Addressing Practical Application Issues

Introduction

26

This section of GS 022 provides guidance to auditors on addressing a selection of the practical application issues that may arise in a SSGA or a MSE. (Ref: Table 1)

Overall Strategy for Responding to Issues

27

The most effective approach auditors can adopt to address practical application issues regarding a SSGA and a MSE, is comprehensive planning through:

  1. Considering separately the engagement mandates, user needs and objectives for each of the different sections of the engagement in order to clearly identify the distinct scoping requirements and relevant AUASB Standards (Ref: Appendix 9);
  2. Communicating with relevant parties to clarify uncertainties and resolve issues; and
  3. Establishing detailed and efficient strategies and plans only when there is clarity about each section of the engagement(s).

Preconditions

28

Under the AUASB Standards, the preconditions for each assurance aspect of the MSE engagement are established. In order to determine whether the preconditions for an assurance engagement are present, the auditor:

  1. Determines whether the subject matter is appropriate, including whether it is auditable;
  2. Determines whether the criteria are suitable including whether the reporting framework(s) is acceptable; and
  3. Obtains agreement from management that it accepts responsibility for: the preparation of the entity’s reports (subject matter information), internal control and providing the auditor with information and access to personnel.

Terms of Engagement

29

The practical issues discussed below are considered and resolved by the auditor in the context of the auditor’s obligations under the AUASB Standards and relevant ethical standards[13] to confirm the terms of the engagement in writing. Each SSGA and/or separate section of a MSE is included in the engagement letter.

30

The engagement letter is a contract which is required on all engagements conducted by an auditor.[14] The requirement for an engagement letter is not conditional on the timing of appointment; clarity of mandates and reporting requirements; or the level of fees and costs. However, where law or regulation prescribes the terms of engagement in sufficient detail; and management acknowledges and understands its responsibilities, the auditor need not record the terms in a written agreement.

31

Appendix 4 provides examples of MSE engagement letters.

Practical Issues and Guidance

A. Unclear Engagement Mandates [Ref: Table 1] 

32

The key to an effective and efficient approach is for the auditor to consider of each SSGA and/or section of a MSE as a separate engagement in its own right and therefore requiring its own planning, performance and discrete file, or section of a file, containing supporting evidence.

33

An entity may request a SSGA or a MSE without appropriate articulation of the engagement requirements. Auditors clarify the requirements, purpose and other relevant preliminary details, for each SSGA or discrete section of a MSE prior to accepting the engagement. The auditor’s engagement objectives and responsibilities can only be apparent when the engagement mandates are properly understood.

34

The auditor obtains a thorough understanding of all mandates, establishes whether the preconditions are present, clarifies management’s (the responsible party’s) responsibilities and identifies the broad engagement scope/objectives before accepting the engagement, agreeing to the terms in writing or proceeding with the engagement.

35

Of importance to the auditor is clarity about the suitability of criteria, including the acceptability of the reporting framework (if applicable) and management’s acceptance of its responsibility to report under that framework. As auditors do not provide new information about the entity in the auditor’s report, it is important for management to disclose the applicable reporting framework, particularly when it is a special purpose framework.

For example: Management is responsible for presentation and disclosure of an accounting policies note to accompany a grant income and expenditure statement identifying whether a cash or accruals basis of accounting has been used. Such disclosure may be additional to a prescribed or recommended financial statement.

36

An entity may approach the auditor of the entity’s annual financial report at the completion of that audit with a request to conduct a SSGA or MSE. Regardless of the timing of such a request, the auditor needs to ensure the terms of the engagement are agreed to in writing.

37

In obtaining that understanding, auditors are mindful of the threats to effectiveness and efficiency in conducting the engagement as well as potential for non-compliance with AUASB Standards. Planning and performing assurance procedures, and agreed-upon procedures if applicable, are undertaken with an appropriate understanding of the various mandates directing the engagement and establishing that the relevant preconditions required by the AUASB Standards are present.

38

The expected reporting requirements or available reporting options of the SSGA or MSE are an important part of understanding the engagement mandates. See paragraphs 50-70 for further discussion on reporting.

39

Where engagement mandates are defined in outdated terms, such as is the case in some legislation, regulation or longstanding contracts, the auditor may communicate with the relevant regulator or parties to the contract (the users). The auditor’s objective is to clarify user expectations regarding the engagement scope and reporting requirements. Such clarification reconciles out-dated terms with current AUASB frameworks. The auditor may:

  1. Determine that an “Other Matter” paragraph in the auditor’s report would be an appropriate way to communicate changes in terminology from that used in the engagement mandate to that used in the AUASB Standards; and
  2. Seek legal advice when appropriate and possibly seek amendment to the terms of the engagement.

40

The auditor reconciles user expectations with the auditor’s capabilities under the legislative environment and the AUASB Standards. In some circumstances, it may be necessary for the auditor to inform users of any relevant restrictions imposed on the auditor so as to reach agreement on the auditor’s responsibilities regarding the engagement. In such cases, it may be appropriate for the auditor to include in the auditor’s report, additional explanatory detail regarding the restriction(s). An “Other Matter” paragraph may be used for such additional material.[15]

41

When an auditor is not confident of meeting user expectations or delivering appropriately in accordance with AUASB Standards, against the engagement mandate; or is unable to resolve the issue through other means, including additional explanation in the auditor’s report, the auditor declines the engagement unless prevented from doing so by law or regulation. Refer paragraphs 47 and 69 for options when the auditor is not able to decline the engagement.

B. Subject Matter(s) Not Able to be Assured, or Difficult to be Assured (Ref: Table 1)

42

In certain circumstances, an engagement mandate may seek assurance on a subject matter that is unable to be assured, or very difficult to be assured, such as an entity’s future ability to generate a specified level of unencumbered cash or its ability to fund a future project in part or whole. The auditor’s inability to provide assurance ordinarily arises because the subject matter is not appropriate or that the criteria against which to measure or evaluate that subject matter is not suitable[16]. Furthermore, the responsible party may not be required to provide the subject matter information, such as an attestation statement (e.g. solvency declaration), to the auditor (a direct engagement).

43

The auditor may consider:

  1. Identifying the specific reasons why some or all of the engagement requirements are unable to be achieved;
  2. Communicating with the relevant regulator or parties to the contract (the users) to determine the precise expectations of the users;
  3. Communicating with the responsible party to confirm their responsibilities regarding the engagement and to understand their expectations and the subject matter information they intend to provide to the auditor;
  4. Determining whether users would accept an alternative engagement, for example:
    1. An agreed upon procedures engagement; or
    2. Assurance over an alternative subject matter.
    3. For example: Although an auditor may be unable to assure an entity’s future ability to generate a specified level of unencumbered cash or fund a future project, the auditor could undertake a reasonable, or limited, assurance engagement over the historical levels of unencumbered cash and/or the reasonableness of the underlying assumptions used to determine the entity’s business plans, budgets and forecasts. This may be sufficient for the users to form their own conclusion as to the entity’s future abilities. Ordinarily, such assurance work would not necessitate a full audit of the entity’s previous or current financial report and would not constitute the provision of limited assurance over prospective information;
  5. Exploring effective alternative solutions that may resolve the issue of dealing with matters that may be unable to be assured;
  6. Evaluating whether:
    1. A disclaimer of opinion over certain subject matter is an appropriate option; or
    2. Additional explanation in the auditor’s report can mitigate possible misunderstanding as to what has not been assured and the reasons for the auditor’s inability to assure the particular subject matter, that may be presented in an “Other Matter” paragraph in the auditor’s report; or
  7. When alternative arrangements are unable to be made, determining whether the auditor is able to decline or withdraw from the engagement under relevant laws/regulations.

