PCAOB Issues New Guidance on Amendments to the Audit Evidence Standard

The Public Company Accounting Oversight Board (PCAOB) recently published detailed guidance, complete with illustrative examples, to assist audit firms in applying the new requirements under AS 1105 – Audit Evidence. This update comes as part of the PCAOB’s broader effort to strengthen audit quality in an increasingly digital environment, where much of the information auditors rely on is electronic and externally sourced.

The new guidance focuses specifically on paragraph .10A, titled “Evaluating the Reliability of External Information Provided by the Company in Electronic Form.” This paragraph was added in 2024 and becomes effective for audits of fiscal years beginning on or after December 15, 2025. The PCAOB released this guidance to help firms interpret and implement the new requirements in a consistent, practical way. It is meant to be read alongside the full text of the updated standard and a policy statement issued in mid-September that explains how the Board intends to enforce these provisions.

Purpose and Context of the New Guidance

The PCAOB recognized that auditors are increasingly relying on external information provided by companies in digital form, such as bank confirmations, third-party reports, or data feeds from service providers. While such information can be valuable, it also raises new reliability concerns — particularly around data integrity, cybersecurity, and the controls companies use to manage this information.

To address these challenges, paragraph .10A introduces a principles-based requirement for auditors to evaluate the reliability of this external information. It does not prescribe a rigid checklist but instead gives auditors flexibility to scale their procedures based on the level of risk and the nature of the information.

Key Requirements Under Paragraph .10A

Auditors are required to:

  1. Understand the source and process – They must gain a clear understanding of where the information comes from and how the company receives, stores, and processes it. This includes evaluating whether the source is independent, reputable, and consistent with prior audit evidence.

  2. Test the information or related controls – Auditors must either test the data itself for accuracy and completeness or assess the effectiveness of the company’s internal controls surrounding that information.

Importantly, the PCAOB emphasizes that paragraph .10A does not dictate how or when these procedures should be performed. The approach should be tailored to the specific facts and circumstances of each audit engagement.

Addressing Implementation Challenges

During the rulemaking phase, many stakeholders — including audit firms, professional associations, and oversight bodies — requested further clarification, especially regarding paragraph .10A(b), which addresses testing requirements. Auditors sought to understand how much testing is expected and whether separate testing would always be required in addition to testing performed elsewhere in the audit.

In response, the PCAOB issued a policy statement clarifying that it will not view the absence of distinct, standalone testing under paragraph .10A(b) as a violation of PCAOB standards in certain situations. For example, if testing of related controls or substantive procedures already provides sufficient evidence of reliability, auditors may not need to perform additional testing under this specific paragraph.

Practical Implications for Audit Firms

This guidance is particularly significant for large audit firms that rely heavily on digital evidence and automated workflows. It:

  • Encourages a risk-based, scalable approach to evaluating audit evidence.

  • Reinforces the importance of professional skepticism when relying on electronic data provided by clients.

  • Highlights the need for enhanced auditor training in technology and data governance.

  • Signals a shift toward integrated audit approaches, where testing of controls, data integrity, and external information reliability are interconnected.

As the effective date approaches, firms are expected to update their audit methodologies, enhance documentation of procedures related to electronic evidence, and possibly invest in AI-driven verification tools to streamline compliance.


Comments

Post a Comment

Popular posts from this blog

IFRS Standards: What Every Business Owner Should Know

Image
  #Accounting Services In a global business environment where transparency and comparability matter, International Financial Reporting Standards (IFRS) have become the universal language of accounting. For entrepreneurs and company owners, understanding IFRS is not about becoming an accountant — it’s about ensuring that financial statements truly reflect the health and credibility of their business. 1. What Are IFRS Standards? IFRS stands for International Financial Reporting Standards , developed by the International Accounting Standards Board (IASB) . They provide a consistent framework for preparing and presenting financial statements across different countries. The aim is simple: to make financial information understandable, comparable, and transparent , regardless of where the company operates or is headquartered. These standards are now adopted in over 140 countries , including the UAE, the UK, EU member states, and most of Asia and Africa. 2. Why IFRS Matters for Bu...
Read more

Why SMEs Need Outsourced Accounting

Image
  #Accounting Services For small and medium-sized enterprises (SMEs), every dirham and decision counts. Managing accounting in-house can be time-consuming and costly — especially when compliance, accuracy, and growth all demand equal attention. This is where outsourced accounting services make a real difference. 1. Access to Expertise Without Full-Time Costs Outsourcing gives SMEs access to qualified accountants and financial experts without the expense of hiring a full-time finance team. Professional firms stay updated with the latest accounting standards, VAT regulations, and corporate tax requirements, ensuring your business remains compliant and efficient. 2. Focus on Core Business Activities Financial management often pulls owners away from strategy, sales, and operations. By outsourcing, business leaders can redirect their time and energy toward growth — while professionals handle bookkeeping, reconciliation, and reporting. 3. Enhanced Accuracy and Compliance Error...
Read more