The US PCAOB’s “Spotlight” document from April 2024 emphasizes a persistent challenge in the audit industry—the need for accuracy and completeness in Information Produced by the Company (IPC) and other data and reports. Approximately 17% of comment forms for the 2021 and 2022 inspection cycles highlighted deficiencies where auditors failed to perform adequate procedures to test or control these data types. These deficiencies compromise the detection of errors or fraud and weaken the audit’s overall reliability.

The PCAOB’s observations underscore auditors’ need to rigorously test and evaluate the data and controls they rely upon. These deficiencies point to potential weaknesses in audit quality that could affect the reliability of financial reporting and, ultimately, investor trust. The PCAOB uses these observations to guide improvements in audit practices and enhance the overall integrity of financial reporting.

Detailed Audit Practices and Good Practices Checklist

To address these deficiencies, here is a suggested checklist integrating both the observations from the inspections and good practices:

1. Accuracy and Completeness of IPC

• • Verify the accuracy and completeness of all financial and non-financial IPC data.
  • Use firm risk assessment templates to document connections between potential misstatement sources and the controls to be tested, ensuring a systematic approach to identifying and managing audit risks.

2. Relevance and Reliability of Audit Evidence

• • Evaluate the relevance and reliability of all information used in auditing judgments.
  • Foster integration and collaboration between core audit engagement teams and IT engagement teams to enhance understanding of data flows and system interfaces.

3. Testing Controls Over IPC Used in the Operation of a Control

• • Identify and test all controls over IPC, especially for data crucial to significant controls.
  • Utilize a central repository of reports to ensure consistency in the testing approach and conclusions of control testing.

4. Reliability in Substantive Analytical Procedures

• • Assess the reliability of data used in substantive analytical procedures, such as revenue projections or cost analyses.
  • Ensure that data used in analytical procedures is documented and reviewed for accuracy and reliability.

5. Information from Service Organizations

• • Perform necessary procedures on information produced by service organizations.
  • Do not overly rely on service organization control reports; instead, test the effectiveness of these controls independently.

6. Testing Supplemental Information Accompanying Audited Financial Statements

• • Conduct thorough testing on the completeness and accuracy of supplemental information.
  • Ensure that all supplemental information aligns with the tested and verified main financial statements.

7. Use of Data by an Auditor-Engaged Specialist

• • Evaluate the work of auditor-engaged specialists to ensure the data used provides sufficient appropriate audit evidence.
  • Maintain clear communication with auditor-engaged specialists to confirm that all data is tested and appropriate.

Relevant PCAOB Standards and Definitions

To further address these deficiencies, it is essential to refer to the PCAOB standards that define the expectations for audit evidence:

• AS 1105 (Audit Evidence): Specifies accuracy, completeness, relevance, and reliability as critical factors.
• AS 2310 (The Auditor’s Use of Confirmation, effective June 15, 2025): Highlights the importance of reliability in obtaining audit evidence directly from third parties.
• AS 2201 (An Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements): Focuses on the effectiveness of controls over data used in financial reporting.
• AS 2305 (Substantive Analytical Procedures) and AS 2601 (Consideration of an Entity’s Use of a Service Organization): Emphasize the reliability and completeness of data.
• AS 2701 (Auditing Supplemental Information) and AS 1210 (Using the Work of an Auditor-Engaged Specialist): Address the need for complete, accurate, relevant, and reliable audit evidence.

KNAV’s Comments

An audit opinion relies fundamentally on the quality of audit evidence, which must inherently possess non-negotiable attributes such as accuracy, completeness, reliability, and relevance. Similar to how a diamond must meet specific criteria to be valued, audit evidence must meet these essential standards for an audit to uphold its status to a critical, objective observer. At the core of these standards lies professional scepticism and the integrity of the auditor, which are indispensable in ensuring the audit’s effectiveness and trustworthiness.