Strengthening Your Audit Quality: Essential Resources to Stay Compliant with SAS 145

Audit quality is built on clarity, consistency, and well-designed processes—and SAS 145 raises the bar on all three. As peer reviewers continue to flag gaps in firms’ risk assessment documentation, one message is clear: SAS 145 compliance isn’t just a requirement; it’s a strategic opportunity to elevate your audit practice. Recent peer review findings show that firms still struggle with risk assessment fundamentals, reinforcing why SAS 145’s enhanced requirements matter for improving audit outcomes. (Source: AICPA Peer Review Program) 

Whether you’re refreshing your methodology or training your team, understanding where firms are falling short—and how to get ahead of those pitfalls—is key. SAS 145 was designed to strengthen auditor judgment by improving how the entity, its environment, and the risk of material misstatement are understood and documented. (Source: SAS No. 145 executive summary) 

SAS 145’s requirements reflect the profession’s ongoing need for deeper risk-based auditing, particularly as IT complexity grows across all entity sizes and industries. Stronger documentation around controls, inherent risk factors, and design/implementation testing helps firms enhance consistency and deliver more reliable, insight-driven audits. (Source: Journal of Accountancy on SAS 145 ) 

The Compliance Challenges Firms Are Still Facing 

Peer review findings reveal several areas where auditors continue to fall short under SAS 145: 

• Not assessing inherent risk before considering controls 

• Missing documentation of required inherent risk factors 

• Insufficient documentation of controls, including IT controls 

• Lack of documentation on controls related to significant risks and journal entries 

• Failure to document evaluation of the design and implementation of controls 

• Risk of material misstatement not aligned with inherent risk where controls were not tested 

These findings highlight where firms can refine processes, improve consistency, and strengthen training. 

Why SAS 145 Is More Than a Compliance Exercise 

SAS 145 places renewed emphasis on understanding the entity and its environment—not as a checklist, but as the backbone of a more thoughtful, scalable, effective audit. Proper implementation offers firms: 

• Better alignment between business risks and audit risks 

• More defensible risk assessments 

• More efficient scoping and planning 

• Stronger documentation that withstands peer review 

  
  

It’s not just about meeting standards—it’s about improving audit quality. 

Top AICPA Resources to Help You Stay Compliant with SAS 145

1. AICPA Audit Risk Assessment Resource 

Guidance to document identified risks, procedures performed, and planned responses.  

2. Aid for Identifying and Testing Controls at Smaller Entities 

Examples of scalable controls and guidance on evaluating design & implementation.  

3. Webcast: Risk Assessment Under SAS No. 145 

A webcast discussion breaking down updated concepts and practical applications.  

4. Self-Study Course: Applying and Scaling Audit Risk Assessment Procedures Under SAS No. 145 

A deep dive training ideal for staff through partners.  

5. Journal of Accountancy: Lessons Learned from the First Year of SAS 145 

Case study showing how one firm improved documentation and efficiency.  

6. AICPA Audit Risk Assessment Hub 

Library of SAS 145-related resources, tools, and guidance.  

Moving Forward with Confidence 

Leading firms are strengthening their SAS 145 compliance by: 

• Standardizing documentation 

• Embedding consistent training 

• Incorporating IT considerations more thoroughly 

• Aligning procedures directly to inherent risk 

• Using AICPA resources as part of methodology—not afterthoughts 

With a proactive approach, firms not only stay compliant—they enhance audit quality and build resilience for upcoming standards. 

At BryMar, our Audit Partners are Certified Peer Reviewers with deep expertise in SAS 145 implementation and audit quality best practices. We help firms strengthen documentation, refine risk assessment methodologies, and prepare with confidence for upcoming peer reviews.

If your firm needs support—whether through a formal peer review or targeted consultation—reach out to our team. We’re here to help you elevate audit quality and stay fully compliant with evolving standards.