Annual Audit Manual
COPYRIGHT NOTICE — This document is intended for internal use. It cannot be distributed to or reproduced by third parties without prior written permission from the Copyright Coordinator for the Office of the Auditor General of Canada. This includes email, fax, mail and hand delivery, or use of any other method of distribution or reproduction. CPA Canada Handbook sections and excerpts are reproduced herein for your non-commercial use with the permission of The Chartered Professional Accountants of Canada (“CPA Canada”). These may not be modified, copied or distributed in any form as this would infringe CPA Canada’s copyright. Reproduced, with permission, from the CPA Canada Handbook, The Chartered Professional Accountants of Canada, Toronto, Canada.
2336 Responsibilities of the component auditor in different types of work to be performed on the financial information of components
Apr-2018
In This Section
Audit of the Financial Information of a Component
Audit of One or More Account Balances, Classes of Transactions or Disclosures
Review of a Non-Significant Component’s Financial Information
Overview
This section discusses:
- Special consideration when performing an audit of a component’s financial information
- Consideration when performing an audit of one or more account balances, classes of transactions or disclosures
- Consideration when performing and reporting on specified procedures
- Special consideration when performing a review of a non-significant component’s financial information
CAS Requirement
For a component that is significant due to its individual financial significance to the group, the group engagement team, or a component auditor on its behalf, shall perform an audit of the financial information of the component using component materiality (CAS 600.26).
For a component that is significant because it is likely to include significant risks of material misstatement of the group financial statements due to its specific nature or circumstances, the group engagement team, or a component auditor on its behalf, shall perform an audit of the financial information of the component using component materiality
(CAS 600.27(a)).
If the group engagement team does not consider that sufficient appropriate audit evidence on which to base the group audit opinion will be obtained, the group engagement team shall select components that are not significant components and shall perform, or request a component auditor to perform an audit of the financial information of the component using component materiality (CAS 600.29).
OAG Guidance
The group engagement team might ask the component team to conduct an audit of either
-
the component’s complete financial statements, including disclosures; or
-
special purpose financial information prepared for the purposes of the group consolidation (which is less than a complete set of financial statements and disclosures, such as standard company forms).
In doing so, the component auditor needs to comply with all the requirements of the various CASs, adapted as necessary to meet the needs of the group engagement team, considering that some of these requirements may be achieved using the assistance of the group engagement team, or other component auditors in the group.
It may also be the case that the component is already required to report separately (for statutory, regulatory, or other third party requirements). In this situation, and where the audit for the separate report will be completed in time to meet the group reporting timetable (OAG Audit 2335, block Components Subject to Audit by Statute, Regulation or Other Reason) the audit of a complete set of financial statements is to be performed using materiality determined in relation to the financial information of the component (stand-alone component materiality), unless such materiality is higher than the materiality determined in the context of the group audit. In some circumstances, the statutory audit report on the financial statements of a component might be sufficient for the group audit purposes, in which case the component auditor would not need to prepare a separate report.
To the extent the existing third-party financial statements need to be either (i) adjusted for differences in the accounting financial framework for use in connection with the consolidated financial statements or (ii) translated or remeasured (in the case of highly inflationary economies) from the local currency, special reports may be required.
If no separate third-party reporting is required, and the component audit is being performed for purposes of the group only, an audit of a complete set of financial statements or an audit of special purpose information may be performed using materiality determined either in relation to the financial information of the component or in the context of the group audit.
In performing an audit of component financial information for the purpose of the group audit, all material account balances, classes of transactions and disclosures that are above component performance materiality need to be audited, regardless of whether such account balances, classes of transactions, or disclosures are within the scope of the group audit or not (i.e., if the consolidated account balances, classes of transactions and disclosures are below group performance materiality). However, when the audit is performed for the purpose of group reporting (and not for statutory or other third party reporting), some of the account balances, classes of transactions and disclosures that need to be audited for the component audit may be audited by the group engagement team, on a consolidated level (for example, goodwill and tax accounts). In this case, and if so instructed by the group engagement team, the component auditor may not need to audit such accounts. The component auditor needs to evaluate the impact of not performing audit procedures on such account balances, classes of transactions or disclosures on his/her ability to obtain sufficient appropriate audit evidence on other account balances, classes of transactions or disclosures that coincide with the accounts audited by the group engagement team. If the component auditor considers there are interrelations between the accounts which are audited at a consolidated level and other significant accounts at the component, the component auditor needs to assess the ability to obtain audit evidence from the group auditor. If the group engagement team is unable to share audit evidence, the component auditor needs to consider if that entails a scope limitation on the component auditor’s work.