44

In communicating with users, it would be necessary for the auditor to inform the relevant parties of the reasons why the auditor is unable to assure a particular subject matter. When a mutual understanding is achieved, the auditor may be able to reach agreement on the auditor’s responsibilities regarding the SSGA or MSE and the effect on the auditor’s report. Any such agreement is committed to writing so as to comply with AUASB Standards and to avoid any misunderstanding.

45

If the auditor concludes that a disclaimer over a specific subject matter or additional explanation in the auditor’s report are necessary to comply with the requirements of relevant AUASB Standards, but is prohibited from doing so (say because of an inflexible prescribed reporting regime); or if additional explanation is permitted, but the auditor is unable to adequately mitigate possible misunderstanding, the auditor does not include within the auditor’s report that the audit has been conducted in accordance with (the relevant) AUASB Standards. See paragraph 66.

46

When an auditor determines that the subject matter is not appropriate, the criteria is not suitable or the engagement does not have a rational purpose, the auditor declines the engagement, unless required by law or regulation to accept the engagement.

47

When in rare and exceptional circumstances, the auditor is prevented from any of the alternatives described earlier, and therefore effectively faces an inappropriate engagement, the auditor consults with relevant parties and when necessary seeks legal advice. When considered appropriate by the auditor, the auditor may:

  1. Issue a disclaimer of opinion on the basis of a limitation in the scope of the engagement.[17]
  2. Issue concurrently, a separate auditor’s report to the user(s) that complies with the auditor’s obligations under the AUASB Standards and, if applicable, refers to the prescribed report.
  3. Write separately to the users, referring to the auditor’s report and setting out:
    1. The auditor’s concerns, including, if applicable, the misleading nature of the prescribed auditor’s report, the use of which is mandated;
    2. The reasons for the auditor’s predicament, particularly the reporting inconsistency with the auditor’s responsibilities under the AUASB Standards and the relevant ethical requirements; and
    3. If applicable, the auditor’s inability to obtain evidence to the level of sufficiency and appropriateness considered necessary by the auditor to support the auditor’s conclusion as required by the prescribed reporting format.

C. Obtaining Evidence from Third Parties (Ref: Table 1)

48

An entity may, in some cases, outsource to a third party some, or all, of the tasks which would be subject to audit or assurance procedures under the SSGA or MSE. For example, a portion of grant monies received may be used to engage a third party to perform procedures required under the grant agreement. Any such arrangements do not affect the requirements of the AUASB Standards or the underlying responsibilities of the auditor.

49

In the circumstances described in paragraph 48, the overriding issue for the auditor is the ability to obtain sufficient appropriate evidence in order to conclude on each of the matters in the scope of the engagement. Table 3 outlines options that may be available to the auditor in different circumstances.

Table 3: Obtaining Evidence from a Third Party

Situation

Auditor’s Response

The auditor is given access to the relevant records of the third party and provided with adequate explanations in relation to the work performed by the third party.

The auditor performs the procedures, and obtains adequate explanations, considered necessary by the auditor in order to obtain sufficient appropriate evidence to conclude.

The auditor is given access to the relevant working papers of the third party’s auditor and provided with adequate explanations in relation to the work performed by the third party’s auditor.

The auditor uses AUASB Guidance Statement, GS 011[18] to obtain sufficient appropriate evidence with which to conclude.

Where applicable, the auditor is permitted to request the third party’s auditor to perform the procedures considered necessary by the auditor; and to report thereon accordingly.

The auditor instructs the third party’s auditor in accordance with the relevant AUASB Standard(s).  For example, in the case of an audit of historical financial information,  paragraph 2 of ASA 600[19], is applied, as appropriate, to obtain sufficient appropriate evidence with which to conclude.

The third party is a service organisation and a report on controls under ASAE 3402[20] is available from the service organisation

The auditor complies with the requirements of ASA 402[21] in using the report issued by the service organisation’s auditor to obtain an understanding of internal control relevant to the engagement.

Sufficient appropriate audit evidence is not available.

The auditor considers the effect on the auditor’s report.

 

D. Determining Reporting Responsibilities (Ref: Table 1)

50

An auditor’s responsibilities and associated procedures to obtain a clear understanding of reporting responsibilities for a SSGA or a MSE are no different from those in any other engagement. The auditor obtains an understanding of the auditor’s reporting responsibilities at the acceptance and planning stages of the engagement, including whether the auditor’s report is prescribed or not prescribed.

51

The following guidance aims to illustrate the principles of reporting particularly when the auditor determines that issuance of a single-form auditor’s report, incorporating the different sections of the MSE, is most effective and efficient in the circumstances of the specific engagement.

Overview

52

When reporting on a SSGA or a MSE, the auditor’s objectives are the same as when reporting on other assurance engagements, namely to:

  1. Form overall opinions and/or conclusions based on evaluation of conclusions drawn from evidence obtained;
  2. Express overall opinions and/or conclusions clearly in a report that also describes the basis for the opinions and/or conclusions;
  3. Reduce engagement risk to an appropriate level;
  4. Establish that the auditor’s report complies with relevant AUASB Standards and other applicable reporting requirements, including when the auditor’s report
    1. Is modified (qualified opinion, adverse opinion, disclaimer of opinion and/or includes an emphasis of matter paragraph and/or other matter paragraph); and
    2. Contains supplementary reporting information such as a detailed list of minor instances of the entity’s non-compliance with specified regulation that have been identified by the auditor; and
  5. Determine that the auditor’s report is not misleading in the context of the specific engagement circumstances.

53

In expressing opinions and conclusions, the auditor uses the appropriate form of expression in the context of the applicable reporting framework and the relevant AUASB Standards.

For example: Where a SSGA or a MSE report comprises a special purpose financial report (SPFR) and an entity’s attestation on compliance with legislation, regulation or the terms of a contract, the auditor conforms with the reporting requirements in ASA 700[22] and ASA 800[23] regarding the SPFR; and ASAE 3000 and ASAE 3100 regarding the compliance section.

Users

54

Concurrently with procedures to understand the engagement mandates, the auditor performs procedures to identify users of the entity’s report(s) and the auditor’s report(s). Identification of users assists the auditor to determine the nature (form) of the auditor’s report(s), including:

  1. Whether there is a requirement to alert users of the special purpose of the entity’s report; and/or
  2. Whether to restrict distribution of the auditor’s report.

