17 July 2020

For someone whose main task is to audit financial information, auditing mainly non-financial service performance information can be challenging. A deliberate shift of perspective is required – like putting on a different kind of auditing hat.

NOTE: This article has had to be updated a couple of times because of deferrals to the standards, resulting in a mismatch of application dates. We suggest that if PBE FRS 48 has been adopted that NZ AS1 be used to audit it as there is a clear line between the two standards. For the XRB’s reasoning see here.

In December 2015 the XRB issued EG Au9 “Guidance on the audit or review of the performance report of Tier 3 not-for-profit public benefit entities”. This helped us all get started, but it was clear that a new standard applying to a wider field than just Tier 3 entities and addressing service performance information more specifically was needed.

To meet this need, the NZ Auditing and Assurance Board (NZAASB) released NZ As1 “The Audit of Service Performance Information”. Now effective from 1st of January 2023 (but with early adoption permitted), this provides much more clarity. We have now released audit templates to help apply this standard (see below).

EG Au9 provided limited help through a simple set of prescriptive guidelines referencing ISAE (NZ) 3000, whereas NZ AS 1 provides clear objectives, principles, requirements, and application material. NZ AS 1 applies to a much broader range of potential service performance reporting (including Tier 1 and 2 PBE as per PBE FRS 48 – see below).

Problems addressed by the new standard

Since reporting on service performance information is relatively new, many reporting entities are still coming to grips with the objectives and requirements of service performance reporting. This has resulted in problems such as:

  • Changes made to information presented year after year to present the organisation in the best possible light
  • Reporting the “easy” results and omitting the important ones
  • Reporting outcomes and outputs which are often unsubstantiated and with little evidence to support the claims made
  • Inconsistent reporting year to year

Even when an entity provides an SSP with outputs and outcomes that could be substantiated it was often difficult to understand the audit risks. More application guidance was needed especially concerning:

  • Materiality levels
  • What constitutes a misstatement in service performance information
  • How the outcomes and outputs relate to the assertions

What are the features of the new standard?

The complexity and confusion around the production and audit of service performance information highlighted the need for clearer direction for auditors. NZ AS 1, therefore, addresses a very specific type of financial statement with very different reporting goals from conventional reporting.

NZ AS 1 relates closely to ISA 200, “Overall Objectives of the Independent Auditor and Conduct of an Audit in Accordance with the International Standards on Auditing”, and should be read in conjunction with this standard. Remember that service performance auditing is still auditing, but the information being audited is new and unfamiliar. So NZ AS1 incorporates familiar key audit principles into planning, performing, evaluation procedures, and reporting. It references many other auditing standards as they apply to this new mode of reporting such as:

  • Agreement on audit engagement terms
  • Laws and regulations
  • Communication with those charged with governance
  • Planning
  • Materiality
  • The auditor’s responses to assessed risks
  • Forming an opinion and reporting content.

Further analysis of NZ AS1 is included on our support website. This breaks down the key concepts of the standard.

The relationship between PBE FRS 48 and NZ AS-1

The XRB released PBE FRS 48 “Service Performance Reporting” in November 2017. This standard for Tier 1 and 2 PBEs is effective for reporting periods beginning on or after 1 Jan 2022 (early adoption permitted).

For now, most Audit Assistant users applying the new standard will be doing so in the context of a Tier 3 PBE SSP. So while they will not need to follow the requirements of PBE FRS 48, we recommend that they familiarise themselves with the principles within this standard. It will help them to understand concepts like qualitative characteristics and pervasive constraints. It will also help to identify what constitutes service performance information, what information can be verified, which information faithfully represents the entity, what makes information understandable to users, and whether the information is comparable to either the prior year or comparable entities.

Note that we have a PBE FRS 48 compliance checklist within our Tier 1 and 2 PBE reporting checklists and audit templates.

Audit Assistant Service Performance Audit Template

Our new Audit Assistant NZ AS1 template is currently available in a stand-alone format, so that it may be used alongside other audit work (including for firms not using Audit Assistant for their audit work – contact us for a custom signup).

The content is also incorporated into our new LCE Tier 3 and 4 PBE templates. In these templates, amendments have been made to reports to include changes in audit opinions related to the statement of service performance, written representations in the client representation letter and the audit report, including specific reference to NZ AS1. The new content has been designed to reach the key objectives that have been set out in the new standard. It consists of seven sections:

• Acceptance of engagement
• Checklist shared with the client to gather service performance information
• Internal Controls Assessment
• Materiality assessment
• Risk analysis
• Detailed testing
• Reporting

We are committed to improving the quality of our products so we welcome any feedback on this new template.

Your new service performance auditing hat may feel uncomfortable at first, but after a while, there will be certain comfort and familiarity!

15 July 2020

For many auditors of smaller entities (small charities and clubs for example), a major difficulty is how to adhere to auditing standards which are designed primarily for larger entities.

Given the time and budget constraints that auditors face this can cause some auditors to go into autopilot and tick-off checklists rather than clearly identifying, assessing, and addressing audit risks. We have identified these issues in previous articles, and although at a global level nothing has yet emerged to tackle this problem, we have designed a new series of audit templates specifically addressing this.

