All publicly traded businesses, and those aspiring to become publicly traded, must undergo a rigorous audit process. The standards that guide this audit process are very different from those that guide a financial statement audit for a private company, and the audit must be conducted under the rules and regulations of the Public Company Accounting Oversight Board (PCAOB).

Publicly traded companies will be familiar with this process, but a PCAOB audit can be daunting for private companies looking to enter the public markets. Before a private company can file with the Securities and Exchange Commission (SEC), it must provide a PCAOB audit for at least the previous two years of financial statements.

If a company plans to enter or is considering entering the public markets, it’s crucial that its financial leaders understand the PCAOB audit process.

In this guide, we’ll explain how to obtain a PCAOB audit, what a PCAOB audit is, and how it differs from a financial statement audit completed under Generally Accepted Auditing Standards (GAAS). Then, we’ll share an overview of the audit process and outline the steps companies must take to prepare for it adequately.

About Grassi: PCAOB Audit Firm

As a PCAOB-registered firm, Grassi is committed to delivering high-quality, high-value audit services to public companies and those preparing for Initial Public Offerings (IPO).

Grassi’s SEC and Capital Markets advisors have helped many privately held companies successfully navigate their IPOs. We also regularly audit publicly held companies. Our approach is defined by a commitment to fostering long-term, proactive relationships, delivering timely results, complying with the rigorous standards, and helping businesses grow long after the initial audit process has concluded.

What Is The Public Company Accounting Oversight Board?

In the early 2000s, a series of high-profile accounting scandals – including Enron, WorldCom, and Tyco International – rocked the financial landscape and shook investor confidence across the United States. These scandals revealed widespread fraud, conflicts of interest, and other irregularities among auditors and public companies.

In response, Congress passed the Sarbanes-Oxley Act (SOX) in 2002 to restore confidence in financial markets. SOX enhances corporate governance, increases transparency and accountability, and establishes stricter oversight for publicly traded companies.

One significant impact of the Sarbanes-Oxley Act was the establishment of the PCAOB, which oversees the auditing process for all public companies and ensures that auditors have followed all relevant guidelines and standards.

The PCAOB achieves this by:

  • Improving investor confidence in financial reporting through more transparent audits
  • Ensuring auditor independence, objectivity, and professional skepticism
  • Mitigating risks to financial statement integrity and reliability
  • Boosting public trust in the financial audit profession
  • Improving communication and collaboration between audit stakeholders

The PCAOB is an independent nonprofit organization that is overseen by the SEC. As an independent regulator, it has oversight responsibilities over auditors of public companies, and is responsible for:

  • Registering public accounting firms that prepare audit reports for issuers
  • Establishing auditing, quality control, and ethics standards for auditors
  • Conducting inspections of registered firms to assess compliance with PCAOB standards
  • Investigating potential violations of PCAOB rules and standards and taking enforcement actions when necessary
  • Conducting research and providing guidance to improve audit quality and effectiveness

For companies preparing to go public, a PCAOB-registered audit firm working with the company and its other advisors can help in several ways, provided independence requirements are satisfied:

  • Ensuring financial statements are accurate and suitable for public disclosure
  • Evaluating and strengthening internal controls over financial reporting
  • Complying with SOX requirements related to corporate governance, internal controls, and financial reporting
  • Identifying potential risks and strengthening governance
  • Providing insights into market trends and best practices to optimize the IPO process

A PCAOB-registered firm can help publicly traded companies stay compliant, mitigate risk and legal liability, improve credibility and investor confidence, and enhance their reputation by aligning with globally recognized standards.


A PCAOB audit is a rigorous examination of financial statements, auditing processes, and internal controls conducted by a PCAOB-registered firm like Grassi. These audits are typically performed for publicly traded companies, organizations preparing to go public, and SEC-registered brokers and dealers (e.g., organizations that buy and sell securities on behalf of their clients).

PCAOB audits aim to ensure accuracy and compliance in financial reporting, identify and address potential fraud, and instill confidence in securities markets.

The critical elements of a PCAOB audit include:

  • Independence:
    The audit firm must maintain strict independence from the auditee. Independence ensures objectivity and impartiality during the assessment process.
  • Compliance with PCAOB Standards:
    The PCAOB’s comprehensive auditing standards cover everything from audit planning to execution. These standards emphasize quality, integrity, and consistency in the audit process.
  • Audit Planning and Procedures:
    Auditors assess whether the financial statements comply with accounting principles. This involves gathering sufficient evidence to form an opinion on the accuracy of the company’s financial statements.
  • Assessment of Internal Controls:
    In addition to financial statements, auditors evaluate the effectiveness of the company’s Internal Controls over Financial Reporting (ICFR), or the system of checks and balances it uses to ensure compliance in financial reporting. This assessment helps identify and address risks related to fraud or material misstatement.
  • Communication and Reporting:
    Auditors must communicate openly and regularly with the company’s management and audit committee. Once the audit is complete, the auditor must compile a report detailing their opinion on the company’s financial statements.

