2324 Evaluating group auditor’s planned involvement in the work of component auditors

Dec-2023

OAG Guidance

When the group engagement team relies on component auditors to perform audit work on in scope components within a group, the risk of not obtaining sufficient appropriate audit evidence may increase. This is particularly the situation where the component is significant and/or the component auditors are from external firms. An important consideration in the group auditor’s conclusion about the extent of involvement in the component auditor’s risk assessment is whether or not the component auditor is another OAG audit team or an external firm.

The group engagement leader takes overall responsibility for managing and achieving quality on the group audit through direction and supervision of the group engagement team and component auditors and review of their work. 'Component auditors' are considered to be part of the 'engagement team' as defined by CAS 220.C12(d), and as a result, the group engagement leader is also ultimately responsible for their work. Taking this responsibility necessitates sufficient involvement of the group engagement leader in the work of component auditors throughout the engagement to form the basis for determining that the significant judgments made and conclusions reached are appropriate given the nature and circumstances of the engagement as required by CAS 220.40. The group engagement leader evidences their sufficient and appropriate involvement throughout the group audit by, for example:

• Communicating instructions to component auditors and reviewing the Acknowledgment of Receipt obtained from the component auditors.
• Participating in team planning meeting(s) of the group engagement team and component auditors.
• Participating in team discussions/taking stock meetings throughout the group audit engagement
• Performing component auditor visits.
• Documenting their involvement in performing certain procedures, including their review of procedures.

While OAG Audit 2332 establishes certain minimum requirements for the group engagement team’s involvement in the component auditor’s risk assessment of significant components, evaluating “sufficient involvement” requires the group engagement leader’s professional judgment. The greater the relative significance of a component to a group, the greater the involvement of the group engagement team typically would be in the work of the component auditor responsible for that component.

Refer to OAG Audit 3062 and OAG Audit 2365 for guidance on the engagement leader's responsibility to manage and achieve quality on the audit engagement.

OAG Guidance

In certain group structures, the group may have limited or no control over one or more components, such as joint ventures or investees accounted for by the equity or cost methods of accounting. Although the group has limited or no control over such components, they may nonetheless be significant components (due to their individual financial significance to the group or because they are likely to include significant risks of material misstatement of the group financial statements due to their specific nature or circumstances) for which the group engagement team is required to obtain sufficient appropriate audit evidence. The group engagement team’s involvement in the work of component auditors may involve, among other things, access to the component’s information, access to the component auditor’s audit documentation and access to those charged with governance of the component and component management. The group engagement team’s access may be restricted not only by the group’s inability to influence the component to grant the auditor the required access, but also by legal impediments.

The extent of involvement that the group engagement team determines is appropriate in the circumstances depends, in part, on the group engagement team’s understanding of the component auditor (OAG Audit 2326).

When considering the level of involvement required, we need to consider the impact such a component may have on the consolidated financial statements:

• In the case of joint ventures, usually the joint venture agreement includes allowing sufficient access to the auditors of the respective ventures. If getting such a clause is not common practice for our client, consider encouraging the client to get such a clause in future joint venture agreements.
• The impact of investments accounted for by the equity method usually affects one line item in the balance sheet and one line item in the income statement. Similarly, for investments accounted for by the cost method, the relevant assertion is typically valuation (i.e., risk of unidentified impairment). Therefore, the assessed level of risks of material misstatement to the consolidated financial statements may not be elevated or significant, depending on relevant characteristics of the investment and the relevant economic environment.
• The group entity will have significant influence over entities that it accounts for under the equity method. Because the component auditor will only be permitted to communicate directly with the group engagement team with approval of the component’s management, consider encouraging group management to facilitate getting the necessary approvals from the component’s management as early as possible in the audit process.

