Auditing plays a vital role in business, government, and [the] economy" (Boynton & Johnson, 2006) (p 5). "Financial Experts estimate that investors lost approximately $7 trillion over a three year period" (Louwers, Ramsay, Sinason, Strawser, 2007) (p 2). This hefty loss was due to accounting and financial frauds performed by companies such as Enron, Tyco, WorldCom, Kmart, and Xerox. The following will explain the nature and functions of auditing by describing the elements of the Generally Accepted Auditing Standards (GAAS), describing how these standards apply to financial, operational, and compliance audits, explaining the effect that the Sarbanes-Oxley Act of 2002, and the Public Company Accounting Oversight Board (PCAOB), will have on audits of publicly traded companies, and discussing the additional requirements that are placed on auditors from this act and the actions of the PCAOB.
Auditing is defined by Boynton and Johnson (2006) as "a systematic process of objectively obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between those assertions and established criteria and communicating the results to interested users" (p 6). The public accounting profession recognizes 10 GAAS elements. These standards were adopted by the American Institute of Certified Public Accountants (AICPA) in the late 1940s, and incorporated into the Statements on Auditing Standards (SAS) (Boynton, 2006). GAAS is effective for audits of financial statements for periods beginning on or after December 15, 2001, unless otherwise indicated (AICPA, 2006). The purpose of these GAAS is to set the general standards, standards of field work, and standards for reporting. The general standards are relating to the qualifications and quality of the auditors work. The standards of fieldwork is to ensure the competency of the auditor by determining three factors formal university education, practical training and experience in auditing, and continuing professional education throughout their professional career (Boynton, 2006). The standards for reporting are to ensure the auditor is free of management influence for both the auditing portion and reporting portion. In addition, the auditor must meet the independence requirement set by the AICPA's Code of Professional Conduct (Boynton, 2006).
These standards apply to three types of audits and three types of auditors. The types of audits are financial statement audits, compliance audits, and operational audits. The financial statement audits are performed by evaluating evidence about an entities current situation, and confirm they have reported accurately and in conformity with GAAP (Boynton, 2006). The compliance audits are based on criteria from a variety of sources, such as the Sarbanes-Oxley act of 2002, creditors, government regulations, and/or contract specifications. "The Sarbanes-Oxley Act of 2002 requires companies to have a dual-purpose audit that audits both the financial statements and management's assertion as to whether it has complied with criteria regarding an adequate system of internal control over financial reporting" (Boynton, 2006) (p 8). Operational audits are sometimes referred to as a performance