With our templates for less complicated entities (LCEs), we have set out to reduce the compliance burden that the current ISAs create and to focus on what is relevant to smaller organisations. We have done this in part by referencing the suggested application material for small entities within the existing standards, and leaving out the content that will only be relevant in larger entities (e.g. internal audit).

We also aim to improve audit quality, evidence and documentation by reducing the number of pages and work items, and instead we ask questions that prompt qualitative answers with solid evidence, rather than ticking “yes” or “no” answers. We have also tried to reduce the heavy and complex language of the standards to use brief, plain English wherever possible to ensure auditors can understand the true essence of the requirements laid out by ISAs. To carry on the aircraft metaphor – to spend more energy on looking at the view (the client) and less time fiddling with the controls.

Use of the new LCE series templates

While many standards have specific clauses for considerations for smaller entities (we refer to these in the new LCE templates), the standards do not define what “small entities” are. This is left to the auditor’s judgement. We would suggest as a rule of thumb that in most cases in NZ non-Tier 1 and 2 entities will probably be classed as small, and so they will fit our LCE templates unless they have controls that must be tested due to non-transparent processes or have complex operations or ownership structures.

We made the templates primarily with locally owned entities in mind, however often with smaller companies, the trigger for audit is that they have some overseas ownership. When these companies themselves are small and simple, the LCE template will be entirely adequate. We will try to give some guidance around this in future articles, but it is our estimate that 80% of the jobs carried out using Audit Assistant will probably be LCE, either not-for-profit or for-profit entities.

What key changes are included in the LCE templates?

We have conducted an in-depth update of the whole audit process incorporating overall usability review and user suggestions. Based on these changes have been made that include the following.

  • Move from a checklist-style that has mainly yes/no or multi-choice answers to a narrative style that prompts descriptions and attachments of work performed to ensure that the auditor is documenting what they have done and why – designed to get the job done in a thorough but not over-the-top way.
  • Rather than including every detail of the requirements of the standards, complex and detailed points of the standards are summarised and deliberately made into plain English (we are assuming that the auditor has a good grasp of the standards, and will refer to the actual standards by hyperlink to XRB website if required).
  • ISA application material has been chosen so that the template focuses on requirements that are the most applicable to small entities.
  • Remove detailed compliance testing – templates assume a substantive-based approach, without reliance on systems testing.
  • Leave out detailed checklists for what is unlikely to apply to small entities, for example, internal auditors.
  • Make the process more transparent by bringing important work “to the top”, removing duplication and streamlining workflow.
  • Add hyperlink references to specific work performed in other parts of the workbook that is relevant to another section e.g. E1-1.2 of the Entity and Environment.

What auditing standards are not included?

  • ISA 600 – Special Considerations – Audits of Group Financial Statements (limited mention)
  • ISA 610 – Internal Auditor
  • ISA 701 – Communicating Key Audit Matters in the Independent Auditor’s Report (limited mention)
  • ISA 805  – Audits of Single Financial Statements and Specific Element, Account or Item of a Financial Statement 
  • ISA 800 – Reporting Considerations for Special Purpose Framework (no specific mention as the requirements are met by other standards)

New standards included in LCE templates

  • NZ AS1 – The Audit of Service Performance Information (although effective for periods beginning on or after 1 Jan 2021 we have included this content in the new Tier 3 and 4 PBE LCE templates)
  • ISA 540 – Auditing Accounting Estimates, Including Fair Value Accounting Estimates, and Related Disclosures (workpapers based on the substantially updated version are included)

Templates available

The following are available for use now, or will be released by the end of July 2020:

  • Audit – Special Purpose Reporting (LCEA-SP-2020)
  • Audit – NZICA SPFR for FPE (LCEA-NZSP-2020)
  • Audit – Tier 3 Charity (LCEA-T3-2020)
  • Audit – Tier 4 Charity (LCEA-T4-2020)

Review and feedback

As the LCE templates are new, we are welcoming feedback on the content. To create a job, go to the “new job” area and select the appropriate version. Note that jobs can be switched from existing templates, but we recommend that this is only done after the annual rollover to avoid loss of work.

We have created a dummy client (“Little and Quick Ltd”) to test the basic special-purpose version. We have been sharing this job with interested users to review. If you would like to have a copy please contact us and we can send through a PDF of the completed job, and/or attach the live job to your account. Happy flying!

3 June 2020

When help or support is needed first use the “help” icon from within Audit Assistant (bottom right of the screen):

  • This connects to relevant articles from our support hub.
  • Includes a contextual search function with a number of suggestions.
  • If the suggestions are not suitable, use the search bar to access all the content on our support hub:
  • The help topic will open in the sidebar, but clicking on the up arrow will open the full article in the support hub. 

If browsing for more information go directly to the support hub.

Support hub front page

This provides information on:

  1. What type of work can be done within Audit Assistant.
  2. Answers to frequently asked questions.
  3. Services we provide if you are seeking further training.
  4. Detailed instructions on how to use features in Audit Assistant.
  5. Articles of interest related to topics like audit principles, COVID, AML to name a few.

