The audit is over. Your audited financial statements have been delivered, but so have these two communication letters: the SAS (“Statement on Auditing Standards”) 114 and SAS 115 letters. All the legal jargon in them seems overwhelming, and you don’t want to call your attorney and be billed for the time spent explaining it. Most likely, you’re thinking of just filing them away with your financial statements. But don’t do that just yet. Let us shed some light on these mysterious letters: what are they for and what do they mean?
SAS 114 Letter: The Auditor’s Communication with Those Charged with Governance
This letter is an AICPA (American Institute of CPAs) required communication letter for all financial statement audits. The purpose of the letter is to communicate to those charged with governance, such as the Board of Directors, Audit Committee, President, or Management, the scope of audit procedures performed, significant findings, and other information, such as disagreements with management, audit adjustments and significant estimates, that aren’t communicated in the audited financial statements. Another important portion of the letter is the presentation of any passed journal entries. These are entries that were not posted to the audited financials, because, in total, they have no material effect on the financial statements, but are presented to you in this letter in order to bring to your attention other known errors that were found during the audit.
SAS 115 Letter: Communicating Internal Control Related Matters Identified In an Audit
One of the requirements of an audit is that the auditor must gain an understanding of the Company’s internal controls, how they are implemented and their operating effectiveness. This is typically done during preliminary fieldwork while conducting walkthroughs of certain key areas, such as the cash receipt and cash disbursement processes. In some cases, an internal control may not be operating as intended or may not be in place at all. This is when the SAS 115 letter is utilized. While any significant deficiencies or material weaknesses would have been discussed with management during the audit, the AICPA requires the auditor to communicate them to management in writing. Along with identifying deficiencies in the controls, the auditor may also offer recommendations for ways to improve these controls that will help to mitigate risk and strengthen your Company’s accounting processes. Also, if you implement the recommendations, next year you may save a tree and save yourself some time, because it’s likely there will no longer be deficiencies to communicate.
The accounting world is full of acronyms and wordy standards. To read and understand each piece of information is time consuming. However, these letters are required for a reason and contain information that can improve your business. Read them through, and if you have any questions or want further insight into these letters, contact us.