Herb Chain
Herbert M. Chain
Shareholder, Mayer Hoffman McCann P.C, Deputy Technical Director, Global Audit Group, Kreston Global

Join Herbert M. Chain on LinkedIn

Herbert M. Chain is a highly experienced auditor and is a financial expert with over 45 years of experience in business, accounting, and audit, having served as a Senior Audit Partner at Deloitte. He holds certifications from the National Association of Corporate Directors and the Private Directors Association, with knowledge of private company governance and effective risk management. He has extensive knowledge in the financial services sector, including asset management and insurance. Herb is a member of MHM’s Attest Methodology Group and serves as Deputy Technical Direct of Kreston Global’s Global Audit Group.

Auditing standards: Unpacking SAS 143 and SAS 145 updates

March 12, 2024

In his comprehensive overview, Herbert M. Chain from MHM explores the recent updates to SAS 143 and SAS 145, which signify significant milestones in auditing standards. Read the full article here, or the summary below.

Overview of SAS 143 and SAS 145

The issuance of SAS No. 143, focusing on Auditing Accounting Estimates and Related Disclosures, and SAS No. 145, centered on Understanding the Entity and Its Environment and Assessing Risks of Material Misstatement, represents a significant advancement in auditing standards. These standards offer auditors extensive guidance for testing accounting estimates, particularly those involving fair value, and outline essential requirements for grasping the entity’s internal control system. This is crucial in navigating the complexities of the contemporary economic, technological, and regulatory accounting environment.

SAS 143: Auditing accounting estimates

Effective for audits of periods ending on or after Dec. 15, 2023, SAS 143 mandates a deeper examination of uncertainties in accounting estimates, focusing on potential management bias. This involves a thorough evaluation of assumptions, especially for significant judgments like fair value measurements. The standard necessitates a detailed risk assessment tailored for complexities in auditing accounting estimates, providing guidance on responsive audit procedures, including assessing the suitability of valuation models and data integrity for fair value estimates. SAS 143 aims to enhance transparency and accountability in fair value estimation, ultimately improving the quality and reliability of these estimates for increased stakeholder trust.

Key changes from SAS 143

Key changes to auditing standards in SAS 143 include a heightened emphasis on auditors addressing estimation uncertainty and exercising professional skepticism in evaluating fair value estimates. The standard mandates a more detailed risk assessment process tailored for complexities in auditing accounting estimates, particularly fair value estimates. Additionally, auditors must assess the reasonableness of accounting estimates within the financial reporting framework, ensuring compliance with permitted methods, assumptions, and data.

SAS 143 impacts

SAS 143 brings substantial changes to the audit process in assessing fair value estimates. The focus now shifts to understanding factors and assumptions behind estimates, demanding greater transparency and accountability from management. Auditors, in response, perform the following procedures:

  1. Method Assessment: Evaluate if the method aligns with the financial reporting framework and remains consistent. Changes prompt scrutiny for potential bias.
  2. Significant Assumptions: Ensure suitability of assumptions within the financial reporting framework, considering both positive and negative outcomes. Evaluate consistency with prior periods and other business activities, considering potential bias.
  3. Data Evaluation: Assess data reliability, understanding sources and consistency with prior periods. Verify relevance in the context of the chosen method and assumptions, addressing potential bias.
  4. Management’s Point Estimate: Scrutinise alternative outcomes and assumptions when management opts for a precise value (point estimate), evaluating potential bias.

Enhancing controls with SAS 145

SAS 145, also effective for audits for periods ending on or after Dec. 15, 2023, revises aspects of the risk assessment process, focusing on an entity’s internal control system. Notably, it enhances auditor responsibilities related to evaluating the design and implementation of controls, including IT general controls (ITGC). The standard recognises the increasing significance of an entity’s IT environment, requiring auditors to identify and assess ITGCs, categorised into four domains:

  1. Security and Access: Controls ensuring appropriate user access, segregation of duties, and ongoing authorisation for IT applications and cloud providers.
  2. Systems Change: Controls over designing, testing, and migrating changes into a production environment, with segregation of access to prevent unauthorised changes.
  3. System Development: Controls over initial IT application acquisition, development, or implementation, including data conversion and creation of new reports.
  4. Computer Operations: Controls monitoring financial reporting program execution, ensuring backups, and enabling timely data recovery in case of outages or cyberattacks.

While not all domains may be applicable annually, SAS 145 mandates evaluating design and implementation for relevant ITGCs within the applicable domain for each identified significant IT application. The standard also introduced the concept of a continuum of inherent risk as well as other changes.

If you are interested in doing business with Kreston Global, contact us here.