Key Takeaways
– Generally Accepted Auditing Standards (GAAS) are 10 standards, organized into three categories — General Standards, Standards of Field Work, and Standards of Reporting — that guide auditors in planning, performing and reporting on financial‑statement audits. (AICPA; Investopedia)
– GAAS focuses on auditor conduct and audit quality; GAAP (Generally Accepted Accounting Principles) governs how entities record and present financial information. Auditors use GAAS to evaluate whether financial statements comply with GAAP. (AICPA; FASB; Investopedia)
– For audits of public companies, auditors follow PCAOB standards; auditors who are AICPA members follow AICPA/ASB GAAS (AU sections). Failure to follow applicable standards can lead to adverse or qualified opinions, professional discipline, and legal liability. (PCAOB; SEC; AICPA)
Understanding Generally Accepted Auditing Standards (GAAS)
GAAS are the professional standards that auditors apply to ensure audits are performed with competence, independence and consistent methodology and that audit reports are clear and reliable. The American Institute of Certified Public Accountants (AICPA) Auditing Standards Board historically framed GAAS into 10 specific standards grouped into three categories. Auditors use these standards when planning, conducting, documenting and reporting on financial‑statement audits. (AICPA; Investopedia)
Important
– GAAS governs the auditor’s behavior and the audit process; it does not prescribe accounting treatment — that is GAAP’s role. (AICPA; FASB)
– For public-company audits in the U.S., PCAOB standards supersede AICPA GAAS. Government audits may follow GAGAS (Yellow Book) in addition to or instead of GAAS. (PCAOB; U.S. Government Accountability Office)
– Compliance with applicable auditing standards helps protect investors and stakeholders by improving audit quality and enhancing trust in the auditor’s opinion. (SEC; Investopedia)
Requirements for GAAS
GAAS requirements are embodied in the ten standards, which require auditors to:
– Have appropriate technical training and experience;
– Maintain independence in mental attitude;
– Exercise due professional care;
– Plan and supervise the audit adequately;
– Gain an understanding of the client’s internal control relevant to the audit;
– Obtain sufficient appropriate audit evidence; and
– Prepare audit reports that state whether financial statements conform with GAAP, identify departures, assess disclosures, and express or disclaim an opinion with reasons. (AICPA)
The Ten GAAS — grouped by type
General Standards (address auditor qualifications and professional behavior)
1. The auditor must have adequate technical training and proficiency in auditing.
2. The auditor must maintain independence in mental attitude in performance of the audit.
3. The auditor must exercise due professional care in the planning and performance of the audit and the preparation of the report.
Standards of Field Work (address how the audit is carried out)
4. The work is to be adequately planned, and assistants, if any, are to be properly supervised.
5. A sufficient understanding of the entity and its environment, including its internal control, is to be obtained to plan the audit and to determine the nature, timing, and extent of tests.
6. Sufficient appropriate audit evidence is to be obtained through inspection, observation, inquiries, and confirmations to afford a reasonable basis for the auditor’s opinion.
Standards of Reporting (address the auditor’s communications)
7. The report shall state whether the financial statements are presented in accordance with generally accepted accounting principles (GAAP).
8. The report shall identify those circumstances in which such principles have not been consistently observed in the current period in relation to the preceding period.
9. Informative disclosures in the financial statements are to be regarded as reasonably adequate unless otherwise stated in the report.
10. The report shall either express an opinion on the financial statements or state that an opinion cannot be expressed. When an opinion is not expressed, the reasons must be stated. (AICPA)
GAAS vs. GAAP
GAAS
– Purpose: Provide criteria for how audits should be performed and how auditors should behave (independence, competence, evidence, reporting).
– Issued by: AICPA Auditing Standards Board (for non‑public audits historically); PCAOB sets standards for public-company audits.
– Outcome: High‑quality, reliable audit work and audit opinions.
GAAP
– Purpose: Provide the accounting framework and specific rules for preparing and presenting financial statements (measurement, recognition, presentation and disclosure).
– Issued by: Financial Accounting Standards Board (FASB) in the U.S.
– Outcome: Consistent, comparable financial statements across entities. (FASB; AICPA; Investopedia)
What Are the 3 Types of GAAS?
The three types correspond to the groupings above:
1. General Standards (qualifications, independence, due care),
2. Standards of Field Work (planning, understanding internal control, sufficient evidence),
3. Standards of Reporting (opinion on GAAP, consistency, disclosures, expression of opinion). (AICPA; Investopedia)
What Is GAAP in Auditing?
GAAP (Generally Accepted Accounting Principles) are the accounting rules that companies must follow when preparing financial statements. In an audit, the auditor evaluates whether the client’s financial statements are prepared in accordance with GAAP; GAAS provides the standards the auditor follows to make that evaluation and express an opinion. (FASB; AICPA)
Does an Auditor Have to Follow GAAS?
