ANAO Audit Manual — AASG Specific
Please direct enquiries through our contact page.
The Assurance Audit Services Group (AASG) volume of the ANAO Audit Manual applies to the financial statement audit activity performed by AASG in collaboration with the Systems Assurance and Data Analytics (SADA) group. Relevant policies and guidance from the AASG volume are also applied to other assurance work performed by AASG. Policies and guidance in the AASG volume address the planning, execution and reporting stages of the financial statement audit process.
Engagement performance — general
Chapters 101 to 108
101. Terms of audit engagement
101.1 An engagement letter shall be issued for each new audit engagement. The terms of engagement shall be formally re-confirmed at least every 5 years.
101.2 Circumstances where an engagement letter shall be re-issued include, but are not limited to, a material change to the terms of the audit engagement, including a:
- change in legal or regulatory requirements, including significant changes in Australian National Audit Office (ANAO) Auditing Standards impacting on the terms of the audit engagement;
- change in the financial reporting framework adopted in the preparation of the financial statements; and
- change in other significant reporting requirements
101.3 The Engagement Executive shall assess whether there is a need to draw the attention of the entity to the existing terms of engagement. These circumstances include, but are not limited to:
- a change in:
- (the head of) the Accountable Authority for a Commonwealth entity, or
- the Board Chair for a Commonwealth company or subsidiary company; or
- for all other auditees, the person with ultimate responsibility for the preparation of the financial statements to be audited; or
- where there is an indication that the entity misunderstands the objective and scope of the audit.
101.4 The Engagement Executive shall consider whether the circumstances identified in paragraph 101.3 above warrant the re-issue of the terms of engagement.
101.5 When the audit engagement is undertaken according to legislation, including legislation other than under the Auditor-General Act 1997 (A-G Act), the applicable terms contained in the legislation shall be included in the letter, including the legislation creating the Auditor-General’s mandate to perform the audit or, where the audit is conducted by arrangement, section 20 of the A-G Act.
101.6 For the purposes of this policy, an engagement letter is required when an entity is to be audited for the first time by the Auditor-General, either as a result of an entity being created or the Auditor-General auditing an existing entity for the first time. Terms of engagement should be agreed when the Auditor-General undertakes a new engagement with an existing auditee. Engagement letters are required irrespective of whether the engagement is a mandated engagement or entered into by arrangement under section 20 of the A-G Act.
101.7 The engagement letter is sent to the accountable authority of a Commonwealth entity (normally the Chair of the accountable authority where the authority has more than one member) or to the Chair of the Board of Directors of a Commonwealth company or subsidiary company.
101.8 ASA 210 Agreeing the Terms of Audit Engagements requires that, on recurring audits, the auditor should consider whether circumstances require the terms of the engagement to be revised, and whether there is a need to re-confirm in writing the existing terms of the engagement with the entity.1
101.9 Paragraphs 101.2 and 101.3 list situations where ANAO policy requires an engagement letter to be revised and re-issued or requires the attention of the entity to be drawn to the existing terms. Subject to these specific policy requirements, it is a matter for judgement by the Engagement Executive whether to formally confirm the terms of engagement or to draw attention to existing terms. The list of circumstances in paragraphs 101.2 and 101.3 are not exhaustive, and the Engagement Executive needs to be alert to other circumstances where an entity needs to be advised of revised terms of engagement or reminded of the existing terms. Examples where the Engagement Executive will need to consider re-issuing or drawing the entity’s attention to the terms of engagement include a:
- change of several Board members (other than the Board Chair);
- change of Audit Committee Chair;
- significant change in ownership; and
- significant change in nature or size of the entity’s business e.g. by the addition of functions following an Administrative Arrangements Order (AAO).
101.10 Typically, a new formal agreement with the entity is needed when the matters covered by the current engagement letter change or new conditions relevant to an engagement arise. Examples are changes in governing legislation, respective responsibilities or reporting requirements. In this situation, formal acknowledgement on behalf of the entity of the revised terms of engagement is needed from the (head of the) Accountable Authority, company Board Chair or equivalent.
101.11 Where the existing terms of engagement are unchanged but there is a need to draw the entity’s attention to the existing terms, a response from the entity is not required.
101.12 For the purpose of applying paragraph 101.5, the applicable legislation for most Assurance Audit Services Group (AASG) financial statement audits is the Public Governance, Performance and Accountability Act 2013 (PGPA Act) or the Corporations Act 2001 (Cth) (Corporations Act). In a small number of cases, the audit is conducted under entity-specific legislation (e.g. High Court of Australia Act 1979) or under other arrangements (e.g. audits of international bodies like the Commission for the Conservation of Southern Bluefin Tuna).
101.13 Pro forma engagement letters are located on the
102. Provision of other services by ANAO contractors to ANAO auditees
102.1 This policy applies to individuals or firms contracted by the ANAO to provide external audit services as an in-house contractor or undertake a contracted-out (project-managed) audit. It applies when a potential ANAO audit contractor tenders for an ANAO audit, and also when an existing ANAO audit contractor wishes to provide other services to an ANAO auditee.
102.2 ASA 102 Compliance with Ethical Requirements when Performing Audits, Reviews and Other Assurance Engagements requires compliance with relevant ethical requirements when performing audits, reviews and other assurance engagements, which is defined and includes APES 110 Code of Ethics for Professional Accountants (APES 110).
102.3 APES 110 applies to all ANAO engagements except to the extent, if any, of a conflict between APES 110 and legislative requirements.
102.4 ANAO engagements may be subject to independence requirements in legislation (e.g. the Corporations Act has requirements in addition to requiring compliance with APES 110). Compliance with APES 110 is not a substitute for compliance with legislation and audit teams should refer to such legislation to determine any further obligations.
102.5 An important part of independence requirements involves consideration of the provision by an auditor of other services to an auditee.2 While the ANAO itself does not provide other non-assurance services to its auditees, firms or individuals contracting to the ANAO may seek to do so.
102.6 This policy and guidance does not address other aspects of independence relevant to audit contractors. Refer to theand APES 110 for further requirements and guidance on other aspects of independence.
102.7 This policy shall apply to tenderers for ANAO audit work and existing contractors engaged to perform ANAO audit work.
102.8 The requirements of this policy shall be made available to actual and prospective audit contractors.
102.9 Subject to applicable legislation and the other requirements of ANAO policy, the conceptual approach to resolving threats to independence in APES 110 shall be applied to:
- Identify threats to independence;
- Evaluate the significance of the threats identified; and
- Apply safeguards, when necessary, to eliminate the threats or reduce them to an acceptable level.
102.10 In some circumstances, a threat may be so significant that no safeguard can reduce it to an acceptable level and the other service shall be refused or contract not awarded.
102.11 In addition to the other services expressly prohibited by APES 110, the following services are not permitted:
- Taxation advice of a strategic or tax planning nature;
- Accounting and bookkeeping services, or preparing financial statements, on which the auditor will express an opinion or financial information which forms the basis of the financial statements, except for compilation engagements where no accounting or management functions are performed by ANAO3; and
- Internal audit services involving the contractor personnel assuming a management responsibility or that relate to: internal controls over financial reporting, financial accounting systems; or the financial statements.
102.12 The prior approval of the Group Executive Director (GED) of PSRG is required for a proposed or existing contract where the value of other services provided or to be provided by the ANAO contractor to the ANAO auditee exceeds the value of the ANAO contract to the contractor.
Request by existing contractors to provide other services
102.13 ANAO contracts with audit contractors shall provide that no other services may be tendered for or provided by the contractor to that ANAO auditee during the period of the audit engagement without the express agreement in writing of the ANAO.
102.14 Requests to provide other services shall be supported by formal documentation providing detail of the other services, associated fees and a description of the procedures for monitoring conflict management. This documentation is to be prepared or endorsed by the audit contractor’s independence panel or independence partner.
102.15 The contractor shall bring the proposed request to the attention of the Chair of the auditee’s Audit Committee for advice as to any conflict of interest perceived by the Committee. The view of the Audit Committee Chair shall be included in the proposed request to the ANAO.
102.16 The Engagement Executive for the audit shall review the proposals for other services and provide a documented assessment with a recommendation to the PSRG GED for approval.
102.17 The Engagement Executive for an audit shall ensure the following information is documented4 about any proposal for the provision of other services by an ANAO audit contractor to that ANAO auditee:
- Other services proposed;
- Nature of the threat posed by the proposal;
- Safeguards considered to reduce the threat to an acceptable level;
- Decision whether the threat can be reduced to an acceptable level; and
- Consultation undertaken in reaching decision.
102.18 Where consultation is undertaken, this information shall be provided to those consulted.
102.19 In respect of contracted-out audits or parts thereof, before the signing of the auditor’s report on which a contractor has been engaged, the Engagement Executive for the audit shall get the following from the audit contractor in the Contractor’s Representation Letter:
- a complete listing of other services provided, to be provided or currently being tendered for by the contractor from the beginning of the reporting period under audit;
- the remuneration paid or payable for those services;
- a declaration that the contractor has not entered into arrangements for, or provided, other services without the prior written consent of the ANAO; and
- a declaration that the contractor has met the independence requirements of applicable legislation, APES 110 and ANAO policy and has not otherwise been impaired.
102.20 AASG is to report annually to the Executive Board of Management (EBOM):
- the nature and amount of each type of other services provided by audit contractors to each affected ANAO auditee;
- the amount of the fees paid or payable by the ANAO auditee to the contractor under each engagement; and
- the total fees paid or payable by the ANAO to the contractor.
Reporting to the auditee’s audit committee
102.21 The Engagement Executive shall disclose to the auditee’s Audit Committee at least annually the nature of the other services provided by the contractor to the auditee and the fees paid or payable to the contractor for those services.
102.22 As part of the tender process for prospective contractors, the contractor is required to declare any conflicts of interest and any other services that they are providing to auditees.
102.23 APES 110 categorises threats to independence as follows:
- self-interest threat - the threat that a financial or other interest will inappropriately influence the audit contractors (and ANAO staff) judgement or behaviour; or
- self-review threat - the threat that audit contractors (and ANAO staff) will not appropriately evaluate the results of a previous judgement made or service performed by the audit contractors (and ANAO staff) or another individual within the firm (or employing organisation) on which the audit contractors (and ANAO staff) will rely when forming a judgement as part of providing a current service; or
- advocacy threat - the threat that audit contractors (and ANAO staff) will promote an auditee’s or employer’s position to the point that subsequent objectivity is compromised; or
- familiarity threat - the threat that due to a long or close relationship with an auditee or employer, audit contractors (and ANAO staff) will be too sympathetic to their interests or too accepting of their work; or
- intimidation threat - the threat that audit contractors (and ANAO staff) will be deterred from acting objectively because of actual or perceived pressures, including attempts to exercise undue influence over the audit contractors (and ANAO staff).
Non-assurance services considered in APES 110
102.24 APES 110 considers the provision of non-assurance services to auditees in the following categories:
- Management responsibilities;
- Accounting and Bookkeeping Services;
- Administrative Services;
- Valuation services;
- Taxation services;
- Internal audit services;
- IT systems services;
- Litigation support services;
- Legal services;
- Recruiting services; and
- Corporate finance services.
Non-assurance services prohibited by APES 110
102.25 There are some non-assurance services identified in APES 110 that shall not be provided as the threats created would be so significant that no safeguards could reduce the threats to an acceptable level. APES 110 prohibits a firm or network firm from providing the following services to any auditee:
- Assuming a management responsibility;
- Valuation services if the valuation involves a significant degree of subjectivity and will have a material effect on the financial statements and;
- Tax advice where the effectiveness of the advice depends on a particular accounting treatment or presentation in the financial statements and:
- the audit team has reasonable doubt over the appropriateness of the accounting treatment or presentation; and
- the outcome or consequences of the tax advice will have a material effect on the financial statements.
- A taxation service involving acting as an advocate for the auditee before a public tribunal or court in the resolution of a tax matter and the amounts involved are material to the financial statements;
- Acting in an advocacy role for an auditee in resolving a dispute or litigation when the amounts involved to the financial statements;
- IT Systems Services involving the design or implementation of IT statements that (a) form a significant part of the internal controls over financial reporting or (b) generate information that is significant to the auditee’s accounting records or financial statements, unless appropriate policies and procedures are in place to ensure that the client retains management responsibility;
- The appointment of a Partner or an employee of the firm or network firm as General Counsel for the legal affairs of an Audit Client5;
- Corporate Financial Services that involve promoting, dealing in, or underwriting the client’s shares;
- Corporate Finance Advice where the effectiveness of that advice depends on a particular accounting treatment or presentation in the Financial Statements and:
- the audit team has reasonable doubt over the appropriateness of the accounting treatment or presentation; and
- the outcome or consequences of the tax advice will have a material effect on the financial statements.
- The following recruiting services with respect to a Director or Officer in the Audit Client or senior management in a position to exert significant influence over the preparation of the accounting records or the financial statements:
- Searching for or seeking out candidates; and
- Undertaking reference checks of prospective candidates.
102.26 For auditees that are public interest entities (PIEs), in addition to those listed above, the following services should not be provided:
- valuation services that would have a material effect, separately or in aggregate, on the financial statements;
- Internal audit services that (a) would be significant part of the internal controls over financial reporting, (b) financial accounting systems that generate information that is, individually or in the aggregate, material to the client’s accounting records or financial statements on which the auditee will express an opinion; or (c) amounts or disclosures that are, individually or in the aggregate, material to the financial statements on which the auditee will express an opinion.
- preparation of tax calculations of current and deferred tax liabilities (as assets) for the purpose of preparing accounting entries that are material to the financial statements;
- IT systems services involving the design or implementation of IT statements that (a) form a significant part of the internal controls over financial reporting or (b) generate information that is significant to the auditee’s accounting records or financial statements.
102.27 For services other than those prohibited by APES 110 or ANAO policy, the threat created by the provision of another service may be able to be reduced to an acceptable level by applying safeguards including:
- arranging for other services to be performed by an individual who is not a member of the audit team;
- if such services are performed by a member of the audit team, using a partner or senior staff member with appropriate expertise who is not a member of the audit team to review the work performed.
102.28 APES 110 paragraph300.8 A2 provide examples of safeguards that may eliminate or reduce threats to an acceptable level, such as:
- using different partners and engagement teams with separate reporting lines for the provision of non-assurance services to the ANAO client;
- discussing ethical issues with those charged with governance, such as the audit committee;
- disclosing to those charged with governance, such as the audit committee, the nature of services provided and extent of fees charged;
- rotating senior assurance team personnel;
- the ANAO auditee implementing internal procedures that ensure objective choices in commissioning non-assurance engagements;
- the ANAO auditee’s corporate governance structure that provides appropriate oversight and communications regarding the contractor’s services.
102.29 In addition to the examples in APES 110 part 4A, ANAO auditors should consider the threat posed and appropriate safeguards where a contractor provides services relating to fundamental aspects of the entity’s business and strategic planning, including information technology and the provision of services, such as, actuarial evaluations.
102.30 While taxation advice of a strategic or tax planning nature is not permitted by ANAO policy, tax services of a compliance nature are not automatically excluded.
102.31 Dialogue regarding the application of accounting standards or policies that does not constitute advice is considered to be a normal part of the audit process and does not generally create threats to independence.
102.32 The ANAO needs to consider the perception of independence where the proposed value of other services performed and requested to be performed by the contractor exceeds the value of the ANAO contract. The objectivity of the contractor may be impaired if they are dependent on the auditee for other services income as concern about losing the other services can create a self-interest or intimidation threat, particularly when that income is greater than the value of the ANAO audit contract.
102.33 A significant threat to contractor independence may arise, where, over the period of a proposed or existing ANAO contract, the value of other services provided or to be provided by the ANAO contractor to the ANAO auditee would exceed the value of the ANAO contract to the contractor.
102.34 For a proposed contract, the tender evaluation team and, for an existing contract, the Engagement Executive are required to seek approval from the PSRG GED where the fees for proposed or existing other services exceeds the audit fee. The fee parity policy requires consideration of the fees over the life of the audit contract. This may allow some flexibility to approve ‘one-off’ other services that exceed the audit fee in a single year, provided that the value of the total contract is not exceeded.
102.35 If the fee for other services is a contingent fee, this may create a self-interest threat that APES 110 requires to be evaluated and safeguards applied to eliminate the threat or reduce them to an acceptable level (refer to APES 110 paragraphs 330.4 A2 to 330.4 A4 for further guidance on contingent fees).
102.36 Network firms are required to be independent of the contractor’s auditee. A Network is defined in APES 110 as ‘a larger structure that is aimed at co-operation; and that is clearly aimed at profit or cost sharing or shares common ownership, control or management, common quality control policies and procedures, common business strategy, the use of a common brand-name, or a significant part of professional resources.’
102.37 Requests to provide other services by ANAO contractors should include relevant information in respect of their network firms.
103. Roles and responsibilities of the Engagement Executive
103.1 This policy sets out the responsibilities of the Engagement Executive in a financial statements audit or other AASG assurance engagement conducted in-house. This policy does not apply to those engagements where the responsibility for the audit is substantially contracted to a third party. In these circumstances, the responsibilities of the ANAO Engagement Executive are specified in Chapter 106 Project managed audits located in the ANAO Audit Manual – AASG Specific.
103.2 The Signing Officer is formally the ‘engagement partner’ under the auditing standards. The engagement partner is defined in the auditing standards as the person who is responsible for the audit engagement and its performance, and for the auditor’s report that is issued on behalf of the firm.
103.3 In practice in the ANAO, the duties of the engagement partner are fulfilled by the AASG Engagement Executive. This policy on the roles and responsibilities of the Engagement Executive applies whether the Engagement Executive is also the Signing Officer for the audit or not. Where the Signing Officer is a person other than the Engagement Executive, additional policies apply (Refer to Roles and responsibilities of the Signing Officer (paragraph 104.1)).
103.4 The Engagement Executive shall fulfil:
- The responsibilities of the ‘engagement partner’ under the ANAO Auditing Standards and assigned by legislation:
- in their own right, when the Engagement Executive is also the Signing Officer for the audit; and
- on behalf of the Signing Officer, where another person signs the auditor’s report; and
- Other responsibilities assigned by ANAO policy.
103.5 Where the Signing Officer for the audit is the Auditor-General, the Engagement Executive shall provide the Auditor-General with:
- At planning:
- Audit Strategy Document; and
- Materiality levels determined for the financial statements and where relevant particular items, including ‘overall materiality’, ‘performance materiality’, and ‘clearly trivial threshold’. This information shall be included in a cover letter which is to accompany the Audit Strategy Document;
- At interim:
- Interim Management Letter; and
- At the end of the audit:
- For contract-out audits only, the Signing Officers Review Memorandum;
- Closing letter;
- final financial statements; and
- proposed auditor’s report.
- Any other information as directed by the Auditor-General in the form and at the audit stage requested.
103.6 Consistent with the responsibilities of an engagement partner under the ANAO Auditing Standards:
- Where an Engagement Quality Control Reviewer (EQCR) is appointed to the audit, the Engagement Executive shall discuss significant matters arising during the audit, including those identified through the EQCR’s processes, with the EQCR and also with the Signing Officer if applicable.
- Where an EQCR has not been appointed, the Engagement Executive shall be alert for changes in circumstances that would require an EQCR to be appointed.
103.7 Consistent with ASA 220 Quality Control for an Audit of a Financial Report and Other Historical Financial Information, the Engagement Executive shall, on or before the date of the auditor’s report, through a review of the audit documentation and discussion with the engagement team, be satisfied that sufficient appropriate audit evidence has been obtained to support the conclusions reached and for the auditor’s report to be issued.6
103.8 The AASG GED shall not exercise any authority specifically reserved by the Audit Manual to the role of AASG GED with regards to the audits that they have been appointed as Engagement Executive. In these circumstances the Auditor-General or the Deputy Auditor-General shall delegate this authority to other GEDs in the ANAO.
103.9 Australian Auditing Standards (ASA) require certain responsibilities to be undertaken by the engagement partner. This approach is explained in the definition of ‘auditor’, as follows:
‘Auditor’ is used to refer to the person or persons conducting the audit, usually the engagement partner or other members of the engagement team, or, as applicable, the firm. Where an ASA expressly intends that a requirement or responsibility be fulfilled by the engagement partner, the term ‘engagement partner’ rather than ‘auditor’ is used.7
103.11 The responsibilities in the auditing standards which this policy places on Engagement Executives include the following:
- the overall quality on each audit engagement to which the Engagement Executive is assigned;
- Through their actions and appropriate messages to the engagement team, the Engagement Executive should emphasise the importance of compliance with ANAO Auditing Standards and quality control policies and procedures. In addition the engagement team should have the ability to raise concerns without fear of reprisals. Quality is essential in performing audit engagements and the overall quality of the audit will be helped by ensuring that the audit is performed consistent with ANAO standard methodology.
- the engagement team’s compliance with relevant ethical requirements including APES 110;
- These include the principles of integrity, objectivity, professional competence and due care, confidentiality and professional behaviour. The Engagement Executive should remain alert for evidence of non-compliance and if it should occur, in consultation with others, determine the appropriate action.
- the engagement team’s compliance with the ANAO’s Independence Policy;
- for audits by arrangement, applying appropriate procedures regarding acceptance and continuance of auditee relationships and specific audit engagements10;
- These procedures should include consideration of the integrity of those charged with governance and management, competence of the engagement team and compliance with ethical requirements. All conclusions reached should be documented within the audit file.
- communication of the role of Engagement Executive and where different, the Signing Officer, to key members of auditee management and those charged with governance;
- the appropriate planning of the engagement consistent with ASA 300 Planning an Audit of a Financial Report;
- the assignment of engagement teams and auditor’s experts which collectively have the appropriate levels of competencies and capabilities;
- The Engagement Executive is required by the ANAO Auditing Standards to be satisfied that the competence and capabilities of the audit team will ensure performance of the audit engagement consistent with professional standards and regulatory requirements and enable an auditor’s report that is appropriate in the circumstances.11 When considering the competence and capability of the engagement team as a whole the Engagement Executive may take into account such matters as the team’s understanding and practical experience of audit engagements of a similar nature, their understanding of professional standard and regulatory and legal requirements, technical expertise, ability to apply professional judgement and understanding of the ANAO’s quality control policies and procedures.