The overarching goal of a PCAOB audit is to instill investor confidence that a company’s financial statements are transparent and reliable. All public companies are required to obtain an annual PCAOB audit.

PCAOB Audits vs. US GAAS Audits

While all audits strive for reporting accuracy, PCAOB audits follow a much more rigorous set of guidelines than financial statement audits conducted under Generally Accepted Auditing Standards (GAAS).

As a result, there are several important differences between PCAOB audits and financial statement audits.

First, PCAOB audits are typically more stringent than other types of audits. The PCAOB sets rigorous standards for auditors and the processes they must follow. For comparison, while still comprehensive, financial statement audits conducted on non-public organizations typically have less scope and rigor than a PCAOB audit.

Second, the PCAOB imposes strict independence standards on their auditors to ensure they remain objective and impartial. While independence is a fundamental principle across the auditing industry, the requirements vary by the framework under which the audit firm works.

The PCAOB enforces its standards in several ways. An objective quality review Partner must review and sign off on the PCAOB audit. Audit firms registered with the PCAOB are also subject to routine inspections of audits they have performed. Additionally, the PCAOB formally investigates possible audit violations, independence failures, and other threats to PCAOB oversight. It punishes infractions through formal reprimands, financial penalties, and limitations on audit activities.

Finally, PCAOB audits are also broader in scope than other financial audits. In addition to examining financial statements, PCAOB audits dive deeper into risk management and internal controls, especially within the context of requirements imposed on public companies. Companies must prepare additional documentation not required for a traditional financial statement audit, including source documentation, evaluations of complex accounting transactions, and technical accounting memorandums.

When Does A Business Need a PCAOB Audit?

Because the PCAOB oversees the rules and regulations governing publicly traded companies, any public company or any company that intends to go public must undergo a PCAOB audit.

Specifically, companies need this type of audit in three scenarios:

  1. Private companies preparing to go public
  2. Annual compliance for public companies
  3. Private companies seeking to sell to a public company

Let’s explore each of these scenarios in more detail.

Ahead of an Initial Public Offering

When a privately held company aspires to go public, it must prepare to meet a wide range of regulations it was not previously subject to. One essential part of the process of going public is undergoing a PCAOB audit. Before the company can file with the SEC, it must provide at least two years of audited financial statements under PCAOB standards.

PCAOB audits help soon-to-be-public companies satisfy regulatory requirements, including the Securities Act of 1933 and the Sarbanes Oxley Act (SOX), which govern the types of disclosures companies must make to investors.

Specifically, the Securities Act of 1933 mandates that public companies provide investors with accurate and transparent financial information. SOX built on this requirement in 2002, establishing strict governance and reporting guidelines for public companies. It requires that all financial statements issued by public companies must be audited independently by a PCAOB-registered auditor.

In addition to regulatory compliance, PCAOB audits help to improve credibility and boost investor confidence in a company making a public offering. PCAOB audits require independent auditors to examine financial statements and internal controls thoroughly.

PCAOB audits are also a common requirement for being listed on major stock exchanges like the New York Stock Exchange (NYSE), NASDAQ and the Chicago Board Options Exchange (CBOE). While PCAOB audits are a requirement, they can also help position a company’s IPO for success by instilling confidence in its financial health.

Ongoing Compliance for Public Companies

Once a company becomes publicly listed, it is subject to continuous regulatory oversight. Because of this, it must undergo periodic PCAOB audits. These audits verify the reliability of its financial statements and help investors make informed decisions.

It also helps them stay compliant with SEC reporting schedules, which require quarterly and annual reports:

  • Annual Reports (Form 10-K) include comprehensive financial performance, operations, risks, and management details. This form also includes detailed financial statements that a PCAOB-registered auditor has audited.
  • Quarterly Reports (Form 10-Q) are reviewed on an interim basis and provide an unaudited snapshot of the organization’s financial health and any significant events during that quarter.

Consistent audits and reliable reporting have additional benefits. They can help boost a public company’s reputation and market standing, further benefiting stock prices and overall market stability. Internally, these audits help continuously improve internal controls and mitigate risk.

Regular PCAOB audits and consistent reporting are required, but they also provide strategic benefits for public companies because they help to identify risk, demonstrate reliability, and improve market standing.

Private Companies Seeking to Sell to a Public Company

A PCAOB audit can make companies that want to sell more attractive to potential buyers.

How so?

PCAOB audits require detailed financial disclosures, which include important information for potential buyers. Together with information that may be included in the audit, such as Critical

Audit Matters (CAMs) and an ICFR assessment, these disclosures help potential acquirers identify and mitigate risks, helping them evaluate the potential sale more confidently.