The site has been separated into five main categories of which category has its sub-categories. For example, the category Articles has sub-categories for current issues and technical articles for areas of focus such as:

  • Less complex entities
  • Accounting standards
  • Anti-money laundering audits
  • And other audit and technical issues

The Q&A section has answers to questions that other users have asked and we feel are beneficial to users especially frequently asked questions.

We recommend looking at all categories especially the Q&A section before contacting us directly as this will speed up the process of obtaining an answer, however, we are always just a click away if needed.

Contacting us directly

  • When using the contact option tell us as clearly as possible the specific problem.
  • Attaching a screenshot of what you are seeing is often helpful.
  • If you tell us the name of the job you are working on this is also very helpful as we can view from our end.
  • If you think it easier to discuss your issue over the phone please provide your phone details so that we can contact you when it is convenient.
  • Our response will depend on the urgency of the request and time of the day – ranging from immediately to the following day.
  • Please also contact us to make suggestions and provide feedback – this is most helpful.

While the help-desk or email is the most reliable way to contact us in the first instance, if a really urgent issue has arisen and we haven’t responded on the help-desk, try calling us (in business hours) on:

  • 021 169 4097 (Clive – content, and admin); or
  • 022 199 6830 (Swikrit – technical issues).

29 April 2020

At Audit Assistant we are fully aware of the disruption of COVID-19 on your audit practice and like you doing are best to adjust to working remotely. We are working hard to ensure our service to you is not disrupted by this event.

The XRB website has useful information on how to incorporate COVID-19 into your audit. We recommend that if you have not done so already that you read their COVID auditing implication section and the attached link to articles and websites.

We are actively assessing our processes and remaining vigilant to any new implications arising from updated guidance from regulatory and institutional authorities with an emphasis on our checklists and reports.

If you seek assistance arising from COVID-19, please feel free to contact us through our support desk.

Upon our review of Audit Assistant’s processes, templates, reports & support infrastructure to determine how we can improve, now and into the future, we will be implementing the following:

  • COVID-19 Checklist
  • COVID-19 Emphasis of Matter paragraphs
  • Infrastructure for users working remotely with an unreliable internet connection

COVID-19 Checklist

We have reviewed the XRB Audit Implications and IAASB guidance and have developed two features to help. In the planning (D) section an optional checklist has been created to help you with prompts for identifying and assessing the effects of COVID-19 for example:

  • Effects on audit deadlines
  • Impact on control environment and planned reliance on controls
  • Inability to attend stock takes
  • Regulatory factors and the appropriateness of assumptions for accounting estimates
  • Identification of subsequent events
  • Reconsideration of the appropriateness of the use of the going concern
  • Group audits

COVID-19 Emphasis of Matter Paragraphs

Auditors should consider whether an Emphasis of Matter paragraph for COVID-19 issues is appropriate. We have added a prompt on the Audit Report page (Z section) as follows:

Screenshot of Audit Assistant showing Covid-19 entry point

Here is a simple example of a COVID-19 EOM paragraph:

We draw attention to note xxx in the Financial Report, which describes events subsequent to year-end and specifically the possible effects of the future implications of COVID-19 on ABC Limited’s future financial position and performance. In our view this issue is fundamental to users’ understanding of the Financial Report. Our opinion is not modified in respect of this matter.

We have prepared this video as part of our training programme.

Emphasis of Matter – NZ Schools (OAG) Audit

The NZ OAG has specified that an EOM paragraph must be added to school audits as follows (amended as appropriate where reports are qualified):

We have added this paragraph so that it will automatically be included in all school audit reports.

Infrastructure for users working remotely with an unreliable internet connection

With everyone working from home, issues around internet connections have been identified as not all connections were created equal especially for those living in rural areas.  

This can be an area of great frustration especially when working on a page and the internet connection is temporarily down. This can mean that data and information that you were inputting to a page may not save. We are currently working on a feature that adds a message warning users when their internet connection is unavailable. In addition, any items (comments, review notes, etc) that fail to save, will no longer be lost. Instead you will be given the opportunity to retry saving once reconnected. This feature should be in by June.

24 April 2020

Relevant or not?

When it comes to auditing estimates and related disclosures it is understandable to think that a new standard may not as relevant to small and medium practices. However, there are so many types of accounting estimates, to name a few:

  • Bad debts
  • Inventory obsolescence
  • Depreciation the fair value of financial assets or financial liabilities
  • Goodwill
  • Contingent Liability
  • Holiday & Sick pay obligations
  • Warranty estimates & obligations
  • Credit losses allowances
  • Useful life of an asset

A small entity may have complex estimates and a large entity may have estimates that are small and simple to measure. Therefore, from time to time you will need the guidance from this standard. Fortunately the IAASB has specifically designed the amendments to be scalable.

In this article we highlight how the revised ISA 540 will affect how you audit accounting estimates and related disclosures and what we are doing to assist you in this regard.

What are the key changes to the amended standard?

The objectives:

The objective of the auditor in the old standard was to obtain sufficient audit evidence in the financial statements that accounting estimates were reasonable and related disclosures were adequate.

