There is a direct relationship between the service organisation and the user entity and between the service organisation and the service auditor.  These relationships do not necessarily create a direct relationship between the user auditor and the service …

Considerations Specific to Public Sector Entities …

Public sector auditors generally have broad rights of access established by legislation.  However, there may be situations where such rights of access are not available, for example when the service organisation is located in a different jurisdiction.  In …

Public sector auditors may also use another auditor to perform tests of controls or substantive procedures in relation to compliance with law, regulation or other …

Understanding the Controls Relating to Services Provided by the Service Organisation (Ref: Para.  10 ) …

The user entity may establish controls over the service organisation’s services that may be tested by the user auditor and that may enable the user auditor to conclude that the user entity’s controls are operating effectively for some or all of the …

In this situation, the user auditor may perform tests of the user entity’s controls over payroll processing that would provide a basis for the user auditor to conclude that the user entity’s controls are operating effectively for the assertions related to …

As noted in ASA 315, [7] in respect of some risks, the user auditor may judge that it is not possible or practicable to obtain sufficient appropriate audit evidence only from substantive procedures.  Such risks may relate to the inaccurate or incomplete …

Further Procedures When a Sufficient Understanding Cannot Be Obtained from the User Entity (Ref: Para.  12 ) …

The user auditor’s decision as to which procedure, individually or in combination, in paragraph 12 to undertake, in order to obtain the information necessary to provide a basis for the identification and assessment of the risks of material misstatement in …