Can someone at PwC explain how you get by without addressing IPE risks in your control walkthroughs/testing? Working on 2 large ICFR audits where PwC was former auditor and none of the process owners have any concept of IPE procedures.

likefunny
Posting as :
works at
You are currently posting as works at
Highlighted IconHIGHLIGHTED

Ah the ole EY IPE obsession😏

In all seriousness, it’s probably just documented in a different way than you’re used to. Your IPE templates are very structured and detailed.

like

You can normally get by just testing one report, but there are ITGC deficiencies (like specific system access issues) that could require you to test each instance you sampled.

Thanks for the reminder about IPE, I was getting annoyed with my industry job there for a minute, but I'm good now 😂 EY can keep its ever changing forms

likefunnyuplifting
Recent IconRecent

KPMG has IPE too and it’s frankly exhausting. I would second the above comments and guess that PWC just documents the related control and moves on. Which feels like that’s what you should do, controls exist in layers. Data is produced, data is checked, data is used.
The concept of IPE has created more harm than good for us. The amount of people at our firm who try to needlessly argue that every report is IPE even for a non-ICOFR audit AND when it’s subject to audit procedures is insane. Those people would call the GL IPE if you let them

likefunny

Only in my dreams.

If I get two more “but PwC never asked for this information” before the end of the week, I’m going off the grid, wish me luck

likefunny

I dare you

Post Photo
likefunny

PwC does "key report" testing over any system generated reports used in the execution of the control or used by PwC in their testing. It would be pretty surprising if no one from PwC asked the control owner "how do you get comfort that this system generated report is complete/accurate?"

like

Where it gets tricky is if the report is used in substantive testing only or as a population for PwC to perform control testing (i.e., report isn’t used by management to perform the control itself). In these cases, we do ask for screenshots of the parameters or query used to generate the report, unless we can prove its a standard report. Regardless, PwC has to get comfort over C&A somehow (tie out to GL, perform full-false accept/reject, tie to another report that’s being tested for C&A, or rely on management’s procedures). However, most controls testing, especially review controls, documenting management’s C&A procedures over “key reports” is required along with what is PwC doing to get comfort over C&A - we’ve been hammered in audit trainings how to document IPE in the last 3-4 years.

When I worked on IT audit I did mostly external audit but also helped out on an internal audit where PwC was the external auditor. They focus way more on the underlying code and completeness and accuracy of the reporting itself from an IT standpoint than EY does. For the EY folks that’s risks 2i and 3, which we do way less around (assuming effective change management).

I’m not surprised that control owners would be saying PwC never asked for this because it felt like a whole different world to me honestly.

like

What does IPE mean in EY talk and we can address it

like

That’s correct, because the control owner needs to show they know it’s complete and acccurate. It’s their control, not ours. They should do this by using standard reports or if a custom report tying it back to the TB

We document IPE risks as well in control walkthroughs, but usually it’s not so bad because most IPE comes out of a ERP/AIS that is already tested through GITC procedures. So really it’s not too heavy of a lift because we reference those work papers and maybe agree to the GL if needed.

😂 this thread has me cracking up.

like

If the IPE is coming from an in scope IT application and the report is tested once during the year, you shouldn’t be doing any other procedures except inspecting that the control operator validated the parameters were appropriate and the information pulled was complete. Should be two attributes in your test plan. Sounds like EY is going overboard on its testing if you cannot check off those two boxes easily.

Sounds like you may need to blow them up.

Are they simple parameters, or is it apparent in the data that the parameters would need to be correct (for example embedded parameters)? If so, there’s probably not much risk that the control isn’t effectively.

You’d still need the parameters to document an ITGC approach to testing C/A.

Deloitte loves the IPE too. We just shipped it off to India to test and took their word for it that it was good.

We don’t call it IPE. We just say completeness and accuracy of reports.

GT has been becoming obsessed with C&A over all IPEs used in each control too. Big pain the the ass.

Related Posts

I was wondering if someone can share her/his experience with Nativo or/and Taboola. Have zero experience with them, but thinking about talking to them. Thank you so much in advance!

like

Any openings for Java developer in Deloitte Pune?
I am an immediate joiner

like

In this Assurance-Consulting split, where would the SaT and Tax service lines end up?

like

Hi All,

How much time will infor take time to release the offer.

Thanks

like

How has Covid impacted your fringe benefits? Travel perks (miles, points, per diem, meals, client events, etc.) we’re a major selling point in joining my firm. Our travel has been all but slashed, but I’m not seeing any consolidations to make up for these lost benefits.

like

How do you describe GSAP sponsorship in grad apps? They ask if your education is being funded by a company but I’m unsure how to describe that the Deloitte pays AFTER grad

like

What are the employee benefits offered in virtusa?

likesmart

Poll: single / dating / partnered..? The stresses of the traveling consultant lifestyle and the fickleness of the gay male have made it nearly impossible to date consistently. Do y'all agree?

like

Hi Folks,

Looking for a job change, Please help.

