Auditor Independence and IT Services

Share on facebook
Share on twitter
Share on google
Share on linkedin
Share on email

New audit independence guidance becomes effective in January 2022 for U.S. audit firms that provide technology services. A few of the key issues related to this guidance are noted below. Of course, the detailed ACIPA Ethics Interpretation should be reviewed carefully. (Note: the original 2021 implementation date was extended by one year due to COVID-19.)

Hosting and Client Portals

Where the client data resides is a key consideration. Hosting services include keeping an attest clients depreciation records, historical tax returns, etc. In short, the auditor may not serve as the client’s record storage or disaster recovery provider. To maintain independence, complete records must be provided to and maintained by the client. Further, the client’s access to the data and in the auditor’s possession must be terminated after a reasonable period of time.

Commercial Off-the-Shelf Software (COTS)

An auditor may assist with COTS implementation by providing training, advice and other types of services. Creating new code or other steps that alter COTS functionality, writing a custom interface to a COTS, or custom data translation would impair independence. Use of third0party applications for interfaces and data translation allows the possibility of remaining independent.

Other Data Analysis Tools

Dashboards and data analysis applications should be analyzed to determine if they are a financial information system (FIS) or merely a tool. Designing, developing or utilizing a FIS on behalf of a client impairs independence; design, development or use of a tool does not. A tool performs only discrete calculations. A FIS aggregates or generates data that is significant to the financial statements or financial processes.

Keeping Independent

To maintain independence, it is critical to avoid performing any management functions. The auditor should ensure that the client 1) has the appropriate Skills, Knowledge and Experience, 2) evaluates and accepts responsibility for any inputs and assumptions, and 3) has sufficient information to understand the processes and results.

Additional Information

This ethics interpretation was developed to provide more clarity to independence requirements in response to evolving technology and practice needs. Firms providing auditing services must comply with this guidance in order to maintain independence while providing permissible services to clients. Additional information and clarification can be found in the Frequently Asked Questions: Nonattest Services produced by the AICPA’s Ethics Division.

Jeffrey A. Ford

Jeffrey A. Ford

Jeff is one of the firm's founders and is a partner in the GYF Audit and ERP Solutions Groups. He has focused his career on providing accounting, auditing and consulting services to privately held companies and not-for-profit entities. Jeff also serves as the North American Audit Practice Chair for Geneva Group International (GGI).

Categories
Recent Posts

Subscribe to RSS

Get RSS feed notifications when updates are posted on the GYF Insights blog

Contact us to find out more

By submitting this form, you agree to the terms for our collection and use of your data as set forth in our privacy policy