Component Auditors What is a Component Auditor?

Download Report

Transcript Component Auditors What is a Component Auditor?

International Auditing and Assurance
Standards Board
Audits of Group Financial Statements
ISA Implementation Support Module
Prepared by IAASB Staff
November 2009
Overview
• Introduction
• Significant Features of New Standard
– Risk Assessment and Quality Control Principles
– Engagement Acceptance and Continuance
– Understanding the Group and Its Components
– Significant Components and Work Effort on Components
– Component Auditors
– Materiality
– Communication
– Additional Aspects
2
Introduction
Introduction
• The context for revising the standard
– Lack of an international standard dealing
specifically with group audits
– Varying group audit practice around the world
– Regulatory concerns about rigor and consistency
of practice in this important and complex area
– Need to reflect application of risk assessment and
quality control principles in group audit context
• Standard reflects international best practice
3
Risk Assessment and Quality Control Principles
Applying Risk Assessment and Quality
Control Principles
• A major thrust of the new standard
• Risk assessment provides basis for determining nature
and extent of work on the group audit
• Identification and assessment of risks through obtaining
an understanding of the group, its components, and their
environments
• Effect on current practice will vary
– If best practices already followed, changes may not be
significant
– In other cases, more effort could be required
4
Risk Assessment and Quality Control Principles
Applying Risk Assessment and Quality
Control Principles
• Standard reflects ISA 220 principle regarding responsibility for
the audit
– Group engagement partner alone should be responsible for
direction, supervision, and performance of engagement and for
group audit opinion
• Therefore, reference to component auditor in the group
auditor’s report no longer permitted
• Practical implications:
– Need to pay greater attention to where risks lie within the group
– Component auditors may expect group engagement team to be
5
more involved in their work
Risk Assessment and Quality Control Principles
Applying Risk Assessment and Quality
Control Principles
• Emphasis on sole responsibility does not imply that
group audit should be performed by only one firm
or one network
– No requirement for this in the standard
– Different components may be audited by different
component auditors
• However, regardless of who the component
auditors are, standard requires group engagement
team to obtain an understanding of them
6
Engagement Acceptance and Continuance
Engagement Acceptance and Continuance
• A new approach
– Main consideration under old standard was whether
portion of group audited by the auditor was sufficient for
the auditor to act as principal auditor
– New standard introduces an entirely different concept
– Group engagement team now needs to consider whether
sufficient appropriate audit evidence can be obtained to
express group audit opinion before accepting engagement
– This consideration includes whether group engagement
team will be able to be involved in component auditors’
work
7
Engagement Acceptance and Continuance
Engagement Acceptance and Continuance
• Key consideration is whether sufficient appropriate
audit evidence can reasonably be expected to be
obtained regarding
– The consolidation process
– Components’ financial information
• Access to components controlled by the entity (e.g.
subsidiaries, branches) may not be an issue
• In other cases, difficulty in accessing relevant
information (e.g. at components such as joint ventures,
associates) may give rise to a scope limitation
8
Engagement Acceptance and Continuance
Engagement Acceptance and Continuance
• Decision to accept is also based on whether group
engagement team has unrestricted access to
– Component auditors and their work
– Management and those charged with governance
(TCWG) of the group
– Management and TCWG of the components
• Consideration of engagement acceptance a key
aspect of the standard
– Thus, determining whether to act as auditor of the
group is one of the objectives under the standard
9
Understanding the Group and its Components
Understanding Group-Wide Controls and
Consolidation Process
• As part of understanding the group and its
components, group engagement team now required
to understand
– Group-wide controls
– Consolidation process
• What are group-wide controls?
