1021 Compliance with CAS objectives and CAS requirements
Sep-2022

1021 Compliance with CAS Objectives and CAS requirements

Compliance with relevant CASs

CAS Requirement

The auditor shall comply with all CASs relevant to the audit. A CAS is relevant to the audit when the CAS is in effect and the circumstances addressed by the CAS exist (CAS 200.18).

The auditor shall not represent compliance with Canadian generally accepted auditing standards in the auditor's report unless the auditor has complied with the requirements of this CAS and all other CASs relevant to the audit (CAS 200.20).

A practitioner shall have an understanding of the entire text of an Assurance and Related Services Guideline relevant to the engagement, to more fully understand and assist with the application of the requirements in any CAS to which the Guideline relates (CAS 200.C20A).

CAS 200 requires the auditor to comply with all CASs relevant to the audit. In the case of an audit of a single financial statement or of a specific element of a financial statement, this requirement applies irrespective of whether the auditor is also engaged to audit the entity's complete set of financial statements. If the auditor is not also engaged to audit the entity's complete set of financial statements, the auditor shall determine whether the audit of a single financial statement or of a specific element of those financial statements in accordance with CASs is practicable (CAS 805.7).

CAS Guidance

The CASs, taken together, provide the standards for the auditor's work in fulfilling the overall objectives of the auditor. The CASs deal with the general responsibilities of the auditor, as well as the auditor's further considerations relevant to the application of those responsibilities to specific topics (CAS 200.A58).

The scope, effective date and any specific limitation of the applicability of a specific CAS is made clear in the CAS. Unless otherwise stated in the CAS, the auditor is permitted to apply a CAS before the effective date specified therein (CAS 200.A59).

In performing an audit, the auditor may be required to comply with legal or regulatory requirements in addition to the CASs. The CASs do not override law or regulation that governs an audit of financial statements. In the event that such law or regulation differs from the CASs, an audit conducted only in accordance with law or regulation will not automatically comply with CASs (CAS 200.A60).

The auditor may also conduct the audit in accordance with both CASs and auditing standards of a specific jurisdiction or country. In such cases, in addition to complying with each of the CASs relevant to the audit, it may be necessary for the auditor to perform additional audit procedures in order to comply with the relevant standards of that jurisdiction or country (CAS 200.A61).

CAS 200 requires the auditor to comply with (a) relevant ethical requirements, including those related to independence, relating to financial statement audit engagements, and (b) all CASs relevant to the audit. It also requires the auditor to comply with each requirement of a CAS unless, in the circumstances of the audit, the entire CAS is not relevant or the requirement is not relevant because it is conditional and the condition does not exist. In exceptional circumstances, the auditor may judge it necessary to depart from a relevant requirement in an CAS by performing alternative audit procedures to achieve the aim of that requirement (CAS 805.A5).

OAG Guidance

As OAG and as individuals who are members of professional accountancy bodies, we have professional obligations to comply with the professional ethics, standards, laws and regulations governing the work that we do.

Auditing and other engagement standards, codes of ethics and independence rules are imposed through either or both of (i) law or regulation of statutory audits, and (ii) obligations of membership of professional bodies.

Related Guidance:

See Complying with relevant requirements for further guidance on complying with CAS requirements relevant to the audit.

See OAG Audit 1011 for guidance on CAS Objectives.

See OAG Audit 1031 for policy on compliance with ethical requirements.

Understanding the CASs

CAS Requirement

The auditor shall have an understanding of the entire text of a CAS, including its application and other explanatory material, to understand its objectives and to apply its requirements properly (CAS 200.19).

CAS Guidance

In addition to objectives and requirements (requirements are expressed in the CASs using “shall”), a CAS contains related guidance in the form of application and other explanatory material. It may also contain introductory material that provides context relevant to a proper understanding of the CAS, and definitions. The entire text of a CAS, therefore, is relevant to an understanding of the objectives stated in a CAS and the proper application of the requirements of a CAS (CAS 200.A63).

Where necessary, the application and other explanatory material provides further explanation of the requirements of a CAS and guidance for carrying them out. In particular, it may (CAS 200.A64):

  • explain more precisely what a requirement means or is intended to cover, including in some CASs such as CAS 315, why a procedure is required, and

  • include examples of procedures that may be appropriate in the circumstances. In some CASs, such as CAS 315, examples are presented in boxes.

While such guidance does not in itself impose a requirement, it is relevant to the proper application of the requirements of a CAS. The application and other explanatory material may also provide background information on matters addressed in a CAS.

Appendices form part of the application and other explanatory material. The purpose and intended use of an appendix are explained in the body of the related CAS or within the title and introduction of the appendix itself (CAS 200.A65).