Depending on the financial significance and nature of the significant risks of the component, involvement may be achieved in various ways, including discussions with the component auditor and review of alternative documentation, such as parent company documentation or the component auditor’s report or memorandum of work performed. Depending on the specific circumstances, and the professional judgment of the group engagement team, the group engagement team would consider to:

• obtain confirmation that the
  • component auditor's firm has implemented a system of quality management that is intended to align to the objectives of CSQM 1
  • component auditor has complied with ethical requirements that are relevant to the group audit, including independence and professional competence
  • component auditor has assigned sufficient and appropriate resources to perform the audit work related to the component;
• obtain a complete set of financial statements of the component, including the auditor’s report thereon;
• understand the significant risks in the component of material misstatement of the group financial statements due to error or fraud, and discuss with the component auditor their audit response to such risks, and the results thereof;
• understand the materiality levels used by the component auditor in planning and performing their audit;
• understand the de minimis SUM level used by the component auditor, and whether any misstatements identified during the component auditor’s audit have not been corrected, in order to (i) evaluate whether there may be misstatements not identified by the component auditor that are above the group de minimis SUM level, and (ii) evaluate whether uncorrected misstatements at the component (whether or not identified by the component auditor) impact the consolidated financial statements;
• if available, access information kept by group management in relation to that component;
• understand how group management monitors and evaluates the investment and ensures the financial information of the component has been correctly accounted for by the group;
• if the group has representatives who are part of the component’s management or on the Board of Directors of the component, discuss the component and its operation and financial status with these representatives; and
• examine other external information such as publications and analysts’ reports. If the component is a public company by itself, external information will also include any filings made by the component.

Instances where a group engagement team is unsure whether or not they can be sufficiently involved in the work of a component auditor of a significant component and address the requirements of CAS 220.13 (OAG Audit 2312, OAG Audit 2342 and OAG Audit 2343), CAS 220.40 (OAG Audit 2365), CAS 600.30 (OAG Audit 2332), CAS 600.41 (OAG Audit 2341) and CAS 600.42(a) (OAG Audit 2362) shall involve the Engagement Leader and may be documented as a Significant Matter. If the uncertainty results from a concern that there are legal impediments on such involvement, consultation with Legal Services is recommended.

Refer to OAG Audit 2321 for guidance on how the group engagement team evidences their sufficient and appropriate involvement in the work of the component auditor(s). OAG Audit 2321 also includes examples of how the group engagement team may be able to overcome restrictions of access to information of the component. The group engagement leader exercises professional judgment to determine whether one or more of those actions are sufficient to overcome the restrictions.

If the group engagement team concludes that they will not be able to be sufficiently involved in the work of a significant component’s auditor, to the extent that they cannot obtain sufficient appropriate audit evidence on the financial information of the component, the group engagement team may after extensive consultation, modify the group audit opinion to include a scope limitation in accordance with CAS 705 (OAG Audit 2364).

OAG Guidance

As described in OAG Audit 2321, if the group engagement leader has concerns at the acceptance and continuance stage that the group engagement team cannot be sufficiently and appropriately involved in the work at significant components throughout the engagement and to the extent necessary to obtain sufficient appropriate audit evidence, then the group engagement team either:

• evaluates remedies necessary to obtain sufficient appropriate audit evidence; or
• declines or withdraws from the engagement. See OAG Audit 2321 guidance for “Where Declining or Withdrawing from an Engagement is Prohibited.”

Remedies may include reconsidering and adjusting the:

• nature, timing and extent of the group engagement team’s direction to and supervision of the component auditor’s work throughout their engagement;
• level of reliance placed on the work of the component auditor (i.e., not placing reliance on the work of the component auditor but rather the group engagement team or another OAG audit team performing work sufficient to obtain appropriate audit evidence related to the significant component’s financial information).

Related Guidance:

• Examples of the ways in which the group engagement team directs and supervises the component auditors and reviews their work are included in OAG Audit 2340.1.
• Guidance on the group engagement leader's “stand back” evaluation of whether their involvement in the engagement has been sufficient to allow them to take overall responsibility for the quality of the audit engagement is included in OAG Audit 2365 and OAG Audit 9061.