Under the new standard auditors will need to obtain reasonable assurance for both accounting estimates and disclosures.

What is the concept of reasonable?

An entity’s Accounting Estimates and related disclosures are reasonable when:

  • They fit within the context of the applicable financial reporting framework
  • They reflect judgements that are consistent with each other and with those used in other accounting estimates or areas of the entity’s business activities
  • They not only comply with the requirements of the applicable financial reporting framework but, in doing so, reflect judgements that are consistent with the objective of the measurement basis in that framework.

Essentially, reasonable assurance means that when auditing we can no longer work under the assumption of trust but verify. We must be professionally sceptical and assess whether management assertions around estimates agree to our expectations, collated audit evidence and the audit outcome.  

Key Concepts and requirements within the standard:

The revised standard now requires a separation of assessment of inherent and control risks. There are three main inherent risks:

  • Subjectivity – They arise from inherent limitations in knowledge or data reasonably available to value estimates.
  • Complexity – The complexity inherent in the process of making an accounting estimate, such as when multiple data sets or assumptions are required or when complex models are used.
  • Estimation Uncertainty – The susceptibility to an inherent lack of precision in the measurement of an accounting estimate. Estimation uncertainty influences the other inherent risk factors.

Overall, how an entity measures its estimates is highly subjective and this factor is largely interrelated with other inherent risk factors.

There is an increased emphasis on understanding the environment the entity operates in and the level of expertise it has in order to understand how management measures accounting estimates, internal procedures and controls around accounting estimates and disclosures. This means understanding:

  • The entity’s transactions and other events and conditions relating to accounting estimates to be recognised or disclosed.
  • Regulatory factors relevant to the entity’s accounting estimates, including, when applicable, regulatory frameworks related to a financial reporting framework, prudential supervision.
  • The nature of the accounting estimates and related disclosures that the auditor expects to be included in the entity’s financial statements, based on the auditor’s understanding of the matters to the above.
  • How the entity’s risk assessment process identifies and addresses risks, what methods are used by management to create estimates.
  • In relation to the methods used, the auditor should focus on how management selects or designs and applies them.

The more significant the inherent risk the greater professional scepticism is required.

When the auditor assesses the risk to have a higher estimation uncertainty, complexity, and subjectivity, the greater the scepticism needed especially if they are more susceptible to management bias or fraud.

We must stand back and ask whether what we have seen reflects the results and expectations of the entity’s accounting estimates and review them to the outcome of past estimates. A solid understanding of ISA 315 and ISA 330 helps auditors to conclude that controls are designed and implemented satisfactorily safeguard against inherent risks.

The standard also requires engaging with management and governance. When starting the audit, we must ensure that we receive the following:

  • Documented procedures on how management makes their decisions on what accounting estimates they present in their financial statements.
  • Assumptions made.
  • Data used and the internal controls over them.

Throughout the audit we must be communicating with governance and management around significant qualitative aspects of the entity’s accounting practices and significant deficiencies in internal control.

The emphasis is on the inherent risk factors and encouraging the entity to use a more statistical, historical, or reasoned approach to creating an estimate and disclosure.

Appendix 2 to the revised standard gives great examples of what you should be communicating to the entity’s governance and management.

What are Audit Assistant’s changes?

The template has been designed in three parts:

Accounting Estimates – The main page. The aim is to identify and assess the risks of material misstatement for accounting estimates and evaluate whether accounting estimates and disclosures are free from material misstatement.

Accounting Estimates Client Questionnaire – A sub-page to be shared with the client to provide the required information from the entity assists with assessing how the client makes estimates and any controls around this.

Specific Estimate – A sub-page to assist with auditing a specific accounting estimate and will help with the overall evaluation of accounting estimates – a version is created for each estimate. The goal is to:

  • Assess management’s assumptions and judgements in making the accounting estimate and ascertain whether there is management bias.
  • Assess whether controls are operating effectively on the estimate.
  • Assess whether substantive procedures alone can provide sufficient appropriate audit evidence.
  • Design tests of controls and substantive tests for the specific estimate.

NOTE: ISA (NZ) 540 (Revised) applies for periods beginning on or after 15 Dec 2019.

The standard does not say, as many do that early adoption is permitted, so for now we have provided the alternative to use the old workpapers, or the new ones based on the revised standard. We have also moved accounting estimates from the E section into the D “Other Matters” section.

31 March 2020

This is our theme for 2020. We want to proactively assist our users to become more equipped, skilled, efficient and profitable. Here are some ideas:

Have us assess your practice

We often find that firms that are struggling with their documentation and staying current benefit hugely by having us look through the kind of work they do, having a conversation around problems and challenges and having us make some recommendations about what they could be doing (which may include some or all of the following). This discussion often takes place informally in the context of training, however we are happy to do this at a basic level as a free service on request.

Think outside your location

In the current audit environment, where many smaller part-time audit firms are opting out of audit,  there is a great need for other firms to take up the slack, especially in the more remote regions. By embracing paperless, cloud-based technology like Audit Assistant there is no real disadvantage auditing small entities remotely. Have you thought about following your networks and your specialisations to regions where there are few or no auditors?