55

In the case of a grant acquittal or other contractual arrangement, the users are ordinarily the parties to the grant agreement or other contract. The signatories to the agreement(s) and the parties they represent, should provide a clear indication of the users.

For example: Where a grant is given to a company by a government department, the signature of the CEO, or other authorised staff, on the grant agreement, indicates that one group of users is the board of directors acting on behalf of the company that receives the grant. The signature of a government department head, authorised officer/delegate or notices within the funding agreement, indicate that the other user group is the government department providing the funds.

56

Where identification of users is not straightforward, the auditor discusses the matter with the party engaging the auditor. When such communication does not yield sufficient detail on identifying users, the auditor contacts the other party to the contractual arrangement or the regulator(s) responsible for each separate engagement mandate.

57

When communicating with users, the auditor considers whether it is appropriate to inform or remind users that auditor “independence” is a fundamental concept of audit and assurance and accordingly users do not direct the conduct of the audit.

Reporting when the Auditor’s Report(s) is not Prescribed

58

When the form and content of the auditor’s report is not prescribed by the engagement mandate, the auditor complies with the reporting requirements of the relevant AUASB Standards. The auditor may choose to:

  1. Provide multiple reports, separately for each subject matter and/or level of assurance;[24]
  2. Issue a single-form multi-scope report—a single-form report that identifies each different subject matter and level of assurance of the MSE; or
  3. A combination of (a) and (b). Table 4 illustrates this option where the auditor decides to issue a single-subject report addressing one subject matter and a single-form multi-scope auditor’s report covering the remaining subject matters:

Table 4: Example of auditor reporting (Ref: paragraph 58(c))

Subject Matters

Reporting in Accordance with AUASB Standard

First Auditor’s Report – single subject

Audit of an historical financial report

ASA 700/ASA 800, as applicable

Second Auditor’s Report – multi-scope

Audit of a single statement of grant income and expenditure

ASA 805

Reasonable assurance on the entity’s compliance with the terms of a grant agreement

ASAE 3100

Limited assurance on a statement of employee numbers required under a grant agreement

ASAE 3000

Examples of how the auditor’s reports described above might be presented are demonstrated in Appendix 6.

59

In choosing whether to issue multiple reports or a single-form report, the auditor considers:

  1. any relevant requirements of the engagement mandate;
  2. user needs;
  3. the requirements of any other relevant standards; and
  4. reporting effectiveness and efficiency.

60

Where the auditor intends to issue a single-form MSE report, the auditor designs a unique report developed according to the circumstances which incorporates the reporting requirements of the relevant AUASB Standards, as well as any reporting mandates such as relevant requirements of a grant funding agreement.

61

In developing a unique single-form MSE report, the auditor seeks efficiency by avoiding repetition through blending similar reporting requirements when appropriate, but without blurring the different sections of the MSE.

For example: A single paragraph could be used to describe management’s responsibilities for the various subject matters, rather than several paragraphs describing management’s responsibilities for each subject matter, which may be repetitive .

Other Reporting Responsibilities

62

Auditors satisfy themselves as to whether there are any other reporting obligations under legal and regulatory requirements.

63

If the auditor considers it necessary to communicate a matter other than those that are presented or disclosed in the entity’s relevant financial or other reports that, in the auditor’s judgement, is relevant to the users’ understanding of the audit, the auditor’s responsibilities or the auditor’s report, the auditor considers use of an “Other Matter” paragraph in the auditor’s report.[25]

64

If the auditor addresses other reporting responsibilities that are in addition to the auditor’s responsibilities under the AUASB Standards, the auditor considers use of a separate section of the report titled “Report on Other Legal and Regulatory Requirements” or otherwise as appropriate.[26]

E. Prescribed Reporting [Ref: Table 1]

65

In some circumstances, the form and/or content of the auditor’s report is prescribed and in some cases, may include a prohibition on modified opinions. In such cases, the auditor compares the prescribed report with the reporting requirements of the relevant AUASB Standards. This comparison, taken together with the auditor’s ability, if any, to remedy any reporting issues, is an important part of the engagement acceptance procedures.

66

Although applicable to audits under the Australian Auditing Standards, the following extracts are consistent with requirements under ASAE 3000 and provide helpful guidance on the considerations to be applied regardless of which AUASB Standards apply:

  1. ASA 210 requires:[27]

In some cases, law or regulation of the relevant jurisdiction prescribes the layout or wording of the auditor’s report in a form or in terms that are significantly different from the requirements of the Australian Auditing Standards. In these circumstances, the auditor shall evaluate:

  1. Whether users might misunderstand the assurance obtained from the audit of the financial report and, if so,
  2. Whether additional explanation in the auditor’s report can mitigate possible misunderstanding.

If the auditor concludes that additional explanation in the auditor’s report cannot mitigate possible misunderstanding, the auditor shall not accept the audit engagement, unless required by law or regulation to do so. An audit conducted in accordance with such law or regulation does not comply with Australian Auditing Standards. Accordingly, the auditor shall not include any reference within the auditor’s report to the audit having been conducted in accordance with Australian Auditing Standards.

  1. ASA 700 requires:[28]

If the auditor is required by law or regulation of a specific jurisdiction to use a specific layout or wording of the auditor’s report, the auditor’s report shall refer to Australian Auditing Standards only if the auditor’s report includes, at a minimum, each of the following elements:

  1. A title;
  2. An addressee, as required by the circumstances of the engagement;
  3. An introductory paragraph that identifies the financial report audited;
  4. A description of the responsibility of management (or other appropriate term, see paragraph 24 of this Auditing Standard) for the preparation of the financial report;
  5. A description of the auditor’s responsibility to express an opinion on the financial report and the scope of the audit, that includes:
  • A reference to Australian Auditing Standards and the law or regulation; and
  • A description of an audit in accordance with those Standards;
  1. An opinion paragraph containing an expression of opinion on the financial report and a reference to the applicable financial reporting framework used to prepare the financial report (including identifying the jurisdiction of origin of the financial reporting framework that is not Australian Accounting Standards and, where applicable, Australian law or regulation);
  2. The auditor’s signature;
  3. The date of the auditor’s report; and
  4. The auditor’s address.

67

When an auditor determines that the prescribed reporting requirements do not align with, or conform to, the requirements of the relevant AUASB Standards, the auditor, as appropriate:

  1. Communicates with the relevant authority, individual or group, seeking agreement to amend the prescribed auditor’s report such that it conforms to AUASB Standards;
  2. Issues an alternative report that complies with the requirements of the AUASB Standards. This option is considered especially when the auditor has experience with the relevant party having accepted such alternative auditor’s reports in the past; and
  3. Communicates any matters described in paragraph 66 above that may be deficient in the prescribed auditor’s report, through an “Other Matter” paragraph.

68

Prescribed reporting formats may, for example, not include reference to management’s responsibilities for the preparation of the entity’s reports (financial, non-financial). In such cases, an “Other Matter” paragraph can be used to describe management’s responsibilities. When the auditor is unable to redress issues with prescribed reporting requirements by appropriate application of the principles or procedures conveyed above, the auditor declines the engagement, unless required by law or regulation to accept the engagement.