Other Materiality Considerations When Non-OAG Firms are Involved
When performing an audit that supports both the group audit and a statutory audit, materiality levels determined within the context of the component’s financial information may be different (lower or higher) than the one communicated by the group engagement team. Under such circumstances, the component auditor performs the work to the lower materiality level as the work for statutory purposes is ordinarily performed concurrently with the work for the group audit. When reporting identified misstatements (either to the group engagement team, management or those charged with governance), the de minimis SUM posting level relevant to the circumstances is applied (e.g., for reporting to the group engagement team, only misstatements over the de minimis SUM posting level identified by the group engagement team are communicated).
If the component auditor has statutory audit reporting responsibilities and therefore uses materiality levels which are greater than those communicated by the group engagement team, the group engagement team has to be notified of this and agree with the materiality levels used.
When OAG is reporting to a non-OAG group engagement team, and OAG is the continuing auditor of the component (e.g., we are not only performing this work to report to the non-OAG group engagement team, but we will also audit the component’s financial statements and issue a report to a third party), we need to carefully consider whether it is appropriate to conduct materiality restricted procedures (regardless of the nature of the financial information) to provide clearance to the group engagement team when we will subsequently be issuing an audit report to our client. Typically a materiality restricted engagement is only appropriate when the group engagement team assumes full responsibility for the work and the report to the group engagement team is not used or referred to in any other way. When considering the appropriateness of conducting materiality restricted procedures, we need to consider whether the materiality determined by the non-OAG group engagement team is so high in relation to component’s financial information, that we are not likely to be in a position to have a sufficient basis on which to form an opinion on the component financial information. In addition, we need to agree with the non-OAG group engagement team on the materiality that would enable us to report, or to agree on another type of engagement that might be more appropriate (e.g. agreed upon procedures). To the extent possible, we would typically perform the work requested by the non-OAG group engagement team at the same time and as part of the work we perform for the statutory audit (although such procedures would typically go beyond the requirements for the group engagement team) to prevent subsequent discovery of facts that may materially alter our opinion as provided to the non-OAG group engagement team.
Similarly, when a OAG group engagement team asks a non-OAG component auditor to perform an audit of the component’s special purpose financial information for consolidation using materiality determined for the component in the context of the group (e.g., higher than would be established for an unrestricted audit of the financial statements of the component), non-OAG component auditors may decline to accept this type of engagement, or request that the materiality set for the component be changed, unless their reporting is solely to the OAG and not for issuance to the component, the OAG assumes full responsibility for the results of their work, and their report to the OAG is not used or referred to in any other way.
Reporting Considerations
Refer to the guidance in OAG Audit 2345 for additional reporting considerations.
The following table outlines what a component auditor would be expected to perform in audits of financial information of components. Such procedures may vary based on the extent of work performed by the group engagement team.
