What's new - OnPoint EBP October 2023

The October 2023 release of OnPoint EBP includes updated content and guidance to incorporate recently issued authoritative standards, including the following Statements on Auditing Standards (SASs):

  • SAS No. 143, Auditing Accounting Estimates and Related Disclosures,

  • SAS No. 144, Amendments to AU-C Sections 501, 540, and 620 Related to the Use of Specialists and the Use of Pricing Information Obtained From External Information Sources,

  • SAS No. 145, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement, and

  • SAS No. 147, Inquiries of the Predecessor Auditor Regarding Fraud and Noncompliance with Laws and Regulations.

Below are some highlights of this release.

Auditing accounting estimates and related disclosures

The following list summarizes the substantive changes related to SAS No. 143, Auditing Accounting Estimates and Related Disclosures:

  • Accounting estimate procedures previously located in 1405, Overall audit strategy, have been revised and relocated as appropriate.

  • 2100, Identifying risks through understanding the Plan, contains a new section on accounting estimates with procedures related to identifying and understanding accounting estimates. Estimates addressed in OnPoint EBP’s guided methodology have been specifically identified.

  • 2110, Entity level risk assessment and controls understanding, prompts auditors to consider the entity level risks and controls pertaining to accounting estimates.

  • The following audit programs contain new sections on accounting estimates with procedures addressing the risks related to accounting estimates identified in the guided risk assessment forms:

    • 3000, Audit program – plan contributions

    • 3100, Audit program – investments

    • 3250, Audit program – benefit obligations and participant census data

    • 3400, Audit program – participant loans

    • 3700, Audit program – other receivables

  • 3950, Responding to estimates, has been added to address any other accounting estimates identified by auditors that are not listed at 2100 and captured by the guided risk assessment forms.

  • 4025, Management representations letter, and 4205, Report to those charged with governance, have been updated for accounting estimates and related disclosures.

Use of specialists and the use of pricing information obtained from external information sources

Content and guidance in 1405, Overall audit strategy, 2330, Evaluating the work of an auditor’s specialist, and 2335, Evaluating the work of a management’s specialist, have been updated to address SAS No. 144, Amendments to AU-C Sections 501, 540, and 620 Related to the Use of Specialists and the Use of Pricing Information Obtained From External Information Sources.

Understanding the entity and its environment and assessing the risks of material misstatement

The following list summarizes the substantive changes related to SAS No. 145, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement:

  • 2135, Control design/implementation – all cycles, requires consideration and assessment of controls as relevant controls (referred to as “identified controls” in SAS No. 145), which requires auditors to evaluate their design and determine whether they have been implemented.

  • 2200 series, Risk Assessment forms:

    • the “Control risk” assessment has been moved to below the “Risk factors and assumptions” section, and

    • auditors are prompted to determine whether substantive procedures alone cannot provide sufficient appropriate audit evidence for any of the risks of material misstatement at the assertion level and to test of controls if not.

  • 2295, Risk assessment evaluation, a new checklist, has been added to document the stand-back requirement to evaluate the completeness of the identification of significant classes of transactions, account balances, and disclosures.

  • 2110, Entity level risk assessment and controls understanding, prompts auditors to consider the nature and complexity of the Plan when evaluating the Plan’s system of internal control.

  • The Guidance tab of 1405, Overall audit strategy, includes updated guidance related to the design and performance of risk assessment procedures.

  • 1410, Team meeting and fraud discussion, requires auditors to consider relevant (identified) controls in the control activities component that address assessed risks of material misstatement due to fraud.

  • 2000, Service organization scoping, requires auditors to identify controls in the control activities component and evaluate their design and determine whether they have been implemented.

  • Procedures in 2100, Identifying risks through understanding the Plan, related to understanding the nature of the Plan have been updated to focus on the Plan’s organizational structure and business model. Additionally, lightbulb guidance related to the nature of the Plan, measures used to assess the Plan’s financial performance, and consideration of significant and identified risks have been updated.

  • Guidance in 2290, Risk report, has been updated pertaining to identified risks of material misstatement at both the financial statement and the assertion level.

Inquiries of the predecessor auditor

Guidance in 1000, Engagement – acceptance/continuance, related to predecessor auditor inquiries has been updated to address SAS No. 147, Inquiries of the Predecessor Auditor Regarding Fraud and Noncompliance with Laws and Regulations.

Presentation and disclosure checklist

1335, Presentation and disclosure requirements, has been converted from a portable document format (PDF) to a dynamic checklist with “Yes,” “Not Material / Not Applicable,” and “No” response options, along with sign-off features. Additionally, requirements that are not applicable based on the plan type or provisions are dynamically hidden.