AICPA Audit Committee Toolkit for Not-for-Profit Organizations
for download at www.aicpa.org
by Julie Lynn Floch
2006 - The Sarbanes-Oxley Act of 2002 and its “trickle-down”
effect on the not-for-profit community; the discussions
and proposals emanating from the U.S. Senate Finance Committee
and elsewhere; allegations and media reports of abuse in
major charities: all of these factors have contributed to
the call for stronger and clearer governance in the charitable
response, the AICPA created an online guidance called the
Audit Committee Effectiveness Center (www.aicpa.org/audcommctr).
This center provides guidance and resources that include
information, training, checklists, and periodic “e-Alerts.”
The AICPA also created a comprehensive “Audit Committee
Toolkit” of policies and procedures that address a
wide range of governance concerns in the commercial sector,
as well as one designed specifically for the needs of not-for-profit
organizations and their boards.
toolkit is one of the better resources available on the
topic. Its 20 policies and procedures related to governance
concerns are designed to be tailored to an organization’s
needs. At minimum, these tools provide an easy reference
source and a way to measure what an organization does against
the industry’s “best practices.” At most,
it is a comprehensive and inexpensive way to look at many
governance issues and to address them in an easy-to-implement
manner. The toolkit’s sample documents consolidate
guidance in one practical, user-friendly place.
sample document begins with an explanation of its objective.
For example, the “Audit Committee Charter Matrix”
delineates various responsibilities for an audit committee.
Steps are listed for achieving each responsibility, both
in concept and in practical application. For an organization
whose board functions as the sole governing body (i.e.,
no audit committee), these same steps can be helpful. Some
steps apply to organizations regardless of whether they
undergo financial statement audits.
toolkit presents examples of 28 charters for the audit committee.
Each charter has a corresponding layperson’s-English
series of steps to achieve its objective.
document “Independence and Related Topics: Conflict
of Interest, Related Parties, Inurement, and Other Issues”
is particularly valuable. It provides an overview of independence
concerns, both for auditors (illustrating AICPA and GAO
rules regarding auditor independence) and for not-for-profit
boards and executives. The document also gives layperson’s-English
definitions of the IRS’s terms relative to independence
issues, such as “inurement,” “disqualified
persons,” and “excess-benefit transactions.”
A sample conflict-of-interest policy is provided for organizations
to tailor to their particular circumstances.
Sarbanes-Oxley Act contains specific requirements for public
companies and their auditors regarding the assurances that
must be provided on internal controls. This type of in-depth
“certification” is not required for the charitable
sector, although a frequent criticism of not-for-profit
entities has been the perceived weaknesses in their controls,
due largely to chronic understaffing, insufficient resources,
or poor training. The toolkit’s internal-control document
is intended as an overview of what internal control represents,
and also as a guide to standard questions about the controls
of an organization. By completing the questionnaire, leaders
of organizations can pinpoint their entities’ strengths
and weaknesses and address them as appropriate.
first few pages of the toolkit’s internal-control
document provide definitions of controls and an overview
of roles and responsibilities within organizations. A sample
questionnaire focuses on the five components of internal
control as identified by the Committee of Sponsoring Organizations
significant document in the toolkit addresses fraud. It
begins with some basic definitions, distinguishing between
management fraud, employee fraud, and external fraud. It
also explains audit committee responsibilities with regard
to fraud prevention, deterrence, discovery, and investigation.
This document is a useful tool for all organizations, not
just those who have audit committees or who might be undergoing
financial statement audits. The toolkit then provides a
sample whistleblower policy. The AICPA cites a study by
the Association of Certified Fraud Examiners which concludes
that at least 40% of discovered frauds are the result of
tips from insiders.
toolkit document titled “Conducting an Audit Committee
Executive Session: Guidelines and Questions” is helpful
for those members of boards or audit committees who know
that an executive session with the auditors is an essential
component of governance, but are uncertain of what questions
to ask. This document provides sample questions regarding
the competence of various management and financial personnel,
plus sample questions to ask auditors about their own processes,
including their independence and their relationship with
management. In addition, suggested questions to pose to
the organization’s executives concern the fair presentation
of the organization’s financial statements and the
adequacy of the underlying internal controls. A tool titled
“Discussions with the Independent Auditors: What to
Expect” explains the required communications from
the auditor to the board or audit committee, as well as
what to expect from the dialogue with the auditors.
the toolkit is an excellent resource. Although it may not
address every area of an organization’s concern and
interest, anyone in the charitable sector who wants to learn
how to address governance issues should consider this a
Lynn Floch, CPA, is a partner and the director of
not-for-profit services at Eisner LLP, New York, N.Y. She
is a past chair and current member of the NYSSCPA’s
Not-for-Profit Organizations Committee and a member of its
Exempt Organizations Committee.