Auditing Standard ASA 2013‑2
Amendments to Australian Auditing Standards

Issued by the Auditing and Assurance Standards Board

Obtaining a Copy of this Auditing Standard

This Auditing Standard is available on the Auditing and Assurance Standards Board (AUASB) website: www.auasb.gov.au

Contact Details

COPYRIGHT

© 2013 Commonwealth of Australia.  The text, graphics and layout of this Auditing Standard are protected by Australian copyright law and the comparable law of other countries.  Reproduction within Australia in unaltered form (retaining this notice) is permitted for personal and non‑commercial use subject to the inclusion of an acknowledgment of the source as being the Australian Auditing and Assurance Standards Board (AUASB).

Requests and enquiries concerning reproduction and rights for commercial purposes should be addressed to the Executive Director, Auditing and Assurance Standards Board, PO Box 204, Collins Street West, Melbourne Victoria 8007 or sent to enquiries@auasb.gov.au.  Otherwise, no part of this Auditing Standard may be reproduced, stored or transmitted in any form or by any means without the prior written permission of the AUASB except as permitted by law.

ISSN 1833-4393

CONTENTS

PREFACE

AUTHORITY STATEMENT

CONFORMITY WITH INTERNATIONAL STANDARDS ON AUDITING

Paragraphs

Application...............................................................1-2

Operative Date..............................................................3

Introduction

Scope of this Auditing Standard.................................................4-5

Objective..................................................................6

Definitions.................................................................7

Amendments to Auditing Standards

Amendments to ASQC 1.....................................................8-27

Amendments to ASA 200....................................................28-29

Amendments to ASA 220....................................................30-36

Amendments to ASA 230....................................................37-38

Amendments to ASA 240....................................................39-43

Amendments to ASA 260....................................................44-53

Amendments to ASA 265......................................................54

Amendments to ASA 300....................................................55-57

Amendments to ASA 315....................................................58-76

Amendments to ASA 402......................................................77

Amendments to ASA 500....................................................78-79

Amendments to ASA 550....................................................80-82

Amendments to ASA 600....................................................83-93

preface

Reasons for Issuing ASA 2013‑2

The Auditing and Assurance Standards Board (AUASB) issues Auditing Standard ASA 2013‑2 Amendments to Australian Auditing Standards, pursuant to the requirements of the legislative provisions and the Strategic Direction explained below.

The AUASB is an independent statutory committee of the Australian Government established under section 227A of the Australian Securities and Investments Commission Act 2001, as amended (ASIC Act).  Under section 336 of the Corporations Act 2001, the AUASB may make Auditing Standards for the purposes of the corporations legislation.  These Auditing Standards are legislative instruments under the Legislative Instruments Act 2003.

Under the Strategic Direction given to the AUASB by the Financial Reporting Council (FRC), the AUASB is required, inter alia, to develop auditing standards that have a clear public interest focus and are of the highest quality.

Main Features

This Auditing Standard makes amendments to the following Auditing Standards:

ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements (27 June 2011)

ASA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Australian Auditing Standards (27 October 2009)

ASA 220 Quality Control for an Audit of a Financial Report and Other Historical Financial Information (27 June 2011)

ASA 230 Audit Documentation (27 October 2009)

ASA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of a Financial Report (27 June 2011)

ASA 260 Communication with Those Charged with Governance (27 June 2011)

ASA 265 Communicating Deficiencies in Internal Control to Those Charged with Governance and Management (27 October 2009)

ASA 300 Planning an Audit of a Financial Report (27 June 2011)

ASA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment (27 June 2011)

ASA 402 Audit Considerations Relating to an Entity Using a Service Organisation (27 June 2011)

ASA 500 Audit Evidence (27 June 2011)

ASA 550 Related Parties (27 June 2011)

ASA 600 Special Considerations—Audits of a Group Financial Report (Including the Work of Component Auditors) (27 October 2009)

The amendments to the Australian Auditing Standards comprise consequential changes arising from:

• The revision of Auditing Standard ASA 610 Using the Work of Internal Auditors; and
• Amendments necessary to ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements (June 2011) to include within its existing application and scope related services engagements.

