The AICPA Audit Committee Toolkit for Not-for-Profit Organizations

Available for download at www.aicpa.org

Reviewed by Julie Lynn Floch

E-mail Story Print Story

In response, the AICPA created an online guidance called the Audit Committee Effectiveness Center (www.aicpa.org/audcommctr). This center provides guidance and resources that include information, training, checklists, and periodic “e-Alerts.” The AICPA also created a comprehensive “Audit Committee Toolkit” of policies and procedures that address a wide range of governance concerns in the commercial sector, as well as one designed specifically for the needs of not-for-profit organizations and their boards.

The toolkit is one of the better resources available on the topic. Its 20 policies and procedures related to governance concerns are designed to be tailored to an organization’s needs. At minimum, these tools provide an easy reference source and a way to measure what an organization does against the industry’s “best practices.” At most, it is a comprehensive and inexpensive way to look at many governance issues and to address them in an easy-to-implement manner. The toolkit’s sample documents consolidate guidance in one practical, user-friendly place.

Each sample document begins with an explanation of its objective. For example, the “Audit Committee Charter Matrix” delineates various responsibilities for an audit committee. Steps are listed for achieving each responsibility, both in concept and in practical application. For an organization whose board functions as the sole governing body (i.e., no audit committee), these same steps can be helpful. Some steps apply to organizations regardless of whether they undergo financial statement audits.

The toolkit presents examples of 28 charters for the audit committee. Each charter has a corresponding layperson’s-English series of steps to achieve its objective.

The document “Independence and Related Topics: Conflict of Interest, Related Parties, Inurement, and Other Issues” is particularly valuable. It provides an overview of independence concerns, both for auditors (illustrating AICPA and GAO rules regarding auditor independence) and for not-for-profit boards and executives. The document also gives layperson’s-English definitions of the IRS’s terms relative to independence issues, such as “inurement,” “disqualified persons,” and “excess-benefit transactions.” A sample conflict-of-interest policy is provided for organizations to tailor to their particular circumstances.

The Sarbanes-Oxley Act contains specific requirements for public companies and their auditors regarding the assurances that must be provided on internal controls. This type of in-depth “certification” is not required for the charitable sector, although a frequent criticism of not-for-profit entities has been the perceived weaknesses in their controls, due largely to chronic understaffing, insufficient resources, or poor training. The toolkit’s internal-control document is intended as an overview of what internal control represents, and also as a guide to standard questions about the controls of an organization. By completing the questionnaire, leaders of organizations can pinpoint their entities’ strengths and weaknesses and address them as appropriate.

The first few pages of the toolkit’s internal-control document provide definitions of controls and an overview of roles and responsibilities within organizations. A sample questionnaire focuses on the five components of internal control as identified by the Committee of Sponsoring Organizations (COSO).

Another significant document in the toolkit addresses fraud. It begins with some basic definitions, distinguishing between management fraud, employee fraud, and external fraud. It also explains audit committee responsibilities with regard to fraud prevention, deterrence, discovery, and investigation. This document is a useful tool for all organizations, not just those who have audit committees or who might be undergoing financial statement audits. The toolkit then provides a sample whistleblower policy. The AICPA cites a study by the Association of Certified Fraud Examiners which concludes that at least 40% of discovered frauds are the result of tips from insiders.

The toolkit document titled “Conducting an Audit Committee Executive Session: Guidelines and Questions” is helpful for those members of boards or audit committees who know that an executive session with the auditors is an essential component of governance, but are uncertain of what questions to ask. This document provides sample questions regarding the competence of various management and financial personnel, plus sample questions to ask auditors about their own processes, including their independence and their relationship with management. In addition, suggested questions to pose to the organization’s executives concern the fair presentation of the organization’s financial statements and the adequacy of the underlying internal controls. A tool titled “Discussions with the Independent Auditors: What to Expect” explains the required communications from the auditor to the board or audit committee, as well as what to expect from the dialogue with the auditors.

Overall, the toolkit is an excellent resource. Although it may not address every area of an organization’s concern and interest, anyone in the charitable sector who wants to learn how to address governance issues should consider this a must read.