Annual Audit Manual
COPYRIGHT NOTICE — This document is intended for internal use. It cannot be distributed to or reproduced by third parties without prior written permission from the Copyright Coordinator for the Office of the Auditor General of Canada. This includes email, fax, mail and hand delivery, or use of any other method of distribution or reproduction. CPA Canada Handbook sections and excerpts are reproduced herein for your non-commercial use with the permission of The Chartered Professional Accountants of Canada (“CPA Canada”). These may not be modified, copied or distributed in any form as this would infringe CPA Canada’s copyright. Reproduced, with permission, from the CPA Canada Handbook, The Chartered Professional Accountants of Canada, Toronto, Canada.
2324 Evaluating group auditor’s planned involvement in the work of component auditors
Dec-2023
In This Section
Evaluating extent of involvement in the work of component auditors
Concerns that level of group auditor involvement will not be sufficient
CAS Requirement
Where component auditors will perform work on the financial information of components, the group engagement partner shall evaluate whether the group engagement team will be able to be involved in the work of those component auditors to the extent necessary to obtain sufficient appropriate audit evidence (CAS 600.12).
CAS Guidance
CSQM 1 requires the firm to establish quality objectives that address the firm's governance and leadership that supports the design, implementation and operation of the system of quality management. The engagement partner's responsibility for managing and achieving quality is supported by a firm culture that demonstrates a commitment to quality. In addressing the requirements in paragraphs 13 and 14 of this CAS, the engagement partner may communicate directly to other members of the engagement team and reinforce this communication through personal conduct and actions (e.g., leading by example). A culture that demonstrates a commitment to quality is further shaped and reinforced by the engagement team members as they demonstrate expected behaviours when performing the engagement (CAS 220.A29).
The nature and extent of the actions of the engagement partner to demonstrate the firm's commitment to quality may depend on a variety of factors including the size, structure, geographical dispersion and complexity of the firm and the engagement team, and the nature and circumstances of the audit engagement. With a smaller engagement team with few engagement team members, influencing the desired culture through direct interaction and conduct may be sufficient, whereas for a larger engagement team that is dispersed over many locations, more formal communications may be necessary (CAS 220.A30).
Being sufficiently and appropriately involved throughout the audit engagement may be demonstrated by the engagement partner in different ways, including (CAS 220.A31):
- Taking responsibility for the nature, timing and extent of the direction and supervision of the members of the engagement team, and the review of their work in complying with the requirements of this CAS; and
- Varying the nature, timing and extent of such direction, supervision and review in the context of the nature and circumstances of the engagement.
Factors that may affect the group engagement team’s involvement in the work of the component auditor include (CAS 600.A54):
(a) the significance of the component,
(b) the identified significant risks of material misstatement of the group financial statements, and
(c) the group engagement team’s understanding of the component auditor.
In the case of a significant component or identified significant risks, the group engagement team performs the procedures described in CAS 600.30-31. In the case of a component that is not a significant component, the nature, timing and extent of the group engagement team’s involvement in the work of the component auditor will vary based on the group engagement team’s understanding of that component auditor. The fact that the component is not a significant component becomes secondary. For example, even though a component is not considered a significant component, the group engagement team nevertheless may decide to be involved in the component auditor’s risk assessment, because it has less than serious concerns about the component auditor’s professional competency (e.g., lack of industry specific knowledge), or the component auditor does not operate in an environment that actively oversees auditors.
Forms of involvement in the work of a component auditor other than those described in CAS 600.30-31 and 42 may, based on the group engagement team’s understanding of the component auditor, include one or more of the following (CAS 600.A55):
(a) Meeting with component management or the component auditors to obtain an understanding of the component and its environment.
(b) Reviewing the component auditors’ overall audit strategy and audit plan.
(c) Performing risk assessment procedures to identify and assess the risks of material misstatement at the component level. These may be performed with the component auditors, or by the group engagement team.
(d) Designing and performing further audit procedures. These may be designed and performed with the component auditors, or by the group engagement team.
