Audit Readiness Checklist: A Comprehensive List
Most US companies go through an annual audit to verify financial records. An external financial audit governed by the Generally Accepted Auditing Standards (GAAS), a publication of the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA).
The other major players in the external audit world are the “Big Four” accounting firms, who are responsible for a majority of the auditing that occurs in the US. If you're preparing your company for a financial audit, this blog will simplify what it takes to be fully audit-ready, including:
- What an audit is and what to expect
- The difference between a startup audit and an enterprise audit
- Which five things you need most for audit readiness
- How audit readiness assessment works in practice
What’s a Company Audit, and What Should You Expect?
A financial business audit is a comprehensive assessment or evaluation of your company’s finances. It paints a picture of your company’s financial standing for stakeholders and the general public.
As noted above, the majority of financial auditing in the US is undertaken by the Big Four firms:
- Deloitte Touche Tohmatsu Limited (Deloitte)
- KPMG International Limited (KPMG)
- Ernst & Young Global Limited (EY)
- PricewaterhouseCoopers (PwC)
According to the Houston Chronicle’s guide to financial audits, most publicly traded companies are subject to regular financial auditing by external agencies, like a Big Four firm or the IRS. Even private companies may be legally required to undergo an audit periodically, or face market pressure to do so. Because of this, it’s important to prepare for what an external auditor will do by learning to self-audit.
Key Areas of Examination
The specific kinds of information that a financial auditor will examine depends on several contexts, including the reason for the audit, the internal processes of the auditor, and the position of the company being audited. However, some things are true for all audits.
Per Deloitte’s financial audit readiness guide, some key areas of examination include:
- Regular business taxes – Taxes to be analyzed include value added tax (VAT), sales, use, and goods and services taxes (GST), along with border and customs reporting.
- Estate and gift taxes – Estates are analyzed carefully for changes in value over time, and both gift and non-gift transactions are also scrutinized to ensure no fraudulent activity.
- Residency issues – Analysis is conducted on homes, offices, and travel between them.
- Lifestyle assets – Valuable holdings like aircraft or rare jewelry must be carefully documented and accounted for to avoid issues with valuation and fraud.
These are not the only areas for which financial documentation is needed; they are just some of the most challenging. A full audit readiness checklist includes all financial documentation, and more.
The Difference Between a Startup Audit and Enterprise Audit
Although enterprises undergo more frequent and thorough audits, startups must also prepare for the possibility by keeping their finances in order.
In 2018, 18.7% of all business audits were small business startups. Despite not being a large percentage of the total number of IRS audits, startups are the taxpaying class with the highest degree of noncompliance. This is largely due to the fact that small business tax compliance heavily relies on the startup to self-report income and expenses. As a result, when the IRS does hold the business’ finances up to a microscope, they often discover errors or violations.
Knowing this, it’s important that you conduct audit readiness procedures within your business. Early preparation and an internal audit of your financial records can help you spot and address problems before you land in hot water.
PwC’s Pillars of Audit Readiness
In order to fully prepare for a financial audit, regardless of who is conducting the audit or why, companies need to have all relevant accounting records and documents in place. But that’s not all; there are several logistical and other factors to account for.
As such, PwC’s Audit Readiness Essentials framework divides readiness into five essential “pillars” that support preparation and availability of relevant “Auditable Financial Statements.”
Let’s examine each pillar.
#1 Get Support from Leadership
The first pillar identified by PwC pertains to AICPA’s Statement of Auditing Standards (SAS) No. 114, accessible via AU Section 380, The Auditor’s Communication with Those Charged with Governance.
Per these guidelines, auditors need to be in contact with organizational leaders in addition to CFOs; the latter are not the only parties involved, contrary to popular belief. Given many organizational leaders’ relative unfamiliarity with the audit process, as well as the importance of auditing (and readiness), PwC breaks this pillar down into four steps:
- Demonstrate importance of support to leaders.
- Demonstrate value of financial audit to leaders.
- Demonstrate how readiness benefits the company.
- Develop a plan for long-term support from leaders.
Once leadership is mobilized, it’s time to focus on building the rest of your audit team.
#2 Prepare Human Capital and Readiness Plans
Leadership is not the only party that needs to be integrated and systematized with a plan for efficient auditing. PwC also stresses the critical importance of creating a diverse, multi- and interdisciplinary team, leveraging strengths and skill sets from all parts of the company.