Use all our online connection tools

Sharing pages to gather data, complete checklists and otherwise interact with clients is a non-brainer when it comes to efficiencies, yet many firms still don’t use these to their fullest. New features introduced over the last 12 months like to ability to customise pages prior to sharing, hiding sections, getting prompts when clients complete their work have made this even better. Plus we are working on some clever new interaction tools.

Upload your testing data and trial balance

Much efficiency is gained by creating a testing sample in Excel then uploading this to our substantive testing pages, yet this is not used nearly as much as it could be. Once the data is loaded tests are run against the sample, scans may be attached and errors notes – all within the software. Similarly trial balance data is now easier to upload and manipulate. Xero Trial Balances are now a one-click upload

Embrace paperless – attach and link

Having everything is in the digital file means it is all secure, backed up, and assessable from anywhere. Apps like Microsoft Office Lens make scanning from your device while on fieldwork far easier. These can then be uploaded back at the office. Remember that in most cases attachments may be added by simply dragging and dropping onto the appropriate work item. Remember too that links to external sites and repositories may be added using the attachments tool.

Review concurrently and use our review tools

A huge advantage of cloud-based real-time audit software is the ability to review jobs in smaller, more timely chunks. A reviewer can jump into a job when they have a spare ten minutes, add review notes if required on pages in progress and head off any potential rabbit trails that staff may be on. No need to wait until the file arrives just hours before sign-off is required, and finding that there are plot-holes in the story. If a firm is not using the review tools they are missing out on huge efficiencies.

Use the right templates

We have now introduced a prompt to tell users if there is a better/newer version of a job type that they could/should be using. In some cases this is critical where a standard has been updated. We don’t force these changes as in some cases there may be a good reason to stay on an older version (say doing a job that relates to an earlier period) but this is rare. In general if there is a new version flagged this should be adopted as a matter of course – especially after roll-over. Most of your data will be retained (that which relates to the old job type will be dropped) and you will be assured you are using current content. In the worst case you can always roll back the job using duplicate/restore.

Become an accredited user firm and list on our website

We have provided a service for some time of listing firms who wish to do so on our website (soon to be upgraded) and this free service will continue, however we are also introducing a firm accreditation system, whereby if a firm has been with us more than six months, and we have carried out training and/or file reviews, we will list them on our website as accredited users, and allow them to use our Audit Assistant branding to enhance their reputation with their clients or potential clients. 

Use us to assist with your quality control

We offer a file review service whereby firms submit names of jobs for us to review and provide a written report including recommendations on how to use Audit Assistant better. This can be part of a practice assessment, lead to training in identified areas, and/or form part of your formal quality control process. Our report also contains feedback on how the file holds together and how it has addressed the auditing standards and best practice. This service is charged on an hourly basis.

Book a training session

There’s nothing like taking time to sharpen your tools. This is what training does – gives firms a chance to pause, take breath and look at alternative ways to do better work. Bad habits can be left behind and better ways learned. We carry out training in-house if required, combined by area for new users and smaller firms, and also from time to time carry out workshops around issues of special interest. There is a fee charged for training sessions. 

Let us help with data migration or fee purchase

Sometimes firms hesitate adding all their work onto Audit Assistant because the time required for set up with many jobs can be unappealing. We can help with data migration and job setup – either just creating a bulk lot of clients with contact details, or by adding trial balance data. This is a custom service that depends on the specific need so contact us to discuss. We can also transfer jobs from another user in the case of sale and purchase of a block of fees. We can also connect firms either selling or wanting to buy a block of fees.

Tell us what you need from us

We’re here to help! Any requests, ideas, or suggestion are appreciated. If you can see an opportunity for us to develop some new content that may have wider commercial value please get in touch. Or if you want a new feature or service just ask. If we have enough requests we will find a way.

Note that most of these ideas can also apply to your compilation work as well. 

Please contact us to discuss further these ways we can partner with you to enhance your business and lifestyle

To help our users prepare for their next review – to get the proverbial ducks in a row – I requested the CAANZ NZ auditor oversight team to provide a list of the main issues encountered in their review work with audit firms. 

They were kind enough to send me notes from a recent presentation which included these very topics (for all audit firms – not just our users).So here are the main points, along with my commentary and suggestions about how to best use Audit Assistant to address these common problem areas:

1.  Audit / review report not compliant with standards

Our standard audit reports are designed for all types of jobs, and different permutations and outcomes, however they are not foolproof. Common mistakes include:

  • Using an out of date audit template which includes an out-of-date audit report: With help from Bill Heritage we updated all our reports in 2016 when the reporting standards changed. If users are using an old template our system now prompts for an update with a red flag-box at the top of the page. Updating is easy and users are then assured of the correct audit report.
  • Incomplete or incorrect reports: Using the correct report still may not produce a complete report if the wrong boxes have been ticked, or not ticked at all earlier in the job. Read the produced report carefully to make sure it makes sense and all essential parts are included. Use the Customise/Edit button to open up the detail on the page to see if something is missing or wrong and follow the hyper-links back to correct.
  • When the standard reports don’t fit: Occasionally there will be some odd situation that we haven’t covered. In these cases use the Customise/Edit button to open and create the custom changes needed. Or use Copy to Clipboard and carry out a final edit in Word.
  • Using your own out-of-date reports: To check if your reports are up to date we suggest checking your reports against ours, and use our checklists to find out where your reports are lacking.