|
Subject |
Procedures to be performed |
Reference Material |
|
Acceptance & Continuance |
CAS 220.12 and 13 determine the need for “engagements” acceptance on a firm level. |
OAG Audit 2321.1 Sharing A&C information on a Group Audit |
|
Engagement letter |
According to CAS 210.6(b), when engaging to perform an audit, the auditor needs to obtain the agreement of management that it acknowledges and understands its responsibility. Since in certain instances such responsibilities may be specified in law or regulation (CAS 210.A11). An engagement letter is required for each entity that leads to the issuance of an audit opinion. The component auditor’s engagement letter needs to take into account the group requirements. |
OAG Audit 2325 Engagement Letters |
|
Ethical requirements, including independence |
Comply with the OAG Code of Values, Ethics and Professional Conduct, and with OAG independence policies, as well as the ethical requirements, including independence, of the component. If specifically informed by the group engagement team that compliance with some additional requirements in the group is required, follow the instructions provided by the group engagement team to confirm such compliance. |
OAG Audit 2328 Compliance with Ethical Requirements, Particularly Independence |
|
Determination of materiality |
If for group reporting—as determined or approved by group auditor. If for both group reporting and local statutory reporting—determine at component level considering group requirements and agree amount with group auditor, or as agreed with group auditor. See detailed discussion above. |
OAG Audit 2333 Determining Materiality in Group Audits |
|
Risk assessment |
Perform as required by the applicable CAS, also considering group level risks, as communicated by the group engagement team. Discuss and agree with group engagement team as deemed necessary by the group engagement team. Inform the group engagement team of any significant risk of material misstatement, due to fraud or error that has been identified at the component level. |
OAG Audit 2332 Risk Assessment at the Group Level |
|
Determine the account balances and transactions subject to audit |
Perform audit procedures for all account balances classes of transactions and disclosures above component performance materiality. See detailed discussion above. |
OAG Audit 4031 Develop an audit plan |
|
Considerations of internal controls |
According to CAS 315.19-27 the auditor is required to obtain an understanding of the entity’s system of internal control, including IT environment. According to CAS 600.appendix 5 the group auditor shares any knowledge and understanding of controls (specifically group-wide controls) with the component auditor. The component auditor may use information obtained from the group auditor as part of the evidence the component auditor obtains over the component’s internal controls, and to assist the component auditor in understanding of controls sufficient to assess risk and plan the audit of the component. |
OAG Audit 5030 Understanding the entity’s system of internal control, including IT environment |
|
Consideration of laws and Regulations |
Perform as required by the applicable CAS. In doing so, consider not only those laws and regulations applicable to the component, as identified by the component auditor, but also laws and regulations applicable to the group, as communicated by the group engagement team, that may impact the component in the context of the group. In addition, inform group auditor of any findings. |
OAG Audit 7510 Laws and Regulations |
|
Consideration of fraud |
Perform as required by the applicable CAS, also considering group fraud risk (such as journal entry testing). Consider if and when it is appropriate to involve group engagement team in the discussion of fraud (CAS 240.16, and keeping in mind the provisions of CAS 600.30) and to investigate with group management (with the assistance of group engagement team, if required). |
OAG Audit 2332 Risk Assessment at the Group Level—Discussion of Risk of Material Misstatement Among Group and Component Personnel, Including Fraud OAG Audit 5500 Fraud |
|
Related parties |
Work on related parties within the group (i.e., between entities of the group) focuses on fraud risk (in accordance with CAS 550) and reconciliation of balances. Work on related parties outside the group is to be performed as required by the applicable CAS. |
OAG Audit 7530 Related Parties |
|
Going concern |
Perform as required by the applicable CAS, using assistance of group engagement team or other component auditors if necessary. In doing so, bear in mind the impact of the component’s role in the group, and relationship within the group, on the component’s ability to continue as a going concern (e.g. reliance of the component on group financing or marketing contracts). |
OAG Audit 7520 Going Concern |
|
Litigation and claims |
Perform as required by the applicable CAS, using assistance of group engagement team if applicable (for example, if the component auditor becomes aware of a litigation or potential litigation for which component management is unable to provide details, but group management may have additional information on, the component auditor may ask the group auditor to assist in obtaining information of such litigation). Understand the component’s controls and procedures involving claims and litigation (including controls and procedures at the group level, and how information identified and processed at the group is being communicated to the component), to understand the source of the information relating to claims and litigation provided by component management. |
OAG Audit 7540 Litigation and Claims OAG Audit 2344 Communicating with Group Management and those Charged with Governance of the Group |
|
Segments information |
Perform only if and as instructed by group engagement team. |
|
|
Subsequent events |
Perform as required by the applicable CAS, also considering impact on group, and using the assistance of group engagement team where applicable. The component auditor may supplement the procedures of CAS 560.7 with discussions and inquiries with the group engagement team about information obtained on a group level that may have an impact on the component. Also, the component auditor needs to be alert for events that have an impact on the group financial reporting although they may not have an impact on the component itself. If informed by the group engagement team that subsequent events procedures do not need to be performed at the component since procedures are being performed by the group engagement team, consider if that entails a scope limitation on the component auditor’s work. |