The main proposals covered by the amendments are:

1.                    Consequential changes arising from the revision of ASA 610, including:
   1.                 A new requirement in ASA 315 for the auditor’s risk assessment procedures to include enquiries of appropriate individuals within the internal audit function (if the function exists).
   2.                 New and revised application and other explanatory material in ASA 315 relating to:
      1.                  How enquiries of the internal audit function may inform the external auditor’s risk assessment;
      2.                Procedures for evaluating the internal audit function; and
      3.              How the work of the internal audit function may be used in obtaining audit evidence.
   3.                 Consequential amendments to other Auditing Standards that do not have an impact on the requirements of those standards.
   4.                 Changes necessary to align paragraph and footnote numbering in the amended Auditing Standards with the equivalent standards issued by the International Auditing and Assurance Standards Board (IAASB).
2.                    Amendments necessary to update ASQC 1, including:
   1.                 Changes to the title of the Auditing Standard to include related services engagements.
   2.                 Where appropriate, changes to the requirements and the related application and other explanatory material to include related services engagements.
   3.                 Consequential amendments to other Auditing Standards that do not have an impact on the requirements of those standards.

Dated: 11 November 2013  M H Kelsall
 Chairman - AUASB

Conformity with International Standards on Auditing

This Auditing Standard has been made for Australian legislative purposes and accordingly there is no equivalent International Standard on Auditing (ISA) issued by the International Auditing and Assurance Standards Board (IAASB), an independent standard‑setting board of the International Federation of Accountants (IFAC).

Auditing Standard ASA 2013‑2

Amendments to Australian Auditing Standards

Application

1.                    This Auditing Standard applies to:
   1.                 an audit of a financial report for a financial year, or an audit of a financial report for a half‑year, in accordance with the Corporations Act 2001;
   2.                 an audit of a financial report, or a complete set of financial statements, for any other purpose; and
   3.                 a firm that performs:
      1.                       an audit of a financial report for a financial year, or an audit or review of a financial report for a half‑year, in accordance with the Corporations Act 2001;
      2.                     an audit or review of a financial report, or a complete set of financial statements, for any other purpose;
      3.                   an audit or review of other historical financial information;
      4.                   an audit or review other than of historical financial information;
      5.                     other assurance engagements; and
      6.                   related services engagements.

1.                    This Auditing Standard also applies, as appropriate, to an audit of other historical financial information.

Operative Date

1.                    This Auditing Standard is operative for financial reporting periods commencing on or after 1 January 2014.  Early adoption is permitted.

Introduction

Scope of this Auditing Standard

1.                    This Auditing Standard makes amendments to the Australian Auditing Standards.  The amendments arise principally from:
   1.                  Consequential changes arising from the revision of Auditing Standard ASA 610 Using the Work of Internal Auditors; and
   2.                 Amendments necessary to update ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements (27 June 2011) to include within its existing application and scope related services engagements.
2.                    This Auditing Standard uses underlining, striking out and other typographical material to identify the amendments to Auditing Standards, in order to make the amendments more understandable.  However, the amendments made by this Auditing Standard do not include that underlining, striking out or other typographical material.

Objective

1.                    The objective of this Auditing Standard is to make amendments to the following Auditing Standards:
   1.                 ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements (27 June 2011)
   2.                 ASA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Australian Auditing Standards (27 October 2009)
   3.                 ASA 220 Quality Control for an Audit of a Financial Report and Other Historical Financial Information (27 June 2011)
   4.                 ASA 230 Audit Documentation (27 October 2009)
   5.                 ASA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of a Financial Report (27 June 2011)
   6.                  ASA 260 Communication with Those Charged with Governance (27 June 2011)
   7.                 ASA 265 Communicating Deficiencies in Internal Control to Those Charged with Governance and Management (27 October 2009)
   8.                 ASA 300 Planning an Audit of a Financial Report (27 June 2011)
   9.                  ASA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment (27 June 2011)
   10.                  ASA 402 Audit Considerations Relating to an Entity Using a Service Organisation (27 June 2011)
   11.                 ASA 500 Audit Evidence (27 June 2011)
   12.                  ASA 550 Related Parties (27 June 2011)
   13.              ASA 600 Special Considerations—Audits of a Group Financial Report (Including the Work of Component Auditors) (27 October 2009)

Definitions

1.                    For the purposes of this Auditing Standard, the meanings of terms are set out in each Auditing Standard and in the AUASB Glossary.  This Auditing Standard does not introduce new definitions.

Amendments to Auditing Standards

Amendments to ASQC 1

1.                    The title is amended throughout the Auditing Standard to read as follows:

Auditing Standard ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements and Related Services Engagements.

1.                    The Conformity Statement is amended as follows:

This Auditing Standard differs in scope from ISQC 1 as it does not apply to related services engagements.