- the direction, supervision and performance of the engagement consistent with professional and auditing standards and regulatory and legal requirements. The Engagement Executive should document the extent and timing of their reviews. Refer to the policy Direction, Supervision and Review (ANAO Audit Manual - Shared Content, paragraphs 8.2-8.4) for further guidance;
- that sufficient and appropriate audit evidence exists and is documented to support the conclusions reached and for the auditor’s report to be issued;
- In line with the ANAO policy Audit Documentation (ANAO Audit Manual - Shared Content, paragraphs 9.2-9.14) the only work that should be done after the signing of the auditor’s report is that of an administrative nature.
- following appropriate procedures for consultations and differences of opinion and in particular ensure compliance with the ANAO policy on Differences of Opinion (ANAO Audit Manual - Shared Content, paragraphs 8.64-8.68);
- determine that an EQCR has been appointed, as required by the ANAO Auditing Standards and ANAO policy (Refer to the Engagement Quality Control Review (ANAO Audit Manual - Shared Content, paragraph 8.42).;
- to discuss the susceptibility of the entity to material misstatement, particularly due to fraud, with the engagement team; and
- enough involvement in the audit engagement at appropriate stages throughout the engagement including attendance at key meetings, discussions with the engagement team, EQCR and Signing Officer (where appropriate) and the completion of the planning and completion checklists at the appropriate stages of the audit.
Relationship with engagement quality control review
103.12 Where an EQCR has been appointed:
- significant issues arising on an engagement should be considered by the Engagement Executive (and the Signing Officer if applicable), in consultation with PSRG as appropriate, before consultation with the EQCR to minimise compromising the EQCR’s objectivity. Where there is a difference of opinion between the Engagement Executive (and the Signing Officer if applicable) and the EQCR, ANAO policy on Differences of Opinion (ANAO Audit Manual - Shared Content, paragraphs 8.64-8.68) should be followed;
- the auditor’s report cannot be issued until the completion of the engagement quality control review (Refer to the Engagement Quality Control Review (ANAO Audit Manual - Shared Content, paragraph 8.42).
103.13 Where an EQCR has not been appointed, circumstances which may cause the Engagement Executive to seek to have an EQCR appointed could include the emergence of an unforeseen risk of material misstatement; identification of areas which are complex or contentious; or an increased reputational threat to the ANAO.
Date of signing the auditor’s report
103.14 The date of signing of the auditor’s report should coincide with the date financial statements (or other report) are signed. The Engagement Executive should endeavour to agree an audit timetable with the auditee that provides for the auditor’s report to be signed on the same date the financial statements (or other report) are signed. The ANAO reports to Parliament the gap between the dating of the statements and the dating of the auditor’s report in the Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 20XX (Year End Report).
103.15 Where the reports are not signed on the same day, ASA 560 Subsequent Events provides that a subsequent events review to the date of the auditor’s report must be undertaken and documented in the audit working papers (and the audit file for project managed audits). The reasons for the gap between the two signing dates should be documented.
104. Role and responsibilities of the Signing Officer
104.1 The Signing Officer is the person who signs the audit report on the financial statements. In most cases the Signing Officer is also the Engagement Executive for the audit.
104.2 On some audits the Auditor-General signs the audit report or delegates signing responsibilities to another executive other than the Engagement Executive for the audit. In such cases the Signing Officer has a reduced involvement in the audit due to the Engagement Executive’s role.
104.3 This policy requires the Signing Officer to review or approve key aspects of the audit and also provides the basis for the Signing Officer’s reliance on the Engagement Executive.
104.4 The Signing Officer is responsible for the audit and is the engagement partner for the purposes of the ANAO Auditing Standards.
104.5 While the Signing Officer relies on the Engagement Executive to fulfil key duties and requirements of the ANAO Auditing Standards this does not reduce the Signing Officer’s overall responsibility for the audit. Where the Signing Officer is not the Engagement Executive on the audit, the following shall apply:
- the Signing Officer shall be briefed by the Engagement Executive at appropriate times during the audit;
- the Signing Officer shall approve:
- key aspects of the audit approach;
- the Engagement Executive’s assessment of overall and performance materiality for the financial statements as a whole and for particular items;
- the schedule of unadjusted differences;
- the Signing Officer Review Memorandum (SORM) if prepared;
- the audited financial statements; and
- the audit report.
- the Signing Officer shall be satisfied that the Engagement Executive has completed their work consistent with ANAO Auditing Standards;
- where an EQCR is appointed, the Signing Officer shall be satisfied that the review processes have been completed satisfactorily before the audit report is issued;
- the Signing Officer shall seek to review other information if the Signing Officer considers it appropriate to the circumstances of the audit; and
- the audit file shall contain documented evidence of the Signing Officer’s involvement.
104.6 Significant matters arising on an engagement should be considered by the Engagement Executive, in consultation with the Signing Officer as appropriate. Significant matters may include critical areas of judgement, difficult or contentious matters, high risks of material misstatement or other areas that the Engagement Executive or Signing Officer consider important.
104.7 The requirement for the Signing Officer to approve key aspects of the audit strategy is intended to ensure that the Signing Officer provides approval of the key judgements in the audit.
104.8 Part of the audit approach is determination of the materiality levels applied on the audit. In addition to approving overall, performance and particular materiality levels, the Signing Officer should formally approve any changes to materiality which may be made as the audit progresses.
104.9 The SORM may be used by the Signing Officer as a basis for accepting that the Engagement Executive has met their responsibilities under the auditing standards and ANAO Audit Manual – AASG Specific policy.
104.10 When approving the SORM, the Signing Officer should note details of significant matters arising on the audit, and in particular, consultation and conclusions on matters that were difficult or contentious.
104.11 The Signing Officer may seek to review matters additional to those required by this policy. For example, the Signing Officer may seek to review the interim or final management letters or the closing report.
104.12 Where the Signing Officer is the Auditor-General, the information required by the Auditor-General to fulfil the requirements of this policy will ordinarily be limited to that specified at paragraph 103.5 and through verbal briefings. Where further information is required, this will be requested by the Auditor-General.
104.13 The Signing Officer’s approval of documents or key judgements and other significant matters can be evidenced in the TeamMate file or alternatively by initialling and dating file copies of documents, file notes in the working papers or other means, as appropriate.
104.14 Signing Officer templates are located on the
105. Role and responsibility of the Second Reviewer
105.1 The ANAO Auditing Standards require AASG to have policies and procedures requiring, for appropriate engagements, an engagement quality control review that provides an objective evaluation of the significant judgements made by the engagement team and the conclusion reached in formulating the auditor’s report. Relevant policies are set out in Chapter 109 Engagement Risk Rating and in ANAO Audit Manual - Shared Content Chapter 8 Engagement Quality Control Review
105.2 This policy sets out the role of a ‘Second Reviewer’ and the responsibilities of that role. This policy has been developed to promote audit quality within AASG by providing review processes over and above those required by the auditing standards.
105.3 Unlike the EQCR, the Second Reviewer does not need to be independent of the engagement team. This allows the Second Reviewer, in addition to fulfilling the responsibilities required by this policy, to decide on the extent of his or her further involvement in the audit, such as, have more involvement in the planning phase of the audit.
105.4 In particular, the aims of this policy are:
- to provide a mechanism for the GED to appoint who is neither the Engagement Executive nor the EQCR to have a formal role in an engagement; and
- to provide a mechanism to support the quality of an engagement where the appointment of an independent EQCR is not required by ANAO Audit policy.
105.5 The AASG GED, in consultation with the Auditor-General, shall determine the engagements in each audit cycle to which a Second Reviewer will be appointed. The GED shall provide a summary report to the Auditor-General early in the audit cycle each year.
105.6 In the year in which an outsourced audit engagement of a material entity transitions back in-house, the GED shall consider assigning a Second Reviewer, unless an EQCR has been appointed. The summary report required by paragraph 105.5 above shall note the considerations made by the GED in determining whether to appoint a Second Reviewer in these circumstances.
105.7 The Second Reviewer shall be an Executive Director or higher.
105.8 The Second Reviewer shall be at least one level higher than the Engagement Executive, unless the GED approves appointment of a Second Reviewer who is the same level as the Engagement Executive.
105.9 The Second Reviewer shall be independent of the auditee consistent with the ANAO Independence policy and standards.
105.10 The Second Reviewer shall undertake at least the review activities required by ANAO Policy for an EQCR and consider any additional review activities for EQCRs detailed in the guidance to ANAO policy.
105.11 Before the issue of the auditor’s report, the Second Reviewer shall document the review activities undertaken consistent with ANAO Auditing Standards and policy, including:
- completing the Second Reviewer checklists at the planning and final stages of the audit;
- documenting briefings or relevant discussions with the Engagement Executive; and
- evidencing their review of the SORM (where applicable).
105.12 Subject to fulfilling the responsibilities required by this policy, the Second Reviewer shall decide the extent of his or her further involvement in the audit. The Second Reviewer is not permitted to perform functions that substitute the responsibilities of the Engagement Executive or audit team.
105.13 The Second Reviewer responsibilities required by this policy are the same review and documentation responsibilities required by ANAO policy addressing the responsibilities of the EQCR.
105.14 Unlike an EQCR, the Second Reviewer is not required to operate independently of the engagement team. It is also not intended that a Second Reviewer perform work in substitution for the work of the Engagement Executive or the team. This policy therefore provides that, subject to fulfilling the responsibilities required by this policy, the Second Reviewer may determine the extent of their further involvement in the audit, taking into consideration the complexity of the engagement, the experience of the Engagement Executive and the risk that the auditor’s report may not be appropriate in the circumstances. In making this decision, it is anticipated that a Second Reviewer would liaise with the Engagement Executive.
105.15 A Senior Executive may be involved in an engagement, as a Second Reviewer, to allow the ANAO to be represented at an appropriate level or to support the quality of the engagement, particularly when the Engagement Executive is not an SES officer. Representing the ANAO in this manner does not of itself involve the Senior Executive, however a greater involvement may be appropriate in some circumstances.
105.16 Second Reviewers are to be regarded as key audit personnel for the purposes of the ANAO rotation policy within the ANAO Independence Policy (See ANAO Audit Manual - Shared Content, paragraph 5.6).
105.17 Second Reviewer templates are located on the.
106. Project managed audits
106.1 When the ANAO contracts out an audit, or part of an audit, the duties of the engagement partner are, in practice, fulfilled by the contractor partner. In these circumstances, the responsibilities of the ANAO Engagement Executive are set out in this policy. Where an outsourced audit has both an ANAO Engagement Executive and ANAO Signing Officer in place, this policy applies equally to both individual roles.
Minimum requirements for contracts
106.2 Tenders and contracts for the audit or part of the audit of the financial statements of an ANAO auditee shall require the use of an audit methodology that enables compliance with the requirements of:
- the ANAO Auditing Standards;
- legislation or regulations relevant to the audit;
- APES 110, as supplemented by ANAO policy about the provision of other services to ANAO auditees;
- applicable ANAO Audit policies as provided to the contractor through the PSRG extranet or via other means; and
- such ANAO policies and procedures as are notified to the contractor by the ANAO Engagement Executive.
Signing Officer and engagement executive responsibilities
106.3 The ANAO Signing Officer shall be responsible for the audit, and is the engagement partner for the purposes of the ANAO Auditing Standards. The ANAO Engagement Executive, if a different person to the Signing Officer, and contract engagement partner shall fulfil the responsibilities of the ‘engagement partner’ under the ANAO Auditing Standards and assigned by legislation on behalf of the Signing Officer.
106.4 As a minimum, the following policies shall apply to the Engagement Executive and the Signing Officer, if a different person:
- the Engagement Executive shall be briefed by the contract engagement partner at appropriate times during the audit (if a different person, the Engagement Executive shall brief the Signing Officer);
- the Engagement Executive (and if different, the Signing Officer) shall approve:
- key aspects of the audit approach, including audit responses to significant risks;
- the contract engagement partner’s assessment of overall and performance materiality for the financial statements as a whole and for particular items;
- the schedule of uncorrected misstatements12;
- the SORM;
- the audited financial statements; and
- the auditor’s report.
- the Engagement Executive (and if different, the Signing Officer) shall be satisfied that the contract engagement partner has completed their work consistent with the ANAO Auditing Standards;
- where an EQCR13 (either a contractor or an ANAO EQCR) is appointed, the Engagement Executive (and if different, the Signing Officer) shall be satisfied that the review processes have been completed satisfactorily before the auditor’s report is issued; and
- the audit file shall contain documented evidence of the Engagement Executive’s (and if different, the Signing Officer’s) involvement, including documentation of the briefings at the planning, interim and final stages of the audit before the signing of the auditor’s report.
Further engagement executive responsibilities
106.5 The Engagement Executive shall:
- gain an understanding of the client to be comfortable that the risk assessments are appropriate, including the rating of risks;
- in approving materiality levels, ensure that ANAO policy on materiality is applied, including component materiality set for the purposes of the Consolidated Financial Statements (CFS), and materiality levels for particular items;
- review significant risks, key judgements, assumptions, estimates and other major sources of estimation uncertainty, that have a risk of resulting in material misstatement or adjustment on the audit;
- be satisfied that the ANAO policies notified to the contractor firm have been complied with; and
- review and sign all correspondence on ANAO letterhead.
106.6 The Engagement Executive shall make such enquiries and document their review of such work papers as is necessary so as to be satisfied that the quality control procedures applied to the audit are consistent with the requirements of the contract, including:
- meeting ANAO Auditing Standards; and
- the use of contractor staff with appropriate competence, qualifications and experience.
106.7 For larger or higher risk audits, the Engagement Executive’s involvement shall be extended with a greater involvement in audit planning and execution, regular meetings with firm and client, and review of significant matters arising during the audit.
106.8 Before signing the auditor’s report, the Signing Officer shall be satisfied that the contractor’s work provides sufficient appropriate audit evidence to support the release of the auditor’s report.
106.9 At the completion of the audit, the Engagement Executive shall ensure the following procedures are performed:
- Before the signing of the auditor’s report, the contract engagement partner shall provide written sign off on the audit consistent with the approved form ‘Contractor’s Representation Letter’, including the auditor’s independence declaration if the audit is performed under the Corporations Act;
- Review the contractor’s representations and complete the relevant TeamMate library file;
- Complete the ‘Contract Evaluation sign off’. This sign off is to be completed each year at the time the final invoice from the contractor for the audit cycle has been approved to be paid and is to be held on the contract file.
106.10 Contractor firm files shall be completed and ready for finalisation consistent with ANAO Audit Manual - Shared Content, paragraph 9.11.
106.11 The Engagement Executive shall request the contractor firm to provide all the working papers within 30 days of the date of the finalisation of each year’s financial statement audit. Contractor firm files shall be archived consistent with ANAO Audit Manual – Shared Content, paragraph 9.36.
Legal basis for contracting
106.12 Under section 27 of the A-G Act, the Auditor-General, on behalf of the Commonwealth, may engage any person under contract to help in the performance of any Auditor-General function. For various reasons, the ANAO engages audit firms to undertake an audit or a discrete part of an audit on his behalf.
106.13 Under section 29 of the A-G Act, the Auditor-General may delegate any of his functions or powers to an Official14; which includes a person engaged under contract. The Auditor-General has exercised his power of delegation about audits to senior ANAO staff. Auditor’s reports on contracted out audits are therefore signed either by the Auditor-General or by an appropriately delegated senior staff member of the ANAO.
Minimum requirements for contracts
106.14 The mandatory requirements governing ANAO audits need to be made known to contractors via tender and contract documentation.
106.15 ANAO policy is to comply with the requirements of APES 110. Those requirements apply equally to contractor firms and their staff. ANAO policy also adds to these professional requirements, for example; ‘Provision of other services by ANAO Contractors to ANAO auditees’ includes additional prohibited services to the requirements of APES 110.
106.16 Except for the ANAO Audit policies provided to the contractor through the PSRG extranet or and notified to the contractor by the ANAO Engagement Executive, audit firms contracting to the ANAO can use their own audit methodologies on the basis that they meet the requirements of the ANAO Auditing Standards. To help ensure contractors comply with ANAO Policy, paragraph 106.) of this policy requires tenders and contracts for audit services to make provision for the ANAO Engagement Executive to notify the contractor of policies and procedures the ANAO requires be followed on the audit.
Signing Officer and Engagement Executive responsibilities
106.17 The ANAO Signing Officer is formally the ‘engagement partner’ under the auditing standards. In practice, when the ANAO contracts out an audit, or part of an audit, the duties of the engagement partner are fulfilled by the contactor partner, while the responsibility for the audit remains with the ANAO.
106.18 The ANAO Signing Officer and the Engagement Executive may be the same person. Where this is the case, this policy requires the Engagement Executive to meet the requirements of paragraphs 106.4 to 106.8 inclusive about the conduct of the audit.
106.19 Where the ANAO Signing Officer and the Engagement Executive are different people, the requirements of paragraph 106.4 apply to the Signing Officer. These responsibilities for the separate Signing Officer are the same that apply when there is a separate Signing Officer on ANAO audits conducted in-house.
106.20 The Engagement Executive is required by ASA 220 to be satisfied that sufficient appropriate audit evidence has been obtained to support the conclusions reached and auditor’s report to be issued. The Engagement Executive’s review covers critical areas of judgement, especially those relating to difficult or contentious matters identified during the course of the engagement, significant risks and other areas the Engagement Executive has identified as important. Evidence of this review should be documented and recorded in the EEPIR or the audit file (E-Hive).
106.21 To satisfy the requirements of paragraph 106.6, and as part of the review of the contractor’s audit working papers, the Engagement Executive should consider reviewing the key areas of financial statements risk and associated key judgements, assumptions and other major sources of estimation uncertainty, that may result in a material misstatement or adjustment on the audit, including:
- The execution and conclusions reached on audit procedures identified and communicated to the auditee as part of the audit strategy;
- The design and execution of the sampling strategy performed on the key areas of audit focus, including the evaluation of the sampling results;
- The design and appropriateness of the substantive analytical procedures performed on the key areas of audit focus; and
- The design and execution of audit procedures that were identified as deficient in prior year quality assurance reviews that relate to sufficiency and appropriateness of audit evidence.
106.22 The Engagement Executive should ensure that the Appropriation Test Program has been completed and that sufficient and appropriate procedures have been undertaken on other financial statement disclosures required by the Public Governance, Performance and Accountability (Financial Reporting) Rule 2015 (PGPA FRR 2015).
106.23 The Engagement Executive should be satisfied that the engagement partner and other senior members of the audit team were suitably involved in the design, execution and evaluation of the key audit procedures, including planning, control, and substantive audit procedures.
106.24 Where deficiencies are identified in the course of undertaking the review, the Engagement Executive will need to notify the contract engagement partner and request that identified deficiencies are rectified promptly and before the issue of the auditor’s report. To be satisfied that the quality control procedures are consistent with the requirements, the Engagement Executive would need to be satisfied that the identified deficiencies have been appropriately rectified.
106.25 The audit contractor is responsible for ensuring that audit work undertaken on behalf of the Auditor-General is performed in a manner consistent with professional standards and to have in place quality control policies and assurance procedures to be employed throughout the audit engagement. It is expected that these policies and procedures would include the contracted audit engagement being subject to periodic internal review as part of the contracted Firm’s quality assurance processes.
106.26 ASA 600 Special Considerations-Audits of a Group Financial Report provides a useful reference point to guide the ANAO Engagement Executive in determining an appropriate level of involvement for project-managed audits (taking a parallel from the group engagement team involvement in the audit of a component). Relevant requirements in ASA 600 that might be considered, include:
- The level of materiality of components (i.e. contracted-out audits) is reviewed by the group engagement team (ANAO) when set by the component auditor (contractor) to ensure that it is within the threshold set by the group engagement team (Refer to policy paragraph 106.5(a)).
- For significant components (entities), the group engagement team is involved in the component auditor’s risk assessment to identify significant risks of material misstatement of the group (CFS) financial statements. The nature, timing and extent of this involvement is affected by the team’s understanding of the component auditor but should include at a minimum:
- Discussion with the component auditor of those of the business activities that are significant to the CFS;
- Discussion with the component auditor on the susceptibility of the entity to material misstatement due to fraud or error; and
- Review of the component auditor’s documentation of identified significant risks of material misstatements. This documentation may take the form of a memorandum that reflects the component auditor’s conclusion regarding identified significant risks.
- Where significant risks of material misstatement of the group financial statements have been identified in a component audit, the group engagement team is required by ASA 600 to evaluate the appropriateness of further audit procedures to be performed to respond to the identified significant risks of material misstatement.
106.27 The level of involvement in the contracted-out audit is also influenced by:
- the size of the audit relative to the CFS;
- the potential level of parliamentary interest in the entity;
- the engagement risk; and
- competency of the contractor’s audit team and their familiarity with the auditee (i.e. first year of the contact versus later years).
106.28 The expected level of ANAO involvement should be communicated to the contract partner at the start of the audit, to allow for timely involvement throughout the audit.
Use of letterhead
106.29 For the purpose of applying the policy at paragraph 106.), ANAO letterhead should be used in covering letters or covering e-mails to an entity and all communications to Ministers, but attachments such as Audit Strategy Documents may be jointly badged. In the latter situation, the ANAO name and logo needs to have no less prominence than the contractor’s name and logo. Refer to paragraph 111.3 for further guidance on the form of the Audit Strategy Document.
106.30 The working papers provided by the contractor can be provided in:
- an electronic copy on CD-ROM, in a form which can be read by the ANAO using its existing software; or
- a printed copy on A4 paper (noting that some functionality of the audit software may be lost in printed form); or
- another suitable form which does not affect the readability of the working papers. For example, a file in PDF or HTML format from which working papers in excel or word file formats are extracted and provided on a CD – ROM.
106.31 Contractor audit templates are located on the
107. Use of TeamMate
107.1 The TeamMate library file is the ANAO audit methodology for financial statements audits that is released each financial year containing mandatory procedures addressing auditing standards requirements and ANAO Audit Manual – AASG Specific policy.
107.2 The use of TeamMate and the library file is a vital element in assuring the AASG GED and the ANAO Executive that AASG’s audits comply with the ANAO Auditing Standards, ANAO Audit Manual policies, and other requirements while also promoting consistency in the quality of engagement performance.
