7050 External Confirmations
Print this SectionInstitutional links
Annual Audit Manual
- How to Use the Annual Audit Manual
- Foreword
- Copyright
- Glossary
- 100 Overview
- 200 OAG Audit
- 1000 Audit Quality and Auditor Objectives
- 1010 Nature and Scope of an Audit in Accordance with CASs
- 1020 Conduct of an Audit in Accordance with CASs
- 1030 Ethical Requirements Relating to an Assurance Engagement
- 1040 Professional Skepticism and Judgment
- 1050 Sufficient Appropriate Audit Evidence and Audit Risk
- 1070 Job Rotation
- 1080 Selection of Engagement Quality Reviews and Appointment of Engagement Quality Reviewers
- 1090 Complaints and Allegations
- 1100 Audit Documentation and Review
- 1101 Introduction
- 1110 Nature, Purpose and Extent of Audit Documentation
- 1120 Timely Preparation of Audit Documentation
- 1140 Documentation of Significant Matters and Related Significant Professional Judgments
- 1150 Other Documentation Requirements and Considerations
- 1160 Documenting Review of Audit Documentation
- 1170 Assembly of the Final Audit File
- 1180 Multiple Reports Issued from the Same File
- 1190 Retention of Audit Documentation
- 2000 Overall Engagement Considerations
- 2100 Materiality
- 2200 Communication
- 2300 Group Audits
- 2310 Introduction—Group Audit Considerations
- 2320 Initial Engagement Activities
- 2321 Acceptance and continuance as group auditor
- 2321.1 Sharing Acceptance and Continuance information on a Group Audit
- 2322 Obtaining an understanding of the group as part of A&C
- 2323 Identifying components
- 2324 Evaluating group auditor's planned involvement in the work of component auditors
- 2325 Engagement letters
- 2326 Understanding the component auditors
- 2328 Compliance with Ethical Requirements, including those related to independence
- 2329 Sufficient and Appropriate Resources
- 2330 Overall Audit Strategy and Audit Plan
- 2331 Obtaining an understanding of the group, its components, and their environments as part of our risk assessment procedures
- 2332 Risk assessment at the group level
- 2333 Determining materiality in group audits
- 2334 Optional component materiality framework
- 2335 Determining the type of work to be performed on the financial information of components
- 2336 Responsibilities of the component auditor in different types of work to be performed on the financial information of components
- 2340 Communication
- 2340.1 Planned Direction and Supervision of Component Auditors and Review of Their Work
- 2340.2 Group Engagement Team Planning
- 2341 Communicating instructions to component auditors
- 2342 Communicating among group engagement teams and component auditors during the audit
- 2343 Communicating results at completion to group engagement team
- 2344 Communicating with group management and those charged with governance of the group
- 2345 Component auditor's report
- 2350 Consolidation Process
- 2360 Completion and Reporting
- 2370 Special Reporting Considerations
- 2380 Shared Service Centers Audits
- 3000 Initial Engagement Activities
- 3001 Introduction
- 3010 Acceptance and Continuance
- 3030 Independence
- 3040 Terms of the Audit Engagement
- 3050 Initial Audit Engagements
- 3060 Engagement Team
- 3070 Review of Audit Work and Documentation
- 3080 Consultations, Including where Differences of Opinion
- 3090 Use of Auditor's Experts
- 3091 Introduction
- 3092 Determining the need to use an auditor’s expert
- 3093 Determing the procedures to perform when using auditor’s experts
- 3094 Evaluating the competence, capabilities and objectivity of the auditor’s expert and obtaining an understanding of the field of expertise
- 3095 Agreeing terms and arrangements with the auditor’s expert
- 3096 Evaluating the adequacy of the auditor’s expert’s work
- 3097 Reference to the auditor’s expert in the auditor’s report
- 3100 Specialists in Accounting or Auditing
- 3110 Management’s Experts
- 4000 Planning Activities
- 4001 Introduction
- 4010 Team Planning Meetings
- 4020 Audit Strategy
- 4021 Establish an audit strategy
- 4022 Develop and document the audit strategy
- 4023 Planning activities
- 4024 Develop the testing strategy
- 4025 Timing of understanding and evaluation of internal controls
- 4026 Strategy in relation to indirect ELCs
- 4027 Strategy in relation to significant risks
- 4028 IT testing strategy
- 4030 Audit Plan
- 4040 Planning Sign-off
- 4050 Changes to the Audit Strategy and Plan
- 5000 Identify and Assess Audit Risks of Material Misstatement
- 5001 Introduction
- 5010 Risk Assessment Procedures