Compliance with this Auditing Standard enables compliance with ISQC 1, to the extent that ISQC 1 applies to audits and reviews of financial reports and other financial information, and other assurance engagements.

1.                Paragraph Aus 0.1 is amended to read as follows:

(a)-(c) …

(d) an audit or review other than of historical financial information; and

(e) other assurance engagements.; and

(f)    related services engagements.

1.                Paragraph Aus 1.1 is amended to read as follows:

This Auditing Standard, ASQC 1 (the Standard), deals with the firm’s responsibilities for its system of quality control for audits and reviews of financial reports, and other financial information, and other assurance engagements and related services engagements.  This Standard is to be read in conjunction with relevant ethical requirements.  Relevant ethical requirements are defined in ASA 102.*

1.                Paragraph Aus 4.1 is amended to read as follows:

This Standard applies to all firms of assurance practitioners in respect of audits and reviews of financial reports and other financial information, and other assurance engagements and related services engagements.  The nature and extent of the policies and procedures developed by an individual firm to comply with this Standard will depend on various factors such as the size and operating characteristics of the firm, and whether it is part of a network. 

1.                Paragraph 9 is amended to read as follows:

This Standard includes, under the heading “Definitions,” a description of the meanings attributed to certain terms for purposes of this Standard.  These are provided to assist in the consistent application and interpretation of this Standard, and are not intended to override definitions that may be established for other purposes, whether in law, regulation or otherwise.  The AUASB Glossary (October 2009) relating to AUASB Standards, and issued by the AUASB includes the terms defined in this Standard.  It also includes descriptions of other terms found in this Standard to assist in common and consistent interpretation and translation.

1.                The definition in paragraph Aus 12.2 is amended to read as follows:

Assurance practitioner means a personan individual, firm, or another organisation, whether in public practice, industry, and commerce, or the public sector, providingconducting assurance servicesengagements, or related services engagements (including engagements to perform agreed-upon procedures).

1.                The definition in paragraph Aus 12.5 is amended to read as follows:

Engagement partner means the partner or other person in the firm who is responsible for the assurance engagement and its performance, and for the report that is issued on behalf of the firm, and who, where required, has the appropriate authority from a professional, legal or regulatory body.  Engagement partner should be read as referring to a public sector equivalent where relevant.

1.                The definition in paragraph 12(f) is amended to read as follows:

Engagement team means all partners and staff performing the engagement, and any individuals engaged by the firm or a network firm who perform audit procedures on the engagement.  This excludes external experts engaged by the firm or a network firm.[Deleted by the AUASB.  Refer Aus 12.6]3, #

1.                Two new footnotes (Footnote 3 and Footnote #) are attached to paragraph 12(f), as amended by paragraph 16 above, to read as follows:

Footnote 3 reads: [Footnote deleted by the AUASB.]

Footnote # reads: See ASA 610 Using the Work of Internal Auditors, paragraph Aus 1.2.  The use of internal auditors to provide direct assistance is prohibited in an audit or review conducted in accordance with the Australian Auditing Standards. 

1.                As a result of the changes made in paragraph 17 of this Standard, subsequent footnote references in ASQC 1 are re‑numbered.
2.                A new paragraph Aus 12.6 is inserted after paragraph 12(f), to read as follows:

Engagement team means all partners and staff performing the engagement, and any individuals engaged by the firm or a network firm who perform procedures on the engagement.  This excludes an auditor’s external expert engaged by the firm or by a network firm.

1.                As a result of the change made in paragraph 19 of this Standard, paragraphs Aus 12.6‑Aus 12.12 in ASQC 1 are re‑numbered as Aus 12.7‑Aus 12.13 and references to these paragraphs are updated accordingly.
2.                The definition in paragraph Aus 12.9 [which is re-numbered as paragraph Aus 12.10 as a result of the changes made in this Standard] is amended to read as follows:

Partner means any individual with authority to bind the firm with respect to the performance of an audit, review, or other assurance engagement or related services engagement.  Partner should be read as referring to a public sector equivalent where relevant.

1.                The definition in paragraph Aus 12.10 [which is re-numbered as paragraph Aus 12.11 as a result of the changes made in this Standard] is amended to read as follows:

AUASB Standards means standards issued by the AUASB, comprising:

1.                 …
2.                 Standards on Review Engagements; and
3.                 Standards on Assurance Engagements; and
4.                 Standards on Related Services.