PCAOB audits can also enhance the credibility of financial statements and demonstrate that a company is well-governed, which could make a company more enticing to buyers. This broadens the pool of potential suitors for the company and assures potential acquirers that the target company already complies with the required reporting standards for a public company.

Essentially, obtaining a PCAOB audit before selling a business to a public company helps lay the foundation for a smooth due diligence process. It also gives potential acquirers improved confidence in their ability to integrate the target company seamlessly into their existing corporate structure.

The PCAOB Audit Process Explained

The SEC requires that all companies seeking to go public must first undergo a PCAOB audit. This ensures that all financial statements comply with the regulations that public companies are subject to.

Because of this requirement, it is paramount that companies preparing for an IPO fully understand this process. This knowledge can help teams prepare for their audits in advance by ensuring that all processes are in place and that all necessary records are available and up-to-date.

Preparing for a PCAOB Audit

PCAOB audits examine financial statements, disclosure notes, and internal controls and perform tests using a sampling of transactions during the audited period. As such, you’ll need these materials for the auditor when preparing for an IPO.

Once a company has gone public, this process happens annually. However, if a private company is preparing for its IPO and has never been audited, this audit must cover at least the past two years.

For example, if a company planned to issue an IPO in 2024, it would need to submit audited financial statements for 2023 and 2022, along with unaudited interim financial statements for periods not covered by the audit, for example, the first quarter of 2024.

The scope of documentation required for PCAOB audits is considerably broader than typical private company audits. For example, the company may need to prepare documentation in advance of the audit that includes:

  • Source Documentation: Detailed records supporting financial transactions.
  • Complex Accounting Transactions: Evaluation of intricate accounting events.
  • Technical Accounting Memorandums: In-depth analyses of accounting issues.
  • Capitalization (Cap) Table: A complex spreadsheet detailing equity transactions, ownership stakes, share types, and option pools.

Audited companies must also have adequate internal resources to support the PCAOB audit process. Accounting staff may be subject to heavy demands throughout the engagement. This heavy burden will remain after a company goes public. Therefore, companies must allocate adequate resources to their accounting department.

Preparing for this takes time, so it’s essential to consider this process when planning your timeline leading up to your target IPO date.

The actual timeline of a PCAOB audit varies depending on its complexity and how prepared the organization is for it. It can range from six weeks to several months.

Because of this broad time range, companies preparing for an IPO should start the process early. This gives them time to accommodate unexpected delays, improve their internal controls and accounting frameworks, and prepare for a seamless audit process.

You can further streamline this process by working with a qualified CPA and public reporting consultant, such as the Grassi team. Their expertise can help you prepare and organize all necessary documentation for a smooth audit experience.

Putting Together a Deal Team

The process of going public requires input from a wide range of stakeholders. As a company prepares, it’s important to identify all the professional support required and recruit talented professionals.

In addition to the management and board of the company, other key stakeholders involved in the deal team include:

  • SEC Counsel
  • Investment Banker
  • Technical Accountants
  • PCAOB-Registered Audit Firm
  • Valuation Professionals

The PCAOB Audit Process

Once initiated, the audit process is complex for the auditor and the organization they’re reviewing. While some specifics vary depending on the nature of the organization, documentation, and risks identified, the process is regulated and thus reasonably uniform.

Below, we’ve broken the PCAOB audit process down into eight subsections.

The Audit Team

A team of experienced professionals conducts audits. Typically, one or more Partners lead the team and are responsible for planning, executing, and reporting on the audit. The Partners are supported by audit principals and managers who oversee the day-to-day audit activities, perform testing, and collect evidence.

On the organization’s side, their team typically includes the management team, primarily responsible for collaborating with auditors, an internal audit team, an audit committee that oversees the process, and finance and accounting staff.

Audit Planning and Risk Assessment

During the planning phase, auditors focus on establishing a strong foundation for the rest of the investigation. Next, auditors determine the scope and focus of the audit by evaluating the significance of financial statements to determine materiality. Materiality refers to how significantly a potential misstatement could impact the integrity of the financial reporting. This helps auditors allocate resources effectively and prioritize the most critical parts of the audit.

Once a company establishes materiality, auditors identify and evaluate the risks associated with potential material misstatements. They carefully assess internal and external factors that could impact the reliability of the financial statements. This step enables auditors to tailor their procedures to address all areas of concern.

Auditing Internal Control Over Financial Reporting (ICFR)

Internal Control over Financial Reporting (ICFR) procedures are internal procedures designed to identify and mitigate deficiencies in reporting so that financial statements are accurate, reliable, and compliant.

Auditors may periodically test these controls to measure their effectiveness and ensure they are operational.