107.3 TeamMate shall be used to document all financial statements audits and other assurance engagements unless prior approval to use an alternative has been given by the GED to an engagement team.
107.4 The relevant TeamMate library file shall be used for all financial statements audits (or parts thereof) including audits that are undertaken under project-management arrangements. Where an engagement has been approved to be documented outside of TeamMate, the Engagement Executive shall ensure that all relevant procedures from the TeamMate library file have been conducted.
107.5 Where an audit team rolls over a previous year’s TeamMate file to document the current year’s financial statement audit, the Engagement Executive shall ensure that the rolled over TeamMate file meets the requirements of the current year’s TeamMate library file by having regard to the documentation released by PSRG annually when the updated TeamMate library file is released.
107.6 A separate TeamMate file shall be created for each engagement, except where the use of a file for multiple opinions is approved by the AASG GED, taking into consideration: the planned signing date of each opinion; the consistency of audit approach; and the ability to get sufficient appropriate audit evidence for both engagements.
107.7 All procedure summaries in the relevant TeamMate library file are mandatory and shall be completed for all financial statements audits. The audit procedure steps under the heading ‘Audit Procedures’ of each procedure summary shall be completed. Where a procedure summary or audit procedure step is not relevant to the audit, the team shall document that it is not relevant and shall not delete it.
107.8 The procedure summaries indicate if an attached TeamMate template is mandatory, conditional or optional. Conditional templates are required to be downloaded from TeamStore and completed where the engagement meets the condition, e.g., where the audit team intends to rely on internal audit. The format of mandatory and conditional TeamMate templates is required to be maintained and shall not be amended without written approval from the GED.
107.9 The ‘Guidance’ in each procedure summary is not mandatory, but is intended to help in the completion of mandatory steps.
107.10 The TeamMate library file is not intended to include all ANAO Audit Manual – AASG Specific policy requirements in the procedure summaries. However, where they are included they are identified by reference to the specific policy.
107.11 The TeamMate library file can be adapted for use on other assurance engagements, considering the applicable ANAO Auditing Standards and ANAO Audit Manual – AASG Specific policy.
107.12 In some cases, the ANAO conducts an audit or assurance engagement for an auditee in addition to the financial statements audit, such as an audit of reports prepared consistent with special purpose frameworks or single financial statements (grant acquittals). It is expected that a separate file is created for these additional engagements due to:
- the difference in timing of the engagements and the impact on finalising each audit file as required by ANAO Audit Manual - Shared Content, paragraph 9.10;
- the difference in audit approach, including setting of materiality parameters; and
- the different levels of sufficient and appropriate audit evidence required for each engagement.
107.13 Where documentation from the financial statements audit file is relevant to the additional engagement(s), it is acceptable for the same audit team to cross reference documentation of work performed in the financial statements audit file on the basis there has been appropriate review of the work for the purposes of the additional engagement.
107.14 Applying to financial reporting periods commencing on or after 1 July 2019, the audit team should use the relevant TeamMate library file to document the project-managed financial statement audit unless the relevant TeamMate library file was unavailable prior to commencement of the project-managed audit. In this situation, the audit team should use the EEPIR template to document the project-managed financial statement audit.
107.15 The audit team should ensure that procedure summaries and Smart-Lite templates contained in the rolled over TeamMate library file are meet the requirements of the the current audit cycle’s TeamMate library file.
108. Role and responsibilities of the SADA Executive
108.1 This policy sets out the responsibilities of the SADA Executive in a financial statements audit or other AASG assurance engagement that engages the specialist skills of the SADA Branch.
108.2 A SADA Executive is allocated to a financial statements audit or other assurance engagement consistent with ANAO Audit Manual - Shared Content, paragraph 6.4.
108.3 The role and responsibilities of the SADA Executive shall include:
- the direction, supervision and performance of the SADA component of the engagement;
- reviewing key documents and work papers on the audit file, including:
- the SADA sign-off – planning and completion procedures; and
- those relating to significant IT risks, judgements and difficult or contentious matters;
- having sufficient involvement in the engagement at appropriate stages including attendance at key audit team meetings, discussions with the engagement team, Engagement Executive and / or Signing Officer;
- attendance at entry/exit meetings where appropriate, or other relevant meetings with senior IT management; and
- attendance at Audit Committees, where appropriate.
108.4 The responsibility for the direction, supervision and performance of the SADA component of the engagement includes:
- emphasising the importance of audit quality on each engagement;
- tracking the progress of the SADA component of the engagement;
- considering the competence and capabilities of the SADA audit team assigned to the engagement;
- ensuring that appropriate SADA procedures are planned and performed;
- addressing significant SADA matters arising during the engagement and the impact on the planned approach; and
- ensuring the SADA work performed supports the conclusions reached and is appropriately documented.
Engagement performance — planning
Chapters 109 to 111
109. Engagement risk rating and public interest entity assessment
109.1 The assessment of engagement risk helps the Auditor-General, the AASG GED and AASG Engagement Executives identify professional risks associated with auditees and engagements of the ANAO at a whole-of-practice and individual engagement level. The determination of engagement risk provides a basis to determine whether additional quality control responses in accordance with ASA 220 Quality Control for an Audit of a Financial Report and Other Historical Financial Information and equivalent provisions for non-financial engagements.
109.2 In addition to the EQCR requirements in this section, the assessment of whether an entity is, or is to be treated as, a PIE,15 impacts independence requirements under the ANAO Independence Policy and the parameters to be applied in determining overall materiality (Refer to Chapter 110 Materiality).
Annual engagement risk and public interest entity assessment
109.3 At the start of each audit cycle the AASG GED shall determine the following matters:
- the risk ratings assigned to all AASG engagements; and
- which entities that are subject to AASG engagements should be classified as a PIE.
109.4 The AASG GED’s determinations shall be communicated to the Auditor-General, the Deputy Auditor-General, the PSRG GED and all Engagement Executives responsible for AASG engagements.
Policy applicable to assessment of engagement risk for AASG engagements
109.5 An engagement shall be assessed as being a high, moderate or low risk engagement based upon the overall risk of the engagement to the Auditor-General and the ANAO. This shall include consideration of:
- the Risk of Material Misstatement (RoMM) arising from the engagement (that is, the risk that there is a material misstatement in the subject matter before the conduct of the engagement); and
- Other Professional Risks, being any other source of risk to the Auditor-General and the ANAO arising from the conduct of the engagement including, but not limited to, litigious and reputational risks.
109.6 A preliminary assessment of the engagement risk for each engagement shall be documented by the Engagement Executive. The results of this preliminary assessment shall be made available to the AASG GED for consideration.
109.7 Where a new AASG engagement has become part of ANAO’s mandate or has been accepted under a s20 arrangement subsequent to the AASG GED’s determination the Engagement Executive shall recommend an engagement risk rating to the AASG GED for approval.
109.8 Engagement risk shall be monitored throughout the engagement. Where a change in the circumstances of an AASG engagement causes the Engagement Executive to believe that the engagement risk rating requires revision, a new rating shall be recommended to the AASG GED for approval.
Policy applicable to assessment of PIE status of auditees
109.9 The AASG GED shall apply APES110 paragraph 400.8 to AUST 400.8 A1 in determining which entities to treat as PIEs.
109.10 In determining under APES110 paragraph AUST R400.8.1 which additional entities to treat as a PIE, the AASG GED shall consider the following factors:
- the level of public interest and scrutiny applied to the entity;
- the size of the entity, including the number of employees;
- the nature of the business, including holding assets in a fiduciary capacity for a large number of stakeholders; and
- any other indicators that the entity has a large number and wide range of stakeholders.
Consequences of engagement risk assessments
109.11 Where the engagement risk has been assessed as High on a mandated financial statements audit that is material to the Commonwealth’s Consolidated Financial Statements:
- an EQCR shall be assigned;
- staff assigned with key roles shall have appropriate skills and experience for their assigned role; and
- other appropriate responses shall be determined and documented, including specific responses to the underlying events or conditions giving rise to the High engagement risk rating.
109.12 For all other engagements (including AASG engagements on subjects other than historical financial information and engagements under a s20 arrangement) where the engagement risk has been assessed as High, the Engagement Executive shall consider and document an appropriate response or responses to the assessed risk (which does not necessarily require the appointment of a EQCR). If the response does not include the appointment of an EQCR, the Engagement Executive shall document the reasoning.
109.13 Where the engagement risk has been assessed as High on an engagement conducted under s20 of the A-G Act the consideration of an appropriate response by the Engagement Executive shall include whether it is appropriate to continue to undertake the engagement (refer ANAO Audit Manual - Shared Content, paragraphs 2.77-2.86).
109.14 The engagement risk, together with the associated rationale and impact on the audit approach, shall be communicated to the auditee as part of formal communication at the planning stage.
109.15 Where the engagement risk assessment is revised to High during the audit the Engagement Executive shall ensure that the risk responses required by this policy, including appointment of an EQCR where applicable, are applied.
Consequences of PIE assessments
109.16 Where an auditee has been assessed to be a PIE an EQCR shall be appointed.
Components of engagement risk
109.17 When assessing engagement risk, one relevant risk is the risk of material misstatement, which is a risk posed by the engagement and reflects the risk prior to the conduct of the engagement that the engagement subject matter contains material misstatements. The auditor’s procedures in response to the risk of material misstatement are designed to reduce audit risk to an acceptably low level in each engagement.
109.18 However for the purposes of managing risk for the ANAO as a whole, engagement risk also encapsulates other risks to the Auditor-General and the ANAO arising from the conduct of the engagement that is separate or additional to the risk of material misstatement. These risks are referred to collectively as “Other Professional Risks”.
109.19 AASG uses an engagement risk rating scale of High, Moderate and Low. The rating assigned to an auditee is based on professional judgement relating to the auditee’s particular circumstances.
109.20 Sources of engagement risk are cumulative and should be considered collectively to assess the overall risk.
Risks of material misstatements
109.21 For audits of financial reports the risk of material misstatement exists at the financial report level and at the assertion level. The risks of material misstatement at the assertion level consist of two components: inherent risk and control risk. Inherent risk and control risk are the entity’s risks; they exist independently of the audit of the financial report.
109.22 Assessment of risk of material misstatement does not take into account the ANAO’s planned audit response to reduce the residual risk to an acceptable level. Overall, this means that for an audit of a financial report the risk of material misstatement is the risk that the financial report is materially misstated prior to audit.
109.23 Risk of material misstatement applies equally to assurance engagements on non-financial information and is the risk that the subject matter information is materially misstated. In the particular case of direct-reporting engagements this includes material differences between the engagement subject matter and the criteria against which it will be assessed. The definition of risk of material misstatement and related concepts in ASAE 3000 and any relevant subject-matter specific auditing standards should be considered in making this determination for engagements other than those related to financial statements.
109.24 The assessment of the risk of material misstatement is central to the risk-based audit approach, and requires the engagement team to:
- understand the entity and its environment, including internal control;
- assess the risks of material misstatement at the financial statement and assertion level, whether due to fraud or error; and
- design and perform audit procedures to reduce audit risk to an acceptably low level.
109.25 TeamMate contains templates in the A.2: Understand Entity and its Environment folder which helps in determining the risk of material misstatement for an auditee and may be used as the basis for recording the preliminary risk assessment required by paragraph 109.6 above.
109.26 Factors to consider when determining the risk of material misstatement include:
- size, complexity and stability of the auditee;
- nature of the business risks the auditee faces and the strength of the controls in place to mitigate those business risks;
- effectiveness of internal control; and
- results of previous engagements and actions taken to address any issues identified.
109.27 As a general guide, the risk of material misstatement would generally be characterised by the following attributes:
High risk of material misstatement
- highly complex entities with multiple programs or functions;
- deficiencies in corporate governance;
- significant business risks which impact on the financial statements, some of which are not well managed;
- high risk financial statement items, which may include complex accounting estimates and valuations;
- poorly controlled and or changing processes and accounting systems;
- frequent changes in key personnel, systems or programs which are not well managed;
- prior year’s auditor’s report may have been modified.
Moderate risk of material misstatement
- moderately complex entities with multiple programs or functions;
- significant business risks which impact on the financial statements, that are somewhat managed;
- may contain one or two high risk and several medium risk financial report items;
- internal control is considered to be generally effective;
- prior year’s audit may have a limited number of significant findings, which are being addressed by management.
Low risk of material misstatement
- less complex entities with usually a small number of programs or functions;
- business risks which impact on the financial statements are low or moderate and for the most part are appropriately managed;
- most financial report components are low risk with no high risk items;
- effective internal control (NB: for small organisations with inadequate segregation of duties appropriate compensating controls exist);
- prior year’s audit findings will tend to be less significant.
109.28 The assessed risk of material misstatement is communicated to the client as part of formal communication at the planning stage. Subject to the agreement of the AASG GED, low and moderate engagement risk ratings may be communicated to the client as ‘normal’ risk.
109.29 The Interim Report on Key Financial Controls of Major Entities (Controls Report) and the Year End Report tabled in Parliament use the Low, Moderate and High risk rating approach in line with the TeamMate file workpapers. The low or moderate rating can be communicated with the auditee formally or informally, as considered appropriate by the relevant Engagement Executive.
Other professional risks
109.30 While the assessment of the risk of material misstatement is central to the ANAO’s risk-based audit approach it does not address all of the risks that the Auditor-General must manage to effectively deliver on all of the functions provided under the A-G Act. To assist the Auditor-General to manage these risks it is the responsibility of AASG to identify and respond to other potential risks arising out of conduct of individual engagements.
109.31 While the A-G Act provides the ANAO with expansive powers, independence and indemnities, the office and the Auditor-General are not immune from litigation. The possibility of legal action being taken by an auditee or other interested party due to the conduct of an AASG engagement may impinge upon the professional reputation and independence of the office.
109.32 In some other circumstances there may be a reputational risk arising from the conduct of an audit. Reputational risks may arise because of perceptions about the appropriateness, competence or role of the Auditor-General. Examples may include:
- Politically sensitive subject matters where the ANAO’s audit conclusion may be perceived as supportive or unsupportive of areas of government policy.
- Audit subject matters where stakeholder understanding or expectation is different from the relevant engagement criteria for the matter, resulting in an expectation gap between the scope of the audit and the expectations of the users. For example, the ANAO may issue an unmodified auditor’s report on financial statements which do not include disclosures that are not required by the Australian Accounting Standards but are considered desirable or necessary by Parliamentarians.
- Breaches (or apparent breaches) of confidentiality and privacy provisions of the A-G Act, Parliamentary conventions, other legislation and community expectations.
- Difficult or contentious relationships with auditees, particularly those likely to lead to public disagreements.
- The ANAO being perceived as unpragmatic, unrealistic or otherwise inconsistent with relevant stakeholder expectations.
- The ANAO auditing an entity that is likely to be privatised or to otherwise leave ANAO’s mandate and there being significant differences in accounting treatment accepted by the incoming auditor.
- The ANAO not being perceived as independent because of a conflict between the ANAO’s mandate and relevant professional independence requirements.
109.33 In some cases no amount of additional audit work will significantly reduce the risk arising from Other Professional Risks, however the employment of additional quality assurance and risk management procedures will provide the Auditor-General with additional confidence that the work performed is appropriate and will stand up to scrutiny.
Roles, Responsibilities and Appointment of EQCRs
109.34 Where it is determined under this policy that an EQCR is to be appointed, the roles, responsibilities and appointment of the EQCR are determined by the Engagement Quality Control Review policy (refer ANAO Audit Manual - Shared Content, paragraphs 8.42-8.52).
109.35 Under that policy the role of an EQCR may be fulfilled by an external party to the ANAO where relevant, including in the case of an appropriate EQCR partner from an auditing firm to whom the engagement has been contracted-out. In some cases the firm’s own internal policies may require appointment of an EQCR and so long as the work of their internal EQCR is sufficient to meet the requirements of the Audit Manual there is no requirement for an additional ANAO EQCR.
Public interest entity assessment
109.36 PIEs refer to those auditees which have a fiduciary or other financial trust relationship with a large number and wide range of stakeholders. The following meet the definition of a PIE under APES110:
- a Listed Entity;16 or
- any entity:
- defined by regulation or legislation as a PIE;
- for which the audit is required by regulation or legislation to be conducted in compliance with the same independence requirements that apply to the audit of Listed Entities. Such regulation may be promulgated by any relevant regulator, including an audit regulator, or
- for which the ANAO’s policy has determined to treat as PIE because they have a large number and wide range of stakeholders.
109.37 By their nature, Australian Government entities have a higher level of public interest than other entities because they are taxpayer funded, subject to parliamentary oversight and often engage directly with the general public. This, in itself, does not make an Australian Government entity a PIE and the relative interest in that entity compared to other Australian Government entities should be considered when determining whether the entity is a PIE.
109.38 As the consolidation of the entire Commonwealth government and its controlled entities, the CFS should be considered to be a PIE because all Australian citizens could be considered a stakeholder. Entities that are significant or material to CFS are not PIEs automatically and each entity should be assessed on a case by case basis.
109.39 For entities other than CFS that are not Listed Entities, not defined by legislation as a PIE or not otherwise subject to the same independence standards as Listed Entities, the following indicators will assist in determining which entities are to be treated as PIEs based upon their large number and wide range of stakeholders:
More likely to be a PIE
Less likely to be a PIE
Level of public interest and scrutiny applied to the entity
Entities with elevated public or parliamentary interest compared to other public sector entities demonstrated by:
Subject only to the standard parliamentary accountability processes, for example Senate Estimates and general requirements of the PGPA Act.
Size of the entity and number of employees
Entities that control assets or liabilities on behalf of the Australian Government that are significant to the Australian economy.
Entities with large service delivery aspects to their business that gives rise to large numbers of staff.
Entities that primarily deliver a narrow range of outcomes as a policy agency or specialist entity.
Nature of the business, including holding assets in a fiduciary capacity for a large number of stakeholders and any special rules relating to the conduct of the audit.
Entities that provide financial services to the public or to significant subsets of the public on terms broadly comparable to other financial industry service providers, such as general insurance, investment management/ superannuation and banking.
Audits where there are special rules relating to auditor independence or conduct greater than the generally accepted provisions related to the Auditor-General’s mandate.
Entities that administer loans (e.g. educational loans), personal benefits and similar entitlements to the public on the basis of legal entitlements and special appropriations where the user would not expect to have any reasonable concern about the ability of the Australian Government to make the associated payments or the discretion applied by the entity in the delivery of these services.
109.40 Paragraph AUST 400.8.1 A1 of APES 110 provides a list of entities which are likely to be classified as PIEs based on the large number and wide range of stakeholders. This includes entities regulated by the Australian Prudential Regulatory Authority, disclosing entities under the Corporations Act and other issuers of debt and equity instruments to the public. These entities would be expected to be captured under the application of this policy because of the nature of their business.
109.41 In some cases, the source of stakeholder interest for a Commonwealth entity may be balances and transactions that are reported in the administered statements. Because administered items are items that the entity does not control directly, this may be consideration supporting determining that an entity is not a PIE. In relation to administered items, the entity is more likely to be a PIE if the accountability for the related items is chiefly through the entity (for example, if stakeholder interest was chiefly related to how the specific program was managed by the entity). The entity is less likely to be a PIE if the accountability for the related items is chiefly through the Commonwealth government as a whole (for example if the main source of stakeholder interest is the credit-worthiness of the government which is best represented by the CFS accounts).
110.1 This policy creates standard parameters to apply the concept of materiality in planning and performing the audit. Chapter 113 Evaluating misstatements deals with the evaluation of misstatements identified as a result of the audit and creates the parameters for setting a clearly trivial threshold. Chapter 109 Engagement risk rating and public interest entity assessment includes policy and guidance on assessing if an entity is, or is to be treated as, a PIE.
110.2 Overall and particular materiality amounts are driven by the needs of users and are the materiality levels against which we evaluate misstatements. Performance and particular performance materiality amounts reflect audit risk and are the levels that we audit to.
110.3 The Engagement Executive shall be responsible for approving materiality. Where there is a separate Signing Officer to the Engagement Executive, approval of materiality is also required by the separate Signing Officer.
110.4 The basis for the professional judgements made in assessing materiality shall be documented. The materiality levels to be determined for each audit are as follows:
- materiality for the financial statements as a whole (‘overall materiality’);
- ‘performance materiality’; and
- ‘particular materiality’ and ‘particular performance materiality’ where relevant, for particular classes of transactions, account balances or disclosures.
110.5 Where the financial statements include both ‘departmental’ items and ‘administered’ items, materiality shall be determined separately for each.
110.6 In determining overall materiality for an ANAO audit (other than the CFS), the Engagement Executive shall uses professional judgement to apply standard benchmarks and thresholds, taking into account the financial information needs of users of the financial statements report.
110.7 In determining performance materiality for an audit (other than CFS), the Engagement Executive/Signing Officer shall reduce overall materiality having regard to the level and pervasiveness of the risk of material misstatement. Standard ANAO ‘haircuts’ of overall materiality are 10%, 25% or 50%.
110.8 Engagement Executives shall specify particular materiality and a related performance materiality for classes of transactions, account balances and disclosures when, in their professional judgement, it is appropriate to do so. In addition, Engagement Executives shall comply with any particular materiality and related performance materiality for application on specified classes of audits determined by the AASG GED. Formal GED approval is required for departures from AASG GED-determined particular materiality.
110.9 The following items shall be treated as material by nature and it may be appropriate to determine particular materiality for these items:
- Appropriations note disclosures, including:
- Annual and special appropriations; and
- Special accounts;
- Authorisation of Investments (sections 58 and 59 of the PGPA Act); and
- Disclosures of senior and key management personnel remuneration required by the PGPA FRR 2015 and AASB standards.
110.10 The AASG Engagement Executive for the audit of the CFS shall recommend to the Auditor-General for approval:
- the overall materiality level to be applied to the CFS audit;
- performance materiality; and
- the maximum overall materiality level or levels to apply to the component audits for the CFS. Overall materiality in the financial statement audit of a component of the CFS shall not exceed this maximum.
110.11 Materiality levels shall be revised when the auditor becomes aware of information during the audit that would have caused the auditor to have determined a different materiality amount (or amounts) at planning.
110.12 Materiality levels determined for application on an audit shall not be communicated to the auditee, unless such communication is approved by the AASG GED.