1.                Paragraph Aus 12.12 [which is re-numbered as paragraph Aus 12.13 as a result of the changes made in this Standard] is amended to read as follows:

Suitably qualified external person means an individual outside the firm with the competence and capabilities to act as an engagement partner.  For example:

• a partner of another firm, or
• a member (with appropriate experience) of a professional accountancy body* whose members may perform audits and reviews of financial reports and other financial information, and other assurance engagements or related services engagements, or
• a member (with appropriate experience) of an organisation that provides relevant quality control services.

1.                Paragraph 14 is amended to read as follows:

The firm shall comply with each requirement of this Standard unless, in the circumstances of the firm, the requirement is not relevant to the services provided in respect of audits and reviews of financial reports, audits and reviews of other financial information, and other assurance engagements and related services engagements.  (Ref: Para. A1‑Aus A1.1)

1.                Paragraph 35(b) is amended to read as follows:

The firm shall establish policies and procedures requiring, for appropriate engagements, an engagement quality control review that provides an objective evaluation of the significant judgements made by the engagement team and the conclusions reached in formulating the report.  Such policies and procedures shall:

1.                 …
2.                 Set out criteria against which all other audits and reviews of historical financial information, and other assurance engagements and related services engagements shall be evaluated to determine whether an engagement quality control review should be performed; and  (Ref: Para. A41)

1.                Paragraph Aus A7.1 is amended to read as follows:

The firm is required to comply with relevant ethical requirements, including those pertaining to independence, when performing audits, and reviews, and other assurance engagements and related services engagements, as defined in ASA 102.

1.                Paragraph A45, last paragraph, is amended to read as follows:

These other matters, depending on the circumstances, may also be applicable for engagement quality control reviews for audits of the financial reports of other entities, as well as reviews of financial reports, audits and reviews of other financial information, and other assurance engagements and related services engagements.

Amendments to ASA 200

1.                Footnote 9 attached to paragraph A17 is amended to read as follows:

See ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements and Related Services Engagements.

1.                Footnote 26 attached to paragraph A72 is amended to read as follows:

See ASA 610 Using the Work of Internal Auditors, paragraph 2.

Amendments to ASA 220

1.                Footnote 1 attached to paragraph 2 is amended to read as follows:

See ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements and Related Services Engagements, paragraph 11.

1.                The definition in paragraph 7(d) is amended to read as follows:

Engagement team means all partners and staff performing the engagement, and any individuals engaged by the firm or a network firm who perform audit procedures on the engagement.  This excludes an auditor’s external expert engaged by the firm or by a network firm.[Deleted by the AUASB.  Refer Aus 7.3]3, #

1.                Footnote 3 attached to paragraph 7(d) is amended to read as follows:

See ASA 620 Using the Work of an Auditor’s Expert, paragraph 6(a).[Footnote deleted by the AUASB.]

1.                A new footnote (Footnote #) is attached to paragraph 7(d) to read as follows:

See ASA 610 Using the Work of Internal Auditors, paragraph Aus 1.2.  The use of internal auditors to provide direct assistance is prohibited in an audit or review conducted in accordance with the Australian Auditing Standards. 

1.                A new paragraph Aus 7.3 is inserted after paragraph 7(d) to read as follows:

Engagement team means all partners and staff performing the engagement, and any individuals engaged by the firm or a network firm who perform audit procedures on the engagement.  This excludes an auditor’s external expert engaged by the firm or by a network firm.* 

1.                A new footnote (Footnote *) is attached to the new paragraph Aus 7.3 to read as follows:

See ASA 620 Using the Work of an Auditor’s Expert, paragraph 6(a).

1.                As a result of the change made in paragraph 34 of this Standard, paragraphs Aus 7.3‑Aus 7.6 in ASA 220 are re‑numbered as Aus 7.4‑Aus 7.7 and references to these paragraphs are updated accordingly.

Amendments to ASA 230

1.                Footnote 3 attached to paragraph 3 is amended to read as follows:

See ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements and Related Services Engagements, paragraphs 32-33, 35-38, and 48.

1.                Footnote 10 attached to paragraph A19(a) is amended to read as follows:

See ASA 610 Using the Work of Internal Auditors, paragraph 2.