OAG Audit 2363 Subsequent Events |
|
Evaluation of identified misstatements |
Perform as required by the applicable CAS, including discussing and agreeing these misstatements with the component management, based on de minimis level determined for the component’s audit. Report to group engagement team only those identified misstatements which are at or above the de minimis level at which the group engagement team requested reporting, if there is a difference between the two de minimis levels. |
OAG Audit 9010 Summary of Uncorrected Misstatements OAG Audit 2343 Communicating Results at Completion to Group Engagement Team |
|
Written representation |
Perform as required by the applicable CAS, receiving representations directly from component management, or if appropriate, from group management. The component auditor also needs to consider in the group perspective, if some representations relating to the component need to be received from the group management, or if representations received from component management need to be reported to the group engagement team. In certain circumstances, where the group engagement team is another OAG team and the component auditor will not be reporting to any third party, appropriate representations may be obtained from management at a different level within the group. |
OAG Audit 2343 Communicating Results at Completion to Group Engagement Team—Management Representation OAG Audit 9050 Management Representations |
|
Communication with management and those charged with governance |
Perform as required by the applicable CAS reporting at component level, or if appropriate, at other levels of governance (if, for example, those charged with governance of the component are also charged with governance of other components (CAS 260.A4)), but may require coordination with group engagement team or other component auditors. |
OAG Audit 2344 Communicating with Group Management and those Charged with Governance of the Group OAG Audit 2210 Communication with Those Charged with Governance |
|
Reporting |
Report in accordance with OAG Audit 8000. |
OAG Audit 2345 Component Auditor’s Report OAG Audit 2372 Use of Our Work and Reports by Other Auditors Where OAG Is Not the Group auditor |
|
Other matters |
Perform as required by the applicable CASs. |
Note that the above guidance also applies in cases where the group engagement team is the one performing an audit of the financial information of a component.
CAS Requirement
For a component that is significant because it is likely to include significant risks of material misstatement of the group financial statements due to its specific nature or circumstances, the group engagement team, or a component auditor on its behalf, shall perform an audit of one or more account balances, classes of transactions or disclosures relating to the likely significant risks of material misstatement of the group financial statements (CAS 600.27(b)).
If the group engagement team does not consider that sufficient appropriate audit evidence on which to base the group audit opinion will be obtained, the group engagement team shall select components that are not significant components and shall perform, or request a component auditor to perform an audit of one or more account balances, classes of transactions or disclosures (CAS 600.29).
OAG Guidance
The group engagement team may ask the component auditor to perform an audit of, and express positive assurance on, particular account balances, classes of transactions or disclosures. The group engagement team typically informs the component auditor of the materiality levels to be used and the extent to which a risk assessment is to be performed at the component. As mentioned in Audit of the Financial Information of a Component, the component auditor needs to consider whether the materiality determined by the group engagement team is so high in relation to the component’s financial information that it is not likely to be in a position to have a sufficient basis on which to form an opinion on the relevant account balances, classes of transactions or disclosures and to agree with the group engagement team on the materiality that would enable the component auditor to report as requested. The component auditor needs to consider other account balances that are interrelated with and could materially impact the account balances or classes of transactions on which it is reporting. When the results of procedures performed on the account balances or classes of transactions on which the component auditor is reporting indicate any matters that could give rise to material misstatements in other account balances or classes of transactions, the component auditor needs to consult with the group engagement team and, if deemed appropriate, the auditing procedures are extended to cover these account balances.
Refer to the guidance in OAG Audit 2345 for additional reporting considerations.
Note that the above guidance also applies in cases where it is the group engagement team who performs an audit of one or more account balances, classes of transactions or disclosures of a component.
Reporting Considerations
The scope paragraph of the audit opinion will refer only to the accounts audited (e.g., “we have audited the fixed assets and depreciation expenses of the company as of . . .”). The form of reporting would include a “presents fairly, in all material respects” conclusion or “in our opinion, based on our audit restricted within the limits of materiality has been prepared to give the information required to be shown in accordance with the policies and instructions contained in . . .”
Refer to the guidance in OAG Audit 2345 for additional reporting considerations.
CAS Requirement
For a component that is significant because it is likely to include significant risks of material misstatement of the group financial statements due to its specific nature or circumstances, the group engagement team, or a component auditor on its behalf, shall perform specified audit procedures relating to the likely significant risks of material misstatement of the group financial statements (CAS 600.27(c)).
