8 December 2023

If you are preparing engagement letters for assurance engagements, there are some changes of which you should be aware. These are contained in PS 3: Terms of Engagement, issued by CAANZ. This applies to professional services entered into after 1 January 2024 (early adoption permitted).

What is different about the new standard to what auditors have commonly included in their engagement letters, and what updates have been made in the standard Audit Assistant templates?

The basic requirements for engagement letters are included in ISA 210 – Agreeing the Terms of Audit Engagements. Our standard built-in Audit Assistant engagement letters are based on the ISA 210 examples with some additional content (such as optional Bannerman clauses). Most of the requirements in PS 3 that pertain to audits are already covered in ISA 210, however, there are a couple of important additional pieces of information required as follows:

Basis of Fees

The letter is to identify “the basis on which fees will be calculated and clearly define the billing arrangements including specifying any consequences of nonpayment.” (para R2.4) Many firms currently include this detail in their annual Audit Planning Letter (also known as an Arrangement Letter). It now must be in the Engagement Letter and include (from Appendix 2) such things as:

  • What is the method and basis of billing (time and cost including rates, fixed fee including the scope of services covered and what services would result in additional charge, etc.).
  • When will bills be rendered (frequency and estimated timing).
  • What the payment terms are, including what happens if the client does not pay by the agreed date (i.e. whether interest and/or penalties will be charged and/or whether a lien will be asserted)
  • Whether the member will progress bill for the engagement.
  • How the member will price a change in scope.

The Appendix also states that “The member should also consider including an initial fee estimate, if possible.” If a fixed fee is being used this amount would be included. One of the implications of this change is that a fresh engagement letter may need to be issued annually. As this will depend largely on the individual firm policy and possibly be different for various clients these details may need to be added on a case-by-case basis.

We have added a standard paragraph to our latest engagement letters, (based on what is in our annual planning letters) which may be edited as required.

Services from a Service Provider

Where a member uses services from a service provider to perform their professional services for a client and the member will disclose the client’s confidential information to that service provider, the disclosure permissions required must include disclosure of (per para R2.7):

  • the identity of the service provider;
  • the service used;
  • how and where the client’s confidential information will be used and/or stored (including geographical location, where identifiable, or a statement that this geographical location cannot be identified and the reason(s) why not); and
  • any other information that is required to comply with applicable technical and professional standards. and laws and regulations.

This includes contractors and cloud-based processing or data storage services. A service provider is defined as “an individual or organisation external to the firm that provides a human, technological, or intellectual resource that is used in the performance of engagements.”

Fortunately, if you use Audit Assistant this is straightforward. All the client data is encrypted – including transfers – and maintained within Australia and NZ. No client data needs to be transferred outside of the software if the ‘sharing‘ and ‘requests‘ features are used.

We have added a paragraph to this effect under the “Ownership of and access to audit file” paragraph in our standard Engagement Letters.

Complaints policy

The engagement letter is to “… include a description of the firm’s complaints policy.” This should mirror how the firm handles complaints as per their Quality Management policies and procedures. This may include the use of mediation services. Again, this will depend largely on the individual firm policy.

We have added a basic response to our standard engagement letters as follows:

“If you have any concerns about our costs or services, please speak to the person responsible for this engagement (signed below). We have policies and procedures in place to deal appropriately with any complaints and we will do our best to resolve any issues that may arise. We suggest that any such complaint be made in writing to allow us to investigate the issue raised.”

You may edit this if you require something more bespoke.

Use and distribution of the report

If there are any restrictions on who should have access to the audit report or other outputs of the engagement, these restrictions should be clearly stated in the terms of engagement. An appropriate disclaimer should also be included. (para 11)

This is normally specified in the audit report itself, an example of which is normally attached to or quoted within the engagement letter. PS 3 states that this should be included in the letter, along with a suitable disclaimer.

We have added space into the Reporting section of our standard engagement letters for the manual insertion of any such restrictions.

Other matters

Ownership of documents and Confidentiality:

This is already included in our audit templates.

Period of application:

The period of the first financial statement is stated. Ongoing application is covered in broad terms to the effect that, “This letter will be effective for future years unless it is terminated, amended, or superseded by either ourselves or the (governing body).”

Identity of client:

The full legal name of the client and the kind of governing body should be used when setting up the audit file, so it is very clear who the legal body is that the firm is contracting with. These details carry automatically into the engagement letter within Audit Assistant. If the entity is a group the group’s legal name should be used or (and Group) be added to the client name.

Description of services:

Audit engagements are usually very clear, and this is explicit in the Objective and Scope paragraph. However, if any additional services are being provided – such as the completion of any additional reports – these should be added manually to the letter.

Client responsibilities:

Again, this is generally spelled out fairly clearly in the standard audit engagement letters, but PS 3 does recommend that if there are any critical deadlines for the supply of information this should be identified, and if there is any specific access to data permissions required that this also be included. These issues are currently covered in our annual audit planning letter, however, you may wish to manually add them in the engagement letter as well if they are critical to the work.


This is covered in current templates.


PS 3 points out that the client’s acceptance (signed and dated) is essential. This is covered in the current templates, however, firms must ensure that this is done and the signed version is attached to the audit file.

Additional recent updates to engagement letters and audit reports

In addition to the above, there has been a small update made to the wording of engagement letters and audit reports for IFRS entities due to an update in NZ IAS1 – Presentation of Financial Statements.

The wording “including a summary of significant accounting policies” must now read “including material accounting policy information.” We have updated this in relevant engagement letters and audit reports.

We have also updated our NFP engagement letters and audit reports to reference NZ AS1 (Revised) with appropriate language to reflect some terminology changes in the new Tier 3 and 4 NFP standards.


The templates in the 2024 series audit templates have been updated for the new content. Some areas need to be manually completed (marked yellow) for fee estimates and restrictions on use and distribution. The letters may also be customised on a job-by-job basis by clicking the customise button in the bottom right. You should read through the letter to make sure it is appropriate, but there should be nothing further required if you have selected the correct options where there are potential reporting variations etc.

If you are updating from an earlier template and you have used the previous engagement letter and this has been rolled forward this should be deleted and then the new version will be able to be selected.