Amendments to ASA 240

1.                Paragraph 19 is amended to read as follows:

For those entities that have an internal audit function, the auditor shall make enquiries of internal audit appropriate individuals within the function to determine whether it hasthey have knowledge of any actual, suspected or alleged fraud affecting the entity, and to obtain its views about the risks of fraud.  (Ref: Para. A18)

1.                The heading above paragraph A18 is amended to read as follows:

EnquiryEnquiries of the Internal Audit Function (Ref: Para. 19)

1.                Paragraph A18 is amended to read as follows:

ASA 315 and ASA 610 establish requirements and provide guidance inrelevant to audits of those entities that have an internal audit function.15  In carrying out the requirements of those Auditing Standards in the context of fraud, the auditor may enquire about specific internal audit activities of the function including, for example:

• The procedures performed, if any, by the internal auditors function during the year to detect fraud.
• Whether management has satisfactorily responded to any findings resulting from those procedures.

1.                Footnote 15 attached to paragraph A18 is amended to read as follows:

See ASA 315, paragraphs 6(a) and 23, and ASA 610 Using the Work of Internal Auditors.

1.                Appendix 1 Examples of Fraud Risk Factors is amended, under the heading “Opportunities”, to read as follows:

Internal control components are deficient as a result of the following:

• Inadequate monitoring of controls, including automated controls and controls over interim financial reporting (where external reporting is required).
• High turnover rates or employment of staff in accounting, internal audit, or information technology staffor the internal audit function that are not effective.

Amendments to ASA 260

1.                The first point in paragraph A14 is amended to read as follows:

Where the entity has an internal audit function, the extent to which the auditor will use the work of internal audit, and how the external and internal auditors can best work together in a constructive and complementary manner.[Deleted by the AUASB.  Refer Aus A14.1]7

1.                A new footnote (Footnote 7) is attached to the first point in paragraph A14 to read as follows:

[Footnote deleted by the AUASB.]

1.                As a result of the change made in paragraph 45 of this Standard, subsequent footnote references in ASA 260 are re‑numbered.
2.                A new paragraph Aus A14.1 is inserted after the first dot point in paragraph A14 to read as follows:

Where the entity has an internal audit function, how the external auditor and internal auditors can work in a constructive and complementary manner, including any planned use of the work of the internal audit function.#

1.                A new footnote (footnote #) is attached to the paragraph Aus A14.1 (see paragraph 47 of this Standard) to read as follows:

See ASA 610 Using the Work of Internal Auditors, paragraph 20.

1.                The last sentence in paragraph A33 is amended to read as follows:

Similarly, when the entity has an internal audit function, the auditor may discuss matters with the internal auditor appropriate individuals within the function before communicating with those charged with governance. 

1.                The second sentence in paragraph A43 is amended to read as follows:

Further, ASA 315 identifies participation by those charged with governance, including their interaction with the internal audit function, if any, and external auditors, as an element of the entity’s control environment.11

1.                Footnote 10 attached to paragraph A43 (which is re-numbered as footnote 11 as a result of the changes made in paragraph 46 of this Standard) is amended to read as follows:

See ASA 315, paragraph A70A77.

1.                Appendix 1, first dot point, is amended to read as follows:

ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements and Related Services Engagements - paragraph 30(a)

1.                Footnote 11 attached to Appendix 1 (which is re-numbered as footnote 12 as a result of the changes made in paragraph 46 of this Standard) is amended to read as follows:

See ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements and Related Services Engagements.

Amendments to ASA 265

1.                The second sentence of paragraph A24 is amended to read as follows:

The auditor is also not required to repeat information about such deficiencies if it has been previously communicated to management by other parties, such as the internal auditors function or regulators.

Amendments to ASA 300

1.                In Appendix 1 Considerations in Establishing the Overall Audit Strategy, under the heading Characteristics of the Engagement, the ninth point is amended to read as follows:

• The availability of the work of internal auditors and the extent of the auditor’s potential reliance on such work.[Deleted by the AUASB.  Refer Aus 0.4]# 

1.                In Appendix 1 Considerations in Establishing the Overall Audit Strategy, under the heading Characteristics of the Engagement, a new footnote (Footnote #) is attached to the ninth point (as amended by paragraph 55 of this Standard) to read as follows:

See ASA 610 Using the Work of Internal Auditors, paragraph Aus 1.2.  The use of internal auditors to provide direct assistance is prohibited in an audit or review conducted in accordance with the Australian Auditing Standards. 

1.                In Appendix 1 Consideration in Establishing the Overall Audit Strategy, under the heading Characteristics of the Engagement, a new point (Aus 0.4) is inserted after the ninth point (as amended by paragraph 55 of this Standard) to read as follows:

•                  Aus 0.4  Whether the entity has an internal audit function and if so, whether, in which areas and to what extent, the work of the function can be used for purposes of the audit.