- 5011 Risk assessment procedures and related activities
- 5012 Develop initial expectations about risks of material misstatement and the classes of transactions, account balances and disclosures that may be significant
- 5013 Determine the competencies and capabilities required to perform risk assessment activities
- 5020 Understanding the Entity and Its Environment, and the applicable financial reporting framework
- 5021 Understanding the entity and its environment
- 5022 Organizational structure, ownership and governance, and business model
- 5023 Extent to which the entity’s business model integrates the use of IT
- 5024 Industry, regulatory and other external factors
- 5025 Measures used, internally and externally, to assess the entity’s financial performance
- 5026 Understanding the Entity’s Climate-Related Risks
- 5027 Understand the applicable financial reporting framework, and the entity’s accounting policies
- 5028 Understand how inherent risk factors affect susceptibility of assertions to misstatement
- 5029 Scalability
- 5030 Understand the entity’s system of internal control, including IT environment
- 5031 Entity’s system of internal control and its relevance to the audit
- 5032 Components of internal control—Control environment
- 5033 Components of internal control—The entity’s risk assessment process
- 5034 Components of internal control—The Information system and communication
- 5035 Components of internal control—Control activities
- 5035.1 Identify controls that address risks of materials misstatement at the assertion level
- 5035.2 Identify the risks arising from the use of IT and the related ITGCs
- 5035.3 Segregation of duties
- 5035.4 Information processing objectives
- 5035.5 Evaluate design and implementation of controls
- 5035.6 Scalability
- 5036 Components of internal control—The entity’s process to monitor the system of internal of controls
- 5037 Control deficiencies within the entity’s system of internal control
- 5040 Identify and Assess Risks of Material Misstatement
- 5500 Fraud
- 5501 Introduction
- 5502 Fraud Risk Factors
- 5503 Discussions Among the Engagement Team
- 5504 Risk Assessment and Related Activities
- 5505 Assessment of the Risk of Material Misstatement Due to Fraud
- 5506 Responses to the Risks of Material Misstatements Due to fraud
- 5507 Examples of Possible Audit Procedures to Address the Assessed Risks of Material Misstatement Due to Fraud
- 5508 Management Override of Controls
- 5509 Journal Entries
- 5510 Evaluation of Audit Evidence to Identify Previously Unrecognized Risks of Fraud
- 5511 Examples of Circumstances that Indicate the Possibility of Fraud
- 5512 Fraud Communications
- 5513 Involvement of the Internal Specialist for Fraud
- 5514 Using CAATs in Attempting to Detect Fraud
- 5515 Fraud In the Public Sector
- 6000 Develop and Execute Controls Tests
- 6030 Using the Work of an Internal Audit Function
- 6031 The role of the internal audit function
- 6032 Evaluate ability to use the work of an internal audit function
- 6033 Determining the nature and extent of work of the internal audit function that the Office finds appropriate to use
- 6034 Evaluating the work of the internal audit function
- 6035 Using internal auditors to provide direct assistance
- 6040 Service Organizations
- 6050 Develop and Execute a Controls Test Plan
- 6051 Test of controls and their importance
- 6052 Nature of controls tests
- 6053 Extent of controls tests
- 6054 Testing automated controls
- 6055 Determine whether evidence is available for the whole period
- 6056 Using controls evidence obtained in prior audits
- 6057 Execute and evaluate results of planned controls procedures
- 6059 Document controls testing
- 6030 Using the Work of an Internal Audit Function
- 7000 Develop and Execute Substantive Tests
- 7001 Introduction
- 7010 Develop and Execute the Substantive Test Plan
- 7011 Determine the level of evidence required from substantive procedures
- 7011.1 Audit guidance for specific financial statement areas
- 7013 Select the appropriate type of substantive procedures to perform
- 7014 Determine the evidence needed from substantive procedures
- 7015 Timing of substantive audit procedures
- 7016 Execute substantive procedures and document results
- 7020 Evaluate Sufficiency and Appropriateness of Audit Evidence
- 7030 Substantive Analytics
- 7031 Introduction
- 7032 Suitability of analytical procedures
- 7033 Use of substantive analytical procedures
- 7033.1 Evaluate reliability of data and develop an independent expectation
