Chapter 3. AS5 Standards for Auditing Internal Controls

The Sarbanes-Oxley Act (SOx) brought us the Public Company Accounting Oversight Board (PCAOB), an independent agency to regulate external audit firms and to establish auditing standards for external auditors. Prior to SOx, external auditors operated under peer-related governance rules established by the American Institute of Certified Public Accountants (AICPA) and auditing standards issued by the AICPA's Auditing Standards Board (ASB). No matter how well respected this AICPA-led process was in the past, the accounting scandals surrounding the fall of Enron indicated that the AICPA peer-review process was somewhat broken. The PCAOB initially assumed and recognized the existing ASB standards for audits of public corporations in the United States but indicated that it would be releasing its own auditing standards over time. An early release of these new PCAOB auditing standards was called Auditing Standard No. 2 (AS2), a very rule-based set of external auditing standards issued in May 2007.

Launched in SOx's first years with the PCAOB's early emphasis on large corporate early filers, AS2 rules encouraged external auditors to take overly conservative and detailed approaches in their audits of financial statements. As a result of this AS2-mandated"look at everything" detailed audit approach, enterprise external audit bills became much more expensive after AS2 took effect. While many larger enterprises gritted their teeth and put ...

Get Sarbanes-Oxley Internal Controls: Effective Auditing with AS5, CobiT, and ITIL now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.