(e) Participating in the closing and other key meetings between the component auditors and component management.
(f) Reviewing other relevant parts of the component auditors’ audit documentation.
OAG Guidance
When the group engagement team relies on component auditors to perform audit work on in scope components within a group, the risk of not obtaining sufficient appropriate audit evidence may increase. This is particularly the situation where the component is significant and/or the component auditors are from external firms. An important consideration in the group auditor’s conclusion about the extent of involvement in the component auditor’s risk assessment is whether or not the component auditor is another OAG audit team or an external firm.
The group engagement leader takes overall responsibility for managing and achieving quality on the group audit through direction and supervision of the group engagement team and component auditors and review of their work. 'Component auditors' are considered to be part of the 'engagement team' as defined by CAS 220.C12(d), and as a result, the group engagement leader is also ultimately responsible for their work. Taking this responsibility necessitates sufficient involvement of the group engagement leader in the work of component auditors throughout the engagement to form the basis for determining that the significant judgments made and conclusions reached are appropriate given the nature and circumstances of the engagement as required by CAS 220.40. The group engagement leader evidences their sufficient and appropriate involvement throughout the group audit by, for example:
- Communicating instructions to component auditors and reviewing the Acknowledgment of Receipt obtained from the component auditors.
- Participating in team planning meeting(s) of the group engagement team and component auditors.
- Participating in team discussions/taking stock meetings throughout the group audit engagement
- Performing component auditor visits.
- Documenting their involvement in performing certain procedures, including their review of procedures.
While OAG Audit 2332 establishes certain minimum requirements for the group engagement team’s involvement in the component auditor’s risk assessment of significant components, evaluating “sufficient involvement” requires the group engagement leader’s professional judgment. The greater the relative significance of a component to a group, the greater the involvement of the group engagement team typically would be in the work of the component auditor responsible for that component.
Refer to OAG Audit 3062 and OAG Audit 2365 for guidance on the engagement leader's responsibility to manage and achieve quality on the audit engagement.
OAG Guidance
In certain group structures, the group may have limited or no control over one or more components, such as joint ventures or investees accounted for by the equity or cost methods of accounting. Although the group has limited or no control over such components, they may nonetheless be significant components (due to their individual financial significance to the group or because they are likely to include significant risks of material misstatement of the group financial statements due to their specific nature or circumstances) for which the group engagement team is required to obtain sufficient appropriate audit evidence. The group engagement team’s involvement in the work of component auditors may involve, among other things, access to the component’s information, access to the component auditor’s audit documentation and access to those charged with governance of the component and component management. The group engagement team’s access may be restricted not only by the group’s inability to influence the component to grant the auditor the required access, but also by legal impediments.
The extent of involvement that the group engagement team determines is appropriate in the circumstances depends, in part, on the group engagement team’s understanding of the component auditor (OAG Audit 2326).
When considering the level of involvement required, we need to consider the impact such a component may have on the consolidated financial statements:
- In the case of joint ventures, usually the joint venture agreement includes allowing sufficient access to the auditors of the respective ventures. If getting such a clause is not common practice for our client, consider encouraging the client to get such a clause in future joint venture agreements.
- The impact of investments accounted for by the equity method usually affects one line item in the balance sheet and one line item in the income statement. Similarly, for investments accounted for by the cost method, the relevant assertion is typically valuation (i.e., risk of unidentified impairment). Therefore, the assessed level of risks of material misstatement to the consolidated financial statements may not be elevated or significant, depending on relevant characteristics of the investment and the relevant economic environment.
- The group entity will have significant influence over entities that it accounts for under the equity method. Because the component auditor will only be permitted to communicate directly with the group engagement team with approval of the component’s management, consider encouraging group management to facilitate getting the necessary approvals from the component’s management as early as possible in the audit process.