And please if you do find an error or omission in our reports – or have a suggestion for improvements – let us know.

2. Not identifying that the financial statements do not comply with the reporting framework

At the beginning of each audit template we ask which reporting framework is being adopted and whether this is appropriate. There is also a testing tool included to make sure the framework actually fits the job. We also provide financial reporting checklists that allow the auditor check the disclosure and presentation in detail for compliance with the chosen framework. If an issue of non-compliance is found we suggest users:

  • Note the problem and flag the issue – either as a risk, an adjustment, a management letter point, for follow up, or a key issue for partner attention or combination of the above depending on the kind of non-compliance.
  • This will ensure that the point is not overlooked, and an adequate response is made, either by the client rectifying the issue or the appropriate note included and modification added to the audit report.

3.  Independence threats (self-review / long association)

Practice review seems to be requesting firms to have peer reviews carried out for jobs where there is a long association. The risk is that familiarity can bring a certain blindness that another auditor may easily spot. This is a particular issue for smaller firms where internal review or rotation of staff and partners is not possible. We suggest:

  • Find another local firm of similar size and style and create reciprocal review agreement.
  • We have acted as “matchmaker” in one case so far. We are happy to offer this as a free service to our users.
  • Use our review service – this also serves as a training exercise in the use of Audit Assistant. While we are not “qualified auditors”, we find that so far our review has fulfilled quality control requirements.

4. Lack of clarity about opinion modifications (e.g. which revenue streams are affected)

When a modification is made to an audit report, there is a prompt to make a paragraph describing the basis of the modification.

  • We do not provide any standard wording for this as every situation is likely to be unique so it is up to the auditor to provide a sufficiently precise statement.
  • In these cases it may be a good idea to involve a peer reviewer (as above) to ensure that this essential wording is clear.

5. Going concern requirements not met (audit report and financial statements)

Again this is an issue of using the correct audit report, and considering the requirements of the standards.

  • Auditors are required to ask whether a preliminary assessment of the entity’s ability to continue as a going concern has been carried out by the client, evaluate that assessment, and if not to discuss with client and record the discussion and evaluate (ISA(NZ)570,10).
  • The financial reporting checklists will assist in checking the disclosure requirements of the relevant reporting standards.

6. Staff members completing Audit Assistant with little apparent understanding / No evidence that the engagement partner has taken responsibility for the direction, supervision and performance of the audit

These were two separate items in the notes, but they seem to relate closely. Within Audit Assistant:

  • The partner is required to sign off the A1 control page which concludes the whole job. This implies that they have taken responsibility for approval and supervision of the work.
  • There are a number of other pages that the partner should either be concluding or reviewing, such as the risk assessment page, the audit summary page, and the quality control page.
  • We provide full training for users, so if this is you please contact us and book a training session.
  • Download the latest user handbook.

7. Insufficient (or non-existent) audit documentation

Obviously not talking about Audit Assistant users 🙂

8. Has not demonstrated professional scepticism

The notes point out that there may be no single way in which the auditor’s professional scepticism is documented. It is more an attitude of having a questioning mind, being alert to anything that may indicate misstatement due to error or fraud and critically assessing audit evidence. Nevertheless the audit documentation should provide evidence of the auditor’s exercise of professional scepticism in accordance with the ISAs (NZ), addressing questions such as:

  • Has the auditor responded appropriately in circumstances when inconsistent or contradictory audit evidence was obtained?
  • Does the documentation indicate alertness to anything that may indicate misstatement due to error or fraud?
  • Has the auditor sought evidence to challenge rather than just corroborate management’s assertions?
  • If information is inconsistent with the auditor’s final conclusion regarding a significant matter, have they documented how the inconsistency was addressed?

9. Inappropriate sample sizes

As part of the audit documentation, there must be a logical connection made between sample size for test of details with factors such as:

  • Assessment of risk.
  • Use of other substantive procedures directed at the same assertion.
  • Ability to stratify the population.

Thought must be applied to reducing sampling risk to an acceptable level, and the logic of the decision must be documented.

The notes point out that two types of conclusion can result if this connection is not made:

  • That a material misstatement does not exist when in fact it does.
  • That a material misstatement does exist when in fact it does not.

Within Audit Assistant we prompt for these kinds of discussions as part of our planning and tests of details areas.

We hope this tips give some direction as to where you might consider some internal training or updates to procedures. Please contact us if you have any questions or comments about any of these issues or would like any assistance.

Following on from our previous article regarding the Audit of Less Complex Entities (LCEs), we spoke to a number of our user firms and, along with 78 others stakeholders globally, responded to the IAASB request for submissions.

The LCE discussion has tended to focus on smaller for-profit entities that make a direct economic contribution, but in New Zealand the LCE field is dominated by not-for-profits. We estimate that NFP/LCE jobs done using Audit Assistant outnumber LCE for-profit jobs by about 4:1.

