This article was first published in the July 2011 edition of Accounting and Business magazine. 

Studying this technical article and answering the related questions can count towards your verifiable CPD if you are following the unit route to CPD and the content is relevant to your learning and development needs. One hour of learning equates to one unit of CPD. We'd suggest that you use this as a guide when allocating yourself CPD units.

The standard is focused particularly on group audits that involve auditors other than the group engagement team - designated as component auditors - in performing work on the financial information of group components. In particular the standard highlights the peculiar audit risk of such engagements by stating that ‘in a group audit, this includes the risk that the component auditor may not detect a misstatement in the financial information of the component that could cause a material misstatement of the group financial statements, and the risk that the group engagement team may not detect this misstatement.’

To address such peculiar audit risk the ISA strengthens the requirements placed on the group auditor in respect of the direction, supervision and performance of the group engagement and in respect of the group auditor’s involvement in the work of component auditors.

Acceptance and continuance

The group engagement partner is required to determine whether it is appropriate to accept or to continue with the engagement on the basis that it is reasonable to expect that sufficient appropriate evidence about the consolidation process and components’ financial information can be obtained.

The group engagement team shall obtain at a preliminary stage of a new engagement, or shall update for a continuing one, an understanding of the group, its components and their environments that is sufficient to identify components that are likely to be significant components. Where other auditors will be involved, the group engagement partner shall consider whether the group engagement team will be able to be involved in the work of those component auditors.

The concept of significant component is central to ISA (UK and Ireland) 600 and is articulated into:

  • a component that is of individual financial significance to the group; or
  • that, due to its specific nature or circumstances, is likely to include significant risk at group financial statements level.

The group engagement team may use a percentage of a chosen benchmark to help identify components of individual financial significance, eg 10% of group profit, albeit different benchmarks and percentages could be appropriate. On the other hand a component that is not of individual financial significance may still pose a significant risk at group level if it is involved in critical activities, for example by performing a procurement or treasury function for the whole group.

Group audit strategy and plan

To fulfil his or her responsibility for the direction of group audit, the group engagement partner shall review the overall strategy and plan developed by the group engagement team. 

Risk assessment

ISA (UK and Ireland) 600, in line with the risk-based approach of ISA (UK and Ireland) 315, requires the group engagement team to enhance the understanding of the group, its components and their environments obtained at the acceptance or continuance stage, and to obtain an understanding of the consolidation process, including instructions issued by group management to components.

The level of understanding required is the level sufficient to confirm or revise the initial identification of significant components and to assess the risks of material misstatement of the group financial statements, whether due to fraud or error, that will form the basis for designing and implementing responses to such risks. 

Matters that could be relevant in obtaining an adequate understanding of the group and the consolidation process include group-wide controls, for example; financial controls on components’ operations and results; group financial reporting procedures, including the existence of a manual; and matters relevant to the consolidation process, such as the group’s process for identifying and accounting for component, the required consolidation adjustments and the nature, frequency and size of intra-group transactions.

The component auditor

The group audit team needs to obtain an understanding of the component auditor if it intends to request one to perform work on the financial information of a component. In particular it would be necessary to investigate whether the component auditor understands and will comply with the ethical requirements applicable to group audit and in particular whether he or she is independent. In the case of a component auditor based in a different jurisdiction the ethical requirements may be different or additional to the local ones.

The professional competence of the component auditor will also need to be examined to ascertain, for instance, whether he or she has a sufficient understanding of the applicable auditing and financial reporting standards, sufficient resources to perform the work and the required specialist skills, such as industry-specific knowledge, for the particular component.

It is also important to establish whether the group audit team will be involved in the work of the component auditor to a sufficient extent and whether the component auditor operates in a regulatory environment that actively oversees auditors.

The above information about the component auditor could be obtained in a number of ways, including the completion of specific questionnaires.

If the group audit team understands that the component auditor is not independent or has serious concerns about their compliance with ethical standards, professional competence or the ability to be involved, it should not rely on the component auditor to obtain sufficient appropriate audit evidence about the component.

Materiality

The group engagement team is required to set various types of materiality.

First, it needs to set materiality for the group financial statements as a whole which is used when establishing the overall group audit strategy. If deemed to be appropriate, materiality may be set for particular classes of transactions, balances and disclosures of the group accounts.

The group audit team should also determine component materiality for those components where component auditors will perform an audit or a review for the purposes of the group audit. Component materiality is set at a lower level than group materiality and can be set at different levels for different components.

Responses to assessed risks

To address the assessed risks of material misstatement of the group financial statements, the group audit team is required to design and perform further procedures on the consolidation process and the financial information of components.

ISA (UK and Ireland) 600 introduces quite specific requirements in respect of the type of work that the group audit team should or can choose to perform on the financial information of components. In addition, the standard also sets a minimum level of involvement of the group auditor in the work performed by component auditors.

Type of response

Significant components

  • For a component of individual financial significance the group audit team, or a component auditor on its behalf, shall perform an audit using component materiality
  • For a component that is significant for the risks of material misstatement posed to the group financial statements due to its nature and circumstances, the group audit team, or a component auditor, shall perform one or more of:
  1. An audit of the financial information using component materiality
  2. An audit of specific account balances, classes of transactions or disclosures relevant to the significant assessed risks
  3. Specified audit procedures relating to the significant assessed risks of material misstatement.

Non-significant components

  • For components that are not significant the group engagement team shall perform analytical procedures at group level.
  • If the group audit team considers that the audit evidence obtainable from the work performed on significant components, group-wide controls and group analytical procedures will not be sufficient it shall select non-significant components and perform, or request a component auditor to perform, one or more of:
  1. An audit or a review of the financial information using component materiality
  2. An audit of specific account balances, classes of transactions or disclosures
  3. Specified procedures

Involvement with component auditor

Significant components - risk assessment if a component auditor performs an audit of a significant component, the group engagement team shall be involved in the risk assessment exercise performed by the component auditor to identify significant risks for the group financial statements. The level of involvement will be affected by the understanding of the other auditor but, as a minimum, it should include discussing the significant business activities of the component and the risk of material misstatement of its accounts. It should also include a review of the other auditor’s documentation relating to the risk assessment which could take the form of a memorandum.

Significant risks of material misstatement of the group accounts - further procedures

If a component auditor performs work on a component that includes significant risks of material misstatement of the group financial statements, the group audit team shall evaluate whether the further audit procedures to be performed are an appropriate response and whether it is necessary to be directly involved in the performance of the procedures.

Communication

The group engagement team’s communication to the component auditor should set out the work to be performed, the use to be made of such work and the form and content of the component’s auditor communication. Some of the items that would need to be covered include the applicable ethical requirements, component materiality if applicable, assessed risks of material misstatement at group level relevant to the component and a list of related parties.

On the other hand the component auditor shall communicate matters relevant to the group audit team’s conclusion such as confirmation of compliance with relevant ethical requirements and the group auditor’s instructions, identified significant deficiencies in the component’s internal control and his overall findings, conclusions and opinion.

Often the group engagement team communicates its requirements by using a letter of instruction. It is also customary for the component auditor to send a memorandum or report of the work performed.

Evaluating audit evidence

When a component auditor has been involved in performing work on the financial information of a component the group audit team shall evaluate the auditor’s communication, such as the memorandum or report of work.

Importantly, the group audit team will also need to determine whether it is necessary to review other relevant parts of the component auditor’s audit documentation. Normally the focus will be on documentation relevant to significant risks at group level.

The group engagement team shall evaluate whether sufficient appropriate evidence has been obtained from the procedures performed on the consolidation process and on the components on which to base the group audit opinion.

Documentation

ISA (UK and Ireland) 600 requires the production of specific documentation such as an analysis of components in terms of significance and a description of the type of work performed and the involvement of significant components’ auditors. Communications of the group audit team’s instructions should also be documented.

Massimo Laudato, technical adviser, ACCA UK