Depending on the financial significance and nature of the significant risks of the component, involvement may be achieved in various ways, including discussions with the component auditor and review of alternative documentation, such as parent company documentation or the component auditor’s report or memorandum of work performed. Depending on the specific circumstances, and the professional judgment of the group engagement team, the group engagement team would consider to:
- obtain confirmation that the
- component auditor's firm has implemented a system of quality management that is intended to align to the objectives of CSQM 1
- component auditor has complied with ethical requirements that are relevant to the group audit, including independence and professional competence
- component auditor has assigned sufficient and appropriate resources to perform the audit work related to the component;
- obtain a complete set of financial statements of the component, including the auditor’s report thereon;
- understand the significant risks in the component of material misstatement of the group financial statements due to error or fraud, and discuss with the component auditor their audit response to such risks, and the results thereof;
- understand the materiality levels used by the component auditor in planning and performing their audit;
- understand the de minimis SUM level used by the component auditor, and whether any misstatements identified during the component auditor’s audit have not been corrected, in order to (i) evaluate whether there may be misstatements not identified by the component auditor that are above the group de minimis SUM level, and (ii) evaluate whether uncorrected misstatements at the component (whether or not identified by the component auditor) impact the consolidated financial statements;
- if available, access information kept by group management in relation to that component;
- understand how group management monitors and evaluates the investment and ensures the financial information of the component has been correctly accounted for by the group;
- if the group has representatives who are part of the component’s management or on the Board of Directors of the component, discuss the component and its operation and financial status with these representatives; and
- examine other external information such as publications and analysts’ reports. If the component is a public company by itself, external information will also include any filings made by the component.
Instances where a group engagement team is unsure whether or not they can be sufficiently involved in the work of a component auditor of a significant component and address the requirements of CAS 220.13 (OAG Audit 2312, OAG Audit 2342 and OAG Audit 2343), CAS 220.40 (OAG Audit 2365), CAS 600.30 (OAG Audit 2332), CAS 600.41 (OAG Audit 2341) and CAS 600.42(a) (OAG Audit 2362) shall involve the Engagement Leader and may be documented as a Significant Matter. If the uncertainty results from a concern that there are legal impediments on such involvement, consultation with Legal Services is recommended.
Refer to OAG Audit 2321 for guidance on how the group engagement team evidences their sufficient and appropriate involvement in the work of the component auditor(s). OAG Audit 2321 also includes examples of how the group engagement team may be able to overcome restrictions of access to information of the component. The group engagement leader exercises professional judgment to determine whether one or more of those actions are sufficient to overcome the restrictions.
If the group engagement team concludes that they will not be able to be sufficiently involved in the work of a significant component’s auditor, to the extent that they cannot obtain sufficient appropriate audit evidence on the financial information of the component, the group engagement team may after extensive consultation, modify the group audit opinion to include a scope limitation in accordance with CAS 705 (OAG Audit 2364).
OAG Guidance
As described in OAG Audit 2321, if the group engagement leader has concerns at the acceptance and continuance stage that the group engagement team cannot be sufficiently and appropriately involved in the work at significant components throughout the engagement and to the extent necessary to obtain sufficient appropriate audit evidence, then the group engagement team either:
- evaluates remedies necessary to obtain sufficient appropriate audit evidence; or
- declines or withdraws from the engagement. See OAG Audit 2321 guidance for “Where Declining or Withdrawing from an Engagement is Prohibited.”
Remedies may include reconsidering and adjusting the:
- nature, timing and extent of the group engagement team’s direction to and supervision of the component auditor’s work throughout their engagement;
- level of reliance placed on the work of the component auditor (i.e., not placing reliance on the work of the component auditor but rather the group engagement team or another OAG audit team performing work sufficient to obtain appropriate audit evidence related to the significant component’s financial information).
Related Guidance:
- Examples of the ways in which the group engagement team directs and supervises the component auditors and reviews their work are included in OAG Audit 2340.1.
- Guidance on the group engagement leader's “stand back” evaluation of whether their involvement in the engagement has been sufficient to allow them to take overall responsibility for the quality of the audit engagement is included in OAG Audit 2365 and OAG Audit 9061.