69

When the auditor is not able to decline the engagement and is prevented from amending or adding to a prescribed auditor’s report, the auditor has been prevented from exercising professional judgement as required by the AUASB Standards. Accordingly, the auditor consults with appropriate parties and when necessary seeks legal advice. When considered appropriate by the auditor, the auditor may, in the circumstances, be able to:

  1. Issue a modified auditor’s opinion or conclusion statement in accordance with the relevant AUASB Standards;
  2. Issue concurrently and preferably accompanying the prescribed auditor’s report, a separate auditor’s report to the user(s) that complies with the auditor’s obligations under the AUASB Standards and refers to the prescribed report; or
  3. Write separately to the user(s,) referring to the specific prescribed auditor’s report and setting out:
    1. The auditor’s concerns, including the misleading nature of the prescribed report;
    2. The form and content of a report under the relevant AUASB Standards;
    3. The reasons for the auditor’s predicament, particularly the reporting inconsistency with the auditor’s responsibilities under the AUASB Standards and relevant ethical requirements; and
    4. If applicable, the auditor’s inability to obtain evidence to the level of sufficiency and appropriateness considered necessary by the auditor to support the auditor’s conclusion as required by the prescribed reporting format.

70

Appendix 7 provides further considerations relating to prescribed auditor’s reports.

F. Prescribed Scopes and/or Procedures (Ref: Table 1)

71

In some SSGA or MSE, certain scopes and/or procedures may be prescribed by a relevant party, such as a regulator or the provider of grants.

Assurance

72

Prescribed procedures may be considered by the relevant party to be necessary to meet a specified assurance objective.

For example: In the audit guidance material[29] issued by the Department of Social Services, the Regulator sets out its expectations of the auditor and the information that auditors are expected to consider in the conduct of their audit.

73

When prescribed scopes and/or procedures are a prerequisite to a SSGA or MSE, the auditor:

  1. Preserves the auditor’s independence and professional judgement in determining the extent, timing and scope of audit procedures—a fundamental principle underpinning the value of independent assurance. This is achieved by the auditor determining whether the prescribed scopes and/or procedures:
    1. Will enable the auditor to obtain sufficient appropriate evidence to meet the auditor’s objectives; or
    2. Will need to be incorporated into procedures determined by the auditor as necessary to meet the auditor’s objectives; or
    3. Are additional to the procedures determined by the auditor to be necessary to meet the auditor’s objectives;
  2. Determines the auditor’s reporting responsibilities, if any, in regard to the prescribed scopes and/or procedures; and
  3. Assesses whether the auditor is confident that the auditor will be able to discharge their responsibilities regarding the prescribed scopes and/or procedures.

74

The auditor does not accept the engagement, unless required to by law or regulation, if the auditor is unable to meet the prescribed scopes and/or procedures. This situation may arise, for example, where the auditor’s independence will be compromised, the prescribed scope is not able to be assured or the prescribed procedures are unable to be performed.

Agreed-upon Procedures (no assurance)

75

Prescribed procedures, on the other hand, may not be considered by the relevant party as necessary to meet a specified assurance objective. Consequently, prescribed procedures are treated as agreed-upon procedures with factual findings reported accordingly. The auditor communicates this to the relevant party and ensures that the engagement letter correctly reflects how the prescribed procedures will be addressed by the auditor. In these circumstances, where the auditor intends to restructure a prescribed report, the auditor communicates this intention to the relevant parties.

Acceptance

76

Where the auditor is required by law or regulation to accept an engagement that the auditor would otherwise not accept, the auditor considers the guiding principles described at paragraphs 47 and 69.

G. Performing SSGA and MSE concurrently with the Statutory Audit (Ref: Table 1)

77

Auditors may receive a late request from the entity to perform a SSGA or a MSE, when they are conducting the statutory audit. The auditor then considers whether, and if so to what extent, audit work completed on the statutory audit can be applied to the SSGA or MSE.

78

When considering how to address the additional engagement, the auditor follows the requirements in the relevant AUASB Standards with respect to:

  1. Acceptance – including preconditions, agreeing terms, any additional fees and an engagement letter;
  2. Planning – including potential use of work completed for other purposes, such as the statutory audit;
  3. Performance – including a separate representation letter;[30] and
  4. Reporting – including the form and content of the auditor’s report(s).

79

Where any such engagements are identified at the acceptance stage of the financial report audit, the auditor considers the potential for concurrent work and plans accordingly.

80

As the mandates, objectives, users and reporting frameworks differ for each distinct subject matter, so the detailed work plans will differ. It is only at the engagement planning stage where the auditor finalises the engagement strategy and detailed plans, that using work performed on one section of the engagement for use on another, can be planned.

81

Using assurance procedures for multiple purposes can be achieved by appropriate planning, such as:

  1. Arranging the scope of procedures in areas that are common to the overall engagement generally and using the evidence for multiple purposes;

For example: When the auditor undertakes procedures to “understand the business” and to “assess risk”, the auditor may design procedures, performed concurrently, that appropriately address the SSGA and/or each of the distinct sections of the MSE. This approach enables the auditor to avoid returning unnecessarily to these planning stages.

  1. Utilising the practice of “dual-purpose” testing such as, substantive tests of detail that may be used in understanding internal controls or as evidence of the operating effectiveness of internal control; and
  2. Avoiding the double-handling of the entity’s records.

For example: The auditor may choose to:

  1. Use the same records to concurrently obtain different sample selections to perform procedures to achieve different objectives on each section of the engagement.
  2. Combine into one work programme, several procedures that:
  • Utilise the same sample selections from the entity’s records.
  • Are designed to meet different substantive test objectives for different sections of the SSGA or MSE.
  • Are to be performed concurrently.

82

Where the auditor decides to adopt a concurrent approach to meet differing engagement objectives, care is taken with, in particular:

  1. Utilising materiality levels that are appropriate for each objective where work is performed simultaneously;

For example: To utilise a materiality level based on an entity’s annual financial statements as a whole would be inappropriate for performing tests of a specific type of expenditure in accordance with a grant contract. (See discussion on materiality at paragraphs 91-104)

  1. The nature of testing procedures that relate to the auditor’s specific objectives; and

For example: The results of a substantive (representative) sample from a financial population that uses a statistical method driven by the cumulative monetary amount could not be a substitute for attribute sampling seeking pre-determined confidence rates regarding the performance of internal control.

  1. Appropriate audit documentation supporting the different audit objectives, procedures, results and assessments. (Ref: paragraphs 86 – 87)

H. SSGA or MSE Reporting Periods Differ from the Entity’s Financial Reporting Period (Ref: Table 1)

83

The date of the annual financial report may differ from the relevant date for the other assurance requirements. This scenario does not prevent use, at least in part, of some evidence for the overlapping period; however, additional work would be necessary to achieve the planned approach for the other assurance requirements.