Materiality in the context of an audit
110.13 ASA 320 Materiality in Planning and Performing an Audit provides specific guidance on the application of materiality for auditing in the public sector in the following terms:
‘In the case of a public sector entity, legislators and regulators are often the primary users of its financial report. Furthermore, the financial report may be used to make decisions other than economic decisions. The determination of materiality for the financial report as a whole (and, if applicable, materiality level or levels for particular classes of transactions, account balances or disclosures) in an audit of the financial report of a public sector entity is therefore influenced by law, regulation or other authority, and by the financial information needs of legislators and the public about public sector programs.’
110.14 In the audit of general purpose financial statements, the needs of users as a group are considered because the needs of specific individual users may vary widely. However, in an audit of special purpose financial statements the needs of specific users need to be taken into account.
110.15 Materiality is considered when planning and performing the audit to reduce audit risk to an acceptably low level. Materiality is used to:
- determine the nature, timing and extent of risk assessment procedures;
- identify and assess the risk of material misstatement in the financial statements; and
- determine the nature, timing and extent of further audit procedures.
Engagement executive/signing officer involvement
110.16 It is important for both overall materiality and performance materiality levels to be discussed and agreed during planning. If materiality is set too high during planning, audit procedures might fail to detect a misstatement that users of the financial statements consider material. If materiality is set too low, the engagement team is likely to over-audit.
110.17 Discussion up-front as a team, with Engagement Executive involvement, is vital to avoiding under- or over-auditing which can result where team members have different views on what is material. The final judgements on materiality are the responsibility of the Engagement Executive with, where a different person, the approval of the Signing Officer (Refer to Chapter 104 on the Role and Responsibilities of the Signing Officer).
110.18 This materiality policy applies equally to project-managed audits undertaken by private firms under contract to the ANAO. Where materiality levels proposed by a contractor are not based on the standard ANAO benchmarks and thresholds described in this policy, it is up to the ANAO Signing Officer/Engagement Executive to be satisfied that the amounts proposed are appropriate to the audit. The approval of the Signing Officer/Engagement Executive is subject to the consultation and approvals required by this policy.
110.19 The Parliament is the primary user of the financial statements. Financial statements provide a basis for Parliamentarians to keep Government and its entities accountable for their actions and may be used by the Executive Government for making economic decisions (about the allocation of resources). Overall materiality is influenced by the ANAO’s perception of the financial information needs of the Parliament and other users about the activities of Government.
110.20 The auditor determines a single overall materiality level based on a selected benchmark (for example, revenue) relevant to users of the financial statements. Overall materiality based on this benchmark is applied to the overall financial statements and forms a basis for performance materiality. Applying separate quantitative levels of overall materiality (for example, a certain materiality level for profit and loss account items and a different materiality level for balance sheet items) will not enable the auditor to plan the audit effectively to detect material misstatements.
110.21 ANAO Audit Manual – AASG Specific policy specifies standard benchmarks and thresholds to be considered in setting overall materiality. However there is an overriding responsibility on the Engagement Executive and Signing Officer to consider whether the standard benchmarks and threshold are appropriate for the particular entity. In cases where a non-standard benchmark is used, approval by the Qualifications and Technical Advisory Committee (QTAC) is required when the overall materiality amount determined is higher than the highest amount that could be determined using a standard benchmark threshold for the type of entity.
Selecting a benchmark
110.22 Factors that may help to identify an appropriate benchmark include:
- The elements of the financial report (for example, assets, liabilities, equity, revenue, expenses);
- Whether there are items on which the attention of the users of the particular entity’s financial report tends to be focused (for example, for the purpose of evaluating financial performance users may tend to focus on profit, revenue or net assets);
- The nature of the entity, where the entity is in its life cycle, and the industry and economic environment in which the entity operates;
- The entity’s ownership structure and the way it is financed (for example, if an entity is financed solely by debt rather than equity, users may put more emphasis on assets, and claims on them, than on the entity’s earnings); and
- The relative volatility of the benchmark.
Applying a threshold to a chosen benchmark
110.23 A key determinant in setting overall materiality is whether the entity is assessed to be a PIE under Chapter 109 Engagement risk rating and public interest entity assessment.
110.24 In most circumstances, a threshold percentage towards the higher end of the range can be applied to a chosen benchmark when setting overall materiality where there are no indicators that a lower threshold should be applied. However, depending on entity’s nature, particular circumstance and users of the financial statements, a threshold percentage towards the lower end of the range should be considered when setting overall materiality. Factors which may be indicate that a percentage at the lower end of the range may be appropriate include:
- The entity is currently subject to relatively high levels of scrutiny by the Parliament or its Committees compared to other government entities17.
- The entity is currently subject to relatively high levels of interest from the media or the public compared to other government entities.
- The entity has a significant level of external debt.
- There are specific factors, such as the existence of financial covenants, which increase the sensitivity of the selected benchmark.
- The chosen benchmark may be particularly sensitive based on the understanding of users’ interests in the financial statements (but note that general purpose financial statements are being considered – it is more likely that benchmarks are particularly sensitive in special purpose financial information designed to meet the specific needs of the users).
110.25 Note that consideration of audit risk is reflected in the determination of performance materiality. Therefore factors such as the effectiveness of the entity’s internal controls and the number of identified misstatements in prior years’ audits are reflected in the determination of performance materiality, affecting the selection of the haircut percentage among 10%, 25% and 50%, rather than overall materiality.
110.26 Planning the audit solely to detect individually material misstatements overlooks the fact that the aggregate of individually immaterial misstatements may cause the financial statements to be materially misstated, and leaves no margin for possible undetected misstatements. Auditors determine performance materiality, which is one or more amounts, to reduce to an appropriately low level the probability that the aggregate of uncorrected and undetected misstatements in the financial statements exceeds materiality for the financial statements as a whole.
110.27 The determination of performance materiality is impacted by the auditor’s understanding of the entity, updated during the performance of the risk assessment procedures; and the nature and extent of misstatements identified in previous audits and thereby the auditor’s expectations about misstatements in the current period.
110.28 Performance materiality is used throughout planning to determine which account balances, classes of transactions and disclosures to select for examination. Throughout the audit it enables the auditor to define the extent of work necessary to reduce audit risk to an acceptably low level and impacts testing through the selection of items for testing (targeted testing and sampling) and substantive analytical procedures. It is not always appropriate to exclude all balances below the performance materiality level from the scope of the audit. The auditor should consider the risks relating to those account balances, including the risk relating to completeness of those balances. The auditor should also take into account the overall coverage achieved from the audit, to avoid the risk that large numbers of non-material balances totalling a material balance are excluded from the audit plan.
ANAO standard haircuts
110.29 Setting performance materiality is a matter of professional judgement taking account of an entity’s circumstances and is calculated by taking a ‘haircut’ off overall materiality. ANAO haircuts are usually 10%, 25% and 50%.
110.30 A haircut above 25% should form part of the Engagement Executive’s documented risk assessment for the purposes of the engagement risk rating assessment at the start of each audit cycle18 or otherwise be considered for consultation under the ANAO Audit Manual - Shared Content, paragraph 8.15.
Factors to consider in setting haircut
Proposed audit adjustments
Risk assessment & aggregation risk19
History of limited or no booked proposed or adjustments.
The characteristics of the entity being audited result in low aggregation risk related to potential misstatements arising from environmental factors20.
Where testing of operational effectiveness of controls is part of the overall audit strategy, the controls have historically been determined to be operating effectively.
History of limited or no booked proposed or adjustments.
The characteristics of the entity being audited result in low to moderate aggregation risk related to potential misstatements arising from environmental factors21.
Where testing of operational effectiveness of controls is part of the overall audit strategy, the controls have historically been determined to be operating effectively.
History of frequent audit adjustments.
Significant management turnover that suggests a potential increase in the frequency of audit adjustments.
The characteristics of the entity being audited result in high aggregation risk related to potential misstatement arising from environment factors22.
Expected or known significant deficiencies in controls.
110.31 When considering the history of misstatements in determining the appropriate haircut, audit teams should ensure that they consider the nature and extent of the misstatements identified during the audit for the immediate prior year. Extent of misstatements includes both the number of misstatements and the size, individually and collectively, of those misstatements. In considering these misstatements, it is not appropriate to exclude corrected misstatements, nor should misstatements be disregarded because they have no or only a small impact upon the net result of the entity. For example, a corrected misstatement resulting in a gross up of the balance sheet or income statement may have nil impact on the operating surplus of the auditee but is still an indicator of increased risk of material misstatements given that the misstatement was resolved during the audit and not prevented by management. In some circumstances the auditor may consider that misstatements in the previous year do not indicate a higher risk of misstatements because they are unlikely to be repeated in the current year. For example, the misstatements may have related to a one-off event such as implementation of a new accounting standard. Where this is the case auditors should ensure that their documentation clearly addresses this judgement.
110.32 Using one of the haircut percentages above will generally be appropriate. However, in some circumstances we may consider using percentages other than those above. For example, a percentage in-between 25% and 50% where the entity has a predominant factor at both the higher and lower end of the range and we consider these factors to be equally important.
110.33 A 50% haircut would be considered when the risk factors described above are pervasive across the entity. If risk factors are isolated to one area or business process, consider using a 25% haircut and applying a higher haircut to the riskier account(s).
Items that are material by nature
110.34 When forming the audit plan, the auditor often uses performance materiality to identify line items and disclosures that require audit examination, to ensure that audit risk is reduced to an acceptably low level. The auditor also needs to consider whether, in the specific circumstances of the entity, there exist items that require audit examination due to their nature even though their dollar amount below performance materiality.
110.35 Items may be identified as material by nature due to:
- the users’ interest in the item, consistent with the assessment of when setting a particular materiality level for certain items is appropriate; or
- the financial reporting framework requiring disclosures for certain items regardless of the amount and materiality. Paragraph 110.9 above identifies specific items to be treated as material by nature.
110.36 As a minimum, items that are material by nature will be subject to a level of audit attention that:
- is consistent with the Engagement Executive’s assessment of the user’s interest in the item; or
- gains sufficient and appropriate audit evidence that the disclosures are appropriate and consistent with the requirements of the financial reporting framework.
110.37 Setting a particular materiality for an item that is material by nature may help in driving the level of audit attention required and evaluating misstatements, but is not always necessary.
110.38 For example, the appropriation of the Consolidated Revenue Fund (CRF) is a key control that the Parliament has over the Executive Government. The appropriation notes in non-corporate Commonwealth entity’s financial statements disclose, for each appropriation, the purpose and total amount of spending authorised by the Parliament and the spending actually made. If we were to set a particular materiality for each appropriation, we would render overall materiality largely redundant, as all non-corporate Commonwealth entity expenditure is made via an appropriation. Setting a particular materiality for each appropriation would ordinarily be unnecessary. Enough coverage would ordinarily be obtained by evaluating the effectiveness of the design of controls over (i) recording appropriations available and (ii) spending for purpose; we can then test the effectiveness of those controls over the year for appropriation items of all sizes and undertake appropriate substantive testing.
110.39 In the case of senior and key management personnel remuneration, in some cases, it may be appropriate to fully substantiate remuneration of key management personnel such as the accountable authority, Chief Executive, Statutory Office Holders and Company Directors. Other executives may be able to be audited by controls testing and analytical review of the supporting schedules and financial statement disclosures.
110.40 In the case of authorisation of section 58 and 59 investments, audit teams should ensure that the entity has the appropriate delegation to invest23 and the investment is an authorised investment under section 58 of the PGPA Act and section 22 of the PGPA Rule for non-corporate Commonwealth entities and section 59 of the PGPA Act for corporate Commonwealth entities.24
110.41 Refer to Chapter 113 Evaluating misstatements for policy and guidance when evaluating misstatements in items that are identified as material by nature.
Materiality for particular items
110.42 When forming the audit plan, the auditor needs to consider whether, in the specific circumstances of the entity, misstatements in particular items of lesser amounts than overall materiality could reasonably be expected to influence the economic or political decisions of users. For this reason it is appropriate to set particular materiality levels for some items.
110.43 Factors which may be considered in determining the need for particular materiality include:
- whether accounting standards, law or regulations (PGPA FRR 2015) affect users’ expectations regarding the measurement or disclosure of certain items (examples include disclosures of related party transactions and remuneration of directors, senior and key management personnel and others charged with governance);
- the key disclosures about the industry and the environment in which the entity operates;
- whether attention is focused on the financial performance of a particular business segment that is separately disclosed in the financial statements; and
- the factors mentioned in paragraph 110.42 when they affect one or more particular classes of transactions, account balances or disclosures rather than the financial statements as a whole.
110.44 Where particular materiality is determined, performance materiality relating to that particular class of transactions, account balance or disclosure is set to reduce to an appropriately low level the probability that the aggregate of uncorrected and undetected misstatements exceeds the pre-determined materiality level for that particular class of transactions, account balance or disclosure.
110.45 ANAO Audit Manual – AASG Specific policy provides for the AASG GED to determine particular materiality for specific items. Where such a determination is made, it will be communicated formally by the AASG GED or via a PSRG Technical Update or other communication mediums. The absence of a determination of particular materiality for any item does not relieve the Engagement Executive/Signing Officer of the responsibility to determine particular materiality where appropriate to their individual audit.
Australian Government Consolidated Financial Statements
110.46 The materiality for any individual audit cannot exceed the materiality for the CFS of the Whole of Government. Accordingly, the Engagement Executive for the CFS recommends to the Auditor-General the overall materiality level (a single dollar amount) for the CFS audit and the maximum materiality level or levels to be applied on all ANAO audits that are components of the CFS. The CFS Engagement Executive will formally advise the maximum materiality level or levels to all Engagement Executives and PSRG as soon as practicable after the decision.
Materiality considerations for entities with disproportional financial statements
110.47 Some Commonwealth entities have one account balance or class of transactions that is significantly larger than the remainder of the financial statements. When selecting the appropriate benchmark for determining overall materiality, the audit team’s judgement should be driven by what they consider to be the primary area of interest to users. If the benchmark selected includes the significantly large line item resulting in a high overall materiality figure compared to the remainder of the financial statements, the audit team also needs to consider if there are further areas of interest to users that require a particular materiality to be determined at a lower level for those line items.
110.48 The audit team may also consider that some line items are not focus areas for users and do not require a particular materiality level to be set. However, the audit team may consider that these line items contain an unacceptable level of risk and performing limited audit procedures over them is not appropriate. For these line items/risk areas, the audit team’s response may be to determine a lower performance materiality level by applying a larger haircut, which will drive further audit procedures and increase the level of assurance gained. Judgements made and the supporting considerations in the above scenarios should be documented clearly in the audit file.
Revising materiality levels
110.49 The auditor’s initial assessment of materiality and audit risk may change after evaluating the results of audit procedures. This could be because of a change in circumstances, new information or because of a change in the auditor’s knowledge as a result of performing audit procedures.
110.50 The levels of overall materiality, performance materiality and materiality for particular items need to be revised when the auditor becomes aware of information during the audit that would have resulted in a lower materiality at planning. In addition to the flow-on effect of changes in overall materiality, performance materiality and materiality for particular items to the clearly trivial threshold, such information may also require the auditor to revise the clearly trivial threshold percentage in accordance with ANAO Audit Manual – AASG Specific Chapter 113 Evaluating Misstatements.
110.51 To meet the policy requirement of documenting the professional judgements made regarding materiality, the documentation of the rationale in determining materiality levels should include:
- How the individual circumstances of the entity were taken into account;
- The benchmark and rule of thumb percentage used;
- Reasons for selecting the benchmark and the percentage used;
- The rationale for selecting the haircut for determining performance materiality; and
- The reason(s) for determining a different materiality for particular items (if any).
110.52 Changes to the preliminary judgment about materiality is to be documented and approved by the Engagement Executive/Signing Officer.
110.53 ASA 320 requires the audit file to include evidence that overall materiality, performance materiality, and materiality for particular items (if any) were discussed by the engagement team and the decisions made (including any revisions) communicated to the team. This should be achieved by including a materiality discussion on the agenda of the planning meeting, documenting the procedures performed to determine materiality and by the Engagement Executive’s planning sign-off.
110.54 Chapter 106 Project managed audits in the ANAO Audit Manual – AASG Specific requires audit files to contain evidence that decisions on materiality and the professional judgements exercised for contracted-out audits are those approved by the Signing Officer/ Engagement Executive.
Communicating materiality to auditees
110.55 As a matter of ANAO policy, materiality levels determined for application on an audit are ordinarily not to be communicated to the auditee. The reason for this approach is to avoid situations where the auditee deliberately structures transactions to avoid audit scrutiny or responds to our request for adjustments to be made to the financial statements based on our materiality decisions. This is consistent with the requirements in the standards for auditors to request that all errors accumulated during the audit (i.e. those above clearly trivial) are corrected by the auditee and for auditors to include some unpredictability in their audit work.
110.56 Where requested by an auditee, a materiality parameter may be advised verbally to, for example, the chair of an audit committee. The extent to which we communicate materiality will be a matter of judgment for individual Signing Officers.
110.57 Nevertheless, it is appropriate to give an auditee and its management a general explanation of the concept of materiality and how materiality is applied on the audit, including mention of overall and performance materiality and items that we regard as material by nature. It is also important to communicate that there may also be qualitative factors which impact on the assessment of whether misstatements identified during the audit are material. It is also important to remind auditees that we will be requesting that they correct all audit adjustments communicated to them during the audit and that the reason for this is that it represents a safeguard against accumulated undetected misstatements that may exist in the financial statements.
111. Communicating the audit strategy
111.1 The auditing standards require the auditor to create an overall audit strategy that sets the scope, timing and direction of the audit and that guides the development of the audit plan.25 Care is required to ensure that in communicating a strategy the audit is not compromised e.g. by making procedures too predictable.
111.2 An overview of the audit strategy is therefore communicated to the auditee. This will help meet the needs of the auditee for information about the audit.
111.3 An overview of the audit strategy shall be communicated to those charged with governance (TCWG).
111.4 For financial statements audits that are material to Whole of Government, the audit strategy shall be communicated in writing.
111.5 For other audits, the audit strategy shall be communicated either in writing or orally. Where communicated orally, that communication shall be documented.
111.6 The following matters shall be communicated, as a minimum:
- a reference to the terms for the audit engagement and the date at which they were formalised;
- an overview of the planned scope and timing of the audit26;
- the form, timing and expected general content of communications27;
- the identity of the members of the audit team and if applicable, the EQCR Executive for the audit; and
- for engagements where no fee is payable, the expected audit cost; or
- for engagements where a fee is payable, the expected audit fee.
Timing for communication of the overview of the audit strategy
111.7 To create the audit strategy, the engagement team should have enough knowledge of the auditee to enable the team to determine the approach to be adopted in the audit of the financial statements. For continuing audit engagements the team may be in a position to document the audit strategy at the completion of the previous year’s audit. However, where the engagement team has changed or where there have been changes within the auditee, the development of the audit strategy might be somewhat later in the planning phase.
111.8 It may be necessary to speak to TCWG as a step in forming the strategy. This will help ensure that the auditee concurs with our assessment of the various risks affecting the organisation.
The overview of the audit strategy
111.9 The content and detail of the audit strategy will depend on the size and nature of the auditee and this will affect the information communicated to the auditee.
111.10 The overview of the planned scope of the audit should include:28
- an analysis of significant risks and how the audit proposes to address them, including:
- new external or internal factors which may significantly affect the auditee;
- significant accounting and auditing issues relevant to the financial statements, including changes in reporting requirements29; and
- where relevant, audit activity proposed for significant organisational units/geographical locations.
- the audit’s approach to internal control relevant to financial reporting, including:
- where IT is significant, the broad approach to the audit of major IT applications; and
- the impact of status of unresolved audit findings and their impact upon the audit;
- the application of the concept of materiality and how it impacts on the audit; and
- where there is an internal audit function, the planned use of the internal audit.
111.11 Communication of the timing of the audit would include agreeing a timetable for the various phases of the audit to the timing of audit procedures.
111.12 It is appropriate to communicate information on performance audits planned for the auditee during the audit cycle (after clearance by the relevant Engagement Executive in the Performance Audit Services Group (PASG)) and their impact, if any, on the financial statements audit.
Form of communication
Audit Strategy Documents issued, including those for contracted-out audits, should be identifiably an ANAO document in appearance, which is achieved through the use of an ANAO Audit Strategy Document and Covering E-mail templates, however these templates are not required by the Audit Manual. For contracted-out audits refer to paragraph 106.29 for the policy on jointly badged documents. Proforma audit strategy documents are located on the.
Engagement performance — execution
Chapters 112 to 117
112. Lead schedules
112.1 Lead schedules are the mechanism by which each line item in the financial statements is linked to its general ledger accounts and the audit procedures performed.
112.2 Lead schedules shall be used to agree each line item in the final financial statements to its component general ledger accounts.
112.3 Lead schedules shall include the final analytical review performed on the line items in the schedule.
112.4 The lead schedule shall include a conclusion as to whether sufficient appropriate audit evidence has been obtained to provide reasonable assurance that the line item and its related disclosure are not materially misstated.
112.5 The lead schedule conclusion cannot use the term ‘in my opinion’.
112.6 Final analytical review is performed as an overall review of the financial statements at the end of the audit to assess whether the financial statements are consistent with our understanding of the entity. It includes a comparative analysis of the current year balance to the prior year and identifies and explains significant variances.
113. Evaluating misstatements
113.1 In considering misstatements identified during the audit, the auditor’s objective under ASA 450 Evaluation of Misstatements Identified during the Audit is to evaluate:
- the effect of identified misstatements on the audit; and
- the effect of uncorrected misstatements, if any, on the financial statements.
Accumulation of misstatements
113.2 All misstatements identified shall be accumulated, except those that are ‘clearly trivial’.
113.3 A misstatement is clearly trivial if it is clearly inconsequential, whether taken individually or in aggregate and whether judged by any criteria of size, nature or circumstances. The Signing Officer shall approve an amount below which identified misstatements are ‘clearly trivial’. The amount is to be the lower of:
- 0%, 3% or 5% of overall materiality consistent with the guidance at paragraph 113.17; and
- 0.1% of the CFS overall materiality level, unless a different amount is approved by the Auditor-General.