There are five key parties identified by PwC that need to be part of this team:
- General auditing and accounting team
- Information technology (IT) auditors
- Data management specialists
- Statisticians and specialists
- Other miscellaneous specialists
Each party plays a key role, not just in auditing one section of the company, but overseeing all elements of the entire assessment. Thus, the whole team is greater than the sum of its parts.
#3 Set Internal Controls, Procedures, and More
As should be expected, one of the most important elements of financial audit readiness is comprehensive accounting for compliance with regulatory and other statutes through internal controls. The more trust an auditor can place in computer, application, and manual controls, the fewer overall tests need to be performed. Thus, greater control leads to an easier, faster audit.
This pillar pertains in particular to the Office of Management and Budget (OMB) Circular A-123, which governs compliance with the Federal Financial Management Improvement Act (FMFIA) and AICPA’s AU-Section 940, also known as Internal Controls Over Financial Reporting (ICOFR).
The core purpose of the circular is requiring comprehensive documentation, analysis, testing, and accountability for an organization’s internal controls, making it key to successful financial audit preparedness.
#4 Gather Statements and Financial Documentation
The most essential element of audit readiness, this pillar requires key financial documents, such as Year End Closing Statements (FMS 2108), Funding Authorization Documents (FADs), and Apportionment and Reapportionment Schedule (SF132).
PwC also defines a matrix of “Financial Statement Assertions” that determine the sufficiency and appropriateness of required documentation. These key qualities include:
- Presentation and disclosure
- Rights and obligations
Full readiness requires granting an auditor full rights to a document, which itself is 100% complete and perfectly accurate, while also presented in an easily accessible manner.
#5 Consider Your Information Technology (IT)
Finally, the last pillar of financial audit readiness involves a careful inventory of IT resources that come in contact with financial records or might otherwise impact the financial position of the company.
First, you need to generate a list of relevant technology. Then, PwC recommends assessing two broad categories of controls:
- Application Controls, including: business process controls, interface controls, database management controls, and app-level general controls
- IT General Controls, including: security management controls, access restrictions and controls, segregation of duties, configuration management, and contingency planning
Across these and the other four pillars, a company is fully prepared for in-depth analysis of any Auditable Financial Statements, whether working with PwC or any auditing body.
Readiness in Practice: a Case Study
The actual audit practice, as well as the preparation for audit readiness, will differ depending on the particular auditing body. PwC’s framework is one useful approach, but another valuable resource is an actual financial audit readiness case study provided by KPMG.
KPMG’s study involves their dealings with a governmental entity preparing for its first financial audit. It faced issues of uncertainty regarding its ability to answer basic questions about its financial position, as well as support annual auditing. KPMG’s approach to readiness, in this case, was to undergo a transformation.
Four key insights are particularly valuable:
- Transformation must be a priority, especially by leaders within the company.
- While external resources are invaluable, leadership must be undertaken internally.
- Readiness and transformational goals need to be linked, irrevocably, to business goals.
- Leaders need to establish and resource a plan for long-term audit and readiness success.
Note the ways in which these takeaways correspond to the pillars above—namely, the importance of leadership and available data.
Data-Driven Solutions: EY and Beyond
One last element of financial audit readiness that grows increasingly important with the steady increase in technology’s integration throughout companies is “big” data. As EY makes clear, data can empower the audit process, and awareness of data capabilities can also facilitate readiness.
In particular, EY breaks down five key areas of analysis that CFOs need to explore in order to get the most out of a data-driven auditing process:
- How can the audit identify risks, exposures, and prospects?
- How can we ensure ROI on technology, especially post-COVID?
- How can we prepare for expansion in technology and responsibilities?
- How can we prepare for non-financial questions asked by advisors?
- How can the audit “unlock” value in both the short and long term?
These questions apply just as aptly to the process of readiness. One of the best ways to mobilize your company’s financial data, for these and other questions, is through full visibility over your company’s spend. With automated spend management platforms, company financials are tracked in real-time.
That’s where Ramp’s corporate card can help.
Optimize Audit Readiness with Ramp
Ramp is a smart corporate card that’s designed to help companies track their spending habits and save money. To accomplish this, Ramp offers unlimited flat cash back on all purchases, promotional deals, and automatic cost-saving opportunities.
The most prominent feature of our corporate card? The integrated spend management platform.
Ramp tracks expenses in real time and enables approval of payments with the click of a button. Incidentally, this platform also simplifies bookkeeping, making auditing and audit readiness as stress-free as possible.
Use Ramp to power your savings and audit readiness.