Audit Procedures in Response to Risks

Auditors often identify specific areas of concern during the audit planning and risk assessment phase. The audit team will use this information to effectively tailor audit procedures to address those risks. For example, they may incorporate additional testing, follow up with management, or gather more evidence to study and mitigate risks of material misstatement.

Auditors analyze financial reports to spot fluctuations and identify other potential misstatements. They may also compare current financial information with historical data and industry benchmarks to evaluate how consistent the data is with expected trends.

Next, auditors confirm the accuracy of financial information by confirming balances with third parties, such as banks or creditors.

Finally, using a process called audit sampling, auditors use statistical analysis to examine a random representative sample of financial data. This allows them to draw accurate conclusions about the whole set of financial data without processing every single data point.

Audit Procedures for Specific Aspects

In addition to misstatements identified in financial reporting, auditors consider the risk of fraud by other means, such as the integrity of management, poor internal controls, or suspicious transactions.

Transactions involving related parties (such as company leadership, family members, or affiliated companies) also require scrutiny to verify that the nature and substance of such transactions were done fairly and disclosed accurately.

Finally, auditors must assess the organization’s ability to continue operating in the future and any factors that could complicate its sustainability. These may include issues like liquidity, solvency, and cash flow projections.

Auditor Communications

The audit process ensures transparency among public companies. Effective communication throughout the audit process is paramount. An auditor will provide regular updates on their general progress, significant findings, and any issues that require a decision from the audit committee.

Additionally, auditors are required to communicate the nature and significance of any deficiencies they find in internal controls and include recommendations for corrective actions to mitigate the issue.

Audit Documentation

Auditors must document their entire process, including procedures and observations. They must also include evidence of their work and any details supporting their conclusions.

This detailed documentation helps regulatory authorities and stakeholders review the audit and demonstrates that it was performed according to PCAOB guidelines.

Engagement Quality Review

Audits themselves are also subject to independent review. This ensures that the auditor complies with PCAOB auditing standards and the audit firm’s quality control policies while they conduct the audit.

An additional, experienced auditor inside the firm conducts this review. This individual will not have been involved in the audit and will bring an objective approach while cooperating with the audit team. If any significant findings arise from the quality review, they must be addressed promptly to maintain the credibility of the final audit report. The engagement quarterly reviews occur contemporaneously as the audit progresses, avoiding finish-line surprises and inefficiencies.

Preparing Audit Report

The final deliverable of the engagement is the auditor’s report. This report gives an opinion on the company’s financial statements, details the basis for their opinion, and may highlight CAMs, liquidity concerns, or other relevant items identified during the audit.

This report is typically issued alongside the audited financial statements for the period covered by the audit.

Audit Readiness Services

PCAOB audits are complicated and detailed, and it’s natural for private companies to be slightly intimidated by the process. However, effective preparation makes the process more efficient while mitigating risks and saving costs.

Many firms offer audit readiness services to take some of this burden off your shoulders. By working with an experienced PCAOB-registered audit firm that can guide you through the audit process and provide additional advisory services, you can better map out the road ahead.

Grassi: Experienced SEC Accounting & Audit Solutions

A successful PCAOB audit is a prerequisite for all companies with their sights set on the public market. But there’s no question that this can be a significant undertaking, and your company must have the support of a proven auditor. That’s true whether you’re new to the process and preparing for your IPO or have years of experience as a publicly traded company.

If you’re new to PCAOB audits, the process may seem inscrutable, the costs unpredictable, and the timing and preparation dizzying. It’s recommended that companies work with a firm that is PCAOB-registered from the beginning to satisfy the requirements. Grassi’s proactive approach, experience, transparent communication, and overall level of commitment will ensure you get to the finish line efficiently without late-stage surprises.

If you’re familiar with PCAOB audits but have become frustrated with the service your company has received in the past, the process may be even more frustrating. From lack of progress to audit fatigue to firms that don’t respond to your questions, the audit process may be one of your least favorite periods of the year.

Fortunately, it doesn’t have to be that way when you work with Grassi. Our professionals bring decades of experience in public accounting to every engagement and take a consultative approach to guiding clients through their audit process and beyond. We ensure our clients are engaged throughout the process so there are no surprises or unexpected costs and the work is delivered on time.

Our team is well-established within the PCAOB audit space. Grassi has the resources and sophistication to conduct audits efficiently while still being small enough to provide personalized attention and specialized services through every stage of the process.

In 2023, Grassi played a role in the following transactions:

  • Azitra: $7.5 million IPO
  • Forza x1: $17.3 million IPO plus an $8 million follow-on offering
  • Twin Vee PowerCats: $18 million IPO plus a $6.9 million follow-on offering
  • Alset: $3.8 million follow-on offering

To learn more about how Grassi can help you prepare and navigate your PCAOB audit, request a consultation with one of Grassi’s experienced SEC and Capital Markets Advisors today.