Application and Other Explanatory Material
System of Quality Control and Role of Engagement Teams
A1
ASQC 1 deals with the firm’s responsibilities to establish and maintain its system of quality control for audit engagements. The system of quality control includes policies and procedures that address each of the following elements:
- Leadership responsibilities for quality within the firm;
- Relevant ethical requirements;
- Acceptance and continuance of client relationships and specific engagements;
- Human resources;
- Engagement performance; and
- Monitoring.
ASQC 1 contains requirements which are at least as demanding as its international equivalent, ISQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance and Related Services Engagements[*], as it addresses all the elements referred to in ISQC 1 and imposes obligations on the firm that achieve the aims of the requirements set out in ISQC 1.
Reliance on the Firm’s System of Quality Control (Ref: Para. 4)
A2
Unless information provided by the firm or other parties suggest otherwise, the engagement team may rely on the firm’s system of quality control in relation to, for example:
- Competence of personnel through their recruitment and formal training.
- Independence through the accumulation and communication of relevant independence information.
- Maintenance of client relationships through acceptance and continuance systems.
- Adherence to applicable legal and regulatory requirements through the monitoring process.
Aus A2.1
Notwithstanding reliance by the engagement team on the firm’s system of quality control, for audits undertaken in accordance with the Corporations Act 2001 (the Act), the engagement partner is required to comply with the auditing standards under section 307A of that Act.
Leadership Responsibilities for Quality on Audits
A3
The actions of the engagement partner and appropriate messages to the other members of the engagement team, in taking responsibility for the overall quality on each audit engagement, emphasise:
- The importance to audit quality of:
- Performing work that complies with Australian Auditing Standards, relevant ethical requirements, and applicable legal and regulatory requirements;
- Complying with the firm’s quality control policies and procedures as applicable;
- Issuing auditor’s reports that are appropriate in the circumstances; and
- The engagement team’s ability to raise concerns without fear of reprisals; and
- The fact that quality is essential in performing audit engagements.
Relevant Ethical Requirements
Compliance with Relevant Ethical Requirements (Ref: Para. 9)
A4
[Deleted by the AUASB. Refer Aus A4.1]
Aus A4.1
The auditor is subject to relevant ethical requirements, including those pertaining to independence, relating to audit engagements as defined in ASA 102.[*]
Definition of “Firm,” “Network” and “Network Firm” (Ref: Para. 9‑11)
A5
[Deleted by the AUASB. Refer ASA 102]
Independence (Ref: Para. 11)
Aus A5.1
Examples of independence requirements that may be applicable are addressed in the Corporations Act 2001, Part 2M.3 Division 3, and relevant ethical requirements in ASA 102.
Threats to Independence (Ref: Para. 11(d))
A6
The engagement partner may identify a threat to independence regarding the audit engagement that may not be at an acceptable level. In that case, as required by paragraph 11(d), the engagement partner reports to the relevant person(s) within the firm to determine the appropriate action, which may include eliminating the circumstance that creates the threat, applying safeguards to reduce the threat to an acceptable level or withdrawing from the audit engagement, where withdrawal is possible under applicable law or regulation.
Aus A6.1
The familiarity threat is particularly relevant in the context of financial report audits of listed entities. For these audits, relevant ethical requirements[†] and the Corporations Act 2001 specify the partner rotation requirements.
Considerations Specific to Public Sector Entities
A7
Statutory measures may provide safeguards for the independence of public sector auditors. However, public sector auditors or audit firms carrying out public sector audits on behalf of the statutory auditor may, depending on the terms of the mandate in a particular jurisdiction, need to adapt their approach in order to promote compliance with the spirit of paragraph 11. This may include, where the public sector auditor’s mandate does not permit withdrawal from the engagement, disclosure through a public report, of circumstances that have arisen that would, if they were in the private sector, lead the auditor to withdraw.
Acceptance and Continuance of Client Relationships and Audit Engagements
A8
ASQC 1 requires the firm to obtain information considered necessary in the circumstances before accepting an engagement with a new client, when deciding whether to continue an existing engagement, and when considering acceptance of a new engagement with an existing client.[5] Information such as the following assists the engagement partner in determining whether the conclusions reached regarding the acceptance and continuance of client relationships and audit engagements are appropriate:
- The integrity of the principal owners, key management and those charged with governance of the entity;
- Whether the engagement team is competent to perform the audit engagement and has the necessary capabilities, including time and resources;
- Whether the firm and the engagement team can comply with relevant ethical requirements; and
- Significant matters that have arisen during the current or previous audit engagement, and their implications for continuing the relationship.
