The PCAOB Standards

1. Does the PCAOB actually follow the FASB standard setting procedure? ie. do they create standards?, or are all the standards created by FASB and approved by PCAOB? how do they work together?
Respond to following statements:
1. What is the AICPA's process for issuing a new standard?
To create a new standard the AICPA follows the following methods. According to the AICPA website the standards are created for Auditing, Quality Control, and Attestation (Exposure, 2015). The process includes meetings that are open to public deliberation, exposure of proposed statements to the public, and a formal vote. To view proposed standards visit http://www.aicpa.org/Research/ExposureDrafts/AccountingandAuditing/Pages/ExposureDrafts_ASB.aspx
2. How is an ICFR different from an audit of financial statements?
An ICFR is an audit over internal controls, but specifically, internal controls as they pertain to financial statements. An audit of financial statement is the actual review of the financial statements and disclosures, and how the company presents its financial information to its shareholders. Internal controls relating to financial statements need tested, and would be tested through the ICFR. While it is possible during a financial statement audit that these be tested, they are not required, or were not required before the enactment of SAS 130, which goes into effect December 31, 2016. An auditor's report accompanies the financial statements, and the ICFR would be an addendum to that report. A financial statement audit also ensures that financial statements report according to GAAP. The financial statement offers credibility of the information provided, and the ICFR reviews the five interrelated components of a company's system of internal controls.
According to Gillan, the ICFR pays attention to the following:
"1. The company's top-level environment with respect to control. This includes elements such as the ethical "tone at the top," and the effectiveness of the board's audit committee in its high-level oversight of financial reporting. This component is known as the Control Environment. 2. The assessment of risks of the various processes and data points that feed into the company's financial reports. For example, a process that is highly susceptible to fraud would be considered to be a high-risk area. 3. The way in which controls are actually designed and implemented within the company, so as to address the identified risks. This component is known as Control Activities. 4. The way in which information within the company is gathered and shared, both to people within the company responsible for financial reporting, and to external users of financial reports. This component is known as Information and Communication. 5. The way in which the effectiveness of these controls are monitored by company management. (Gillan, 2006)"

3. Is the new standard stating that the audit must also include an ICFR?
This new standard is stating that it only applies when an "auditor is engaged to perform an audit of internal control over financial reporting (ICFR) that is integrated with an audit of financial statements (Tysiac, 2015)." However, when reviewing the summary of SAS 130, it appears that this is a requirement and not an option for the auditing process over financial statements (Statement, 2015). The joining of the standards better aligns the compliance with GAAS and lessens "unintended consequences in practice (Statement, 2015)". The statement does allow the use of work completed by an internal auditor to reach a conclusion when performing an audit over ICFR.

4. How does the AICPA relate to the PCAOB?
The PCAOB is a private sector oversights board created by Sarbynes Oxley Act of 2002 that protects investors by investigating and overseeing auditors and the standards that they hold when auditing companies. The PCAOB is enforced and overseen by the US Securities and Exchange Commission. The AICPA is the American Institute of Certified Public Accountants. It is responsible for training and testing, and overseeing Certified Public Accountants. To be an Auditor or perform Attestation services, generally an accountant must be Certified.
5. Which of the two organizations issue standards?
Both organizations issue standards. In No. 1 above is the outline of how the AICPA issues standards, and according to the AICPA website,

"The PCAOB is required to establish or adopt, or both, auditing, quality control, ethics, independence, and other standards relating to the preparation of audit reports for public companies, in accordance with Section 103 of the Sarbanes-Oxley Act of 2002. All of the PCAOB's standards and rules go through the following process:
First, a proposed standard or rule is adopted by the PCAOB typically after a public comment period.
Second, the standard or rule is sent to the SEC for approval.
The SEC's approval process also typically involves a public comment period. PCAOB rules do not take effect unless approved by the SEC. (PCAOB, 2015)"