The Driving Force Behind Public Company Auditing's Bright Future

For the past 10 years, I've worked with countless public company auditors who possess extraordinary qualities. Time and again, these men and women have shown me how the public company auditing profession is positively bristling with people who are intelligent, technologically adept, dedicated, and passionate about what they do.

But those extraordinary qualities on their own do not explain why the public company auditing profession is poised to thrive in the coming decades. After all, smarts and dedication are necessary, but not sufficient, to succeed, especially in a fast-changing and global economy.

What will drive the profession's success? I believe it is something deeper than technical know-how. It is the fundamental proposition that is the beating heart of auditing: building confidence and trust.

Our economy can't function if companies, boards of directors, investors, and others don't have confidence in information. The auditor's core objective is to provide that confidence. To do this, auditors specialize in (1) identifying what could go wrong, (2) determining how management is identifying and responding to those risks, and (3) providing an independent, objective assessment on what management is doing and reporting.

Over the past century, the profession has grown up around this core objective, including development of a robust body of auditing and attestation standards and a regulatory framework that has stood the tests of time and severe financial crises. Certified Public Accountants (CPAs) must have adequate and continuous technical training to perform an audit or attest engagement. They must have reason to believe that the subject matter is capable of evaluation against criteria that are suitable and available to users. And—adhering to core values of independence, objectivity, and skepticism—CPAs working on an attest engagement must also exercise due professional care in the planning and performance of the engagement and the preparation of the report.

All of these elements, of course, are at work in the financial statement audit. The starting point for the financial statement audit is a suitable set of criteria—Generally Accepted Accounting Principles (GAAP)—that dictates how management presents its financial information.

With that criteria in place, public company auditors conduct systematic examinations of companies' accounting, transaction records, and other relevant documents to check whether their financial statements are fairly presented and free from material misstatements.

Auditors then issue an opinion as to whether the financial statements present fairly, in all material respects, the financial position of the company in conformity with GAAP. This opinion builds confidence, as evidenced by consistent findings that key market constituencies—such as investors and boards of directors—value the work of public company auditors highly.

The confidence-building role of the auditor doesn't and shouldn't stop with financial statements. Indeed, beyond the financial statement audit, there are several emerging areas where companies will need to nurture trust in critical business processes.

A standout among these areas is cybersecurity. In April, the American Institute of CPAs (AICPA) unveiled an entity-level cybersecurity reporting framework through which organizations can communicate useful information about their cybersecurity risk management program to a broad range of stakeholders, including boards of directors, senior management, investors, and others.

No, auditors cannot do the impossible: provide a guarantee against cybersecurity breaches. But the AICPA framework enables them to bolster confidence by opining on whether management has described and implemented a risk-management program that is comprehensive and responsive to the company’s risks.

In the months and years ahead, watch for more areas where companies can tap the confidence-building power of the auditing profession. One such area is sustainability, where CPAs can provide assurance on the environmental and social indicators that investors increasingly desire and that companies increasingly track. Another area is assurance around supply chain controls, something that should be of interest to anyone who does business with or invests in manufacturers or distributors. The profession is also in the early stages of examining how it can enhance confidence in the use of non-GAAP financial information, which many companies and investors find useful—but where questions of trust and integrity still swirl.

As they tackle these matters, auditors will make ever greater use of data analytics, artificial intelligence and other new technology. The tools may evolve, but the fundamental objective does not change: building confidence and trust for the benefit of our economy and markets.

A securities lawyer, Cindy Fornelli has served as the Executive Director of the Center for Audit Quality since its establishment in 2007.