Your Auditor Now Has to Trust Your Process, Not Just Your Numbers

What Is an Audit-Ready Fixed Asset Pipeline?

An audit-ready fixed asset pipeline is a governed workflow that captures physical evidence of asset existence, location, and condition, routes that evidence through documented human review and approval, and synchronizes verified results to the fixed asset register. It produces a chain of custody that auditors can evaluate as sufficient, reliable evidence under current regulatory standards.

Introduction

For years, the fixed asset audit question was simple: does the number on your balance sheet match the asset you say you own?

That question has not gone away. But a new one has been added.

The Public Company Accounting Oversight Board (PCAOB) amended AS 1105, the standard governing audit evidence, effective for fiscal years beginning on or after December 15, 2025. The amendment sharpens auditors' responsibility to evaluate the reliability of electronic information used as audit evidence, including data produced through technology-assisted analysis.

Translation: your auditors now have to assess not just what your fixed asset register says, but how that information was produced.

The PCAOB's 2024 inspection data makes the urgency clear. Long-lived assets jumped to the number one ICFR audit deficiency area in 2024, even as overall audit deficiency rates improved from 46 percent to 39 percent. Fixed assets are specifically going the wrong direction as overall audit quality improves.

That combination, a new evidence standard and escalating audit scrutiny on fixed assets, is the context for this post.

What Is an Ungoverned Fixed Asset Pipeline?

An ungoverned fixed asset pipeline is any process by which a company captures, processes, or uses electronic information to support fixed asset assertions without a documented governance layer.

That definition includes more organizations than most CFOs realize.

Most fixed asset workflows look something like this: an inspection is performed, a spreadsheet is updated, a journal entry is filed, and the result flows into the financial statements. Each step has a person responsible. But does each step have a documented process? A defined review authority? A record of who approved what, and why, and when? A complete chain from physical evidence to the ERP entry?

In most manufacturing organizations, the honest answer is no. Not because the people are careless. Because no system was ever designed to produce that chain. The ERP records the financial transaction. The maintenance system records the physical activity. And between those two systems, there is a gap where governance should live but does not.

AS 1105 does not directly mandate that companies build governance into their own processes. It governs the auditor's responsibilities. But the bridge is direct: an ungoverned, undocumented fixed asset process makes it harder for auditors to establish that the electronic evidence supporting your assertions is reliable. Under heightened AS 1105 expectations, that difficulty becomes your audit exposure.

Why Most Fixed Asset Pipelines Lack Governance

The absence of governance in fixed asset workflows is not an oversight. It is a structural consequence of how enterprise technology was designed.

1. ERP systems were not built for physical verification.

Every major ERP, SAP, Oracle Financials Cloud, and Microsoft Dynamics 365, has the same design constraint: the physical tracking modules (maintenance, logistics, plant operations) are not natively connected to the fixed asset financial subledger. Physical changes happen on the floor. Financial entries happen in the back office. The link between them requires manual intervention. In practice, that intervention is inconsistent, delayed, or missing entirely.

2. Inspection tools were built for operational outcomes, not financial evidence.

Mobile inspection platforms and CMMS systems were designed to capture maintenance records, safety compliance data, and work order histories. They were not designed to produce audit-ready evidence chains. The data they generate is operationally useful. It is not structured to satisfy AS 1105's reliability requirements for financial assertions.

3. Nobody ever owned the bridge.

Operations owns physical asset management. Finance owns the fixed asset register. Neither team owns the process that governs the flow of physical truth into financial records. That bridge has historically been covered by the annual audit, which detected errors after the fact rather than preventing them by design.

Old model vs. governed model

The Real Cost of an Ungoverned Pipeline

The financial consequences of ungoverned fixed asset processes are not theoretical.

Kroll Advisory, the firm that runs 8,000 fixed asset engagements per year across 36 countries, reports that 10 to 30 percent of assets on the average fixed asset register are ghost assets: assets the organization continues to depreciate, insure, and pay property tax on that no longer physically exist. Up to 65 percent of asset records contain errors, missing data, or outdated information.

Those are the direct financial costs. The audit costs are compounding them.

The PCAOB's 2024 inspection data identified two specific failure types at large audit firms: substantive testing failures on impairment of long-lived assets, and failures to identify and test controls over long-lived assets and depreciation. Both failures trace back to the same root cause: organizations could not provide auditors with sufficient, reliable evidence that their fixed asset assertions were supported by a governed process.

The cost of a failed PCAOB inspection is not a fine. It is a restatement, an expanded audit scope, an audit committee inquiry, and in material cases, a public disclosure.

“Our customers don’t struggle because they lack systems. They struggle because they lack proof.”

— Tim Harris, CEO, SoloTruth

The gap between having a system and having proof is exactly what AS 1105 now requires auditors to evaluate.