If the group engagement team does not consider that sufficient appropriate audit evidence on which to base the group audit opinion will be obtained, the group engagement team shall select components that are not significant components and shall perform, or request a component auditor to perform specified procedures (CAS 600.29).
OAG Guidance
The group engagement team may ask the component auditor to carry out specified procedures in relation to particular account balances or classes of transactions of the component (e.g., observation of inventory counts or confirmations of accounts receivable), or of the effectiveness of its internal controls, similar to an agreed-upon procedures engagement.
It is important that the group engagement team provide sufficient direction as to the procedures required to be performed in their instructions. The group engagement team takes responsibility for audit scope for the component where specified procedures are to be performed by a component auditor, including appropriate details in the overall group audit plan.
When the component auditor is from another OAG audit team, the group engagement team can provide instructions with the knowledge that there is a common understanding of OAG Audit and our policies and guidance regarding the performance of procedures (e.g., types of sampling, sample size guidance). Thus, the directions to the component auditor can be less detailed than they would have to be if we were performing an agreed upon procedures engagement for a client or an external firm / auditor engagement team. If the component auditor is in any doubt about the nature, timing, or extent of work the group engagement team is asking the component auditor to perform, they need to seek further direction from the group engagement team.
When the component auditor is from an external firm / auditor, the group engagement team will need to be more explicit in the nature, timing, and extent of the specified procedures to be performed and different reporting will be required.
Reporting Considerations
The group auditor may request that specific procedures be undertaken to assist in the group audit. Because the nature and scope of these procedures are normally determined in the context of the group financial statements, the procedures are usually insufficient to support expression of an opinion on the particular transactions or items standing alone. The report on performance of the work needs to reflect this fact. The report will indicate only the factual findings as a result of performing the specified procedures, including exceptions and misstatements found (with respect to internal controls, this would include a detail of deficiencies in internal controls). If no exceptions or misstatements are found, the report may simply indicate that “nothing has come to our attention.”
If the work is performed in connection with the audit of the financial statements of the component, the report to the group auditor needs to be dated no later than report on the component’s financial statements to avoid any extension of responsibility beyond that date. If work is undertaken which is unrelated to the audit of the component’s financial statements, such as a subsequent events review to the date of the group auditor’s report, a separate report needs to be issued on that work, dated as of its completion.
Refer to the guidance in OAG Audit 2345 for additional reporting considerations.
CAS Guidance
If the group engagement team does not consider that sufficient appropriate audit evidence on which to base the group audit opinion will be obtained, the group engagement team shall select components that are not significant components and shall perform, or request a component auditor to perform a review of the financial information of the component using component materiality (CAS 600.29).
OAG Guidance
When the group engagement team determines that additional evidence needs to be obtained for purposes of the group engagement, a review may be an option at a component that is not significant. However, while a review may bring significant matters affecting the financial information to the group engagement team’s attention, it does not provide the extent of evidence that would be obtained in an audit. In general, either an audit or specified procedures will be appropriate to obtain the necessary evidence regarding component financial information. In deciding on the approach, it is important to keep in mind that the objective of a review differs significantly from that of an audit. A review involves less work than an audit and results in only a limited level of assurance that the financial information of the component is free from material misstatement, expressed in the form of negative assurance. The work envisioned in a review may include
-
discussions with management to confirm that there have been no significant changes in the business, management, or accounting systems and controls;
-
analytical procedures in relation to the
- Balance sheet,
- Income statement,
- Cash flows statement.
-
discussion with management regarding:
- Review of accounting policies to ensure consistency.
- The existence of any substantial liabilities or onerous contracts.
-
other general inquiries.
Where the results of the review indicate any matters that could give rise to material misstatements in the consolidated financial statements, inquiries need to be extended and, where necessary, tests carried out on the relevant aspects of the statements, including consideration of any underlying deficiencies in internal controls. Advise the group engagement team before any extension of inquiries or further testing is performed. This extension may have an effect on the group engagement team’s overall audit approach. Any unusual matters that are noted in this extended review similarly need to be reported to the group engagement team.
Reporting Considerations
The report needs to indicate only the factual findings as a result of performing the review procedures, including exceptions and misstatements found (with respect to internal controls, this would include a detail of control deficiencies). If no exceptions or misstatements are found, the report may simply indicate that “nothing has come to our attention.” Refer to the guidance in OAG Audit 2345 for additional reporting considerations.