2321.1 Sharing Acceptance and Continuance information on a Group Audit

Dec-2023

OAG Guidance

An acceptance and continuance (A&C) assessment should be completed for the group engagement as a whole by the group engagement team. Once the group assessment has been approved, the engagement team should communicate significant risks that may impact other engagement teams, to those other teams on a timely basis.

The group engagement team may decide that the risk profile of the parent company's audit is different to the group taken as a whole, and accordingly prepare another A&C for their own specific work. However there should be an A&C assessment completed for the group audit.

OAG Guidance

The group engagement team performs the group A&C assessment per OAG Audit 3011.

In order to complete the group acceptance and continuance assessment, the group engagement team considers:

• reviewing prior year significant matters raised by component auditors to determine if there is a potential impact on the group audit A&C assessment;
• whether any items in reports issued to and communicated with group management and/or those charged with governance of the group as part of the prior year audit would result in a risk to the group audit;
• for significant components, communicating with the component auditor directly to determine the impact on the group assessment; and
• circulating a request to the other component auditors as to whether any matters or circumstances identified to be brought to the attention of the group engagement team in the completion of the current year group A&C assessment.

The group engagement team communicates any significant risks identified as part of gathering and assessing information obtained during the acceptance and continuance process, to the component auditors, to the extent relevant to those component audits. The group engagement team needs to communicate this information to the component auditors on a timely basis (in some cases before issuing the final group instructions) to ensure that the component auditors can perform the appropriate planning procedures to address those risks.

OAG Guidance

Component auditors in the non-group engagement team should perform their own, separate A&C assessment where there are statutory or other audit reporting requirement.

OAG Guidance

Component Auditor Responsibilities

Component engagement teams different from that of the group engagement team perform their own, separate acceptance and continuance assessment where they issue an interoffice opinion, or where there is a local statutory or other audit requirement.

Component auditors need to consider advising the group engagement team of any professional risks or significant risks identified during the component auditor's acceptance and continuance process in the following circumstances:

• The risk is not thought to be known to the group engagement team.
• The risk might impact the component auditor's ability to issue the interoffice opinion.
• The risk could materially affect the financial statements of another group entity.
• There is a fraud risk indicator that may impact either the group audit or another group entity.

OAG Guidance

Where OAG audits two or more affiliated entities (e.g., a parent and its subsidiary, or entities subject to common management), an assessment may be done on a combined basis. The engagement team should decide whether combined assessment or separate assessments will be more appropriate, bearing in mind the similarities or differences in the management, risks, controls and accounting systems of the affiliated entities. A combined assessment would normally be appropriate if the entities have common top management, are subject to the same group-wide controls, and have the same or similar risks and accounting systems.

This guidance does not remove or change the requirement of the ultimate parent entity of a group to complete a group A&C assessment covering the group as a whole and all its constituent entities, as discussed above in Guidance for Group Engagement Team.

Considerations of the Group Engagement Team

Where a group engagement team is able to complete a combined A&C assessment (at a head office level) on behalf of all component auditors, then the group engagement team should verify that the completion of the A&C assessment takes into account the events and conditions at the component auditor level in order to accurately respond to the A&C questions.

Once the A&C assessment has been completed by the group engagement team, and approved, the results of the A&C assessment should be made available to the component auditors.

OAG Guidance

Where a component auditor is able to use the A&C assessment prepared by the group engagement team, the component auditor should:

• communicate to the group engagement team any matters that may impact the group A&C assessment prepared by the group engagement team in a timely manner (i.e. before the group engagement team completes the A&C assessment);
• obtain the the A&C assessment prepared by the group engagement team;
• determine whether the A&C assessment appropriately reflects the risks present on the component auditor's audit and adds additional significant risks as appropriate. Significant risks identified in the A&C assessment completed by the group engagement team should not be removed from the component auditor's planning documentation. If they are not applicable, they should be identified as such and an explanation articulated on the planning documentation; and
• reconsider the decision to use the A&C assessment prepared by the group engagement team, if the significant risks in the group A&C assessment output do not appear appropriate for the component auditor's client entity.