A9
Law, regulation, or relevant ethical requirements[6] may require the auditor to request, prior to accepting the engagement, the predecessor auditor to provide known information regarding any facts or circumstances that, in the predecessor auditor’s judgement, the auditor needs to be aware of before deciding whether to accept the engagement. In some circumstances, the predecessor auditor may be required, on request by the proposed successor auditor, to provide information regarding identified or suspected non‑compliance with laws and regulations to the proposed successor auditor. For example, where the predecessor auditor has withdrawn from the engagement as a result of identified or suspected non‑compliance with laws and regulations, the APES 110 Code of Ethics for Professional Accountants (including Independence Standards) (the Code) requires that the predecessor auditor, on request by a proposed successor auditor, provides all such facts and other information concerning such non‑compliance that, in the predecessor auditor’s opinion, the proposed successor auditor needs to be aware of before deciding whether to accept the audit appointment.[7]
Considerations Specific to Public Sector Entities (Ref: Para. 12‑13)
A10
In the public sector, auditors may be appointed in accordance with statutory procedures. Accordingly, certain of the requirements and considerations regarding the acceptance and continuance of client relationships and audit engagements as set out in paragraphs 12, 13 and A8 may not be relevant. Nonetheless, information gathered as a result of the process described may be valuable to public sector auditors in performing risk assessments and in carrying out reporting responsibilities.
Assignment of Engagement Teams
A11
An engagement team includes a person using expertise in a specialised area of accounting or auditing, whether engaged or employed by the firm, if any, who performs audit procedures on the engagement. However, a person with such expertise is not a member of the engagement team, if that person’s involvement with the engagement is only consultation. Consultations are addressed in paragraph 18, and paragraphs A22‑A23.
A12
When considering the appropriate competence and capabilities expected of the engagement team as a whole, the engagement partner may take into consideration such matters as the team’s:
- Understanding of, and practical experience with, audit engagements of a similar nature and complexity through appropriate training and participation.
- Understanding of Australian Auditing Standards, relevant ethical requirements, and applicable legal and regulatory requirements.
- Technical expertise, including expertise with relevant information technology and specialised areas of accounting or auditing.
- Knowledge of relevant industries in which the client operates.
- Ability to apply professional judgement.
- Understanding of the firm’s quality control policies and procedures.
Considerations Specific to Public Sector Entities
A13
In the public sector, additional appropriate competence may include skills that are necessary to discharge the terms of the audit mandate in a particular jurisdiction. Such competence may include an understanding of the applicable reporting arrangements, including reporting to the legislature or other governing body or in the public interest. The wider scope of a public sector audit may include, for example, some aspects of performance auditing or a comprehensive assessment of compliance with law, regulation or other authority and preventing and detecting fraud and corruption.
Engagement Performance
Direction, Supervision and Performance (Ref: Para. 15(a))
A14
Direction of the engagement team involves informing the members of the engagement team of matters such as:
- Their responsibilities, including the need to comply with relevant ethical requirements, and to plan and perform an audit with professional scepticism as required by ASA 200.[8]
- Responsibilities of respective partners where more than one partner is involved in the conduct of an audit engagement.
- The objectives of the work to be performed.
- The nature of the entity’s business.
- Risk‑related issues.
- Problems that may arise.
- The detailed approach to the performance of the engagement.
Discussion among members of the engagement team allows less experienced team members to raise questions with more experienced team members so that appropriate communication can occur within the engagement team.
A15
Appropriate teamwork and training assist less experienced members of the engagement team to clearly understand the objectives of the assigned work.
A16
Supervision includes matters such as:
- Tracking the progress of the audit engagement.
- Considering the competence and capabilities of individual members of the engagement team, including whether they have sufficient time to carry out their work, whether they understand their instructions, and whether the work is being carried out in accordance with the planned approach to the audit engagement.
- Addressing significant matters arising during the audit engagement, considering their significance and modifying the planned approach appropriately.
- Identifying matters for consultation or consideration by more experienced engagement team members during the audit engagement.