6+ years of experience in CTS as a System business analyst & Scrum Master, experience in INS & BFS domain (will be CSM certified soon).

Looking for genuine referrals.

Thanks in Advance :)

Hey fishes, pls help me unlock DMs. Thanks!

like

My superintendent doesn't have any professional development for me and I'm really hungry for growth but I don't have any room in my school budget for me to do anything else either. Any suggestions?

like

McKinsey/BCG folks - work wise, have heard a few times that the most apparent difference with both firms is the management style. Mck adopts a more top-down approach whilst BCG a bottom-up. Would you say this is true? Would love to hear your stories too!

like

Hey producers, do any of you have a definitive list of specs for DRTV? I’ve looked high & low, Googled everything. No luck. What I need is a set of official RULES. My memory doesn’t count...😄 Thanks!

like

Hi, I've got a 10k Myntra voucher.
Any brand/item recommendations on the platform?

USA USA USA

Post Photo
likefunnyuplifting

In this current advertising climate, if I get a freelance gig in pharma, I’ll be extremely grateful. Am I the only one who feels this way?

like

Anyone knows anything about PwC’s global structuring (tax) group? Seems like it’s under international tax.

like

Does anyone have any video and/or course/seminar recommendations for learning about music-related agreements?

like

the one who got off cycle hike on December,will be consider for march hike cycle?

like

Additional Posts in Audit Bowl

What’s the busy season expectation from associate and senior associate level at different firms?

how tf can i get hired by the big four. Lemme in on the secrets, fam

like

What are the pay raises/salaries for an auditor as you advance through your career? Like from A1 to A2 and then S1, etc.?

like

Would a top-10 firm in NYC have any better work life balance and work experience than a Big 4 in NYC?

If someone were to get COVID-19 while traveling domestically for client work do you think they could sue the firm or get any kind of worker’s compensation?🧐

like

Why’s there such a negative view on Internal Audit. Really thinking about moving into IA after public. Better pay, generally a 9-5 job, no weekends. With all that time saving I’d have more time for side hustles.

like

Any tips on delegating the ‘right amount’? I’m being asked to perform acting manager role and now have two levels under me.. and I am having some difficulty gauging how much I should be delegating. I don’t want to overwhelm the ‘acting senior’ staff but also want to delegate enough so that I can cover all my areas.

likehelpful

What does it mean to “document around” something? Is it essentially admitting a material error but trying to justify why there doesn’t need to be a correction?

funnylike

Good fellowship programs for A1’s? Or should one wait for more years of experience. ?

like

For those senior 1’s that have left for private, how long has the job search been?

like

Left big4 for a national firm. It’s not looking like a good fit after 3 months. How soon is too soon to ask for my old position back?

like

Networking question here. A retired partner at the firm I used to work out reached out to me recently about attending an afternoon during the week (b4 4/30) with one of his long time clients. The partner and I have kept in touch since I joined my new firm and I feel like his invitation is a great networking opportunity since the client (who I have worked with before) is on a number of boards. Torn as how to request off as an S3. Could materialize to nothing but could be good for reconnecting.

like

Hey fishes
How do I deal with a senior who micro manages everything ?
Should I try to understand their expectations and work?
I honestly have no clue what to do

like

Hey everyone! I'm working on a research project for my doctorate and am in the test phase for a pretty simple interview about experiences with leaders. It's only four questions and takes about 20 minutes to talk through. Would anyone from outside the US be interested in participating? I can't give you a charge code, but I can give you my gratitude!

like

Anyone else not receive the first stimulus check yet? I filed with HR Block and got my return direct deposited. Yet to receive the first check and no status available with irs

like

What the heck is a FROR (Financial Reporting Oversight Role)? I wanna join my PCAOB audit client as a finance manager. Would that be possible? Thanks in advance!

like

EY- Attending a networking event for advisory at EY and I was wondering if advisory and consulting is used interchangeably at EY. Trying to break into consulting so that’s why I’m wondering.

Thinking of quitting PA for 6ish months to pass all 4 CPA exams - has anyone done something similar and what was your experience?

like

What is the starting audit manager salary for Grant Thornton in South Florida?

How’s PWC Miami? Thinking of applying for a senior auditor role

like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Send download link to your phone

OR

Scan your QR code to download
Fishbowl app on your mobile

By continuing you agree to Terms of Use and Privacy Policy.

Messaging rates may apply

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal