construction audit issues update
DESCRIPTION
Construction Audit Issues Update. AGC Financial Issues Forum January 9, 2014 Presented By: Tim Wilson. Agenda. AICPA Audit Risk Alert Accounting and Auditing issues Auditor Risk Assessment Approach Enterprise Risk Management IT Risk Governance. AICPA Audit Risk Alert. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/1.jpg)
Construction Audit Issues Update
AGC Financial Issues Forum
January 9, 2014
Presented By: Tim Wilson
![Page 2: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/2.jpg)
Agenda
• AICPA Audit Risk Alert Accounting and Auditing issues
• Auditor Risk Assessment Approach
• Enterprise Risk Management
• IT Risk
• Governance
![Page 3: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/3.jpg)
AICPA Audit Risk Alert
• AICPA publishes annually
• Focus is to help auditors better understand business, economic and regulatory environment
• Understanding audit risk is the key
• Combines Real Estate and Construction
![Page 4: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/4.jpg)
Real Estate Market Conditions
• Keep an eye on residential
• Commercial Strength – Q3 of 2013 Industrial availability – 11.7%, 130bps under 2012
Retail availability – 12.2%, 70bps under 2012
Apartment vacancy – steady at 4.6%
Office vacancy – 15.1%, 50bps under 2012
Hotels – 35.8% growth in rooms under construction
![Page 5: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/5.jpg)
Construction Market Conditions
• Total construction starts up 6% over 2012 Residential up 25%
Non-residential building up 8%
Non-building down 15%
Excluding electric utility category total is up 14%
![Page 6: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/6.jpg)
Economic and Industry Risks
• Debt modifications
• Debt covenants
• Decreased margins
• Subcontractor concerns
• Warranty claims and change orders
![Page 7: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/7.jpg)
Accounting Developments
• AICPA FRF for SME’s
• FASB/PCC for nonpublic companies
• ASU 2013-02 – Reclasses of AOCI Public – 12/15/12, Nonpublic – 12/15/13
• ASU 2013-03 – Disclosures related to fair value for nonpublic companies – effective on issuance
• Other narrow subjects
![Page 8: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/8.jpg)
Auditing Developments
• Continued push towards risk based auditing
• Clarity standards Larger focus on planning, interim testing, analyzing risk
of material misstatement (RMM)
Group audit issues and materiality
Component auditors
Related party transactions
![Page 9: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/9.jpg)
Common Issues in Peer Review Findings
• Subsequent event date disclosures and evaluation
• Lack of disclosure of open tax years
• Documentation on expectations for analytics
• Documentation on risk assessment procedures
• Engagement letters not updated
![Page 10: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/10.jpg)
Risk Assessment Approach
• Looking for RMM in the financials
• Control Risk Usually assessed as high unless testing key controls for
operating effectiveness
• Inherent Risk Must understand transactions that flow thru
• Any stories from 2012 audits?
![Page 11: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/11.jpg)
Enterprise Risk Management
• Boards and audit committees are becoming more involved – governance
• Integrated approach for companies to assess risk and controls
• More than financial risks
• Not just for public companies
• Treadway Commission (COSO) – 2004 Report
![Page 12: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/12.jpg)
Enterprise Risk Management
• Integrated Approach Operational
Financial
Strategic
Regulatory
Technology
![Page 13: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/13.jpg)
Components of Enterprise Risk Management
• Internal Environment – the tone
• Objective Setting – must exist to understand risk
• Event Identification – internal and external
• Risk Assessment – analyze likelihood and impact
• Risk Response – align response with tolerances
• Control Activities – policies and procedures
![Page 14: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/14.jpg)
Components of Enterprise Risk Management
• Information and Communication – important process to allow flow of information
• Monitoring – ERM must be monitored and modified
![Page 15: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/15.jpg)
IT Risk
• Anybody seen the headlines lately?
• Do you know where your risks are?
• More mobile technology in construction
• Remote job sites
• Vendor/subcontractor connectivity
![Page 16: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/16.jpg)
IT Risk
• Should review IT risk in all areas Identity theft
Physical security
Logical security
Business continuity planning
Information security
Vendor management
Internet security
![Page 17: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/17.jpg)
Social Engineering
• Obtaining confidential information thru user manipulation Simulated pretext phone calls
Spoofing
Phishing
Physical access attempts
Malware
Counterfeit websites for security testing
![Page 18: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/18.jpg)
IT Risks
• Network scanning Beginning step for full penetration testing
• Vulnerability Scanning Network hosts, services, operating system, applications
• Penetration Testing Combination of network and vulnerability scanning –
the true hacking approach
![Page 19: Construction Audit Issues Update](https://reader036.vdocument.in/reader036/viewer/2022062411/568168ba550346895ddfa6a5/html5/thumbnails/19.jpg)
Governance
• Auditors are much more focused on the “Tone at the Top”
• Active board and audit committees are good!!
• Closely aligned with ERM
• Open discussion on best practices