Reviews
Review Responsibilities (Ref: Para. 16)
A17
Under ASQC 1, the firm’s review responsibility policies and procedures are determined on the basis that work of less experienced engagement team members is reviewed by more experienced engagement team members.[9]
A18
A review consists of consideration whether, for example:
- The work has been performed in accordance with Australian Auditing Standards, relevant ethical requirements, and applicable legal and regulatory requirements;
- Significant matters have been raised for further consideration;
- Appropriate consultations have taken place and the resulting conclusions have been documented and implemented;
- There is a need to revise the nature, timing and extent of work performed;
- The work performed supports the conclusions reached and is appropriately documented;
- The evidence obtained is sufficient and appropriate to support the auditor’s report; and
- The objectives of the engagement procedures have been achieved.
The Engagement Partner’s Review of Work Performed (Ref: Para. 17)
A19
Timely reviews of the following by the engagement partner at appropriate stages during the engagement allow significant matters to be resolved on a timely basis to the engagement partner’s satisfaction on or before the date of the auditor’s report:
- Critical areas of judgement, especially those relating to difficult or contentious matters identified during the course of the engagement;
- Significant risks; and
- Other areas the engagement partner considers important.
The engagement partner need not review all audit documentation, but may do so. However, as required by ASA 230, the partner documents the extent and timing of the reviews.[10]
A20
An engagement partner taking over an audit during the engagement may apply the review procedures as described in paragraph A18 to review the work performed to the date when that partner assumes the responsibilities of engagement partner.
Considerations Relevant Where a Member of the Engagement Team with Expertise in a Specialised Area of Accounting or Auditing Is Used (Ref: Para. 15‑17)
A21
Where a member of the engagement team with expertise in a specialised area of accounting or auditing is used, direction, supervision and review of that engagement team member’s work may include matters such as:
- Agreeing with that member the nature, scope and objectives of that member’s work; and the respective roles of, and the nature, timing and extent of communication between that member and other members of the engagement team.
- Evaluating the adequacy of that member’s work including the relevance and reasonableness of that member’s findings or conclusions and their consistency with other audit evidence.
Consultation (Ref: Para. 18)
A22
Effective consultation on significant technical, ethical, and other matters within the firm or, where applicable, outside the firm can be achieved when those consulted:
- Are given all the relevant facts that will enable them to provide informed advice; and
- Have appropriate knowledge, seniority and experience.
A23
It may be appropriate for the engagement team to consult outside the firm, for example, where the firm lacks appropriate internal resources. They may take advantage of advisory services provided by other firms, professional and regulatory bodies, or commercial organisations that provide relevant quality control services.
Engagement Quality Control Review
Completion of the Engagement Quality Control Review before Dating of the Auditor’s Report (Ref: Para. 19(c))
A24
ASA 700 requires the auditor’s report to be dated no earlier than the date on which the auditor has obtained sufficient appropriate evidence on which to base the auditor’s opinion on the financial report.[11] In the case of an audit of a financial report of a listed entity or when an engagement meets the criteria for an engagement quality control review, such a review assists the auditor in determining whether sufficient appropriate evidence has been obtained.
A25
Conducting the engagement quality control review in a timely manner at appropriate stages during the engagement allows significant matters to be promptly resolved to the engagement quality control reviewer’s satisfaction on or before the date of the auditor’s report.
A26
Completion of the engagement quality control review means the completion by the engagement quality control reviewer of the requirements in paragraphs 20‑Aus 21.1, and where applicable, compliance with paragraph 22. Documentation of the engagement quality control review may be completed after the date of the auditor’s report as part of the assembly of the final audit file. ASA 230 establishes requirements and provides guidance in this regard.[12]
Nature, Extent and Timing of Engagement Quality Control Review (Ref: Para. 20)
A27
Remaining alert for changes in circumstances allows the engagement partner to identify situations in which an engagement quality control review is necessary, even though at the start of the engagement, such a review was not required.
A28
The extent of the engagement quality control review may depend, among other things, on the complexity of the audit engagement, whether the entity is a listed entity, and the risk that the auditor’s report might not be appropriate in the circumstances. The performance of an engagement quality control review does not reduce the responsibilities of the engagement partner for the audit engagement and its performance.
A29
When ASA 701[13] applies, the conclusions reached by the engagement team in formulating the auditor’s report include determining:
- The key audit matters to be included in the auditor’s report;
- The key audit matters that will not be communicated in the auditor’s report in accordance with paragraph 14 of ASA 701, if any; and
- If applicable, depending on the facts and circumstances of the entity and the audit, that there are no key audit matters to communicate in the auditor’s report.