– Any controls over group financial reporting
– E.g. Controls for monitoring and reconciling intra-group
transactions
10
Understanding the Group and its Components
Understanding Group-Wide Controls
• Understanding group-wide controls helps to plan
nature, timing, and extent of work on consolidation
process and components
• Group engagement team tests, or asks component
auditor(s) to test, operating effectiveness of these
controls if:
– There will be planned reliance on the controls, or
– Substantive procedures alone cannot provide sufficient
appropriate audit evidence at the assertion level
• Communicate significant deficiencies in group-wide
controls in accordance with ISA 265
11
Understanding the Group and its Components
Understanding the Consolidation Process
• Under current practice, group engagement teams
may perform at least some work on the
consolidation process
– However, no specific requirements under old standard
– Practice therefore inconsistent
• New standard formalizes best practice in this regard
– Recognizes that material misstatements can arise as a
result of consolidation process
• New set of responsibilities for group engagement
team with regard to consolidation process
12
Understanding the Group and its Components
Understanding the Consolidation Process
• Understand detailed reporting instructions issued by
group management to components
• Perform specific procedures on consolidation
process
– Evaluate consolidation adjustments for appropriateness,
completeness, and accuracy
 Includes consideration of whether fraud risk factors or
indicators of management bias exist
– Evaluate whether components that report under different
financial reporting frameworks have been consolidated
on the basis of consistent accounting policies
13
Significant Components and Work Effort on Components
Significant Components
• New standard introduces important concept of a
“significant component”
• What is a significant component?
– A component financially significant to the group (i.e. size)
– A component likely to include significant risks of material
misstatement of the group financial statements due to its
specific nature or circumstances (i.e. specific risks)
• Why is concept of significant component important?
– Determines direction of group audit
– Work effort focused on components with greatest risks
14
Significant Components and Work Effort on Components
Work Effort on Components
• Old standard did not specify any particular level of work
on components
• New standard establishes specific requirements
– For a component significant due to size: an audit of the
component’s financial information
– For a component significant due to specific risks, one or
more of
 An audit of the component’s financial information
 An audit of one or more account balances, classes of
transactions or disclosures affected by the significant risks
 Specified audit procedures responsive to the significant risks
– For components that are not significant, analytical
procedures at group level
15
Significant Components and Work Effort on Components
Audit of Component Financial Information
• Not the same as audit of statutory financial statements
• For example, component auditor may not need to audit
– Items that will be audited centrally if so informed by group
engagement team
– Disclosures required for statutory purposes but not for group
audit purposes
• Audit to component materiality (materiality for statutory
audit may be lower)
• Group engagement team to specify form of reporting
expected from component auditor
– Standard does not mandate form of reporting
16
Significant Components and Work Effort on Components
Significant Components Audited by
Component Auditors
• Group engagement team to be involved in
– Component auditor’s risk assessment
 Have all the significant risks been identified?
 Involvement depends on understanding of component auditor
but standard specifies minimum work required
– Component auditor’s responses to significant risks
 Are the responses appropriate?
 Direct involvement by group engagement team in responding
to the significant risks may be necessary based on
understanding of component auditor
17
Significant Components and Work Effort on Components
Is Further Work Required on Components?
• Only when sufficient appropriate audit evidence will
not be obtained through work on significant
components, group-wide controls and consolidation
process, and analytical procedures at group level
• If so, select one or more components that are not
significant and obtain additional audit evidence through
one or more specified actions
– E.g. Perform an audit or review of the individual
component’s financial information
– Vary selection of such components over a period of time
18
Component Auditors
What is a Component Auditor?
• An auditor of a component is a component auditor only
when it has been asked by the group engagement team
to perform work on the component for the group audit
– Can be an auditor in another firm or an auditor in another
office of the same firm or network
• Understand 2 further matters besides component
auditor’s competence and independence
– Whether group engagement team can be involved in
component auditor’s work as necessary
– Whether component auditor is subject to regulatory
oversight
19
Component Auditors
Understanding Component Auditors
• Nature, timing and extent of work to
understand component auditors depend on a
number of factors, e.g.
– Previous experience with or knowledge of
component auditors
– Degree to which group engagement team and
component auditors are subject to common
policies and procedures
 E.g. in quality control, audit methodology
20
Materiality
Materiality
• Standard now requires 4 different types of
materiality to be determined
– Group materiality
– If relevant, materiality levels for particular classes of
transactions, account balances or disclosures
– Component materiality where an audit or a review of
a component is necessary
– Threshold above which misstatements cannot be
treated as clearly trivial to the group
21
Materiality
What is Component Materiality?