For example: Assuming the nature of the tests are appropriate to meet differing objectives, substantive tests performed in the annual statutory audit to (say) 30 June may be used in a SSGA or a MSE to (say) 30 September. The auditor extends the tests for the period 1 July to 30 September; however, the tests already performed in the statutory audit are efficiently used for two or more purposes.

84

When deciding on additional work to cover a period that extends beyond the work already performed, the auditor ordinarily considers matters such as:

  1. Whether the objectives and procedures already performed are appropriate for the additional work;
  2. Any significant changes that have occurred in the subject matter since the previous work was completed;
  3. The need to update the auditor’s risk assessment for the additional period, including any potential cut-off issues;
  4. The possibility and practicality of testing internal control in order to reduce substantive procedures for the extended period;
  5. Choosing the most appropriate substantive procedures – substantive analytical procedures versus tests of detail; and
  6. Other core considerations such as materiality levels and the availability of evidence.

85

Whenever the auditor seeks efficiencies through using work from other engagements, it is essential that the auditor determines that the work performed and the evaluation of that work is sufficient and appropriate to meet the objectives of the SSAG and/or each separate section of the MSE. Otherwise there will be a significant risk that the auditor will not obtain sufficient appropriate evidence to support each objective.

Documentation

86

Whenever leveraging work effort is achieved, the auditor determines that the engagement files contain appropriate documentation to support the conclusions on the SSGA and/or each distinct section of the MSE. It is not appropriate to assume that because evidence is documented in one file, or part of a file, that documentation requirements have been met for the SSGA and/or all sections of the MSE.

87

Cross referencing between files, or within the same file, may be appropriate but each file, or part of a file, should provide the requisite documentation to support the relevant conclusion. Cross-referencing or copying working papers contained in one file, or section of a file, for inclusion in another file, or part of a file, is an efficient documentation technique that enables each file, or section of a file, to be complete. Copied working papers should be properly labelled to clearly show each relevant section of the engagement, or engagement objective to which they apply. The working papers in each file, or part of a file, include evidence of review by a more senior person and, where applicable, evidence of quality assurance procedures having been performed.

I. Conducting a SSGA or a MSE when not the Auditor of the Entity’s Annual Financial Report (Ref: Table 1)

88

In the context of the approach outlined in Table 2, an auditor who is not the auditor of the entity’s annual financial report pays particular attention to the “accepting” phase of the engagement.

89

This particular focus is because the auditor may have little or no knowledge of the entity or its environment, nor will the auditor have undertaken a (recent) risk assessment, all of which are required in an audit undertaken in accordance with the AUASB Standards.

90

The following points are intended as a prompt of some of the more important considerations that an auditor, who is not the auditor of the entity’s annual financial report, may consider:

  1. Firm Capabilities
    1. The partner’s and team members’ knowledge and experience relating to the proposed SSGA and MSE. In assessing this, the engagement mandates need to be thoroughly understood;
    2. The firm’s ability to comply with relevant laws, professional, ethical and technical Standards as well as any other requirements stipulated in the engagement mandates; and
    3. The firm’s quality control policies and procedures at both firm and engagement levels.
  2. Engagement Acceptance and Client Relationship
    1. The rationale/purpose for the engagement;
    2. Appropriate subject matter and suitable criteria;
    3. Appropriate level of assurance in the circumstances;
    4. The availability of information necessary to perform the engagement;
    5. The integrity of management and/or those charged with governance (TCWG);
    6. Any restrictions or limitations in the scope of the engagement; and
    7. Any risks/threats to the auditor’s reputation or compliance with relevant laws and standards. Particular attention is paid to “independence” and any prescribed reporting and/or prescribed scope/procedures.
  3. Preconditions for the Assurance Engagement
    1. Determining whether the criteria, such as the reporting framework, to be applied by management, or TCWG, are suitable (in relation to the mandate(s) and the intended users); and
    2. Obtaining agreement from management/TCWG, that they acknowledge their responsibilities for:
      • The preparation of reports in accordance with the relevant mandate(s);
      • Such internal control as management/TCWG determine is necessary to enable the preparation of reports that are free from material misstatement; and
      • Providing the auditor with:
        • Access to all relevant information;
        • Additional information as requested; and
        • Unrestricted access to personnel.
  4. Agreeing the Terms of the Engagement
    1. The auditor agrees the terms of engagement with management, or TCWG, as appropriate.
    2. The terms of engagement are in writing, tailored to the circumstances, and comply with the requirements of the relevant AUASB Standards. The engagement letter clearly identifies the SSGA and the different sections of the MSE.
    3. Without clarity about the SSGA and the exact sections of the MSE, including the related reporting, there is a significant risk of:
      • Misunderstanding between the auditor and management/TCWG; and
      • The engagement team performing the engagement either ineffectively (by not fulfilling the appropriate requirements); or inefficiently (by performing unnecessary procedures).
    4. The various users of the entity’s reports (other than general purpose financial reports) are identified in the engagement letter and consequently, the related auditor’s report. This is particularly important where reporting is for a “special purpose”, such as an application for a licence.
    5. An example of an engagement letter for a MSE is set out in Appendix 4.
  5. Objectives
    1. The auditor separates the engagement into its different sections for each level of assurance and each subject matter so as to obtain a clear understanding of the specific assurance and reporting objectives for each section; and
    2. Of particular importance is developing preliminary objectives and strategies on how to perform procedures to gain an understanding of the entity and its environment; and how to perform appropriate risk assessment procedures.

J. Setting Materiality (Ref: Table 1)

91

The requirements and underlying concepts relating to materiality are found in the relevant AUASB Standards[31] and they apply equally to a SSGA or a MSE.

92

In determining materiality levels, auditors exercise professional judgement by considering qualitative and quantitative factors, including reasonable expectations of issues that would be likely to influence the decisions of users.

93

For assurance purposes, materiality is determined in order to establish:

  1. A tolerable level of misstatement, deficiency, deviation, or non-compliance in the subject matter (which may be in the entity’s reports);
  2. The scope of assurance work to be performed; and
  3. A reasonable basis for evaluating identified misstatements, deficiencies, deviations or non-compliance.

94

Given the objectives of setting materiality levels described in paragraph 93, the auditor of a SSGA or a MSE develops separate materiality levels for each section of the engagement.

Example 1: Developing Separate Materiality Levels

The entity is required to report the following to a regulator:

  • Its annual financial performance and position (a financial report/statement);
  • Specified non-financial information in a prescribed format (a statistical return); and
  • Its compliance with prudential standards (a compliance statement).

The engagement team may, for example, set materiality levels for this MSE, by adopting the following approach:

  1. For the financial report, materiality would be set under ASA 320 in the same manner as any other audit of a financial report.
  2. For the statistical return, the auditor may use multiple materiality levels by using the information recorded on the statistical return as the basis for setting materiality for that particular information, for example:

To obtain sufficient appropriate evidence concerning:

  1. The number of employees recorded in the return, materiality might be set at an appropriate percentage of the recorded number of employees.
  2. The number of insurance policies written in the year, materiality might be set at an appropriate percentage of the recorded number of policies written.