Introductory material may include, as needed, such matters as explanation of (CAS 200.A66):

  • the purpose and scope of the CAS, including how the CAS relates to other CASs,
  • the subject matter of the CAS,
  • the respective responsibilities of the auditor and others in relation to the subject matter of the CAS, and
  • the context in which the CAS is set.

When appropriate, additional considerations specific to audits of smaller entities and public sector entities are included within the application and other explanatory material of a CAS (see further guidance immediately below). These additional considerations assist in the application of the requirements of the CAS in the audit of such entities. They do not, however, limit or reduce the responsibility of the auditor to apply and comply with the requirements of the CASs (CAS 200.A68).

When this CAS expressly intends that a requirement or responsibility be fulfilled by the engagement partner, the engagement partner may need to obtain information from the firm or other members of the engagement team to fulfil the requirement (e.g., information to make the required decision or judgment). For example, the engagement partner is required to determine that members of the engagement team collectively have the appropriate competence and capabilities to perform the audit engagement. To make a judgment on whether the competence and capabilities of the engagement team is appropriate, the engagement partner may need to use information compiled by the engagement team or from the firm's system of quality management. (CAS 220.A23)

Related Guidance:

See OAG Audit 101 for guidance on the structure of the Annual Audit Manual and how this incorporates the various elements of the CAS material referred to above, as a means of understanding the text of CASs.

Considerations for public sector entities

CAS Guidance

The CASs are relevant to engagements in the public sector. The public sector auditor's responsibilities, however, may be affected by the audit mandate, or by obligations on public sector entities arising from law, regulation, or other authority (such as ministerial directives, government policy requirements, or resolutions of the legislature), which may encompass a broader scope than an audit of financial statements in accordance with the CASs. These additional responsibilities are not dealt with in the CASs. They may be dealt with in the pronouncements of the International Organization of Supreme Audit Institutions or national standard setters, or in guidance developed by government audit agencies (CAS 200.A62).

Considerations for scalability and smaller entities

CAS Guidance

Scalability considerations have been included in some CASs (e.g., CAS 315), illustrating the application of the requirements to all entities regardless of whether their nature and circumstances are less complex or more complex. Less complex entities are entities for which the characteristics in paragraph A71 may apply (CAS 200.A69).

The "considerations specific to smaller entities" included in some CASs have been developed primarily with unlisted entities in mind. Some of the considerations, however, may be helpful in audits of smaller listed entities (CAS 200.A70).

For purposes of specifying additional considerations to audits of smaller entities, a "smaller entity" refers to an entity which typically possesses qualitative characteristics such as (CAS 200.A71):

a)   Concentration of ownership and management in a small number of individuals (often a single individual – either a natural person or another enterprise that owns the entity provided the owner exhibits the relevant qualitative characteristics); and

b)   One or more of the following:

i.   Straightforward or uncomplicated transactions;

ii.   Simple record-keeping;

iii.   Few lines of business and few products within business lines;

iv.   Simpler systems of internal control;

v.   Few levels of management with responsibility for a broad range of controls;

vi.   Few personnel, many having a wide range of duties.

These qualitative characteristics are not exhaustive, they are not exclusive to smaller entities, and smaller entities do not necessarily display all of these characteristics.

The CASs refer to the proprietor of a smaller entity who is involved in running the entity on a day-to-day basis as the "owner-manager." (CAS 200.A72).

CAS Objectives and the audit process

CAS Requirement

To achieve the overall objectives of the auditor, the auditor shall use the objectives stated in relevant CASs in planning and performing the audit, having regard to the interrelationships among the CASs, to (CAS 200.21):

(a)   Determine whether any audit procedures in addition to those required by the CASs are necessary in pursuance of the objectives stated in the CASs;

(b)   Evaluate whether sufficient appropriate audit evidence has been obtained.

CAS Guidance

Each CAS contains one or more objectives which provide a link between the requirements and the overall objectives of the auditor. The objectives in individual CASs serve to focus the auditor on the desired outcome of the CAS, while being specific enough to assist the auditor in (CAS 200.A74)

  • understanding what needs to be accomplished and, where necessary, the appropriate means of doing so; and
  • deciding whether more needs to be done to achieve them in the particular circumstances of the audit.

Objectives are to be understood in the context of the overall objectives of the auditor stated in paragraph 11 of this CAS. As with the overall objectives of the auditor, the ability to achieve an individual objective is equally subject to the inherent limitations of an audit (CAS 200.A75).

