ethical guidelines that ensure integrity, objectivity, and due care.

📌 Who Must Follow What?

  • Issuers: Follow PCAOB AS and Code of Professional Conduct.
  • Nonissuers: Follow AICPA SAS, SSARS, SSAE, and Code of Professional Conduct.
  • Government Audits: Follow GAGAS plus any relevant SAS or PCAOB AS.

✅ The GAAS Hierarchy

Audit guidance is organized by level of authority:

  1. Most Authoritative: SAS (for nonissuers) and PCAOB AS (for issuers). Must or is required = unconditional. Should = presumptively mandatory.
  2. Interpretive Publications: Recommend how to apply SAS or AS in specific situations. Departures must be justified.
  3. Other Auditing Publications: Least authoritative; can be helpful but not mandatory. Examples: textbooks, CPE materials, Journal of Accountancy articles.

✅ Quality Control Requirements

CPA firms must design and maintain a quality control system (SQCS) to ensure they comply with professional standards and issue appropriate reports. This includes policies for leadership, ethics, client acceptance, human resources, engagement performance, and monitoring.

✅ Example: Code of Professional Conduct

The AICPA Code sets ethical guidelines for behavior, including:

  • Integrity and objectivity.
  • Independence for attestation services.
  • Due care and professional competence.

It assures the public that members maintain high standards and comply with rules enforced by the profession.

🔗 Helpful References

👉 Master the standards — know when to apply SAS, PCAOB AS, GAGAS, SSARS, or SSAE correctly!

COCOMOCPA

Financial Controller / CPA

다음 이전