113.4 When obtaining Auditor-General’s approval for the CFS overall materiality threshold, the AASG Engagement Executive for the audit of the CFS shall obtain approval from the Auditor-General on the impact of the CFS overall materiality level on amount on the clearly trivial threshold for AASG financial statement audits under 113.3(b) above. The CFS Engagement Executive shall inform the AASG Signing Officers and PSRG GED of the approved threshold.
113.5 Paragraph 113.3 above does not apply to the audit of the CFS, and the clearly trivial threshold for CFS shall be approved by the Auditor-General.
113.6 Paragraph 113.3 above does not apply to misstatements in items identified by policy as material by nature or presentation and disclosure misstatements. These misstatements shall be judged to be clearly trivial where, after assessing the nature and circumstance of the misstatement, it is assessed to be clearly inconsequential either individually or in aggregate.
Consideration of identified misstatements as the audit progresses
113.7 As the audit progresses, audit teams shall evaluate the effect of accumulated misstatements, including those corrected by management on:
- the overall audit strategy and audit approach; and
- the amount at which the clearly trivial threshold has been set.
113.8 The audit strategy and approach shall be revised if the nature of identified misstatements (including corrected misstatements) and the circumstances of their occurrence indicate:
- that other misstatements may exist that when totalled with accumulated misstatements could be material; or
- deficiencies in internal control not previously identified that give rise to additional risk of material misstatement.
Communication and correction of misstatements
113.9 All accumulated misstatements shall be reported to the appropriate level of management. Management shall be asked to adjust accumulated misstatements in the financial statements.
Evaluating the effect of uncorrected misstatements
113.10 Uncorrected accumulated misstatements shall be assessed, both individually and in aggregate, and a conclusion made as to whether they are material to the financial statements (Refer to Materiality Policy, paragraph 110.3).
113.11 Uncorrected accumulated misstatements relating to items identified as material by nature or presentation and disclosure shall be evaluated by assessing the nature of the item or disclosure, the nature of the misstatements and the circumstances of their occurrence rather than against overall materiality.
Communication with those charged with governance
113.12 The audit team shall communicate to TCWG all uncorrected misstatements, including uncorrected misstatements related to prior periods that continue to impact upon the financial statements, and the effect that they, individually or in aggregate, may have on the opinion in the auditor’s report. Uncorrected misstatements that may contribute to a material misstatement shall be identified individually, as their impact on the audit opinion will need to be considered. The auditor should request that uncorrected misstatements be corrected.
Misstatements below the clearly trivial threshold
113.13 Factual misstatements of 0.02% or more of the CFS overall materiality which are below the clearly trivial threshold (‘other misstatements’) shall be communicated to management with a record of the misstatement and communication in the audit file.
113.14 The auditor shall document the clearly trivial threshold, each misstatement that is to be accumulated, each other misstatement, and conclusions as to whether the misstatements are material individually or in aggregate.
Prior period misstatements identified in the current audit
113.15 During the course of an audit, teams or the auditee might discover misstatements that relate to prior periods. In such circumstances, the auditor shall:
- evaluate the effect of uncorrected misstatements related to prior periods, taking into account the newly-discovered misstatements; and
- consider the requirements of ASA 560.
113.16 Material prior period misstatements require consultation as per ANAO Audit Manual - Shared Content, paragraph 8.16.
Determining a threshold for misstatements that are ‘clearly trivial’
113.17 The Signing Officer for the audit should approve an amount below which identified misstatements are ‘clearly trivial’ and is permitted to set that amount in the range of 0% to 5% of overall materiality, consistent with the following guiding factors supporting a clearly trivial threshold, to a maximum of 0.1% of the CFS overall materiality level:
Threshold (% of overall materiality)
History of misstatements
Management and audit committee expectation of misstatements to be communicated
Frequent and material
High engagement risk. Numerous significant risks identified.
All misstatements regardless of amount.
Frequent but not material
Generally several additional significant risks identified beyond the presumed significant risks of revenue recognition and management override.
Misstatements less than 5% of overall materiality.
Occasional and not material
Generally several risks of material misstatement that show a higher but not significant level risk of material misstatement or few additional significant risks other than the presumed significant risks of revenue recognition and management override.
Misstatements about 5% of overall materiality
Accumulation of identified misstatements
113.18 Misstatements that are not clearly trivial are accumulated in the ‘Overs and Unders Schedule’ for referral to the auditee.
113.19 To help in evaluating the effect of misstatements, misstatements should be accumulated as follows:
- Factual misstatements: the amount of the misstatement is known;
- Judgmental misstatements: differences arising from the judgements of management about accounting estimates that the auditor considers unreasonable, or the selection or application of accounting policies that the auditor considers unreasonable;
- Projected misstatements: the auditor’s best estimate of misstatements in populations based on projections of misstatements in sampling. Note that as projected misstatements are only an estimate of misstatements, management should not adjust the financial statements without further investigation and determining the actual misstatement; and
- material by nature
Consideration of identified misstatements as the audit progresses
113.20 A misstatement may not be an isolated occurrence. A misstatement arising from a breakdown in internal control may indicate that other misstatements also exist. Similarly, an inappropriate assumption identified in one measure may suggest misstatements in other measures using the same assumption.
113.21 Where frequent and/or material identified misstatements have been identified during the engagement, the auditor should consider if the clearly trivial threshold should be revised downwards if initial expectations about the level of misstatements in the subject matter were too low. If we identify an increased number of misstatements below the original clearly trivial posting level, we may need to decrease it until we are satisfied that misstatements below the designated amount, either individually or aggregated with other adjustments, would be trivial to the financial statements.
113.22 If aggregate misstatements accumulated during the audit approach materiality, the risk increases that the accumulated misstatements taken together with possible undetected misstatements could exceed materiality. In these situations, the audit team needs to consider whether the audit strategy or audit plan need to be reconsidered to reduce this risk. The Engagement Executive may consider explaining to management, (and, if considered appropriate, TCWG) the implications to the audit when misstatements are not corrected and strongly encourage them to correct all misstatements above the clearly trivial threshold.
Communication and correction of misstatements
113.23 The audit team should promptly advise all accumulated misstatements, uncorrected misstatements related to prior periods, to the appropriate level of management and request that they be corrected. The appropriate level of management is the one that has responsibility and authority to evaluate the misstatements and to take the necessary action.
113.24 Should management not correct a misstatement, the auditor shall get an understanding of management’s reasons and use that understanding when evaluating the unadjusted misstatements for the impact on the financial statements as a whole. If the effect of the unadjusted differences is material, a modified audit report will need to be considered.
113.25 Uncorrected misstatements that do not contribute to a material misstatement may be advised in aggregate in appropriate cases. Communication with TCWG is discussed further in the Closing Letter policy (Refer to paragraph 124.4).
113.26 The audit team needs to be alert to the possibility that the correction of a prior period misstatement by adjustment of the current year’s figures might give rise to a material misstatement in the current year’s figures (i.e. the adjustment causes the current year figures to be materially different to what they would have been had there been no error in the current and prior periods). In this situation, retrospective restatement will be necessary. The techniques most commonly used to guard against this possibility are generally referred to as the “rollover” and “iron curtain” methods.
113.27 The audit team should use the rollover method when assessing the materiality of uncorrected misstatement.
113.28 The rollover method quantifies a misstatement based on the amount of the error originating in the current year statement of comprehensive income. This method considers that differences not considered in the period in which they arise may be offset against the misstatements in the ‘Overs and Unders Schedule’ of the subsequent period.
113.29 Guidance on how to use the rollover method is available in the Online Audit Guide 8204.3 “Methods of Assessing Uncorrected Misstatements of Current and Prior Periods”.
Evaluating the effect of uncorrected misstatements
113.30 Before the evaluation of the effect of uncorrected misstatements, the audit team shall re-examine materiality determined during the planning stage (Refer to Chapter 110 Materiality Policy) based on the actual financial results to confirm whether it remains appropriate.
113.31 The circumstances related to some misstatements may cause the auditor to evaluate them as material, individually or when considered together with other misstatements accumulated during the audit, even if they are lower than materiality for the financial statements as a whole. For example, the extent to which a misstatement affects compliance with regulatory requirements. Further examples are included in the Application and Other Explanatory Material of ASA 45030.
113.32 When reviewing individual misstatements, the auditor should assess quantitative and qualitative materiality by considering, for example, whether the item:
- affects compliance with regulatory requirements;
- affects compliance with debt covenants or other contractual requirements;
- relates to the incorrect selection or application of an accounting policy that has an immaterial effect on the current period’s financial report but is likely to have a material effect on future periods’ financial reports;
- masks a change in earnings or other trends, especially in the context of general economic and industry conditions;
- affects segment information presented in the financial report (for example, the significance of the matter to a segment or other portion of the entity’s business that has been identified as playing a significant role in the entity’s operations or profitability);
- has the effect of increasing management remuneration, for example, by ensuring that the requirements for the award of bonuses or other incentives are satisfied;
- is significant having regard to the auditor’s understanding of known previous communications to users, for example, in relation to forecast earnings;
- relates to items involving particular parties (for example, whether external parties to the transaction are related to members of the entity’s management);
- is an omission of information not specifically required by the applicable financial reporting framework but which, in the judgement of the auditor, is important to the users’ understanding of the financial position, financial performance or cash flows of the entity; or
- affects other information to be included in the entity’s annual report (for example, information to be included in a “Management Discussion and Analysis” or an “Operating and Financial Review”) that may reasonably be expected to influence the economic decisions of the users of the financial report. ASA 720.16 deals with the auditor’s responsibilities relating to other information.
These circumstances are only examples; not all are likely to be present in all audits nor is the list necessarily complete. The existence of any circumstances such as these does not necessarily lead to a conclusion that the misstatement is material
113.33 Evaluating misstatements is discussed further in Online Audit Guide 8204.
Evaluating the effect of uncorrected misstatements in items that are material by nature and presentation and disclosure misstatements.
113.34 As outlined in Chapter 110, in an audit there may be items that are identified as material by nature due to either:
- the users’ interest in the item; or
- the financial reporting framework requiring disclosures for certain items regardless of the amount and materiality.
113.35 If a misstatement is identified in an item that is material by nature, it cannot be evaluated based on size alone and misstatements below the clearly trivial threshold may be accumulated. The evaluation of misstatements in items that are material by nature involves a high degree of professional judgment. This is also the case for presentation and disclosure misstatements.
113.36 If a misstatement is identified in:
- an item that is material by nature due to the requirements of the financial reporting framework; or
- the presentation and disclosure of the financial statements,
the auditor needs to consider if the misstatement or omission impacts the entity meeting its financial reporting requirements. For example, appropriations are considered to be material by nature in the (PGPA FRR 2015 and as such information for Special Accounts is required to be disclosed regardless of whether the amounts are considered to be immaterial.
113.37 The auditor is required to request a written representation from management and, where appropriate, TCWG about uncorrected accumulated misstatements (Refer to the Representation letters policy, paragraph 115.1).
Misstatements below the clearly trivial threshold
113.38 Other misstatements of 0.02% or more of the CFS overall materiality which are below clearly trivial, are communicated to management outside of the purposes of ASA 450 and should not have an impact on the audit if they remain uncorrected, as they are clearly trivial. There is no requirement to communicate in writing to senior executives, and the means and audience for the communication will depend on the nature and risk of the misstatement. It is at the discretion of the Engagement Executive whether ‘other misstatements’ are also communicated to TCWG.
113.39 The purpose of communicating other misstatements is to inform management of misstatements that we have identified, regardless of the impact on the audit. This information allows management to properly maintain their accounts and records and may alert them to other underlying issues that the audit team is not aware of.
113.40 Where the clearly trivial threshold is below 0.02% of the CFS’ overall materiality, there is no requirement to communicate misstatements below the clearly trivial threshold to management.
113.41 The following information should be documented:
- the amount below which misstatements would be regarded as clearly trivial;
- all misstatements accumulated during the audit and whether they have been corrected;
- in a schedule either separate to or part of the Overs and Unders Schedule, all ‘other misstatements’; and
- the auditor’s conclusion as to whether uncorrected misstatements are material, individually or in aggregate, and the basis for that conclusion.
Identified misstatements that relate to prior periods
113.42 The nature and extent of uncorrected and corrected misstatements identified in prior years are taken into account when setting performance materiality and the audit approach for the current year’s audit. Further, uncorrected misstatements from the prior year are carried forward to the current year’s Overs and Unders Schedule to ensure that current year and prior year errors do not accumulate to a material misstatement in the current year.
113.43 During the course of an audit, the audit team or the auditee might discover misstatements that relate to prior periods. Should this happen, the audit team should:
- promptly get sufficient appropriate evidence to determine whether the misstatement is material to the prior period31 and if so, take the actions required by ASA 560;
- consider the implications for the current year’s audit approach; and
- consider the implications of correction in the current year.
Determining whether a newly-discovered prior period misstatement identified in the current year is material
113.44 When a prior period misstatement is newly discovered, the evaluation of misstatements for the prior year should effectively be re-performed, consistent with ASA 450 (including considering whether the misstatement is an isolated instance).
113.45 The identification of a prior period misstatement that is material is a ‘fact which becomes known to the auditor after the date of the auditor’s report that, had it been known to the auditor at that date, may have caused the auditor to amend the auditor’s report’. The Engagement Executive should refer to ASA 560 paragraphs 14 to 17 and ASA 706 Emphasis of Matter paragraphs 8 and A4-A5 which include considerations relating to the re-issue of the financial statements and the auditor’s report. In consulting as required by policy, the Engagement Executive should consider and document the following points in addition to the requirements of ASA 560 when consulting with the GED and making a recommendation for required action regarding a prior period material misstatement:
- the pervasiveness of the misstatement(s) – If the misstatement is both material and pervasive to the financial statements (as defined in ASA 705 Modifications to the Opinion in the Independent Auditor’s Report), it is expected that the financial statements will be amended and reissued and our auditor’s report reissued32.
- the timing of the identification of the material misstatement – If the planned issue of the financial statements and auditor’s report for the current period is imminent, it may not be necessary to reissue the prior period financial statements, provided appropriate disclosures are made in the current financial statements;33
- the action to be taken to notify users of the prior period error, such as communicating to the Minister or Parliament or reporting to the Minister and Parliament under section 25 or 26 of the A-G Act; and
- for audits conducted under the Corporations Act, the material misstatement may result in a section 311 breach (Refer to Chapter 122 Auditor’s reporting obligations under section 311 breaches and the reporting implications under the Corporations Act).
113.46 Note that ASA 560 paragraphs 10 to 13 address the situation where the auditor’s report has been signed but the financial statements have not yet been tabled in Parliament (issued). In this situation, ANAO expects that the financial statements will be corrected and re-signed, and a new auditor’s report issued and dated.
Impact on the current audit approach
113.47 As noted at paragraph 113.42 above, the nature, extent and circumstances of identified and uncorrected prior period misstatements are considered in planning the current year’s audit approach and setting performance materiality, and their amounts are added to the Overs and Unders Schedule.
113.48 Similarly, newly-discovered prior period misstatements, whether material or not, will require the audit approach and performance materiality to be re-examined (and if necessary amended) and are also added to the Overs and Unders Schedule.
113.49 It is necessary to consider and document:
- the nature of the prior period misstatement and the circumstances of its occurrence;
- if the misstatement is indicative of a deficiency in controls previously not identified that should be raised as an audit finding;
- if there is a deficiency in prior year’s audit procedures that needs to be resolved in the current audit cycle; and
- if the current cycle audit approach needs to be modified to ensure that there are no other misstatements previously unidentified.
Correction in the current year
113.50 If the misstatement was material to a prior period and the financial statements were not re-issued, the auditee is required to correct the misstatement retrospectively by presenting corrected figures as comparative information in the current year’s financial statements and making the necessary disclosures, consistent with AASB 108 Accounting Policies, Changes in Accounting Estimates and Errors. The auditee may also be required to present a third balance sheet consistent with AASB 101 Presentation of Financial Statements.
113.51 In this situation, an Emphasis of Matter paragraph may need to be included in our current period auditor’s report where the correction and disclosure is fundamental to users’ understanding of the financial statements.34 This may be the case where the correction significantly amends the net result for the period or where an administered item is involved. This is a matter of judgement and the Engagement Executive should consult with the AASG GED before following the QTAC referral process.
113.52 As noted at paragraph 113.26 above, it may also be necessary to retrospectively correct misstatements that are not material to the prior period to avoid a material misstatement to current year figures.
Comparatives not corrected
113.53 If a material misstatement exists in prior period financial statements on which an unmodified opinion was issued and the comparative figures have not been properly restated or appropriate disclosures made, ASA 710 Comparative Information – Corresponding Figures and Comparative Financial Reports requires the auditor to express a modified opinion in the current period’s auditor’s report with respect to the comparative figures35.
113.54 Misstatement - A difference between the amount, classification, presentation, or disclosure of a reported financial statement item and the amount, classification, presentation, or disclosure that is required for the item to be consistent with the applicable financial reporting framework. Misstatements can arise from error or fraud.
113.55 Accumulated Misstatements - Misstatements which are above the clearly trivial threshold and misstatements that are discovered in items identified as material by nature and presentation and disclosure (except those that are clearly inconsequential to the audit).
113.56 Other Misstatements - Other misstatements are those which are equal to or greater than 0.02% if the CFS’ overall materiality but below the clearly trivial threshold.
113.57 Overs and Unders Schedule - A schedule used to record accumulated misstatements, which provides a summary of:
- all unadjusted audit differences above the clearly trivial threshold, aggregating the combined effect of the differences identified; and
- all adjusted differences above the clearly trivial threshold.
113.58 Adjustments identified and corrected as a result of the auditee’s own procedures are not considered as adjusted differences and therefore do not have to be posted to the Overs and Unders Schedule.
113.59 Minimum Posting Level - The term ‘minimum posting level’ means the same as the clearly trivial threshold.
113.60 Clearly Trivial - Matters that are clearly trivial will be of a wholly different (smaller) order of magnitude than materiality used in planning and performing the audit, and will be matters that are clearly inconsequential, whether taken individually or in aggregate and whether judged by any criteria of size, nature or circumstances. Further, whenever there is uncertainty about whether one or more items are clearly trivial, the auditor ordinarily presumes the item is not clearly trivial.
114. ANAO’s responsibilities regarding an entity’s annual report
114.1 This policy deals with making sure that the Auditor’s Report and Audited Financial Statements published in the entity’s Annual Report and on the entity’s website:
- are as they were signed;
- are clearly differentiated from other information in the Annual Report; and
- are not inconsistent with that other information.
114.2 This policy shall apply to both printed material and material published on the entity’s website.
114.3 The engagement team shall ensure that the audit file allows the definitive version of the audited financial statements and auditor’s report to be readily identified. This shall be achieved by either of the following methods:
- Where, under either the PGPA Act or this Audit Manual, a copy of the financial statements and auditor’s report thereon has been provided by the ANAO to the auditee’s responsible Minister, that email with attached documents shall be on the audit file and is taken to be definitive.
- Where the circumstances of the engagement do not require the financial statements and auditor’s report thereon to be communicated to the responsible Minister the definitive version of those documents shall be certified and placed on the audit file. The documents are certified on the first page of the financial statements by stamping or marking the first page of the financial statements as ‘certified’ and the audit manager, engagement executive or signing officer signing and dating it. The certification process may be achieved with digital markings.
114.4 The engagement team shall get a copy of the audited financial statements and the auditor’s report thereon in their final pre-publication form (both for printing and publishing on the entity’s website) and confirm that each is consistent with the definitive copy of the financial statements and the signed auditor’s report.
114.5 The engagement team shall verify that information in the Annual Report that is not covered by the audit opinion is clearly differentiated from the audited financial statements; and if it is not, shall take the follow-up action required by ASA 700 Forming an Opinion and Reporting on a Financial Report.
114.6 The engagement team shall review the Annual Report for material inconsistencies with the audited financial statements and material misstatements of fact consistent with ASA 720 The Auditor’s Responsibilities Relating to Other Information36.
114.7 The published audited financial statements and auditor’s report shall be checked against the definitive copy of the financial statements and the signed auditor’s report. If discrepancies are discovered, appropriate follow-up action to address the discrepancies shall be taken consistent with ASA 72037.
114.8 If the auditee will not adjust the Annual Report for material misstatements or inconsistencies between signed financial statements and the Annual Report on the internet, the matter shall be referred to the QTAC.
Definitive copy of audited financial statements and auditor’s report
114.9 Having a policy to establish the definitive copy of the audited financial statements ensures there is always a copy of the financial statements which can be readily identified as the audited document. The definitive copy of the audited financial statements and the audit report are used to verify the content of the entity’s annual report and supports the audit of comparatives in future periods.
114.10 In almost all cases the PGPA Act or this policy manual will require financial statements and auditor’s reports to be provided to the responsible Minister. In those cases it will not be necessary to certify the financial statements as the version communicated to the Minister is considered to be definitive. The main exception to this arrangement would be where audits or reviews of financial statement are performed on a section 20 basis. In those cases when the arrangement entered into with the audited or reviewed entity does not provide for the ANAO to provide a copy of the financial statements and auditor’s report thereon to the responsible Minister.
114.11 Where it is necessary to certify a copy of the financial statements and auditor’s report, at a minimum, the first page of the financial statements shall be, either digitally or physically,:
- stamped with an ‘ANAO’ stamp or marked ‘certified’; and
- signed by the audit manager, engagement executive or signing officer and dated.
Pre- and post-publication accuracy checks
114.12 Responsibility for the publication of the audited financial statements and auditor’s report rests with management. Nevertheless, the ANAO applies the policies at paragraphs 114.4 and 114.7 given the importance attaching to the audited financial information.
Clear differentiation from other information in annual report
114.13 ASA 700 requires clear differentiation of audited information from other information in the Annual Report.
114.14 If supplementary information that is not required by the applicable financial reporting framework is presented with the audited financial statements and is not clearly differentiated, the auditor may need to explain in the auditor’s report that such supplementary information has not been audited. Such matters should be referred to the QTAC.
114.15 Supplementary information that is not required by the applicable financial reporting framework but is nevertheless an integral part of the financial statements because it cannot be clearly differentiated from the audited financial statements due to its nature and how it is presented may be covered by the audit opinion. For example, this would be the case when the notes to the financial statements include an explanation of the extent to which the financial statements comply with another financial reporting framework. In circumstances where the requirements on a specific audit are unclear, advice should be sought from PSRG.