Cost categories from an ungoverned pipeline:

• Phantom depreciation on ghost assets: direct P&L overstatement
• Insurance premiums on assets that no longer exist
• CAPEX planning errors from an incomplete register (assets bought twice, replacement cycles missed)
• Audit labor: the Manufacturers Alliance estimates external audit fees of $1.17 million to $6.74 million per year for mid-to-large manufacturers, with fixed assets as a primary cost driver
• Regulatory exposure from failing AS 1105 and AS 2201 requirements

Our ROI model, built on Kroll, Manufacturers Alliance, and PCAOB data, puts gross annual exposure at $1.45 million to $4.05 million for an organization with $100 million in gross fixed assets.

Who Is Most Affected

• CFOs and controllers at public companies and large private companies undergoing audit. AS 1105 governs PCAOB-registered audit engagements, which means public companies are directly in scope. For private companies subject to bank covenants, investor reporting, or M&A processes, the same evidence quality expectations are increasingly standard in due diligence.
• Manufacturing and industrial operators. Asset-intensive environments are where the ERP design gap is most acute. Assets move. Equipment is cannibalized for parts. Field crews buy replacements below the capital review threshold. The gap between physical reality and the fixed asset register is widest in environments where assets change daily.
• Audit committees. AS 1105 increases the auditor's responsibility to evaluate evidence reliability. The audit committee is the governance body that responds when auditors raise concerns. An ungoverned pipeline is an audit committee exposure, not just a management one.
• CFOs preparing for S/4HANA migration. Approximately 17,000 SAP ECC customers are projected to remain on legacy systems by 2027, when maintenance ends. Fixed asset register integrity is one of the most common migration blockers. A governed pipeline resolves that before the project hits the wall.
• Organizations with multi-site or multi-entity structures. The reconciliation gap compounds across locations. A single ungoverned process, multiplied across 5 or 10 or 20 facilities, produces an audit surface area that becomes increasingly difficult to manage without a systematic governance layer.

What to Look For in a Solution

When evaluating whether your fixed asset process can satisfy AS 1105 reliability requirements, ask these questions:

1. Does your process produce a complete evidence chain? From physical observation to ERP entry, every step should be documented, linked, and retrievable. A complete chain means: who captured the evidence, what it showed, who reviewed it, what they decided, and when the system of record was updated. Incomplete chains produce assertions that auditors cannot fully evaluate.
2. Are human review points defined and documented? Effective governance is not presence, it is practice. Human-in-the-loop controls require that the reviewer has context (what evidence they are evaluating), decision authority (what they are authorized to approve), a rationale record (what they decided and why), and a time-boxed intervention window. A workflow without these properties does not satisfy the governance standard.
3. Is the process consistent and systematic, or ad hoc? Ad hoc processes produce ad hoc evidence. Under AS 1105, auditors evaluate the reliability of the process, not just the output. A systematic, repeatable workflow produces evidence that is evaluable as reliable by design. An ad hoc process produces evidence whose reliability depends on reconstruction.
4. Does the governance layer materially gate ERP writes? Piping raw inspection data or IoT signals directly into the ERP without a materiality determination is not governance. It is noise generation. A governed pipeline decides what constitutes a material change and routes that change through an approval workflow before the ERP is updated. The decision layer is what makes the evidence defensible.
5. Is the evidence independent of the underlying data source? Governance that lives inside the same tool that captured the original data is not independent. An auditor evaluating evidence reliability will ask whether the evidence chain could have been altered or circumvented by the operator who produced it. Independent governance means separate system, separate authority chain, separate audit log.
6. Does the process scale across your asset base? A governance process that works for 500 assets in one facility but breaks at 50,000 assets across 10 facilities is not a process. It is a workaround. Scalable governance means the same systematic controls, the same evidence chain, and the same human review logic apply regardless of volume or location.

What Good Looks Like

A fixed asset pipeline that satisfies AS 1105 evidence reliability expectations has these characteristics:

1. Continuous, not periodic. Evidence is captured at the time of physical change, not once a year on audit day. The register reflects physical reality daily, not just when auditors arrive.
2. Operator-led, not auditor-led. Field verification is performed by the people who operate the assets, not by a separate audit team. This is the only model that scales to the size of a modern asset register without prohibitive cost.
3. Governed at every decision point. Every financially material change, ghost asset retirement, impairment trigger, component replacement, passes through a documented human approval with a rationale record. No AI system makes a financial determination without a human in the loop.
4. ERP-synchronized, not ERP-adjacent. Verified changes are written directly to the fixed asset subledger through a materiality-gated process. The ERP is the system of record, and the governed pipeline is what keeps it current.
5. Audit-ready by design. The complete evidence chain (what was observed, by whom, what was decided, when, and what system of record was updated) is retrievable and independently verifiable at any time. Audit prep is not a project. It is a query.
6. Built on an orchestration layer, not point tools. Point tools, inspection apps, RFID readers, GPS trackers, capture signals. They do not govern what happens after the signal. An orchestration layer sequences the work, routes the approvals, enforces the policy, and writes the outcome to the appropriate system. That is what makes the evidence chain complete.