From user feedback, the mismatch of International Auditing Standards (ISAs) with the audit requirements of the humble but exceedingly numerous garden-variety NZ not-for-profit (charities, clubs, associations etc) seems to be the major issue. 

At a social level it is critical that small charities, clubs and other not-for-profits remain viable and accountable, as these entities create a disproportionate amount of social cohesion which flows down into all sorts of positive social (and therefore ultimately also economic) outcomes. If the herbs that nurture society are neglected we not only lose our flavour but our health. So the social cost of inappropriate audit standards may well be an overlooked factor in this discussion.

Obtaining an audit is a significant but necessary overhead if an entity is seeking funding. Funders won’t include the cost of audit in grants and the funding is not guaranteed just because the audit is done. So this is a great burden. 

There are an estimated 110,000 of these types of entities in NZ – most of which would be LCEs. If we assume that a half of these are subject to or want an audit we have about 55,000 LCE NFP audits. If the real cost of audits has increased by say $1500/entity under the ISAs, that is a cost of $82m p.a. to an already struggling sector. 

Industrial grade standards

Internationally applicable standards focussing mainly on large for-profit entities were developed in the context of globalism and the GFC.  Although these international issues had little direct effect or relevance to LCEs in general, the result was highly technical standards lacking clear help or relevance for smaller non-profits and a crippling audit fee increase without any real quality gain. We have taken an industrial approach to standards.

This may be necessary for industrial-scale entities, but there is no room for the combine harvester in the back-yard herb garden.

No wonder then that in New Zealand many smaller and provincial accounting firms that carried out perfectly adequate audit work at a scale appropriate to LCEs have dropped out because they do not have the time, staff or resources to carry out ISA-compliant audits.

In turn the entities they previously audited have either had to pay much higher fees to large city firms, stop being audited voluntarily (if under the threshold for compulsory audit) or potentially close because they are already financially pressed and dependant on overstressed volunteers. So the garden withers.

What can be done?

As part of my research and reflection I reviewed the pre-ISA New Zealand Auditing Standards and Guidelines (March 1996). These were an attempt to set some basic markers and guidance for audit work in New Zealand based on best auditing practice applied to our context. In my opinion they actually read very well in many respects, explaining concisely the key issues of risk-based auditing.

The obvious observation after reading through these older standards (as noted in the LCE discussion paper) is the sheer bulk of the ISAs (approximately 1200 pages) compared to the 1996 standards (265 pages including guidance).

At the risk of sounding like an old guy longing for the “good old days”, I was surprised how clear the 1996 standards were and imagined how easy and useful it would be just to go back to those for New Zealand LCEs (with some appropriate updates of course for the changing business environment since the 1990s).

The barrier to this kind of approach is the insistence by the international standard setters that to maintain audit quality and consistency the LCE approach must be international. My question is why?

Do we need international standards for LCEs?

The discussion paper includes a working definition of LCEs as: 

“An entity which typically possesses qualitative characteristics such as:

  1. Concentration of ownership and management in a small number of individuals (often a single individual – either a natural person or another enterprise that owns the entity provided the owner exhibits the relevant qualitative characteristics); and
  2. One or more of the following:
    i. Straightforward or uncomplicated transactions; ii. Simple record-keeping; iii. Few lines of business and few products within business lines; iv. Few internal controls; v. Few levels of management with responsibility for a broad range of controls; or vi. Few personnel, many having a wide range of duties.”

ISAs were made to respond to global realities, buts most LCEs discussed above operate at a local level. So why do we actually need an international standard or standards for LCEs? 

If we added to the above criteria “that the entity has limited or no overseas interests” this would effectively remove the need for compliance with international standards at all. This changes the whole discussion. If an entity has any sort of overseas ownership or subsidiaries or significant trade whereby suppliers or customers relied on the audit work they would be required to produce audit reports in terms of the ISAs. 

In New Zealand this would probably remove the majority of our audit work from the ISA net without any risk to our international reputation, at the same time enhancing our charity and social services sector. Why not apply the same criteria to for-profits, also relieving them of the same burden?

It could actually be a good thing for these standards to not be international as the audit requirements may be more effective if localised for the context. It would also be easier to maintain these standards without a full international approval and adoption process. 

Could we return to nurturing these humble but necessary small-holdings with appropriately scaled, locally nurtured standards? I’d love to hear your feedback

In recent decades the creep in complexity in the International Auditing Standards (ISAs) has made it difficult for auditors to do appropriate and cost-effective audit work for their SME clients.

Using the full might of the ISAs on something like the local bowling club is a bit like using a rocket launcher to kill a mouse.

The IIASB has acknowledged this is a recent discussion paper. The chairman, Prof. Arnold Schilder says:

“Smaller entities make a critical contribution to the world economy, and quantitatively the majority of audits globally are audits of smaller entities. The ongoing challenges relating to the complexity and difficulties in applying the International Standards on Auditing (ISAs) faced by those auditing smaller entities is an area that is of particular importance to the Board, and to me personally.”