114.16 The audit opinion would also cover notes or supplementary schedules that are cross-referenced from the financial statements. The standard provides guidance on how this differentiation might be made. An example would be removing any cross references from the financial statements to unaudited supplementary schedules or unaudited notes so that the demarcation between the audited and unaudited information is clear enough. Unaudited notes that are intermingled with the audited notes can be misinterpreted as being audited.
Material inconsistencies and misstatements of fact
114.17 ASA 720 deals with these aspects. It covers:
- Reading other information;
- Material inconsistencies; and
- Material misstatements of fact.
114.18 It is more difficult to rectify inconsistencies identified once the financial statements have been published as there may be unknown users placing reliance on the financial statements to make decisions. Therefore it is important that this procedure is conducted in a timely manner. Close liaison with the auditee after the signing of the audit opinion is suggested, to identify to the auditee that the auditor is required to review final drafts before their publication.
114.19 There are many mandatory provisions in the standard. Of particular concern is that a material inconsistency may indicate that the financial statements might need amending, which if not corrected, may lead to a qualification of the auditor’s report.
114.20 Commonwealth entity annual reports include other (unaudited) financial summary information, as required by the PGPA Act. For this reason, the Annual Report needs to be examined consistent with ASA 720.
Publication of annual report on the entity web site
114.21 GS 006 Electronic Publication of the Auditor’s Report provides guidance to auditors on matters relating to the electronic publication of the auditor’s report, in particular management’s responsibility for appropriate differentiation of the audited information from other material.
115. Representation letters
115.1 All ANAO financial statements audits are to be supported by written representations (representation letters) consistent with the auditing standards and this policy.
115.2 Representation letters (RLs) shall be signed by management and, where appropriate, TCWG who have appropriate responsibilities for the financial report and knowledge of the matters concerned.
115.3 For ANAO mandated audits, representations are required from management preferably including those who sign the financial statements, in the form of the relevant PSRG template, as follows:
115.4 The representations to be obtained shall include all representations required by the auditing standards and PSRG templates.
115.5 The auditor shall obtain any additional written representations requested by the CFS audit team.
115.6 If management or TCWG refuse to provide a specific representation, the auditor shall:
- discuss the matter with management or TCWG, as appropriate;
- re-evaluate the integrity of management and TCWG and evaluate the effect that this may have on the reliability of representations, both oral and written and audit evidence in general; and
- take appropriate action including determining any additional effect on the auditor’s report (which in certain circumstances shall include a disclaimer of opinion).
115.7 The RL(s) shall be dated and signed the same date as the auditor’s report or as near as practicable to, but not after, that date.
115.8 The auditor is required under the auditing standards to get written representations from management and, where appropriate TCWG, that they believe they have fulfilled their responsibilities, and to support other audit evidence in the financial statements. The written representations are written statements from management and, where appropriate, TCWG to the auditor which attest to having fulfilled these responsibilities and may be used to confirm other specific audit matters. A RL may be used to focus management’s and TCWG’s attention on particular matters and thus cause them to specifically address those matters in more detail than would otherwise be the case.
115.9 Written representations are requested from those responsible for the preparation of the financial report. Those individuals may vary depending on the governance structure of the entity, and relevant law or regulation; however, management (rather than TCWG) is often the responsible party. Written representations may therefore be requested from the entity’s chief executive officer and chief financial officer, or other equivalent persons in entities that do not use such titles. In particular circumstances, however, other parties, such as TCWG, are also responsible for the preparation of the financial report.
115.10 In rare and exceptional circumstances, the auditor may conclude that written representations should be sought from TCWG (i.e. the board of directors of corporate Commonwealth entities and Commonwealth companies) as an additional audit evidence to address a particular risk of material misstatement. Examples of such circumstances include:
- where the auditor believes that management have not discharged their responsibility for the preparation of the financial report; or
- where the auditor considers it necessary to request representations which TCWG are only able to provide. For example, representations that relate to strategic decisions by the Board of Director which directors are only able to provide.
115.11 Each year PSRG releases updated MRL template that reflect the latest relevant changes to the accounting and auditing standards and the PGPA FRR 2015. These templates should be used and tailored for individual auditees, in particular where additional representations are required in the specific circumstances of an entity. Rarely, a representation in a PSRG template may be omitted if it is not required by the auditing standards and is not relevant to the entity.
115.12 PSRG does not maintain a template that can be used to obtain written representation from directors. When an Engagement Executive decides to obtain written representations from the directors of a corporate Commonwealth entity or a Commonwealth company, those written representations should be in accordance with the ANAO Auditing Standards. The Engagement Executive should consult with PSRG before seeking written representations from directors.
115.13 When there is a delay between signing the RL(s) and the auditor’s report, the auditor should consider the necessity to undertake additional procedures to ensure that no matters have arisen subsequent to the date of the RL(s) which impact on the auditor’s report.
115.14 Written representations provide necessary but not sufficient audit evidence, that is, a representation does not in itself provide sufficient appropriate audit evidence. Circumstances where other appropriate audit evidence does not exist are anticipated to be relatively rare. However, if they do arise, such circumstances can give rise to a limitation of scope and where it is material, the matter should be referred to the QTAC as per the ANAO Audit Manual - Shared Content, paragraph 8.10.
115.15 If management or TCWG provide a representation which is contradicted by other audit evidence, the auditor should investigate the circumstances and as necessary reconsider the reliability of other representations made.
115.16 The auditor is required to disclaim an opinion on the financial statements if there is enough doubt about the integrity of management or TCWG. This occurs when the representations required are not reliable, or if the representations required by ASA 580 Written Representation paragraphs 10 and 11 are not provided.40 The matter should be referred to the QTAC as per the ANAO Audit Manual - Shared Content, paragraph 8.10.
115.17 In considering any additional effects on the auditor’s report as directed under paragraph 115.6(c), the auditor should consider if a refusal to provide representations impacts on the auditor’s requirement to form an opinion on matters as required by legislative requirements. For example, under subsection 307(b) of the Corporations Act the auditor is required to form an opinion as to whether all information, explanations and help necessary for the conduct of the audit have been given.
115.18 Pro forma representation letters are located on the.
116. Selecting items for testing
116.1 The means available to the auditor for selecting items for testing are:
- Selecting all items;
- Selecting specific items; and
- Sampling (both statistical and non-statistical).
116.2 The means by which items are selected for testing should be determined by the most efficient and effective means to get the necessary audit assurance given the characteristics of the account, class of transactions or presentation and disclosure requirement.
116.3 In some situations, sampling may not be appropriate. For example, the auditor may use targeted testing or 100% selection of a population where individual items in a population are at amounts greater than performance materiality. In other situations, sampling may be less efficient than other acceptable alternatives because of the time it takes to examine a larger number of transactions.
116.4 When a decision is made to use audit sampling, the objective of the auditor ‘is to provide a reasonable basis for the auditor to draw conclusions about the population from which the sample is selected.’41
116.5 The ANAO uses both statistical and non-statistical sampling methods. The ANAO non-statistical sampling approach is based on statistical sampling principles. Typically, non-statistical sampling will be more efficient than statistical sampling.
116.6 The non-statistical sampling method shall be used when undertaking tests of controls.
116.7 Tests of controls shall be conducted using the control testing sampling template.
116.8 When testing controls on a rotational basis, sample size and selection must be consistent with this policy.
116.9 Exceptions identified when performing tests of controls shall be evaluated to determine whether the exceptions are isolated instances which can be remediated by the auditee.
116.10 Non-statistical sampling, targeted testing, accept-reject testing or a combination of these shall be used when conducting tests of details.
116.11 The Engagement Executive shall obtain approval from the AASG GED before using statistical sampling method for tests of control and tests of details. The Engagement Executive shall document:
- the reason that it is considered necessary to use a statistical approach, which may include circumstances where it is expected that there is a high error rate in the population or that the account is materially misstated; or
- the basis on which they are satisfied that the team has access to sufficient expertise to design and execute a statistical sampling approach.
116.12 The Engagement Executive shall document their approval before any of the following sampling strategies are applied to an audit:
- a low or supplemental level of assurance is used to determine a representative sample size; or
- the ‘two-step revenue testing’ strategy.
116.13 The principal methods of selecting samples are: random selection, systematic selection and haphazard selection. Haphazard selection of items for testing shall only be used in rare and unusual circumstances. Each use of haphazard selection shall have a documented basis for why this approach was determined to be the most efficient and effective method, and shall be approved by the Engagement Executive.
116.14 The ANAO’s methodology for non-statistical sampling and other means of selecting items for testing is described in the Online Audit Guide in TeamMate and is supported by templates located on TeamMate - TeamStore.
116.15 The relevant references in the Online Audit Guide are:
- Test of Controls (Non-statistical Sampling) – section 5403;
- Test of Details (Non-statistical Sampling) – section 6220.127.116.11;
- Test of Details (Accept-Reject Testing) - section 6201.3.1; and
- Test of Details (Targeted Testing) - section 6201.2.
Statistical and non-statistical sampling
116.16 Although ASA 530 Audit Sampling recognises both non-statistical and statistical sampling, ANAO’s preferred approach is the use of non-statistical audit sampling. The primary advantages of statistical audit sampling are a statistically derived sample size and a statistically determined evaluation of sampling risk.
116.17 However, the advantages of statistical sampling do not outweigh the primary disadvantages, which include the use of formal techniques to determine:
- sample size,
- the sample, and
- evaluate the results.
116.18 Ordinarily, the application of non-statistical sampling will result in a sample size comparable to the sample size resulting from an efficient and effectively designed statistical sample, considering the same sampling parameters. Therefore, a properly executed application of non-statistical audit sampling through the use of the test of details sampling template will generally be the preferable approach.
116.19 In rare and exceptional circumstances the use of a statistical approach may be appropriate where the parameters of the population are outside the range supported by the test of details sampling template.
116.20 Samples chosen using the supplemental level of assurance, low level of assurance and ‘two-step revenue testing’ strategies will not provide sufficient substantive evidence on their own but may be suitable in certain parts of a broader audit strategy in certain circumstances. The supplemental level of assurance, low level of assurance and ‘two-step revenue testing’ strategies accept a higher level of sampling risk on the basis that audit evidence obtained from other audit procedures is contributing to the overall sufficiency of audit evidence. Further guidance on the levels of assurance to be obtained from different sampling approaches is provided at 618.104.22.168 in the Online Audit Guide.
116.21 Audit documentation evidencing Engagement Executive’s approval to use low or supplemental level or ‘two-step revenue testing’ strategies should identify, for each relevant financial statement line item,:
- assertions to which the above sampling strategies will be applied to; and
- other audit procedures (tests of controls and/or substantive procedures) performed or to be performed that when combined with the above sampling strategies will provide the desired level of evidence and assurance at the financial statement line item assertion level.
116.22 Subject to clear documentation of all of the above considerations, the Engagement Executive’s approval can be documented by the use of a summary minute or through timely documented approval of the relevant Bridge and does not necessarily require the approval of each individual sampling template.
116.23 In some circumstances it may be convenient to divide a population into monetary or risk based strata. The population is divided into sub-populations or strata and each stratum is treated separately. The calculation of sample size and selection of the items for testing for each stratum is done separately.
Sample selection techniques
116.24 Random sampling - all items in the population have the same probability of being selected. The auditor selects a random sample by matching random numbers generated by a computer or selected from a random-number table with sequentially numbered items in the population.
116.25 Systematic sampling - the auditor determines a uniform interval by dividing the number of physical units in the population by the sample size. A starting point is randomly selected in the first interval and one item is selected throughout the population at each of the uniform intervals from the starting point.
116.26 Haphazard sampling - a sample method that attempts to approximate a random selection by selecting sampling units without any conscious bias. This method of sample selection is not permitted in the ANAO unless the auditor gets the prior approval of the Engagement Executive. A situation where haphazard selection might be approved is in the audit procedure of stock-taking from floor to record. The rationale and approval are required to be documented in the working papers.
116.27 Intentional Bias - the auditor selects from the population based on some pre-determined criteria. The auditor consciously selects items which are believed to be representative. This form of selection is distinct from targeted testing which is a non-sampling substantive technique.
116.28 Block Sample - involves the selection of some contiguous items, for example items in sequence. It is common when conducting cut-off testing. This method of selection is a non-sampling technique and does not result in a representative sample.
Choosing a sample before period end (Interim testing)
116.29 Sampling populations will typically be for the full financial year. Where controls testing is to be performed before the end of the period, the auditor can estimate the total population and determine the sample size for the estimated population, and test those sampled items that have occurred at interim and test the remaining sample at final.
116.30 Should an auditor wish to draw a conclusion at a point in time before the period end, the population from which the sample is chosen, needs to be defined at that point in time and the sample size generated accordingly.
Deviations and misstatements
116.31 The following paragraphs provide guidance on evaluating deviations and misstatements under the headings ‘controls testing’ and ‘substantive tests of detail’, respectively. When applying this guidance, regard should be given to auditing standard ASA 530.13 which requires the auditor to get a high degree of certainty that deviations or misstatements are not representative of the population, by performing additional audit procedures.
116.32 The control testing sampling template is used for controls testing when using ANAO non-statistical sampling. Note that the sample sizes which are typically used in initial samples do not allow for any exceptions. The history of control deviations should be considered in deciding whether to use this approach.
116.33 If the auditee is able to fix identified control errors which are demonstrated to be isolated instances, the auditor can then select a ‘remediated sample’ and retest the control to form a conclusion on its effective operation. A ‘remediated sample’ is an additional sample selected from the population; the size of the remediated sample is smaller than the original sample and is generated by the control testing sampling template using the same initial parameters.
116.34 Remediation of errors is only appropriate where the auditee intends to revise all affected control events for the period and there is an intention to rely on these controls. Where the auditor is unable to determine if the exceptions are isolated instances which can be remediated, it may be possible to quarantine those transactions in which the errors where identified. For example, there may be a one week period where a contractor was responsible for the operation of the control and it is possible to exclude transactions for that week from the population. The auditor can then select a remediated sample excluding those transactions and retest the control to form a conclusion on the controls for that part of the population not excluded.
116.35 The Online Audit Guide contains guidance on assessing exceptions in internal control in section 6100.
Substantive tests of detail
116.36 The Online Audit Guide contains guidance on non-statistical sampling in section 6201.4.1 and 6201.4.2.
116.37 The sections in this guidance on ‘Sample selection techniques’ and ‘Choosing a sample before period end’ also apply to sampling for substantive tests of detail.
Projecting errors of non-statistical sampling to the untested population
116.38 Difference estimation involves calculating the average error per sampling unit and multiplying this average by the number of items in the population. It is appropriate where the misstatements relate to the sampling unit itself and not to its monetary value. An example is a processing or shipping fee incorrectly applied to all orders regardless of value.
116.39 Ratio estimation should be used for projecting all other errors. It is done by projecting the percentage error in the sample across the population.
116.40 An anomalous misstatement may be excluded when projecting misstatements to the population, and is added to the projected misstatement. The basis for concluding that an error is anomalous needs to be documented. The aggregate misstatement is a best estimate of misstatement in the population.
116.41 Factual misstatements discovered during sampling and projected misstatements need to be clearly distinguished and taken to the Overs and Unders Schedule. Factual misstatements are misstatements about which there is no doubt. The projected misstatement may not be reliable or accurate enough to determine the amount to be corrected by the auditee. In some cases it will be appropriate to request the auditee to investigate the factual misstatements and perform procedures to determine the amount of actual misstatement in the population to make appropriate adjustments (Refer to Chapter 113 Evaluating misstatements)
116.42 Targeted testing is used when, in the auditor’s judgement, items within an account balance or class of transactions are individually significant. These items are separated from the population to which the auditor may then, if necessary, apply audit sampling.
116.43 Targeted testing is not audit sampling as it is not intended to be a representation of the whole population. Items to be tested are selected based on a characteristic, usually higher value or higher risk, and the purpose of the test is to draw a conclusion about the items tested. The results of audit procedures applied to items selected using target testing cannot be projected to the population.
116.44 The Online Audit Guide contains guidance on targeted testing at 6201.2.
116.45 Accept-reject testing is a substantive test of detail and is appropriate to apply when the auditor is interested in a particular attribute of the population, rather than the monetary balance. It should not be used to gain assurance where multiple assertions are being tested, which include valuation or accuracy. Examples where this approach can be used include cut-off testing, testing the accuracy of inventory counts and testing outstanding cheques to see that they cleared after year end.
116.46 The results of accept-reject testing are not projected on the population but are used to draw conclusions across the population about the attribute being tested.
116.47 The Online Audit Guide contains guidance on accept-reject testing at 6201.3.
Supplemental level of assurance
116.48 The supplemental sampling provides limited confidence (and therefore limited evidence) and will not by itself provide sufficient substantive evidence at the assertion level. Therefore, supplemental sampling would only be used when sufficient other substantive procedures related to relevant financial statement line item assertion are performed.
116.49 The Online Audit Guide contains guidance on supplemental sampling testing at 6201.4.
116.50 The applicable ANAO templates require the following to be documented about sample selection:
- Objective of Audit Procedure;
- Attributes of the Population - for example, number of items, dollar value, date range, etc;
- Means of Testing - for example, statistical sample, non-statistical sample;
- How the sample size is enough to reduce sampling risk to an acceptably low level – refer to Appendices 2 and 3 of clarity standard ASA 530 for further guidance; and
- Rationale for sample selection technique.
117. Rotating control testing
117.1 Under ASA 330 The Auditor’s Responses to Assessed Risks, the auditor must design and perform tests of controls when the auditor intends to rely on the operating effectiveness of controls in determining the nature, timing and extent of substantive procedures or where substantive procedures alone cannot provide sufficient appropriate evidence.
117.2 In certain circumstances, ASA 330 allows the auditor to rely on audit evidence obtained in previous audits about the operating effectiveness of controls that have not changed since they were last tested or controls that do not mitigate a significant risk.
117.3 Being able to rely on prior period evidence reduces audit effort in the current year without compromising the audit’s effectiveness.
117.4 The auditor shall use audit evidence from a previous audit about the operating effectiveness of specific controls unless:
- significant changes in those specific controls have occurred subsequent to the previous audit; and
- those specific controls mitigate a significant risk.
117.5 Where there have been no significant changes to controls referred to in paragraph 117.4, the auditor shall:
- test those controls at least once every third audit; and
- test some controls each audit to avoid the possibility of testing all the controls on which the auditor intends to rely in a single audit period with no testing of controls in the subsequent two audit periods.42
Using Audit Evidence Obtained in Previous Audits
117.6 Before the auditor uses the audit evidence from a previous audit about the operating effectiveness of specific controls, the auditor needs to establish the continuing relevance of the prior period evidence by considering:
- whether there have been significant changes in the control since the previous audit; and
- whether there have been changes in circumstances which make continued reliance on the control risky.
117.7 The auditor should establish the continuing relevance of the prior period evidence by performing enquiry combined with observation or inspection.
117.8 The auditor should not rely on the operating effectiveness of specific controls where significant changes in those controls have occurred subsequent to the previous audit. If there have been significant changes that affect the continuing relevance of the audit evidence from the previous audit, the auditor should test the controls in the current audit.
117.9 The auditor needs to use their professional judgement to decide what constitutes a significant change. For example, if the auditor identified that a new sales order processing system had been introduced at the beginning of the period, this would be considered a significant change that would impact both manual and automated controls, rendering evidence from prior years irrelevant for the current period.
117.10 If there have not been significant changes, the auditor should test the controls at least once in every third audit. The auditor should test some controls each audit to avoid the possibility of testing all the controls on which the auditor intends to rely in a single audit period with no testing of controls in the subsequent two audit periods.
117.11 The longer the time elapsed since the testing of the controls’ operating effectiveness, the less assurance the results of prior year’s work may provide with regard to operating effectiveness in the current year. At a minimum, the auditor is required to test the operating effectiveness of the controls at least every third year, but there may be cases where the auditor decides to test the operating effectiveness of unchanged controls more frequently than every third year.
117.12 In general, the higher the risk of material misstatement, or the greater the reliance on controls, the shorter the time period elapsed, if any, is likely to be. Factors that may result in not relying on audit evidence obtained in previous audits or decrease the period for retesting a control, include the following:
- higher risk of material misstatement and the greater reliance on the control;
- a deficient control environment43;
- deficient monitoring of controls;
- a significant manual element to the relevant controls44;
- personnel changes that significantly affect the application of the control;
- changing circumstances that indicate the need for changes in the control; and
- deficient general IT controls.
117.13 When there are a number of controls for which the auditor intends to rely on audit evidence obtained in previous audits, testing some of those controls in each audit provides corroborating information about the continuing effectiveness of the control environment. This contributes to the auditor’s decision about whether it is appropriate to rely on audit evidence obtained in previous audits.
117.14 Where the auditor plans to rely on controls, the auditor may consider testing at least some controls within each business process. However, in some circumstances, where the auditor has obtained evidence that the controls have not changed since they were last tested, the auditor may consider rotating controls testing on a business process basis, e.g. test controls within some processes in the current audit and test other processes next year. It would be inappropriate to completely rely on prior year testing for a business process if:
- there are higher risks associated with that business process;
- when there is a significant manual element to the process; or
- if there are weak entity level controls or exceptions identified in prior year tests.
117.15 Because of Information Technology General Controls’ (ITGCs’) pervasive effect on application controls, the audit team needs to be more cautious about using audit evidence obtained in prior periods regarding the continued operating effectiveness of ITGCs. While it may not be necessary to test the operating effectiveness of every relevant ITGC each year, consider the extent of the intended reliance on automated application controls and the planned approach for testing the automated controls when determining the nature and extent of evidence needed about the operating effectiveness of ITGCs. For example, when the audit team’s approach contemplates high reliance on numerous automated application controls based on prior year evidence, at least relevant program change controls would ordinarily be tested in the current period to obtain sufficient evidence that the application controls have not changed.
117.16 In order to evidence the consideration of the prior year audit evidence about the operating effectiveness of controls the audit team should include:
- the reasons why it is appropriate to place reliance on previous years’ audit evidence of the operating effectiveness of controls; and
- the results of the prior year testing.
