The Evolving Role of the External Auditor Is Examined by the Center for Audit Quality

Earlier this year, the Center for Audit Quality (which is affiliated with the AICPA) held a series of roundtables to obtain the input from investors, board members, lawyers, and business executives on the role of the external auditor. One internal auditor was present at a roundtable.

No clear conclusions were reached in terms of change. My reading of the report (available here for free download) left me feeling that most of the participants were quite content with the current situation and no major change was being advocated.

The one item that does stand out in terms of desire for change was this observation:

Annual reports are in a state of “disclosure overload” and are too complex to be useful to financial statement users. Examples cited include redundancy in information disclosed between the financial statements and MD&A and a risk factors discussion that contains “anything and everything” (all participants).

One comment which I agree with was voiced by a number of people on the topic of whether the external auditor should provide an opinion or otherwise comment on the risk factors disclosed in filings with the SEC: that the auditors don’t have sufficient perspective, let alone training and experience, to be able to comment on whether the risk factors that are disclosed are complete or what the risk level is.

I also agree that the auditors should not be asked to second-guess management when it comes to such matters as the business outlook and forecast.

What do you think? How should the role of the external auditor be changed?

Posted on Oct 7, 2011 by Norman Marks

Share This Article:    

  1. This effort responds to the PCOAB asking how external audit reports could communicate better; after the PCOAB's financial reporting audit risk assessment standards were issued earlier this year.

    Independently-generated financial reporting audit risk assessment and evaluation by external auditors is a fundamental audit planning expectation; now it is mandated for external audit QA.

    External auditors should be able to understand if Management's own financial reporting risk assessment reports are misleading. The further a risk topic moves away from reasonable prevention of materially inaccurate financial statement reporting and SOX compliance the less the financial reporting auditors are expected to spend time on those factors.

    External auditors wouldn't be experts in the whole ERM process; but they should notice if there isn't one - especially for financial fraud. They should be savvy on financial statement inaccuracy risk management methods, and whether or not a reasonable one existed. Missing typical credit risk factors not included for a bank, or the weightings are way off from what would be expected for that season - especially of a magnitude that could have significant public harm implications - should be noticed.

    Investors might want the auditor financial reporting risk assessment determinations - but that would likely just result in more reporting boilerplating to avoid liability - rather than valuable information. It would be better if external auditors report financial reporting risk assessments and applied audit performance to the audit committee, where differences in risk evaluations and coverage can lead to valuable discussion.

    Differring from the industry standard boilerplate opinion letters without an industry-acceptable impetus, would likely cause more consternation than would be worth it for most to endure to seek to "communicate better" for external auditors.


    In my opinion at the moment external auditors have no many chances to define whether there is a fraud situation in the audited company as well as intention to continue the business by the company. At the same time the internal audit has no chance to be independent until it is hired and paid by management. So let’s experiment and join both such specialists responsible for internal audit will be employed by external auditors but physically located within an audited company on permanent basis…

Leave a Reply