– Auditors who are members of the AICPA and who perform audits to which AICPA standards apply are required to follow GAAS (as reflected in AU and AU‑C sections). (AICPA)
– For audits of public companies registered with the SEC, the Public Company Accounting Oversight Board (PCAOB) promulgates auditing standards that auditors must follow; these are effectively the controlling standards for public‑company audits. (PCAOB; SEC)
– Government audits may be governed by Government Auditing Standards (Yellow Book) issued by the U.S. Government Accountability Office, which impose additional requirements. (GAO)
In short: auditors must follow the auditing standards that govern the engagement — GAAS, PCAOB standards, GAGAS, or other applicable professional standards. (AICPA; PCAOB; GAO)
What Happens if an Auditor Doesn’t Follow GAAS?
Consequences vary by context and severity:
– Audit Opinion Impact: Failure to obtain sufficient appropriate evidence or follow required procedures can lead to qualified, adverse, or disclaimer of opinion. (AICPA)
– Regulatory/Professional Sanctions: AICPA, state boards of accountancy, or the PCAOB can impose disciplinary actions, suspensions, or revocation of practice privileges. (AICPA; PCAOB)
– Legal Liability: Clients, investors, or creditors who suffer losses may sue the auditor for negligence, breach of contract, or fraud. Noncompliance with standards is often a key factor in establishing professional negligence. (SEC; legal precedent)
– Reputation Damage: Loss of credibility with clients, audit committees and capital‑market stakeholders. (SEC; Investopedia)
Practical Steps — For Auditors (to comply with GAAS and produce a high‑quality audit)
1. Pre‑engagement and acceptance
– Evaluate independence and conflicts of interest.
– Assess engagement risk and firm resources; accept only engagements you can perform competently. (AICPA)
2. Plan the audit
– Develop an overall audit strategy and a detailed audit plan addressing materiality, risk assessment and timing of procedures.
– Identify significant accounts, disclosures and likely areas of fraud or error. (AICPA AU‑C 300)
3. Understand the entity and its internal control
– Gain sufficient understanding to plan tests; document key controls and perform walkthroughs. (AICPA AU‑C 315)
4. Design and perform procedures
– Apply tests of controls (if relied upon) and substantive procedures (tests of details and analytical procedures) tailored to assessed risks.
– Ensure procedures produce sufficient appropriate evidence. (AICPA AU‑C 330)
5. Supervision and quality control
– Supervise assistants, review workpapers, and apply firm quality control policies (engagement quality review where required). (AICPA AU‑C 220)
6. Document thoroughly
– Prepare clear working papers that support conclusions and the auditor’s opinion. Documentation should show planning, evidence obtained, judgments and conclusions. (AICPA AU‑C 230)
7. Evaluate results and form opinion
– Consider misstatements, uncorrected items, and whether disclosures are adequate; decide on appropriate audit opinion and report wording.
8. Communicate with those charged with governance
– Provide timely communications on significant findings, internal control deficiencies and independence matters. (AICPA AU‑C 260)
9. Issue report and follow up
– Issue the auditor’s report in accordance with reporting standards; follow up on subsequent events and subsequent discovery of facts. (AICPA AU‑C 560)
Practical Steps — For Management and Audit Committees (to facilitate a GAAS‑compliant audit)
1. Prepare complete, well‑organized financial records and schedules in accordance with GAAP.
2. Strengthen internal controls and document processes — provide auditors with walkthroughs and control documentation.
3. Provide timely, transparent access to records, personnel and management representation.
4. Establish a clear timeline and responsibilities for audit deliverables and corrections of misstatements.
5. Communicate openly with the auditor about risks, related parties, subsequent events and unusual transactions.
6. Review draft audit reports and respond promptly to audit findings and required adjustments.
Does GAAS Apply Worldwide?
GAAS refers to U.S. auditing concepts from the AICPA. Other jurisdictions use their own standards or International Standards on Auditing (ISAs) issued by the International Auditing and Assurance Standards Board (IAASB). For global audits, auditors must apply the standards required by the engagement’s jurisdiction. (IAASB; AICPA)
The Bottom Line
GAAS are essential professional standards that guide how auditors plan, perform and report audits to ensure competence, independence, and reliable conclusions about whether financial statements conform to GAAP. Auditors must follow the auditing standards that govern the engagement (AICPA GAAS/AU‑C, PCAOB standards for public companies, or other applicable standards). Organizations and audit committees can improve audit quality and reduce risk by preparing accurate financial statements, maintaining strong internal controls, and cooperating fully with auditors.
Sources and Further Reading
– Investopedia — “Generally Accepted Auditing Standards (GAAS)” (Paige McLaughlin) — https://www.investopedia.com/terms/g/gaas.asp
– American Institute of Certified Public Accountants — AU Section 150, “Generally Accepted Auditing Standards” and AU‑C codification sections (see AU‑C 200, 300, 315, 330, 230, 260, 560) — https://www.aicpa.org
– Public Company Accounting Oversight Board (PCAOB) — https://pcaobus.org
– U.S. Securities and Exchange Commission — “All About Auditors: What Investors Need to Know” — https://www.sec.gov
– Financial Accounting Standards Board (FASB) — https://www.fasb.org
– U.S. Government Accountability Office — “Government Auditing Standards (Yellow Book)” — https://www.gao.gov
If you’d like, I can:
– Provide sample audit‑planning checklists tied to the GAAS standards;
– Draft a template auditor’s report that reflects common GAAS reporting language;
– Walk through a short case study showing how GAAS apply to an audit of revenue recognition. Which would be most useful?