In setting these differing materiality levels, the engagement partner takes into consideration qualitative and quantitative factors and the risk of issuing an inappropriate report.  The engagement partner is satisfied with the level of work done when opining that “…the statistical return (i.e. all its component parts) has been prepared, in all material respects, in accordance with…”

See ASA 805 paragraphs 10 and A10-A14; and ASA 200[32] paragraph 2 (the auditor applies Australian Auditing Standards relevant to the audit as necessary in the circumstances of the engagement.)

  1. For the entity’s compliance statement, the auditor may judge that every item, and its component parts, reported by the entity in the statistical return, are material.  Compliance may be a simple “yes” or “no” with all instances of non-compliance to be reported to the regulator by the auditor.  (Ref: paragraph 100 and ASAE 3000, paragraphs 44 and A92-A100)

95

A variation on the above example is where the statistical return includes financial information as well as non-financial information.

Example 1.1: Developing Separate Materiality Levels (cont’d)

The entity is required to report as described in Example 1 above.  However, the statistical return comprises historical and prospective financial information; and non-financial information.

The engagement team may place emphasis on qualitative factors and set multiple materiality levels for the statistical return element of the MSE, by adopting a combination of methods, for example:

Non-Financial Information:

  1. As described in Example 1 (see above and ASAE 3000).

Historical Financial Information:

  1. For historical financial information extracted from audited financial information (such as a SPFR), the engagement partner may:
    1. Determine that the materiality levels used in the audit of the SPFR are acceptable/suitable for the purposes of  the statistical return; or
    2. Establish new materiality levels:
      • In accordance with the principles espoused in ASA 320; or
      • Based on the amounts recorded in the statistical return.

Prospective Financial Information:

  1. For prospective financial information, materiality may be set with reference to the principles and guidance provided in ASAE 3450.[33]

In setting these differing materiality levels, the engagement partner takes into consideration the risk of issuing an inappropriate report.  The engagement partner is satisfied with the level of work done when opining that “…the statistical return (i.e. all its component parts) has been prepared, in all material respects, in accordance with…”
 

96

Whatever approach is taken in setting materiality levels, the engagement partner is required under the AUASB Standards to consider that misstatements, deficiencies, deviations or non-compliance, and omissions, are considered to be material if they, individually or in the aggregate, could reasonably be expected to influence relevant decisions of users taken on the basis of the information.

97

In setting materiality levels, regardless of the subject matter or level of assurance, the engagement partner reduces risk to an acceptable level in the circumstances of the assurance engagement.

Exception Reporting

98

As indicated in Example 1 above, the engagement requirements may ask for reporting of all exceptions identified in the course of the engagement. The criteria for any such reporting are established during the engagement planning stage. For example, if every instance of non-compliance is to be reported to the Regulator, the auditor:

  1. Clarifies the exact requirements—to report all instances of non-compliance identified during the assurance engagement is not the same as designing an assurance engagement to identify all instances of non-compliance.
  2. Clarifies the auditor’s reporting requirements, including any prescribed reports—where the phrase: “…in all material respects…” is included in the auditor’s opinion (or conclusion).
  3. Clarifies whether the auditor is expected to include in the auditor’s report, all instances of non-compliance (already) reported by the entity, or whether the auditor’s report should include only those instances of non-compliance that the auditor has identified and that the entity has yet to report to the Regulator.
  4. Where the auditor’s responsibilities are unable to be clarified in terms of the matters set out in (a) to (c) above, the auditor communicates with the appropriate user of the auditor’s report to obtain clarification.
  5. Considers the principles in ASA 700 which provides for the auditor’s report to include a separate section for “Other Reporting Responsibilities.[34]

99

An auditor may be expected to report all instances of non-compliance identified during the assurance engagement.  Where this is the case, the concepts of setting materiality in accordance with the relevant AUASB Standards for the purposes of performing the audit or review, remain unchanged – that is, to determine the scope of the assurance work to be performed and in forming the auditor’s opinion or conclusion.  However, materiality is not used to determine the scope of reporting non-compliance because all identified instances of non-compliance must be reported (as the basis for modifying the opinion/conclusion if applicable or in a separate section of the auditor’s report).

100

Appendix 8 provides an example of reporting instances of non-compliance identified during the audit.

Materiality and Reporting

101

In certain circumstances, the audit or other assurance mandate, or a prescribed auditor’s report, may require reporting that uses precise terms such as “…is correct”.  This suggests that “materiality” is not to be applied by the auditor and that the subject matter is “audited” in its entirety.   Such exacting terms are misleading and are not used in the context of audit and other assurance engagements and are not in accordance with AUASB Standards, particularly the Framework for Assurance Engagements. An agreed-upon procedure engagement may be appropriate in these circumstances if the procedures can be precisely stated in the terms of the engagement.

 

102

The AUASB Framework for Assurance Engagements provides a structure supporting only “reasonable assurance” and “limited assurance”, not absolute assurance. This is due to factors such as:[35]

  1. The use of selective testing;
  2. The inherent limitations of internal control;
  3. The fact that much of the evidence available to the auditor/assurance practitioner is persuasive rather than conclusive;
  4. The use of professional judgement in gathering and evaluating evidence and forming conclusions based on that evidence; and
  5. In some cases, the characteristics of the underlying subject matter when measured or evaluated against the criteria.

103

As described in earlier sections of this Guidance Statement, the auditor communicates with the entity and the user to clarify expectations. Such communication will serve to inform all parties concerned and enable clarification of the auditor’s responsibilities under the AUASB Standards and the auditor’s objectives which in turn will drive the auditor’s procedures and ultimately the auditor’s report.

104

In these cases, communications among the relevant parties would be expected to lead to:

  1. An amendment to the scope of the engagement, such as the addition of agreed upon procedures which enable the auditor to report factual findings and where, if insisted upon by the user, terms like “…are correct” may not be misleading. Any such arrangement would need to be reflected in the terms of the engagement and may attract additional fees.

The auditor considers the matters discussed in paragraphs 71-76 (Section F).

  1. Clarification of the issues described in paragraphs 98-99.

K. Cost Allocations (Ref: Table 1)

105

In grant acquittals, it may be necessary for the auditor to obtain sufficient appropriate evidence in relation to the entity’s allocation of costs, such as overheads and labour, to the specific project(s) covered by the grant.

Ordinarily, the auditor establishes, among other things:

  1. What constitutes “eligible expenditure” specific to the particular grant;
  2. How to determine what is acceptable eligible expenditure; and
  3. The criteria that the entity uses to allocate expenditure to the specific project to which the grant applies.

The grant agreement may provide some of the information and definitions required, however, if this is not the case, the auditor may find relevant details in the documentation that supports the entity’s grant application.

106

The entity receiving the grant is responsible for proper accounting under the terms of the grant agreement, not the auditor. The auditor’s responsibilities are to be objective, exercise professional judgement, maintain professional scepticism and obtain sufficient appropriate evidence with which to conclude (on cost allocations).