In using the objectives, the auditor is required to have regard to the interrelationships among the CASs. This is because, as indicated in paragraph A55, the CASs deal, in some cases, with general responsibilities and in others with the application of those responsibilities to specific topics. For example, this CAS requires the auditor to adopt an attitude of professional skepticism; this is necessary in all aspects of planning and performing an audit but is not repeated as a requirement of each CAS. At a more detailed level, CAS 315 and CAS 330 contain, among other things, objectives and requirements that deal with the auditor's responsibilities to identify and assess the risks of material misstatement and to design and perform further audit procedures to respond to those assessed risks, respectively; these objectives and requirements apply throughout the audit. A CAS dealing with specific aspects of the audit (for example, CAS 540) may expand on how the objectives and requirements of such CASs as CAS 315 and CAS 330 are to be applied in relation to the subject of the CAS but does not repeat them. Thus, in achieving the objective stated in CAS 540, the auditor has regard to the objectives and requirements of other relevant CASs (CAS 200.A76).

OAG Policy

Annual audits of financial statements shall be planned and performed based on the audit procedures provided via audit working paper software that are available when the engagement planning commences. [Jun-2020]

OAG Guidance

Audit procedures are designed to guide engagement teams in complying with the requirements of the CASs. Complying with all audit procedures included in the audit working paper software will ordinarily result in teams meeting those requirements and in doing so achieve the desired outcomes (objectives) of the CASs.

Engagement teams are required to have an awareness of and use the CAS objectives in performing the audit and to consider whether, through compliance with the requirements of Audit Procedure, such objectives have been satisfactorily addressed.

In assessing whether the CAS objectives have been addressed engagement teams consider whether sufficient appropriate audit evidence has been obtained (see OAG Audit 1051).

Engagement teams are not required to positively state compliance with each CAS objective in the audit file; however, the team manager and engagement leader are required to assess such compliance when performing planning and completion sign-offs.

In the event that engagement teams conclude that sufficient appropriate audit evidence has not been obtained or responses to one or more CAS requirements is not sufficient to address the overall objective of a CAS, follow the guidance in OAG Audit 1022 with respect to determining alternative or additional audit procedures and the documentation requirements to be applied in such situations.

Related Guidance:

See OAG Audit 1011 for guidance on CAS Objectives.

Complying with relevant requirements

CAS Requirement

Subject to paragraph 23, the auditor shall comply with each requirement of a CAS unless, in the circumstances of the audit (CAS 200.22):

(a)   The entire CAS is not relevant; or

(b)   The requirement is not relevant because it is conditional and the condition does not exist.

CAS Guidance

In some cases, a CAS (and therefore all of its requirements) may not be relevant in the circumstances. For example, if an entity does not have an internal audit function, nothing in CAS 610 is relevant (CAS 200.A79).

Within a relevant CAS, there may be conditional requirements. Such a requirement is relevant when the circumstances envisioned in the requirement apply and the condition exists. In general, the conditionality of a requirement will either be explicit or implicit, for example (CAS 200.A80):

  • The requirement to modify the auditor's opinion if there is a limitation of scope represents an explicit conditional requirement.

  • The requirement to communicate significant deficiencies in internal control identified during the audit to those charged with governance, which depends on the existence of such identified significant deficiencies; and the requirement to obtain sufficient appropriate audit evidence regarding the presentation and disclosure of segment information in accordance with the applicable financial reporting framework, which depends on that framework requiring or permitting such disclosure, represent implicit conditional requirements.

In some cases, a requirement may be expressed as being conditional on applicable law or regulation. For example, the auditor may be required to withdraw from the audit engagement, where withdrawal is possible under applicable law or regulation, or the auditor may be required to do something, unless prohibited by law or regulation. Depending on the jurisdiction, the legal or regulatory permission or prohibition may be explicit or implicit.

Compliance with the requirements of CASs relevant to the audit of a single financial statement or of a specific element of a financial statement may not be practicable when the auditor is not also engaged to audit the entity's complete set of financial statements. In such cases, the auditor often does not have the same understanding of the entity and its environment, including its internal control, as an auditor who also audits the entity's complete set of financial statements. The auditor also does not have the audit evidence about the general quality of the accounting records or other accounting information that would be acquired in an audit of the entity's complete set of financial statements. Accordingly, the auditor may need further evidence to corroborate audit evidence acquired from the accounting records. In the case of an audit of a specific element of a financial statement, certain CASs require audit work that may be disproportionate to the element being audited. For example, although the requirements of CAS 570 are likely to be relevant in the circumstances of an audit of a schedule of accounts receivable, complying with those requirements may not be practicable because of the audit effort required. If the auditor concludes that an audit of a single financial statement or of a specific element of a financial statement in accordance with CASs may not be practicable, the auditor may discuss with management whether another type of engagement might be more practicable (CAS 805.A6).

OAG Guidance

In situations where audit work is performed on elements of financial statements but not the complete set of financial statements, other types of engagement that may be considered more practicable include agreed upon procedures engagements or non-audit assurance engagements.

Related Guidance:

See OAG Audit 1022 for guidance on assessing and responding to departures from CAS requirements or objectives, including considerations for Group and component audit teams on group audits.