In addition, the review of the proposed auditor’s report in accordance with paragraph 20(b) includes consideration of the proposed wording to be included in the Key Audit Matters section.
Engagement Quality Control Review of Listed Entities (Ref: Para. Aus 21.1)
A30
Other matters relevant to evaluating the significant judgements made by the engagement team that may be considered in an engagement quality control review of a listed entity include:
- Significant risks identified during the engagement in accordance with ASA 315, [14] and the responses to those risks in accordance with ASA 330, [15] including the engagement team’s assessment of, and response to, the risk of fraud in accordance with ASA 240. [16]
- Judgements made, particularly with respect to materiality and significant risks.
- The significance and disposition of corrected and uncorrected misstatements identified during the audit.
- The matters to be communicated to management and those charged with governance and, where applicable, other parties such as regulatory bodies.
These other matters, depending on the circumstances, may also be applicable for engagement quality control reviews for audits of financial reports of other entities.
Considerations Specific to Smaller Entities (Ref: Para. 20‑Aus 21.1)
A31
In addition to the audits of financial reports of listed entities, an engagement quality control review is required for audit engagements that meet the criteria established by the firm that subjects engagements to an engagement quality control review. In some cases, none of the firm’s audit engagements may meet the criteria that would subject them to such a review.
Considerations Specific to Public Sector Entities (Ref: Para. 20‑Aus 21.1)
A32
In the public sector, a statutorily appointed auditor (for example, an Auditor‑General, or other suitably qualified person appointed on behalf of the Auditor‑General), may act in a role equivalent to that of engagement partner with overall responsibility for public sector audits. In such circumstances, where applicable, the selection of the engagement quality control reviewer includes consideration of the need for independence from the audited entity and the ability of the engagement quality control reviewer to provide an objective evaluation.
A33
Listed entities as referred to in paragraphs Aus 21.1 and A29 are not common in the public sector. However, there may be other public sector entities that are significant due to size, complexity or public interest aspects, and which consequently have a wide range of stakeholders. Examples include state owned corporations and public utilities. Ongoing transformations within the public sector may also give rise to new types of significant entities. There are no fixed objective criteria on which the determination of significance is based. Nonetheless, public sector auditors evaluate which entities may be of sufficient significance to warrant performance of an engagement quality control review.
Monitoring
A34
ASQC 1 requires the firm to establish a monitoring process designed to provide it with reasonable assurance that the policies and procedures relating to the system of quality control are relevant, adequate and operating effectively.[17]
A35
In considering deficiencies that may affect the audit engagement, the engagement partner may have regard to measures the firm took to rectify the situation that the engagement partner considers are sufficient in the context of that audit.
A36
A deficiency in the firm’s system of quality control does not necessarily indicate that a particular audit engagement was not performed in accordance with Australian Auditing Standards, relevant ethical requirements, and applicable legal and regulatory requirements, or that the auditor’s report was not appropriate.
Documentation
Documentation of Consultations (Ref: Para. 24(d))
A37
Documentation of consultations with other professionals that involve difficult or contentious matters that is sufficiently complete and detailed contributes to an understanding of:
- The issue on which consultation was sought; and
- The results of the consultation, including any decisions taken, the basis for those decisions and how they were implemented.
Issued by the International Auditing and Assurance Standards Board.
See ASA 102 Compliance with Ethical Requirements when Performing Audits, Reviews and Other Assurance Engagements.
See ASA 102.
See ASQC 1, paragraph 27(a).
See, for example, paragraph R320.8 of APES 110 Code of Ethics for Professional Accountants (including Independence Standards) (the Code).
See, for example, paragraphs R360.22-360.23 A1 of the Code.
See ASA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Australian Auditing Standards, paragraph 15.
See ASQC 1, paragraph 33.
See ASA 230, paragraph 9(c).
See ASA 700 Forming an Opinion and Reporting on a Financial Report, paragraph 49.
See ASA 230, paragraphs 14-16.
See ASA 701 Communicating Key Audit Matters in the Independent Auditor’s Report.
See ASA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment.
See ASA 330 The Auditor’s Responses to Assessed Risks.
See ASA 240 The Auditor’s Responsibilities Relating to Fraud in an Audit of a Financial Report.
See ASQC 1, paragraph 48.