107

The auditor considers the auditor’s understanding of the engagement mandate and its requirements, and the entity’s approach, procedures and internal control for allocating costs to the specific project/subject matter concerned. As with all aspects of a SSGA or a MSE, it is preferable to consider each section separately.

108

The auditor may adopt a full substantive approach by testing the elements and computations of the entity’s calculations. Alternatively, the auditor may choose a combination of procedures by auditing the entity’s internal control that is designed to ensure proper allocation of costs to specific projects together with supporting substantive procedures. In deciding the approach, the auditor refers to any relevant requirements that may be included in the engagement mandate.

109

However, the entity may not have consistently applied suitable criteria, or adopted a structured, or formal, approach to cost allocation. An entity may use an arbitrary approach. In such cases, the auditor:

  1. Assesses the suitability of the criteria used for cost allocations;
  2. Obtains an understanding of the entity’s methods of cost allocation;
  3. Assesses the efficacy of the approach used by, for example, comparison with a reasonable model developed by the auditor;
  4. Asks the entity to provide the base information and calculations of a reasonable model
  5. Develops a reasonable model that can be used to assess the reasonableness of the entity’s method(s); and
  6. If unable to obtain sufficient appropriate evidence to support the entity’s allocation, the auditor:
    1. Communicates with TCWG; and
    2. Considers the effect on the auditor’s report.

L. Substantive Procedures (Assurance Engagements) (Ref: Table 1)

110

Due to the nature of a SSGA or a MSE, determining the appropriate substantive procedures, including the use of sampling, and the extent of work to be performed, may present difficulties. In such cases, the auditor returns to basic principles, namely:

  1. Confirming any relevant requirements in the engagement mandate, such as:
    1. Procedures that may be necessary to assess and report on compliance with a grant funding agreement.
    2. Requirements to perform and report on (unspecified) tests of detail on specified categories of expenditure.
    3. The existence of prescribed procedures that an auditor is required to perform and report on. (Ref: paragraphs 71-75)
    4. Procedures considered necessary to detect and report weaknesses in internal control, or non-compliance with laws, regulations or the terms of a contract/agreement.
    5. Procedures considered necessary to support communications with management and TCWG.
  2. Considering each distinct section of the engagement to facilitate a clear understanding of:
    1. The relationship and relevance of each section to other sections in the MSE; and
    2. Specific objectives, strategies and work programs to address each specific objective in the context of materiality and reliance on (tested) internal control.
  3. Selecting the appropriate nature, timing, and extent of substantive procedures no differently from any other type of engagement.
  4. Requiring sufficient appropriate evidence with which to conclude. The extent of substantive procedures to obtain evidence can be reduced where reliance can be placed on the results of testing the design and operating effectiveness of relevant internal controls. Care is taken that control reliance is obtained only in respect of assertions addressed by controls that have been tested. Where a relevant assertion has not been addressed by a control, or a control test has failed, the extent of the auditor’s substantive procedures is increased.
  5. Considering use of substantive analytical procedures[36] (SAPs) may be appropriate because of the potential for efficiencies and effectiveness. SAPs are most useful in dealing with large populations and where reliable data can be used to develop sufficiently precise predictions/expectations. Analytical procedures include techniques to prove a population in total, and the use of computer-assisted techniques, such as data analytics.
  6. Considering alternative procedures - tests of detail. Again, the auditor considers efficiency and effectiveness in determining the nature, timing and extent of procedures.
  7. Clarifying, where sampling is chosen to obtain substantive evidence[37] from which to draw reasonable conclusions, the sampling objectives in order to choose the appropriate sampling approach/technique, namely:
    1. Representative sampling is used when the size of the population is large and the characteristics of the population are reasonably homogeneous – samples can be used appropriately to draw conclusions about the entire population.
  8. Samples can be selected by
    • Statistical methods, which provide a structured approach to evaluating results; or
    • Non-statistical methods, including judgemental selection, the results of which may, however, be difficult to evaluate in terms of drawing a conclusion on the entire population sampled.
    1. Stratification sampling is used when the auditor divides a population into items with different characteristics, such as those with (high) values over a particular amount and those falling below the amount.

The auditor tests all the items with a particular characteristic (such as those with high values). This type of sampling can be used in populations where the auditor can easily select and test a small number of items which account for a majority of the entire population from which they were selected.

The remaining items in the target population, having different characteristics, such as those with low values, may be subjected to representative sampling (see (i) above).

  1. Exercising care when intending to use substantive tests for more than one purpose.

For example: Payroll testing designed, in combination with tests of internal control, to obtain sufficient appropriate evidence for one section of a MSE, say, the audit of a financial report may not be appropriate to conclude on another section of the MSE, say, compliance with laws over a period of time.

  1. Obtaining, regardless of the procedures adopted by the auditor, sufficient appropriate evidence from which to draw conclusions in relation to each section of the engagement, irrespective of the level of disaggregation of that information.

Controls

  1. Considering testing and reporting on controls, see ASAE 3150 to reduce the level of substantive work.

Forming Conclusions

111

In order to report, the first step is for the auditor to reach an overall conclusion on the subject matter, regardless of the type of subject matter (financial or non-financial) or the level of assurance (reasonable and/or limited). This is achieved by:

  1. Determining whether the auditor has obtained reasonable or limited assurance, as the case may be. The auditor evaluates the conclusions drawn from the evidence obtained throughout the engagement. This evaluation is conducted by reference to the auditor’s objectives and procedures at each stage of the engagement.
  2. Determining the overall sufficiency and appropriateness of the evidence obtained.
  3. Considering the qualitative aspects of the entity’s reporting practices in forming an overall conclusion by taking into account:
    1. The persuasiveness of evidence obtained through the planned response to assessed risks of material misstatement, deviation, deficiency or non-compliance.
    2. Whether uncorrected misstatements, deviations, deficiencies or non-compliances are material (either individually or in aggregate).
    3. Whether the entity’s financial or other report(s) is presented or prepared, in all material respects, in accordance with the requirements of the applicable criteria/reporting framework.
  4. Considering, in view of the requirements of the criteria/applicable reporting frameworks, whether the entity’s report(s):
    1. Identifies the criteria/applicable reporting framework(s).
    2. Adequately discloses what is required to be disclosed;
    3. Reflects appropriate reporting polices applied in accordance with the applicable reporting frameworks;
    4. Reflects reasonable management estimates, where applicable;
    5. Is relevant, reliable, comparable and understandable;
    6. Is appropriate in presentation, structure, content and contains terminology that is appropriate; and
    7. Represents the underlying transactions, events and records.

112

The criteria/applicable reporting framework(s) may not require management, or TCWG, to evidence their responsibility for the entity’s reports by signing an attestation or declaration that accompanies the entity’s reports. In such circumstances, the auditor encourages management to do so on the basis that such omission renders the entity’s reports incomplete and therefore potentially ambiguous to users.