- 7033.2 Defining a significant difference or threshold
- 7033.3 Compute differences
- 7033.4 Investigate and corroborate significant differences
- 7034 Best practices to overcome potential pitfalls in applying analytical procedures
- 7035 Common ratios and knowledge management tools
- 7040 Tests of Details
- 7041 Using tests of details
- 7041.1 Application of tests of details
- 7041.2 Documentation of tests of details
- 7042 Targeted testing
- 7043 Accept-reject testing
- 7043.1 A five-step approach to performing accept-reject testing
- 7044 Audit sampling
- 7044.1 Eight-step approach to performing non-statistical audit sampling
- 7044.2 Eight-step approach to performing statistical audit sampling
- 7050 External Confirmations
- 7060 Physical Inventory Observation
- 7061 Introduction
- 7062 Planning to attend physical inventory counting
- 7063 Performing test counts at annual physical inventory counting
- 7064 Cycle counts
- 7065 Testing final inventory records
- 7066 Inventory count conducted other than at the date of the financial statements
- 7067 Unable/impractical to attend physical inventory counting
- 7068 Inventory under custody and control of a third party
- 7069.1 Testing Inventory Costs
- 7069.2 Inventory Cut-Off Testing
- 7069.3 Planning and Executing Tests of Inventory Lower of Cost or Net Realizable Value
- 7070 Auditing Accounting Estimates and Related Disclosures
- 7071 Introduction
- 7072 Understand the Entity and Its Environment
- 7073.1 Step 1: Perform Risk Assessment Procedures
- 7073.2 Step 2: Set Roles and Responsibilities
- 7073.3 Step 3: Determine Risk of Material Misstatement and Testing Approach
- 7073.4 Step 4: Test Method(s)
- 7073.5 Step 5: Test Significant Assumptions
- 7073.6 Step 6: Test Data
- 7073.7 Step 7: Evaluate Work of Specialists and Experts
- 7073.8 Step 8: Address Estimation Uncertainty and Test Disclosures
- 7073.9 Step 9: Consider Management Bias
- 7073.10 Step 10: Perform Overall Evaluation
- 7074 Completion Procedures
- 7500 Other Audit Procedures
- 7510 Consideration of Law and Regulations
- 7520 Going Concern
- 7530 Related Parties
- 7531 General considerations required for related party relationships and transactions
- 7532 Risk assessment procedures for related party transactions
- 7533 Responses to the risks of material misstatements associated with related party relationships and transactions
- 7534 Evaluating disclosures, representations and communications
- 7540 Litigation and Claims
- 7550 Segment Information
- 7560 Minutes of Meetings
- 7570 Contracts
- 7580 Testing reconciliations
- 7590 Use of Computer-Assisted Audit Techniques (CAATs)
- 8000 Reporting
- 8010 Audit Reporting
- 8020 Comparative Information
- 8030 Other Information
- 8031 What is an annual report and other information
- 8032 Obtaining the other information
- 8033 Reading and considering other information
- 8034 Material inconsistencies identified
- 8035 Material misstatements of the other information
- 8036 Material misstatements in the financial statements or the need to update our understanding of the entity and its environment
- 8037 Reporting and documentation
- 8040 Other Reporting Matters
- 9000 Completion Activities
- 9001 Introduction
- 9010 Summary of Uncorrected Misstatements
- 9020 Overall Conclusion Analytics
- 9030 Financial Statements and Financial Statement Disclosure Checklists
- 9040 Subsequent Events
- 9041 Introduction
- 9042 Events occurring between the date of the financial statements and the date of the audit report
- 9043 Events occurring after the date of the audit report but before the date the financial statements are issued
- 9044 Events occurring after the financial statements have been issued
- 9050 Management Representations
- 9060 Completion Sign-offs
- 9080 Post-Audit Surveys
- 11000 Auditing Compliance with Authorities and “Other Matters”
- 11001 Introduction
- 11002 Guiding Principles for Auditing Authorities
- 11010 Compliance with Authorities
- 11020 Other Matters
- 11021 Historical context of “other matters”
- 11022 Our legislative responsibility to report “other matters”
- 11023 Considering “other matters” in annual audits
- 11024 Reporting “other matters” in accordance with our additional reporting responsibilities
- 11024.1 Reporting “other matters” in the Public Accounts of Canada
- 11024.2 Examples of “other matters” reported in Crown corporation auditor’s reports
- 11024.3 Examples of “other matters” reported in other entities auditor’s report
- 11030 Executive and Board Compensation
- Methodology Updates