
The Public Company Accounting Oversight Board (PCAOB)’s June Spotlight on Audit Committee Resource raises questions for audit committee members to consider on a variety of relevant topics.
The topics include risk of fraud, risk assessment and internal controls, auditing and accounting risks, digital assets, merger-and-acquisition activities, use of the work of other auditors, talent and its impact on audit quality, independence, critical audit matters, and cybersecurity.
The suggested questions “may be of interest to audit committee members to consider amongst themselves or in discussions with their independent auditors, particularly given today’s economic and geopolitical landscape,” the document states.
The suggested questions about digital assets include, “What steps has the audit firm taken to ensure that its engagement partner and other senior engagement team members have the knowledge, skills, and abilities regarding digital assets to adequately perform audit services, including those related specifically to ICFR, for the public company?” and “Have recent digital asset market developments—including recent bankruptcies—influenced the nature, timing, and extent of procedures the auditor plans to perform or performed to address the risk of material misstatement including fraud risk related to digital assets?”
Suggested questions about risk assessment and internal controls include, "What has the auditor done to understand
and/or select and test relevant controls?
Has appropriate testing of data been
performed for the data used in the
operation of those selected and tested
controls? Have management review
controls been properly tested?"
Auditing and accounting risk questions include, "How has the auditor considered the
economic environment, including recent
significant economic, accounting, or other
developments, in its determination of
whether an identified risk is a significant
risk? What unique risks did the auditor find
applicable to the public company?
Fraud risk questions include, “Did the auditor identify any significant unusual transactions? If yes, how did the auditor evaluate whether the transaction was for a legitimate business purpose?”
Cybersecurity questions include, "How did the auditor consider the risk of cyberthreats or cyber incidents? Did the auditor identify a risk of material misstatement related to cybersecurity?” and “Was the auditor made aware of cyber breaches within the public company’s operations that may affect financial reporting?”
In addition, the PCAOB document states, “Stakeholders may also consider other Spotlights as reference points for relevant discussions, including our April 2023 Spotlight, Staff Priorities for 2023 Inspections.