Common Misconceptions

• Misconception 1: AS 1105 only applies to what auditors do, not what we do. The standard governs the auditor's responsibilities for evaluating evidence reliability. But the practical effect is that evidence from an ungoverned pipeline is harder for auditors to evaluate as sufficient. "The standard doesn't apply to us" is accurate in letter and wrong in consequence.
• Misconception 2: Our ERP already tracks fixed assets, so our pipeline is governed. ERP fixed asset modules record the financial lifecycle of an asset. They were not designed to verify that the asset physically exists, to capture condition evidence, or to govern the workflow between physical change and financial entry. The ERP is the system of record. Governance is what produces the inputs that feed it.
• Misconception 3: We do a physical count every year. That satisfies the standard. An annual physical count produces point-in-time evidence. AS 1105 requires auditors to evaluate the reliability of electronic evidence, which includes the process that produced it. A count performed once a year with no documented governance chain is harder to defend as a reliable, systematic process than continuous verification with a complete evidence trail.
• Misconception 4: Human-in-the-loop means having someone review the final report. Reviewing a final report is not HITL governance. Effective HITL means a defined human reviewer with specific decision authority evaluates specific evidence at a specific point in the workflow, records a rationale, and the system enforces the outcome. HITL embedded in the process is governance. HITL applied to the output is a signature page.

Frequently Asked Questions

Note: FAQPage schema to be added in HubSpot at publish time.

What exactly did PCAOB AS 1105 change?

The PCAOB amended AS 1105 to sharpen auditors' responsibility when evaluating electronic information used as audit evidence, including data produced through technology-assisted analysis. Auditors must now assess the reliability of the process that produced the evidence, not just the evidence itself. The amendments are effective for fiscal years beginning on or after December 15, 2025.

Does AS 1105 directly require companies to govern their fixed asset pipelines?

No. AS 1105 governs the auditor's responsibilities, not company-side processes directly. The practical implication is that an ungoverned, undocumented fixed asset process makes it harder for auditors to establish that the evidence supporting your assertions is reliable under the heightened standard. That difficulty translates into expanded audit scope, more auditor requests, and increased audit exposure.

What is HITL governance in the context of fixed assets?

Human-in-the-loop (HITL) governance means that every financially material fixed asset decision, retiring a ghost asset, flagging a potential impairment, recording a component replacement, passes through a defined human review step with documented decision authority, a rationale record, and a time-stamped approval. It is a control design pattern, not a sign-off on the final report.

How does continuous verification differ from an annual physical count?

A physical count produces point-in-time evidence of asset existence on one day per year. Continuous verification captures evidence at the time of physical change, throughout the year, using field operators as the capture mechanism. The result is a register that reflects physical reality daily and an evidence archive that covers the full period under audit, not just the count date.

What is the connection between ghost assets and AS 1105?

Ghost assets inflate the fixed asset register with records for assets that no longer exist. When auditors evaluate fixed asset assertions supported by a register with ghost assets, two problems emerge: the assertions may be materially incorrect, and the process that produced them may have failed to detect a systematic error. Both are AS 1105 concerns. Kroll Advisory reports that 10 to 30 percent of assets on the average fixed asset register are ghost assets.

How does the ERP design constraint contribute to the problem?

Every major ERP, SAP, Oracle, Microsoft Dynamics, has the same structural design constraint: the physical tracking modules are not natively connected to the fixed asset financial subledger. Physical changes require manual journal entries to reach the financial record. In practice, those entries are inconsistent, delayed, or missing. That gap is where ghost assets form and where the evidence chain breaks.

What should an audit committee ask management about fixed asset pipeline governance?

Four questions: Can management demonstrate that every material fixed asset change in the last year passed through a documented review process? Can they produce the complete evidence chain for a sample of transactions, from physical capture to ERP entry? Is the review process systematic and consistent across all sites, or does it depend on individual judgment? Does the ERP receive updates through a governed workflow, or through manual entries that are not systematically tracked?

Conclusion

The PCAOB's amendment to AS 1105 did not invent a new standard. It made an existing requirement more explicit.

Auditors have always been responsible for evaluating whether audit evidence is sufficient and appropriate. The amendment sharpens that responsibility specifically for electronic information produced through technology-assisted analysis. In 2025 and beyond, the question is not just whether the number on your balance sheet is correct. It is whether the process that produced that number is one an auditor can evaluate as reliable.

For most organizations, the honest answer to that second question is not yet. Not because the people are careless, but because no system was ever designed to produce a governed evidence chain from physical asset to financial record.

That is the gap SoloTruth Asset Relationship Management (ARM) is designed to close.

SoloTruth is the evidence-grade Asset Relationship Management (ARM) platform that verifies the existence, location, and condition of physical assets and reconciles that data with ERP systems. Every inspection captures physical evidence. Every material change passes through a documented human approval. Every verified update writes to the fixed asset subledger. The result is a complete, auditable evidence chain, produced continuously, ready for review at any time.

Book a 30-minute strategy call at calendly.com/tim-harris-solotruth/30min to see what an audit-ready fixed asset pipeline looks like for your organization.

Last Updated: June 2026