117.17 The appropriate place to record this is in the relevant bridge in column “rotational testing”.
117.18 For further guidance on rotating control testing refer to Online Audit Guide 5406.2 “Three Year Rule for Controls Testing”
Engagement performance — reporting
Chapters 118 to 124
118. Communicating audit findings
118.1 The ANAO Auditing Standards define management and TCWG. In addition, legislation or other authority may require or permit audit findings to be reported to a responsible Minister and to Parliament.
118.2 The ANAO Auditing Standards require particular audit findings to be communicated to management and TCWG respectively.
118.3 As required by the ANAO Auditing Standards, audit findings to be communicated to management include:
- Deficiencies in internal control, including those to prevent or detect fraud;
- An actual or possible fraud;
- Non-compliance with laws and regulations; and
- Misstatements that are not clearly trivial for correction and material misstatements indicative of a deficiency in internal control.
118.4 The ANAO Auditing Standards require other communications to management in particular circumstances, including:
- where going concern issues arise,
- where other information accompanying the audited financial statements is materially misstated, and
- when the auditor is an incoming auditor.
118.5 As required by the ANAO Auditing Standards, audit findings to be communicated to TCWG include:
- Most of the audit findings communicated to management, including all significant deficiencies in internal control in writing;
- Fraud involving management or certain others;
- Intentional and material non-compliance involving management;
- Audit matters (findings per this policy) of governance interest; and
- All uncorrected misstatements, see Chapter 113 Evaluating misstatements for further policy and guidance on communication of misstatements to TCWG.
118.6 Audit findings are categorised according to the criteria in paragraph 118.7 below.
118.7 Audit findings shall be categorised using the following criteria:
Category A: Issues that pose a significant business or financial management risk to the entity. These include issues that could result in the material misstatement of the entity’s financial statements;
Category B: Issues that pose moderate business or financial management risk to the entity. These may include prior year issues that have not been satisfactorily addressed;
Category C: Issues that pose a low business or financial management risk to the entity. These may include accounting issues that, if not addressed, could pose a moderate risk in the future;
Category L1: Instances of significant 1 potential or actual breaches of the Constitution; and instances of significant non-compliance with the entity’s enabling legislation, legislation that the entity is responsible for administering, and the PGPA Act;
Category L2: Other instances of non-compliance with legislation the entity is required to comply with (such as OH&S and privacy legislation); and
Category L3: Instances of non-compliance with subordinate legislation such as the PGPA Rules.
Audit findings to be communicated to management
118.8 All audit findings, categorised consistent with paragraph 118.7 above, shall be communicated to the appropriate level of management in writing.
Audit findings to be communicated to those charged with governance
118.9 As a minimum, audit findings in categories A, B, and L1 shall be communicated to TCWG in writing.
Audit findings to be reported to ministers
118.10 Category A, B and L1 audit findings shall be reported to the Minister in writing.
Audit findings to be reported to the parliament
118.11 The content of Audit Reports on these matters to the Parliament is determined by the Auditor-General.
118.12 Where an Engagement Executive considers that non-secret information shall be excluded from a report to Parliament on the grounds that it is ‘sensitive’ within the meaning of section 37 of the A-G Act, the Engagement Executive shall provide a recommendation to the Auditor-General for decision. Information that is of a secret or top-secret nature shall be discussed in person with the Deputy Auditor-General or Auditor-General.
Rule for reporting audit findings to a higher level of authority
118.13 Audit findings shall be advised in writing to the appropriate level of management before being reported to the responsible Minister. Equally, the responsible Minister shall be advised in writing of audit findings before the audit findings can be reported to Parliament.
Appropriate level of management
118.14 The determination of the appropriate level of management requires consideration of the management structure of the entity and is a matter of professional judgement. Ordinarily it would include the CFO (or equivalent) and can include those who have responsibilities for corporate functions and IT systems.
118.15 Situations where information should not be included in public reports are detailed in subsection 37(2) of the A-G Act. Reasons that information is sensitive are:
- it would prejudice the security, defence or international relations of the Commonwealth;
- it would involve the disclosure of deliberations or decisions of the Cabinet or of a Committee of the Cabinet;
- it would prejudice relations between the Commonwealth and a State;
- it would divulge any information or matter that was communicated in confidence by the Commonwealth to a State, or by a State to the Commonwealth;
- it would unfairly prejudice the commercial interests of any body or person;
- any other reason that could form the basis for a claim by the Crown in right of the Commonwealth in a judicial proceeding that the information should not be disclosed.
Individual reports to ministers – interim and year end
118.16 Individual reports to Ministers need to include all information planned to be tabled in the relevant parliamentary report, being:
- Controls Report, or
- Year End Report
Portfolio reports to ministers
118.17 The purpose of the year end portfolio report is to provide the Minister with a succinct report on the results of and major issues arising from financial statements audits of entities within the Minister’s portfolio, in addition to the audit findings. The report lists reporting entities within the Minister’s portfolio, indicating whether the audit reports are modified and whether significant issues arose during the audit.
118.18 Portfolio wide issues should be highlighted within the report, where possible.
Reference to third parties
118.19 Where an audit finding includes a description of the role of a third party, such as an accounting firm or IT services provider, direct reference to the third party should be avoided where possible. In circumstances where this may not be possible without compromising the context and clarity of the finding this should be discussed with the AASG GED.
119. Distribution and timing of letters and written reports
119.1 Letters and written reports are normally provided (under legislation, auditing standards and ANAO policy) to:
- TCWG, including Audit Committees;
- Ministers; and
119.2 Generally, the basis and nature of letters to management and TCWG are sourced in auditing standards and will be required for all financial statements engagements; reports to Ministers and Parliament are sourced in legislation and are required for financial statements audits under the Commonwealth’s financial framework.
119.3 It is important to note that there are situations where legislation or the auditing standards require matters to be reported promptly. Formal reports required in these situations are in addition to the regular reports required by this policy.
119.4 Auditors may also engage in correspondence with entities to resolve particular matters in the course of the audit, for example, about the application of accounting policies.
Letters to management and TCWG
119.5 Letters detailing audit findings45 shall be provided to management and TCWG, including:
- At interim:
- for each entity to be included in the Controls Report to the Parliament; and
- for each other entity for which we have completed an interim audit phase and audit findings exist.
- At the end of the audit:
- for each entity where audit findings which had not been communicated at interim exist.
119.6 Before releasing written letters to the management or TCWG of Departments of State or other entities included in the ANAO’s Audit Work Program, a draft shall be provided to the Engagement Executive in PASG responsible for the portfolio. Any issues raised by PASG need to be resolved before the formal release of correspondence.
119.7 A Closing Letter shall be provided for every financial statements audit to the persons signing the entity’s financial statements and, if different, to TCWG. The Engagement Executive shall issue the Closing Letter before the signing of the financial statements.
Audit report on the financial statements
119.8 The audit report on the financial statements shall be signed and provided within 2 business days after the financial statements are signed.
119.9 Engagement Executives shall notify the AASG GED where the auditor’s report will not be signed and provided within 2 business days after the financial statements are signed.
Reporting to ministers
119.10 Ministers shall be provided a copy of extracts from any report to the Parliament which are relevant to their portfolios at least two days before report being tabled in Parliament. The extracts shall be clearly marked as being ‘final draft’ documents. Ministers shall be provided with a copy of each signed audit report and the signed financial statements as soon as practicable after they are prepared.
119.11 A ‘material entity’ means an entity that is material to the Commonwealth’s CFS as determined by the Department of Finance. Advice on entities that are material is provided by the Engagement Executive for the CFS audit.
Reports to parliament
119.12 Reports to Parliament are issued under section 25 of the A-G Act. This section allows the Auditor-General to cause a report to be tabled in either House of Parliament on any matter. The A-G Act requires that a copy of such a report be provided to the Prime Minister, the Minister for Finance and to any other Minister who, in the Auditor-General’s opinion, has a special interest in the report.
Reports to ministers46
119.13 Reports to Ministers are issued in support of the reports to Parliament - the Controls Report and the Year End Report.
119.14 Subsection 26(2) of the A-G Act provides the legislative authority for reporting to Ministers, in that it allows the Auditor-General to provide a report to a Minister on any matter at any time. Reports to the Minister issued in support of the reports to Parliament fall within this section.
119.15 Subsection 26(1) of the A-G Act requires the Auditor-General to bring to the attention of the responsible Minister any important matter that comes to the Auditor-General’ attention during the course of the audit. This section should only be used to report matters outside the boundaries of normal financial statements audit issues.
119.16 Proforma management letter templates are located on the.
120. Signing Officer Review Memorandum
120.1 The SORM is a summary document that describes the significant matters arising during the audit and how they have been addressed.
120.2 A SORM shall be prepared by the contract firm for all contracted-out audits.
120.3 Where appointed, the EQCR or Second Reviewer shall approve the SORM before the auditor’s report is signed.47
120.4 The Signing Officer shall approve the SORM before signing the auditor’s report, either by signing the SORM document or providing an electronic reviewer signoff in the TeamMate file.
120.5 The SORM shall include:
- The nature of the proposed auditor’s report.
- A statement regarding the extent to which the financial statements comply with their applicable financial reporting framework (for Commonwealth entities, this is Australian Accounting Standards and the PGPA FRR 2015).
- The risk rating for the audit, including changes in the rating during the course of the audit, and the rationale for the change.
- The amounts determined and basis for:
- overall materiality, performance materiality, particular materiality, the clearly trivial threshold, including planned amounts and any revisions throughout the audit; and
- items considered material by nature.
- Documentation of significant matters identified during the audit including:
- how each matter was addressed,
- the conclusions reached, and
- the significant professional judgments made in reaching those conclusions.
- For audits that will communicate key audit matters in the auditor’s report, the matters that required significant audit attention and the rationale for the determination as to whether each matter is a key audit matter.
- An analytical review of the financial statements/report.
- An evaluation of the adequacy of the two-way communication between the audit team and TCWG.48
- A statement that the independence requirements of the ANAO, including APES 110 and where applicable, the Corporations Act have been met.
- A conclusion from the Contract Partner stating that (i) all audit work has been finalised consistent with the approved audit strategy, as revised; and (ii) as a result of the audit work conducted, sufficient appropriate audit evidence exists to support the issue of the proposed auditor’s report.
- A statement that the auditor’s responsibilities under legislation or other governing arrangements, Auditing Standards and ANAO policy have been met.
- Sign-off by the Contractor Partner.
120.6 The SORM is not required to be prepared for in-house financial statement audits, unless formally requested by the Signing Officer. Where there is a separate Signing Officer and the Signing Officer has not requested a SORM, the Signing Officer shall ensure that their review and approval of key aspects of the audit are consistent with Chapter 104 Role and responsibilities of the Signing Officer of this policy is documented in the Audit File.
120.7 The SORM may be prepared for other audits if requested by the Engagement Executive. However, it is expected that the review of matters included in the SORM for all other audits will be enabled through the functionality of TeamMate.
120.8 Where the audit has objectives and reporting requirements that are additional to the requirements provided for by the PGPA Act and this policy for financial statement audits, these should also be stated.
120.9 The SORM should address the following as significant matters:
- The outcome of the auditor’s response to significant risks (including the risk of fraud) identified in the planning or throughout the audit, or as a result of PASG audit or other assurance work.
- Significant findings as a result of audit procedures and whether communicated to management or TCWG.
- Audit adjustments identified during the audit, whether they are adjusted or unadjusted and their impact on the financial statements if material.
- Changes in accounting policies, including as a result of new financial reporting requirements having or expected to have a significant impact on the accounts and other (voluntary) changes in accounting policy.
- The method used to gain assurance that the appropriation note disclosures (if applicable) are consistent with the requirements of the PGPA FRR 2015 and that they are complete and present fairly the appropriations (and their use) which the auditee is responsible for.
- Material after balance date events.
- Other significant audit/accounting/disclosure issues which were resolved without the need for formal management reporting (what the issue was and how it was resolved).
- Consultation undertaken during the audit and if applicable, how significant differences of opinion were resolved and implemented.
Financial statements analytical review
120.10 In conjunction with the SORM review, the Signing Officer needs to carefully review and approve the audited financial statements. To support this review, the SORM should include an analytical review of the financial statements/report, in line with ASA 520 Analytical Procedures. In conducting this analytical review, it is important to consider whether the overall relationships and trends are consistent with our knowledge of the government sector, benchmarks, entity history and performance for the reporting period, audit test results, and prior audit experience. There may be instances where individual significant differences appear to be explained by our audit work, but overall financial statement relationships or trends appear unusual.
120.11 There needs to be enough analysis in this broader analytical review and the movement analysis for the Signing Officer to be comfortable that:
- All significant differences and other unusual items are adequately explained;
- We have gained a comprehensive understanding of the financial statements, including the inter-relationships between items; and
- The overall financial statement presentation is consistent with the audit results, performance of the entity’s underlying business and our knowledge of the business and government sector.
120.12 It is useful for the SORM to provide a financial context for the reader. Accordingly, the SORM should provide a brief explanation of the operating results, including any relevant trends, and major balance sheet movements as well as an explanation of the composition of any unusual/new financial statement items and an outline of the audit approach about significant financial statement items. In most cases this will be achieved through the analytical review required by paragraph 120.5(g) of this policy.
Management of the audit
120.13 It is useful for the SORM to provide a summary of Audit Resourcing. The personnel involved in the audit should be identified as well as a comparison of budget to actual audit resources and an explanation for any significant variations.
120.14 The SORM also provides an opportunity to record lessons learned. The SORM should include reference to the major issues noted which have implications for either future financial statement audits within this auditee or for wider applications within the ANAO.
120.15 In exceptional circumstances, it may not be possible to document work done on the audit file before the signing of the auditor’s report. In this situation, the SORM may be used to document audit evidence obtained and the conclusions drawn and the engagement executive’s review.
120.16 Documentation in the SORM is not a substitute for fully documenting audit evidence in the audit file; accordingly the audit file needs to be updated for this material.
120.17 A proforma SORM template is located on the.
121. Legislative compliance
121.1 Commonwealth entities operate under a range of legislative provisions. For example:
- Many Commonwealth entities are created by legislation which specifies their functions and powers.
- There will be legislation affecting a Commonwealth entity because of the nature of the entity e.g. the PGPA Act for Commonwealth entities and the Corporations Act for companies. Among other things, such legislation typically creates the applicable financial reporting framework.
- Many non-corporate Commonwealth entities, in particular Departments of State, are allocated responsibility for the administration of legislation by the AAO made from time to time by the Governor-General. This legislation may give rise to financial statement items or disclosures.
- Like private sector entities, there will be legislation affecting a Commonwealth entity because it is a functioning organisation with staff which transacts with other entities in the economy e.g. legislation imposing the Goods and Services Tax (GST) or Occupational Health and Safety (OH&S) legislation.
121.2 In some situations, non-compliance with the legislation may not only be a significant matter in its own right but may also affect the entity’s financial position or financial performance. Accordingly, we need to consider the effects of non-compliance on the financial statements. ASA 250 Consideration of Laws and Regulations in an Audit of a Financial Report sets out the requirements of the auditing standards.
121.3 In addition, the ANAO is obliged by legislation or other arrangements under which the audit is conducted to report on specific areas of non-compliance.
121.4 In planning an audit, consideration shall be given to the effects of non-compliance with legislation where:
- non-compliance represents a risk which may affect the entity’s financial position or financial performance (the level of risk will be assessed consistent with the ANAO’s financial statement audit approach);
- statements or disclosures indicating compliance are included in the financial statements; or
- the Auditor-General is required to report on compliance.
121.5 The nature, timing and extent of audit procedures addressing compliance with legislation depend on the risk of material misstatement arising from non-compliance; and, about paragraph 121.4(c) above, also on the nature of the Auditor-General’s reporting obligations.
121.6 Regarding the disclosure of appropriations in the notes to the financial statements of Commonwealth entities:
- The audit procedures shall include the audit team getting an understanding of the nature of, basis for and extent of an entity’s appropriations.
- Including the assessed risk of material misstatement, the audit team:
- shall understand and assess the entity’s systems for determining that:
- the amount of appropriation available for spending is correct;
- spending is for purpose;
- spending is charged to the correct appropriation; and
- spending is within appropriation limits; and
- shall undertake audit work which provides reasonable assurance that the amounts of appropriation available and spent are fairly stated and that spending has been for the appropriation’s purpose.
- shall understand and assess the entity’s systems for determining that:
121.7 The AASG GED may specify audit work programs to be followed to help achieve the purposes of this policy. The Appropriations Test Program issued by PSRG on Audit Central shall be completed for all financial statements audits of Commonwealth entities which are required by the PGPA FRR 2015 to report appropriations in their financial statements.
121.8 The audits of corporate Commonwealth entities which are directly appropriated an amount under an Act of Parliament shall comply with AASG policy at paragraphs 121.6 and 121.7.
121.9 Expenditure from the CRF without the authority of an appropriation by the Parliament shall be advised to the AASG GED and referred to the QTAC.
121.10 The risk of non-compliance with legislation is more likely to be a significant when legislation is first introduced or is amended in important ways and that risk impacts on financial management and reporting.
121.11 Addressing the risks from such change is the entity’s responsibility and the auditor should expect to see a considered response by the entity to manage the change. For example, revisions to the PGPA Act or any significant rules under that Act require entities to understand the legislation, assess its impact on their operations and to create systems and procedures to respond appropriately.
121.12 An entity might also be audited by the relevant regulator, which would provide information against which we could evaluate our risk assessment.
121.13 Even where our assessment of the risk of material misstatement is low, we are required to be alert for breaches of legislation and to consider their impact on the audit and our auditor’s report.
Statements or disclosures indicating compliance
121.14 Financial statements are usually required to be prepared consistent with a financial reporting framework specified in legislation or by some other authority. Those responsible for the preparation of the financial statements are usually required to assert material compliance with that framework.
121.15 In addition, financial statements may include disclosures relating to, or assertions of, specific aspects of compliance with legislation. The most commonly encountered of such disclosures in the Commonwealth is the disclosure of appropriations by Commonwealth entities.
121.16 Appropriations are laws made by the Australian Parliament. The Commonwealth entities cannot spend money without from the CRF without an appropriation. All appropriations are provided for a particular purpose. Entities are not allowed to make payments using an appropriation unless the payment is consistent with the appropriation’s purpose. There are three main categories of appropriations: annual appropriation, special appropriations (including PGPA Act section 58 investments) and special accounts.
Commonwealth entities which are directly appropriated an amount from any of the above-mentioned appropriations under an Act of Parliament are required to make disclosures about compliance with appropriations. In addition, an entity (“the spending entity”) which has the authority to access the appropriation of the other entity (“the responsible entity”), is required to make appropriation disclosures. The PGPA FRR 2015 and Resource Management Guide 125 set out appropriation reporting and disclosure requirements for Commonwealth entities.
121.17 A corporate Commonwealth entity which is directly appropriated an amount under an Act of Parliament is required to disclose appropriations consistent with the PGPA FRR 2015. Conversely, a corporate Commonwealth entity is not required to make appropriation disclosures for amounts which are appropriated to the relevant non-corporate Commonwealth entity for payment to the corporate entity.
121.18 The system of parliamentary appropriations is an important means by which the Parliament exercises control over the Executive Government. Accordingly, we regard the disclosure of appropriations and their use as material by nature.
121.19 A misstatement in the reporting of appropriations and their use may arise because:
- the amount reported as available to spend is incorrect; or
- the amount spent is misstated; or
- the amount spent is recorded against the wrong appropriation; or
- the amount is not spent for an authorised purpose.
121.20 We need to understand the basis, nature and extent of Commonwealth entity’s appropriations. We need to consider, as a minimum:
- The basis on which an appropriation operates.
- For example, entities are appropriated certain receipts under section 74 of the PGPA Act. The conditions under which those receipts become available to the entity are set out in section 27 of the PGPA Rule.
- Some entities operate special accounts to which only specified receipts may be credited and out of which only specified payments may be made. Legislation or determinations by the Finance Minister create special accounts and their purposes.
- Investments of relevant money may only be made in prescribed instruments by delegated persons in certain entities (Refer to sections 58 and 59 of the PGPA Act).
- In these cases, we need to check that the entity’s systems and processes are structured to comply with legislative requirements. The risk of material misstatement is of course higher when the basis on which an appropriation operates has changed, which in turn requires an appropriate response from the entity.
- The entity’s systems for ensuring spending is for purpose and is charged to the correct appropriations and for preventing spending in excess of appropriation limits;
- Reconciling the amounts spent in total to the statement of cash flows and the balance of unspent appropriations to the balance sheet;
- Identifying formal and administrative additions and reductions to appropriation limits;
- When testing payments, checking the correct appropriation is charged; and
- Reviewing journal entries between appropriation accounts where appropriation limits are approached. A misstatement may disguise a breach of an appropriation.
121.21 It may be possible to integrate testing required for appropriations with testing performed for other purposes during the audit.
Where the Auditor-General is required to report on compliance
121.22 In addition to the obligation to report on whether financial statements ‘present fairly’ or give a ‘true and fair view’ of the matters required by legislation, the Auditor-General has obligations to report on legal compliance in other circumstances, including the following:
- Section 311 of the Corporations Act requires the Auditor-General to report to Australian Securities and Investigation Commission (ASIC) suspected and actual contraventions of the Corporations Act – Refer to ANAO Audit Manual – AASG Specific policy Auditor’s reporting obligations under section 311 of Corporations Act (Chapter 122).
- In some cases, including the audit of the High Court, and certain entities which are not subject to the PGPA Act, the Auditor-General is required to report whether the receipt, expenditure and investment of money and the acquisition and disposal of assets has been consistent with the enabling legislation.
121.23 The reporting obligation mentioned in paragraph 121.22(a) above is regarded as being ‘by exception’ - does not require a positive expression of an opinion that there are no breaches and therefore do not require a systematic approach to identifying breaches. However, reporting obligations of the type described in 121.22(b) above do require us to have reasonable assurance over the compliance matters mentioned. Similarly, where disclosures are made in the financial statements about compliance (as in the case of appropriations by non-corporate Commonwealth entities), enough work is required to get reasonable assurance over their presenting information fairly, in all material respects, as set out in this policy.
Communicating non-compliance to the entity
121.24 The auditing standards and ANAO policy require instances of non-compliance to be communicated to the appropriate level within the entity. ANAO policy on Communicating audit findings (Chapter 118) requires the audit team to report all issues posing a financial reporting risk to the entity, including legislative breaches, and in doing so determine whether the breaches of legislation pose significant risks or not, and stipulates how the findings are to be dealt with.