• Materiality for a component necessary for group
engagement partner to form an opinion on group
financial statements
– Not for component auditor to form an opinion on
component’s financial information
• Should be lower than group materiality so that
misstatements in components in the aggregate will
not exceed group materiality
• Should be set for each component for which an
audit or review is required
22
Communication
Importance of Effective Communication
• Standard places greater emphasis on effective
communication between group engagement team and
component auditors
– Effective involvement in component auditors’ work required
by the standard otherwise not possible
– Vital to ensure expectations on both sides are clear
• Standard recognizes need for effective communication with
TCWG and management
 Opens up dialogue with TCWG on significant matters
 Enables TCWG and management to be made aware of matters
relevant to discharging their respective responsibilities for
financial reporting process, a matter of public interest
23
Communication
Communication with Component Auditors
• Communication now broader and more specific
• Guiding principles when communicating downstream
– Will component auditors be clear as to nature and extent of
work requested of them on the components and whether group
engagement team will be involved in their work?
– Will component auditors be clear as to required form of
reporting to group engagement team and reporting deadlines?
• Standard requires specific matters to be communicated
to component auditors
– E.g. component materiality, form and content of reporting
• Communication should be timely
24
Communication
Communication with Component Auditors
• Nature and extent of component auditors’
communication upstream driven by 2 key
considerations
– Group engagement team’s specific requirements
 E.g. significant risks identified by component auditors;
previously unidentified related parties
– Whether any specific matters have been identified that
are relevant to the group audit or that would merit
group engagement team’s attention
 A broad responsibility for component auditors
25
Communication
Evaluation of Component Auditor’s
Communication
• Standard requires evaluation of component
auditors’ communication
– To identify significant matters for follow-up with
component auditors, group management or component
management as appropriate
– To determine whether to review specific aspects of
component auditors’ audit documentation
• Greater scrutiny of component auditors’ work may
lead to more discussion of issues with them in
person or over the phone
26
Communication
Communication with Group Management
• Communicate matters relevant to group management’s
responsibility for preparing group financial statements
– E.g. Deficiencies in group-wide controls; fraud
– An opportunity to also communicate, through group
management, matters group engagement team has
identified that are relevant to component management’s
responsibility to prepare component financial statements
• Group engagement team should not rely on component
auditor’s communication with component management
to discharge responsibility to communicate with group
management
27
Communication
Communication with TCWG
• Explain to TCWG nature and extent of
– Audit work required on components
– Group engagement team’s involvement in component
auditors’ work
• Rationale
– Sets clear expectation among TCWG that overall
responsibility for group audit rests with group engagement
team
– Helps them understand where audit effort is being
directed so that they may provide assistance with any
issues that may arise
28
Additional Aspects
Subsequent Events and Documentation
• Standard requires
– Subsequent events work on components that are
audited
– Documentation of specific matters, e.g.
 Analysis of components, including identification of
significant components
 Type of work to be performed on the components
 Nature, timing and extent of group engagement team’s
involvement in component auditor’s work on
significant components
29
Note
This set of support slides does not amend or override
the ISAs, the texts of which alone are authoritative.
Reading the slides is not a substitute for reading the
ISAs. The slides are not meant to be exhaustive and
reference to the ISAs themselves should always be
made. In conducting an audit in accordance with
ISAs, the auditor is required to comply with all the
ISAs that are relevant to the engagement.
30
International Federation
of Accountants
Copyright © November 2009 by the International Federation of Accountants
(IFAC). All rights reserved. Permission is granted to make copies of this work
provided that such copies are for use in academic classrooms or for personal use
and are not sold or disseminated and provided that each copy bears the
following credit line: “Copyright © November 2009 by the International
Federation of Accountants (IFAC). All rights reserved. Used with permission of
IFAC. Contact [email protected] for permission to reproduce, store, or
transmit this work.” Otherwise, written permission from IFAC is required to
reproduce, store, or transmit, or to make other similar uses of, this work, except
as permitted by law. Contact [email protected].
ISBN: 978-1-60815-050-2
www.ifac.org