The paper uses the term “Less Complex Entities” (LCEs). The IAASB Glossary defines these as entities which typically possesses qualitative characteristics such as:

a. Concentration of ownership and management in a small number of individuals (often a single individual – either a natural person or another enterprise that owns the entity provided the owner exhibits the relevant qualitative characteristics); and

b. One or more of the following:

i. Straightforward or uncomplicated transactions;
ii. Simple record-keeping;
iii. Few lines of business and few products within business lines;
iv. Few internal controls;
v. Few levels of management with responsibility for a broad range of controls; or
vi. Few personnel, many having a wide range of duties.

The report acknowledges that 129 jurisdictions use, or are committed to using, the ISAs (up from some 90 countries in the mid-2000’s), however the vast majority of entities being audited are being saddled with requirements designed for large complex entities.

They state that “there is a growing perception in some jurisdictions that the increasing length and complexity of standards may lead to overly costly audits in the LCE sector of their economy.” This is what I hear from our clients all the time.

The scope and complexity of the ISAs can then actually act as a barrier to auditors reading and understanding them, result in a perceived ‘checklist-approach,’ with a greater focus on compliance rather than using professional judgment, leading to increased documentation in audit files, with no perceived commensurate benefit (!)

So what has been designed to increase audit quality can potentially lead to a reduction in audit quality as the auditor, overwhelmed by the content and requirements, struggles just to complete the checklists, taking his or her eye off the real task, and in the process blows a huge hole in the wall while the mouse runs away!

So where is this going? IFAC has developed a “Guide to Using ISAs in the Audits of Small and Medium Sized Entities”. There is some great content and background reading but if you are looking for shortcuts it doesn’t really reduce complexity that much.

The Nordic Federation of Public Accountants has produced an excellent draft standard called “Nordic Standard for Audits of Small Entities”. This basically reduces all the essentials of the ISAs into one standard. 

In our development of our audit templates we are always aware of this tension between complying with the full requirements of all the ISAs and taking a sensible approach for our users whose client base often consists solely or mainly of SME/LCE type work. A template based on the Nordic Standard would be awesome, but may not perhaps please Practice Review.

We always welcome suggestions from users as to how we can cater better for LCEs, so please do contact us with your suggestions. We follow this discussion from IAASB with interest.

As I’m reviewing audit files I like to feel as if I’m reading a thriller, or at least a mystery story.

The introduction sets the scene, including the characters and their world. Then we start to see the stakes – what is at risk? What do the characters want? What dangers are there that our heroes have to overcome?

Once the hero (which is you – the auditor) – identifies these things, then they set about solving the mystery. How will they approach it best to make sure that they aren’t side-tracked onto irrelevant issues that aren’t really that critical to the plot? How do they stay focussed, and lead their trusty side-kicks safely through to a satisfactory outcome so that they survive to live the (even more exciting) sequel?

The brave adventurers set out on their great quest. What do they do when the unexpected plot twists come up? Do they stay alert or are they lulled into boredom on the long journey, or tricked by some evil mastermind into missing some hidden piece of the puzzle? Are they intimidated by their fierce enemies to back down and take an easier path that leads to a dead end? Can they see through their quest to the end?

Okay so it’s not always quite that exciting doing an audit. But nevertheless all audits follow a clear story that encompasses many of standard tropes of a good story. And most importantly the reader of an audit file should be able to discern a clear story arc. I would describe this as follows:

1. What is the setting (entity and environment)?
2. What does our mission entail (scope and legislative requirements)?
3. Who are the key characters and stakeholders and how they relate to the entity and to each other (risk, related parties, fraud)?
4. Who will be reading our story – or at least the final chapter – our audit report (user needs)?
5. What details can we skim over and what do we need to include so we don’t miss anything important (materiality)?
6. What are the key points we need to focus on where things could go badly wrong (documentation specific risks including how the entity deals with it own risks)?
7. What the risks are that our mission could fail (reducing audit risk to an acceptable level)?
8. How can we meet this goal by choosing the combination of approaches that is most efficient – based on assessed risks and materiality?
9. How much we will rely on the client’s own controls, how much we will rely on analytical review, and how much we will have to cover by testing transactions by sampling (our Risk Analysis, Strategy and Plan)?
10. How do we make sure we focus on our plan and don’t get side tracked – UNLESS something pops out that we didn’t know about – the dreaded plot-twist (revisting planning)?
11. What have we found out about the big issues we identified in our planning (summarise the whole job on – Audit Summary Information page – what we identified as the big issues -medium, high and significant risks and key issues – any changes we had to make along the way, and anything else that is really important – errors we found or indications of fraud for instance)?
12. Is our work is sufficient to meet our goals?
13. Pull together a report that encompasses all the important findings above.

Many audit files contain lots of good work, but don’t necessarily hold together the story arc that makes a good audit file. Often the story is in the auditors head, but they haven’t recorded it that well. The story is either cluttered with too much detail or missing some important detail on which the whole plot hangs. 

So when you are completing your next audit file, sit back and imagine you are reading a story. Does it contain all the elements above, or are there holes in the plot? Is it as big as Lord of the Rings but not nearly so interesting? Is there a clear story running through the whole file, so that someone else could read it and feel like they were right there with you on your adventure?