PGPA framework compliance reporting
121.25 Commonwealth entities and Commonwealth companies within the general government sector (GGS) are not required to provide an annual report on compliance with the PGPA framework however are expected to have an internal compliance reporting process to provide the Accountable Authority or Directors to be able to identify and report to responsible Ministers significant legislative breaches.
121.26 ANAO audit teams should seek to be kept informed of any significant breaches of legislation discovered by the Commonwealth entities and Commonwealth companies as they arise. You should also encourage entities to complete their internal compliance reporting processes for the year at the time of signing the representations letter to the ANAO and if not finalised, get and assess the latest draft of their compliance reporting at the time of signing of the financial statements. This will enable TCWG to be confident that that there are no relevant identified breaches at the time they sign their written representation letter to the ANAO.
122. Auditor’s reporting obligations under section 311 of the Corporations Act
122.1 Where a member of the engagement team becomes aware of circumstances stated in section 311 of the Corporations Act, the member shall promptly notify the Engagement Executive. If different, the Signing Officer shall be promptly notified by the Engagement Executive.
122.2 The circumstances stated in section 311 of the Corporations Act are:
- the auditor has reasonable grounds to suspect amount to a contravention of the Corporations Act; or
- amount to an attempt, about the audit, by any person to unduly influence, coerce, manipulate or mislead a person involved in the conduct of the audit49; or
- amount to an attempt, by any person, to otherwise interfere with the proper conduct of the audit.
122.3 As required by section 311 of the Corporations Act, the Signing Officer shall notify ASIC in writing of the circumstances as soon as practicable, and in any case, within 28 days after becoming aware of the circumstances.
122.4 ASIC has issued RG 34 Auditor’s Obligations: Reporting to ASIC. The Guide deals with suspected contraventions of the Act under paragraph 121.2. The following sections of RG 34 are relevant to ANAO engagements:
- General obligations of the auditor under section 311
- How to lodge notifications and reports
- Appendix: Examples of suspected contraventions
122.5 RG 3450 advises the following in regards to planning:
‘We believe that the auditor reporting obligations are a key aspect of the auditor’s role in conducting an audit and should be included in the audit plan and program for each entity subject to audit. We expect auditors to be vigilant and to make appropriate inquiries where the circumstances warrant inquiry.’
‘While we do not expect auditors to engage in a systemic search for all possible contraventions of the Corporations Act, auditors should be alert to matters that come to their attention that may indicate such contraventions. The auditor reporting obligations are not limited to matters that have arisen from audit or review. Information may come to the auditor’s attention during the audit or review, or otherwise, which gives rise to reasonable grounds to suspect that a contravention of the Corporations Act has occurred.’
‘In addition, staff reporting to an auditor should be made aware of the extent of the auditor’s duty.’
122.6 In planning and conducting the audit, the auditor also has regard to the requirements and guidance of ASA 250 which deal with consideration of laws and regulations in the audit of financial statements.
Suspected contravention of the act
122.7 Paragraph 311(1)(b) defines which suspected contravention are to be reported:
- there are reasonable grounds to suspect a breach of the Corporations Act has occurred by the company being audited; and
- it is a significant breach; or
- it is not significant breach but the auditor believes that the breach has not been or will not be adequately dealt with in the audit report or by bringing it to the attention of the directors.
122.8 RG 34 provides guidance on the application of paragraph (1)(b), including the following examples of breaches that should be reported:
- insolvent trading by the company;
- failure to comply with accounting standards;
- modified audit or review reports;
- fraud by officers or employees of the entity;
- related party transactions;
- composition of the board of directors;
- failure to keep books and records;
- non-lodgement of financial reports; and
- ongoing failures to comply with a compliance plan.
122.9 Note that subparagraph 311 (1)(a)(i) of the Corporations Act requires the auditor only to have ‘reasonable grounds to suspect’ a contravention. RG 34 explains what the courts have held to be ‘reasonable grounds to suspect’.
122.10 A proforma letter to ASIC is available on the.
123. ANAO auditor’s reports on financial statements
123.1 The requirement on the Auditor-General to report for most ANAO audits of financial statements is set out in one of the following enactments:
- For Commonwealth entities – section 43 of the PGPA Act52;
- (b) For companies – section 308 of the Corporations Act53.
123.2 For other bodies, the requirement to report may be found in the body’s enabling legislation or, for audits by arrangement, as agreed in making the arrangement.
123.3 The form and content of ANAO auditor’s reports on financial statements are determined by the requirements of:
- The legislation or arrangement under which the audit is conducted; and
- The relevant auditing standards.
123.4 PSRG prepares proforma ANAO auditor’s reports for Commonwealth entities and companies.
123.5 The Engagement Executive shall prepare the ANAO auditor’s report on each set of financial statements for which the executive is responsible consistent with the designated proforma prepared by PSRG, where such a proforma exists. If no proforma exists, the Engagement Executive shall prepare the ANAO auditor’s report consistent with the requirements of the auditing standards and ANAO policy and having regard to the form and content of the proforma templates.
123.6 The Engagement Executive shall describe each key audit matter in a separate section under the heading “Key Audit Matters” of the auditor’s report of Commonwealth entities for which key audit matters reporting was adopted by the Auditor-General54.
123.7 Where an Engagement Executive considers that a variation to the proforma ANAO auditor’s report is required, the proposed variation shall be approved by PSRG.
123.8 Each ANAO auditor’s report on financial statements shall make a statement on the ANAO’s independence. Where the independence requirements applicable to the audit cannot be met because of an unavoidable conflict between those requirements and the Auditor-General’s obligation to audit and report, an explanation of the conflict in the ANAO auditor’s report shall be considered.
123.9 The Engagement Executive shall confirm that the auditor’s report published on the client’s web site is identical to that signed for the financial statement audit. Where differences are identified, the Engagement Executive shall request from management to correct any differences immediately. Where management does correct identified differences, the Engagement Executive shall notify the AASG GED.
123.10 ANAO auditor’s reports on the financial statements of Commonwealth entities are addressed to ‘the Minister who is responsible for the entity or company, unless otherwise prescribed by the rules.’ This is the Minister that the entity presents its annual report to under the PGPA Act.55 In some circumstances Commonwealth entities may address their annual report to more than one responsible Minister in which case the ANAO’s auditor’s report should do the same.
123.11 ANAO auditor’s reports on the Parliamentary Departments are addressed to the relevant presiding officer(s) who are regarded as the responsible Minister under the PGPA Act.
123.12 Ministers of State are listed in the official Ministry List by portfolio (Parliamentary Secretaries and Ministers helping another Minister are formally Ministers also). Where a portfolio has more than one minister, all those ministers administer the department with the effect that all ministers are formally able to administer the legislation associated with the department. In practice, each minister in a portfolio will have discrete areas of policy and legislative responsibility.56 The legislation associated with a department is given in the AAO made from time to time by the Governor-General.
123.13 The Ministry List, the AAO and the Legislation Handbook are updated as required and published on the website of the PM&C at the Current Ministry list.
123.14 ANAO auditor’s reports on the financial statements of Commonwealth companies are addressed to the members of the Company in line with the requirements of the Corporations Act.
Independence statement within the ANAO auditor’s report
123.15 ANAO policy is to make an independence statement in each ANAO auditor’s report issued on financial statements. For financial statement audits conducted under the Australian Auditing Standards, ASA 700 requires the auditor’s report to include a statement on independence. Auditor’s reports prepared under ASA 700 do not need an additional statement to achieve this policy requirement. However, auditor’s reports not prepared under ASA 700, for example reports on limited assurance reviews or reviews of a financial report, may not achieve this policy requirement unless an independence statement has been added in addition to the requirements for the assurance report under the relevant assurance standard.
123.16 Where there is a possibility that the applicable independence requirements cannot be met because of an unavoidable conflict between those requirements and the Auditor-General’s obligation to audit and report, an explanation of the conflict for inclusion in the ANAO auditor’s report needs to be considered. Such a situation is expected to be rare in practice.57
123.17 If an unavoidable conflict arises in respect of an audit of a company under the Corporations Act, the impact on the audit report should be discussed with the AASG GED as soon as the conflict is identified. The Corporations Act requires conflicts of interest to be resolved within a specified short time period and reported to ASIC. Further, the Act requires a declaration by the auditor to the directors as to compliance with both the Act’s provisions and professional independence requirements and provides for the updating of that declaration in the auditor’s report.
Modification of the ANAO auditor’s report
123.18 PSRG publishes, in addition to the various specific auditor’s report proforma templates, a generic financial statement auditor’s report proforma template. It is expected to be rare that there will not be a relevant proforma to be applied by AASG for financial statement audits. The ANAO auditor’s reports proforma templates include guidance, based on the ANAO Auditing Standards, which should be followed when drafting a modified auditor’s report (either by modifying the auditor’s opinion or adding an emphasis of matter).
The PGPA Financial Reporting Rule
123.19 The Finance Minister is empowered to make rules under the PGPA Act prescribing matters required or permitted by the PGPA Act. Subsection 42(2) of the PGPA Act requires that Commonwealth entities’ annual financial statements are to comply with the Australian Accounting Standards and any other requirements prescribed by the rules. The PGPA FRR 2015 sets out the minimum financial reporting requirements for all Commonwealth reporting entities in the preparation of their financial statements and prescribes the requirements that reporting entities are to comply with in preparing their annual financial statements so as to present fairly the entity’s financial position, financial performance and cash flows. The PGPA Act requires the ANAO auditor’s report to state whether, in the Auditor-General’s (or delegate’s) opinion, the statements:
- comply with the accounting standards and any other requirements prescribed by the rules; and
- present fairly the entity’s financial position, financial performance and cash flows.
Reporting on other legal and regulatory requirements
123.20 The requirement for the ANAO to report on financial statements may involve a requirement to consider other matters in addition to the financial statements. Where such matters are to be reported, they are to be included under a separate report heading within the auditor’s report.
123.21 Where an audit of financial statements is undertaken according to other legislation or by arrangement, care needs to be taken to ensure all relevant matters are addressed in the auditor’s report.
Referral to QTAC
123.22 ANAO policy in respect of the QTAC outlines when a proposed ANAO auditor’s report is to be referred to the QTAC.
123.23 Audit reporting templates are located on the.
124. Closing letter
124.1 The Closing Letter is prepared to communicate matters that are directly relevant to the financial statements or that the auditing standards require be communicated before the statements are signed.
124.2 The distribution and timing of the Closing Letter are dealt with in the Distribution and timing of letters and written reports policy (Chapter 119).
124.3 The Closing Letter may also serve to replace other letters to management TCWG that detail the audit’s findings.58 Matters to be communicated as audit findings are identified in the Communicating audit findings policy (Chapter 118).
124.4 The Closing Letter shall:
- state that sufficient appropriate audit evidence has been obtained to provide a basis for the opinion in the auditor’s report, noting any outstanding audit work to be finalised
- state whether the conclusion in the auditor’s report is unmodified, and if modified, the nature of the modification59;
- describe other matters required to be reported on in the auditor’s report, including such other matters as agreed in the terms of engagement;
- describe those matters the auditor has determined to be key audit matters (for entities for which key audit matters reporting was adopted by the Auditor-General);
- include a schedule of unadjusted misstatements, and the effect that they, individually or in aggregate, may have on the opinion in the auditor’s report (ASA 450.12 and 13)60;
- identify significant matters addressed during the audit (ASA 260.16(c)(i));
- note previously reported audit findings (part of ASA 260.16(c));
- note audit findings yet to be reported in detail (part of ASA 260.16(c));
- discuss the ANAO’s views about significant qualitative aspects of the entity’s accounting practices, including accounting policies, accounting estimates and financial statement disclosures (ASA 260.16(a));
- identify significant disagreements with management, including those regarding accounting policy, practices and disclosures,
- resolved during the course of the audit; and
- to be resolved in the future;
- discuss significant difficulties, if any, encountered during the audit and the quality and oversight of the financial statements preparation process (ASA 260.16(b) & (d)); and
- state how an uncorrected material misstatement of other information will be addressed in the auditor’s report (ASA 260.16 (d) and A24).
124.5 The Closing Letter is prepared on the basis that the content of the management representation letter and financial statements being signed are as anticipated.
124.6 The Closing Letter refers to other matters which are to be included in the auditor’s report. These matters can include a report required on legal or other regulatory requirements or a matter that is relevant to the users’ understanding of the audit, the auditor’s responsibilities or the auditor’s report.61
124.7 The Closing Letter may also include the following elements:
- include a schedule of audit adjustments made;
- discuss the final audit fee;
- acknowledgement of support received from the auditee; and
- details of the planned beginning of the audit of the financial statements for next financial year.
124.8 ASA 700.12 requires the auditor, as part of the evaluation of whether the financial statements as a whole are free from material misstatement, to consider qualitative aspects of the entity’s accounting policies, including indicators of possible management bias. Examples of bias are also given.
124.9 Qualitative aspects of accounting practices that might be considered for inclusion in the Closing Letter are discussed in ASA 260 and in ASA 700. Appendix 2 of ASA 260 includes examples of qualitative aspects of accounting practices, such as:
- Accounting policies: the effect of significant accounting policies in controversial or emerging areas (or those unique to an industry, particularly when there is a lack of authoritative guidance and consensus).
- Accounting estimates: management’s process for making accounting estimates.
- Financial statement disclosures: issues involved, and judgments made, in formulating particularly sensitive financial statement disclosures (e.g. remuneration, subsequent events).
- Related matters: the extent to which the financial statements are affected by unusual transactions, including non-recurring amounts recognised during the period, and the extent to which such transactions are separately disclosed in the financial statements.
124.10 Closing Letter templates are located on the.
Glossary and footnotes
Administrative Arrangements Order
Australian Accounting Standards Board
Presentation of Financial Statements
Accounting Policies, Changes in Accounting Estimates and Errors
Assurance and Audit Services Group
Auditor-General Act 1997 (Cth)
Australian National Audit Office
Code of Ethics for Professional Accountants
Australian Auditing Standards
Compliance with Ethical Requirements when Performing Audits, Reviews and Other Assurance Engagements
Agreeing the Terms of Audit Engagements
Quality Control for an Audit of a Financial Report and Other Historical Financial Information
The Auditor’s Responsibilities Relating to Fraud in an Audit of a Financial Report
Consideration of Laws and Regulations in an Audit of a Financial Report
Communication with Those Charged with Governance
Planning an Audit of a Financial Report
Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment
Materiality in Planning and Performing an Audit
Evaluation of Misstatements Identified during the Audit
Auditing Accounting Estimates, Including Fair Value Accounting Estimates, and Related Disclosures
Special Considerations – Audits of a Group Financial Report
Using the Work of an Auditor’s Expert
Forming an Opinion and Reporting on a Financial Report
Modifications to the Opinion in the Independent Auditor’s Report
Emphasis of Matter
Comparative Information – Corresponding Figures and Comparative Financial Reports
Assurance Engagements Other than Audits or Reviews of Historical Financial Information
The Auditor’s Responsibilities Relating to Other Information
Australian Securities and Investments Commission
Chief Executive Officer
Chief Financial Officer
Consolidated Financial Statements
Interim Report on Key Financial Controls of Major Entities
Corporations Act 2001 (Cth)
Consolidated Revenue Fund
Director’s Representation Letter
Executive Board of Management
Engagement Executive Progressive Involvement Record
Engagement Quality Control Review
Group Executive Director
General Government Sector
Goods and Services Tax
Management Representation Letter
Occupational Health and Safety
Performance Audit Services Group
Public Governance, Performance and Accountability Act 2013 (Cth)
PGPA FRR 2015
Public Governance, Performance and Accountability (Financial Reporting) Rule 2015
Public Interest Entities
Professional Services and Relationships Group
Qualifications and Technical Advisory Committee
Risk of Material Misstatements
Systems Assurance and Data Analytics
Senior Executive Service
Signing Officer Review Memorandum
Those Charged with Governance
Year End Report
Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 20XX
3 This policy applies to all ANAO auditees (previously these services were only prohibited to entities material to the CFS). For existing contractors who have previously been approved by the ANAO to provide accounting and bookkeeping services, there is a transitional period for those services to be allowed until the contract with the auditee or the ANAO ends.
4 Non-Audit Services Approval Form is located on the , should be used to document the requirements of paragraph 102.17.
5 To ensure consistency with the terminology in APES 110, this policy uses the term ‘Audit Client’ instead of ‘Auditee’. The term ‘Audit Client’ and ‘Auditee’ should be regarded as equivalent.
7 Adapted from AUASB Glossary (Issued October 2009).
8 Under the Clarity standards, the requirements are concentrated in ASA 220 for an individual audit and in ASA 600 Special Considerations-Audits of a Group Financial Report (Including the Work of Component Auditors) for group audits.
9 Refer to the following:
ASA 240 The Auditor’s Responsibilities Relating to Fraud in an Audit of a Financial Report, paragraph 15.
ASA 300 Planning an Audit of a Financial Report, paragraphs 5, 8-9, A4, A8, A11, A15.
ASA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment, paragraphs 5-10, A14-16.
ASA 540 Auditing Accounting Estimates, Including Fair Value Accounting Estimates, and Related Disclosures, paragraph A96.
ASA 620 Using the Work of an Auditor’s Expert, paragraph A6.
10 Refer to AG Mandate polices: Legislative Basis for ANAO Work Audits (ANAO Audit Manual - Shared Content, paragraph 2.1) and Audit Related Services by Arrangement (ANAO Audit Manual - Shared Content, paragraph 2.76).
12 The unders and overs schedule, also referred to in external communication documents as unadjusted differences.
14 The ANAO for the purposes of the PGPA Act is a listed entity. An official of a Commonwealth entity that is a listed entity is a person who is prescribed by an Act or the rules to be an official of the entity. Under paragraph 38(3)(iii) of the A-G Act, the persons listed as officials of the Audit Office include persons engaged under contract as referred to in section 27.
16 Includes a listed entity as defined in Section 9 of the Corporations Act.
17 This guidance is relevant to the setting of materiality with consideration for the expectation of users. Where Parliamentary of other scrutiny is concentrated on particular aspects of the financial statements, the audit team should consider the use of a particular materiality in accordance with this chapter and ensure that the audit’s overall risk response for that time is suitable.
18 Refer to Chapter 109.5Engagement risk rating and public interest entity assessment, paragraph 109.5
19 Aggregation risk = risk that undetected & uncorrected misstatements taken together will be material
20 Examples of environmental factors for 10% haircut: sufficient qualified management resources are present, there is low pressure to achieve targeted results, the entity does not operate in a high risk industry, there is a limited number of financial statement line items subject to high estimate uncertainty with significant risks and/or with risks at the higher end of the normal risk continuum.
21 Examples of environmental factors for 25% haircut: sufficient qualified management resources are present, there is low pressure to achieve targeted results and/or the entity does not operate in a high risk industry, etc.
22 Examples of environmental factors for 50% haircut: such as insufficient qualitied management resources are
present, the initial audit of a company having never been audited before, there is high pressure to achieve targeted results and/or the entity operates in high risk industry, etc.
23 Delegations can be found in Public Governance, Performance and Accountability (Finance Minister to Accountable Authorities of Non-Corporate Commonwealth Entities) Delegation 2014, Part 5, available on PGPA Delegation 2014.
24 Resource Management Guide No. 301– Investment by Commonwealth Entities provides a useful summary of section 58 and 59 investments.
29 PSRG provides an update of changes to reporting requirements which can be tailored to highlight any significant impact on the auditee.
37 Ibid., para 16, A39-A43
38 For a non-corporate Commonwealth entity the CEO, however named, is normally the accountable authority. Audit teams will need to consider, on a case-by-case basis, who to get representations from where the chief executive and accountable authority are different, with particular reference to who signs the financial statements on behalf of the entity.
If the Commonwealth entity is:
The Accountable authority is:
a Parliamentary Department
The Secretary of the Department
a listed entity
The person or group of persons prescribed by an Act or the rules to be the accountable authority of the entity, the of the Commonwealth. governing body of the entity, unless otherwise prescribed by an Act or the rules.
a body corporate created by the law
39 For corporate Commonwealth entities the board of directors is normally the accountable authority, however, this is dependent on the specific laws and rules applicable to the entity.
43 The audit team should consider the impact of any relevant existing A, B or C findings when assessing the effectiveness the control environment.
44 Note that not all manual controls are required to be retested every period. Routine, transaction-level manual controls performed in a stable environment, combined with consideration of other factors noted above may allow for reliance on previous period testing. Conversely, complex, judgmental manual controls addressing risk areas at the higher end of the normal continuum may not be good candidates for the relying on previous period testing.
45 Refer to the policy Communicating Audit Findings (Chapter 117) for policy on which findings are to be reported and to whom.
47 The EQCR may be a firm partner on a project-managed audit. The contractor EQCR is required by this policy to endorse the SORM.
49 Subsection 311(6).
50 Regulatory Guide 34.13, 34.14 and 34.15.
51 Corporations Act, Volume 2, Chapter 2M – Financial reports and audit, Part 2M.3 – Financial Reporting, Division 3 – Audit and auditor’s report and section 311 Reporting to ASIC.
53 Refer to section 308 Auditor’s report on annual financial report of the Corporations Act.
55 Under section 46 of the PGPA Act, the accountable authority of a Commonwealth entity is required to give an annual report to the entity’s responsible Minister, for presentation to the Parliament.
57 Example wording for a modification to the independence framework statement usually made in our auditor’s report for a Commonwealth entity could be as follows: ‘In conducting the audit I have followed the independence requirements of the ANAO, which incorporate the requirements of the Australian accounting profession to the extent they are not inconsistent with the Auditor-General Act 1997 or other relevant legislation.’
58 As required by paragraph 119.10 of the Timing and Distribution of Letters and Written Reports (Chapter 119) policy.
59 Modifications of the auditor’s report involve either modification of the auditor’s opinion or an emphasis of matter.
60 ASA 450 requires the auditor to request TCWG to correct all accumulated misstatements. This will need to be communicated also to management in the first instance, so that if management declines to correct, there is enough time for TCWG to respond. The effect of uncorrected misstatements related to prior periods shall also be communicated to those charged with governance.