113

In circumstances where a written management attestation does not accompany the entity’s reports, such as is often the case in prescribed reporting formats, the auditor reflects on management’s acceptance of the terms of the engagement as evidenced by the engagement letter. In such cases, the auditor may utilise an “Other Matter” paragraph in the auditor’s report, to address any lack of clarity regarding responsibilities. (Ref: paragraph 67)

Expressing Opinions/Conclusions

114

Reporting responsibilities and prescribed auditor’s reports are included in the discussions on practical issues. See sections D and E.

115

In developing the auditor’s report, the auditor starts by reconfirming their understanding of the following:

Table 5: Reconfirming Reporting Requirements

 

 

Paragraph/Ref

a

Whether the form and content of the auditor’s report is prescribed in part or whole.

65-70

b

The reporting requirements set out in the engagement mandates.

50-64

c

User needs.

54-57

d

Other reporting responsibilities.

62-64

e

Reporting requirements set out in the relevant AUASB Standards.

ASAs; ASREs; ASAEs; and ASRSs

116

Ordinarily, the auditor has a level of discretion in determining the form and content of the auditor’s report within the context of the above requirements. In such cases, the auditor pays particular attention to user needs and the purpose of the engagement in addition to the requirements of AUASB Standards.

Report Content

117

The reporting requirements included in all AUASB Standards, in particular ASA 700 and ASAE 3000, contain the following basic elements of an auditor’s report in common, namely:

  1. The addressee/intended user.
  2. Identification of the subject matter information—such as a financial report, an attestation or statement of compliance or a schedule of non-financial information or the subject matter—such as specific financial information, compliance of an activity or controls over an activity;
  3. The criteria used in the preparation of the subject matter information or with which the subject matter will be evaluated—such as the Australian Accounting Standards, the terms of a contract, legislative or regulatory requirements or a controls framework;
  4. The responsibilities of those whose duty it is to prepare the subject matter information or responsibility for the subject matter;
  5. The auditor’s responsibilities; and
  6. The auditor’s opinion or conclusion.

118

Overall, the auditor determines that the auditor’s report is not misleading. (Ref: paragraphs 65-69).

Modifications

119

Modifications to an auditor’s report on a SSGA or a MSE are premised on the auditor’s obligation to communicate with users. This premise is no different to reporting on any other engagement.

120

Modifications to an auditor’s report fall into two broad categories:

  1. Modifications to the auditor’s opinion or conclusion, (qualifications, adverse opinions/conclusions and disclaimers of opinion/conclusions). The auditor draws attention to an issue relating to the subject matter that, in the auditor’s opinion, would render the subject matter information misleading but for the auditor’s communication; and
  2. Drawing attention to important information contained within the subject matter information, if applicable, (using an Emphasis of Matter paragraph) or in relation to the audit, the auditor’s responsibilities or the auditor’s report, (using an Other Matter paragraph), so as to focus users’ attention on the significance of certain information in understanding the subject matter report or statement and the auditor’s report thereon.

121

Auditors of SSGA and MSE who modify their reports apply the principles contained in ASA 705 and ASA 706.

Other Reporting Responsibilities

122

When the auditor has reporting responsibilities in addition to the auditor’s responsibilities to report on the subject matter, the auditor communicates the relevant information using one or more paragraphs that appear after the auditor’s opinion or conclusion. This facilitates the auditor presenting information that does not affect the auditor’s opinion or conclusion.

123

The auditor determines what is required to be reported. For example, in some circumstances only “significant” compliance breaches are required to be reported – if this is the case, the auditor obtains an understanding of what constitutes “significance to users” and the relationship with matters considered “material”.

124

An example of other reporting responsibilities in a MSE is where an auditor is required to report all instances of an entity’s non-compliance with regulations. The auditor may use a “Report on Other Legal and Regulatory Requirements” paragraph for this purpose and an attached schedule or detailed report where necessary. Ordinarily, the auditor includes those matters of non-compliance already identified and reported by the entity, together with any additional instances of non-compliance, if any, that the auditor has identified during the audit.

125

In such circumstances, auditors, preparers and users alike may misinterpret the additional reporting requirements as meaning the auditor is required to perform a 100% check of the subject matter (such as continual compliance with regulations). It is the auditor’s responsibility to clarify that the auditor reports all instances of non-compliance that came to the auditor’s attention during the course of the audit – that is, the objective of the engagement is not to identify all non-compliance and the auditor plans the engagement based on the subject matter to be concluded upon.

126

An illustrative example report is provided in Appendix 8.

13

See ASA 102 Compliance with Ethical Requirements when Performing Audits, Reviews and Other Assurance Engagements.

14

Requirements to agree the terms of engagements are found in:

  • The AUASB Standards comprising: the Australian Auditing Standards, Standards on Review Engagements, Standards on Assurance Engagements and Standards on Related Services, ASA 210 Agreeing the Terms of Audit Engagements, ASRE 2400 Review of a Financial Report Performed by an Assurance Practitioner Who is Not the Auditor of the Entity, ASRE 2405 Review of Historical Financial Information Other than a Financial Report, ASRE 2410 Review of a Financial Report Performed by the Independent Auditor of the Entity, ASAE 3000 and ASRS 4400; and
  • APES 305 Terms of Engagement, issued by the Accounting Professional and Ethical Standards Board.
15

See ASA 706 Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent Auditor’s Report, paragraph 8 for information on “Other Matter” paragraphs.

16

See Framework for Assurance Engagements.

17

See ASA 705 Modification to the Opinion in an Independent Auditor’s Report, paragraphs 9 and 10.

18

See GS 011 Third Party Access to Audit Working Papers.

19

See ASA 600 Special Consideration—Audits of a Group Financial Report (Including the Work of Component Auditors).

20

See ASAE 3402 Assurance Reports on Controls at a Service Organisation.

21

See ASA 402 Audit Considerations Relating to an Entity Using a Service Organisation.

22

See ASA 700 Forming an Opinion and Reporting on a Financial Report.

23

See ASA 800 Special Considerations- Audits of Financial Reports Prepared in Accordance with Special Purpose Frameworks.

24

This Guidance Statement does not address multiple auditor’s reports that individually address different subject matters and/or levels of assurance—in that case, the auditor simply complies with the reporting requirements of each applicable AUASB Standard.

25

See ASA 706, paragraph 8.

26

See ASA 700, paragraph 38.

27

See ASA 210 Agreeing the Terms of Audit Engagements, paragraph 21.

28

See ASA 700, paragraph 43.

29

See Guide to Audit of the Approved Provider’s Compliance with the Prudential Requirements for 2013-14

30

See Appendix 5 for an example of a management representation letter for a MSE.

31

See ASA 320 Materiality in Planning and Performing an Audit; ASRE 2400; ASAE 3000; and ASAE 3100.

32

See ASA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Australian Auditing Standards.

33

See ASAE 3450 Assurance Engagements involving Corporate Fundraisings and/or Prospective Financial Information.

34

See ASA 700, paragraphs 38 and 39.

35

See Framework for Assurance Engagements, paragraph 72.

36

See ASA 520 Analytical Procedures.

37

See ASA 530 Audit Sampling, and where relevant, the applicable ASAEs.