Amendments to ASA 315

1.                Paragraph 6(a) is amended to read as follows:

The risk assessment procedures shall include the following:

1.                 Enquiries of management, of appropriate individuals within the internal audit function (if the function exists) and of others within the entity who in the auditor’s judgement may have information that is likely to assist in identifying risks of material misstatement due to fraud or error.  (Ref: Para. A6‑A13)

1.                Paragraph 22 is amended to read as follows:

The auditor shall obtain an understanding of the major activities that the entity uses to monitor internal control over relevant to financial reporting, including those related to those control activities relevant to the audit, and how the entity initiates remedial actions to address deficiencies in its controls.  (Ref: Para. A106‑A108)

1.                Paragraph 23 is amended to read as follows:

If the entity has an internal audit function,1 the auditor shall obtain an understanding of the following in order to determine whether the internal audit function is likely to be relevant to the audit nature of the internal audit function’s responsibilities, its organisational status, and the activities performed, or to be performed.  (Ref: Para. A109‑A116))

1.                 The nature of the internal audit function’s responsibilities and how the internal audit function fits in the entity’s organisational structure; and
2.                 The activities performed, or to be performed, by the internal audit function.  (Ref: Para. A101‑A103)

1.                Footnote 1 attached to paragraph 23 is amended to read as follows:

See ASA 610 Using the Work of Internal Auditors, paragraph 714(a).

1.                The heading above paragraph A6 is amended to read as follows:

Enquiries of Management, the Internal Audit Function and Others within the Entity (Ref: Para. 6(a))

1.                Paragraph A6 is divided into two paragraphs (A6 and A7) and amended to read as follows:

A6. Much of the information obtained by the auditor’s enquiries is obtained from management and those responsible for financial reporting.  Information may also be obtained by the auditor through enquiries with the internal audit function, if the entity has such a function, and others within the entity.

A6A7. However, theThe auditor may also obtain information, or a different perspective in identifying risks of material misstatement, through enquiries of others within the entity and other employees with different levels of authority.  For example:

• Enquiries directed towards those charged with governance may help the auditor understand the environment in which the financial report is prepared.  ASA 260 identifies the importance of effective two‑way communication in assisting the auditor to obtain information from those charged with governance in this regard.5
• Enquiries directed toward internal audit personnel may provide information about internal audit procedures performed during the year relating to the design and effectiveness of the entity’s internal control and whether management has satisfactorily responded to findings from those procedures.
• Enquiries of employees ...
• Enquiries directed toward in‑house legal counsel ...
• Enquiries directed towards marketing ...
• Enquiries directed to the risk management function (or those performing such roles) may provide information about operational and regulatory risks that may affect financial reporting.
• Enquiries directed to information systems personnel may provide information about system changes, system or control failures, or other information system‑related risks.

1.                A new footnote (Footnote 5) is attached to the first point in paragraph A7 [as amended by paragraph 63 of this Standard] to read as follows:

See ASA 260 Communication with Those Charged with Governance, paragraph 4(b).

1.                New paragraphs A8‑A13 are inserted to read as follows:

A8.   As obtaining an understanding of the entity and its environment is a continual, dynamic process, the auditor’s enquiries may occur throughout the audit engagement.

Enquiries of the Internal Audit Function

A9.   If an entity has an internal audit function, enquiries of the appropriate individuals within the function may provide information that is useful to the auditor in obtaining an understanding of the entity and its environment, and in identifying and assessing risks of material misstatement at the financial statement and assertion levels.  In performing its work, the internal audit function is likely to have obtained insight into the entity’s operations and business risks, and may have findings based on its work, such as identified control deficiencies or risks, that may provide valuable input into the auditor’s understanding of the entity, the auditor’s risk assessments or other aspects of the audit.  The auditor’s enquiries are therefore made whether or not the auditor expects to use the work of the internal audit function to modify the nature or timing, or reduce the extent, of audit procedures to be performed.6  Enquiries of particular relevance may be about matters the internal audit function has raised with those charged with governance and the outcomes of the function’s own risk assessment process.

A10.  If, based on responses to the auditor’s enquiries, it appears that there are findings that may be relevant to the entity’s financial reporting and the audit, the auditor may consider it appropriate to read related reports of the internal audit function.  Examples of reports of the internal audit function that may be relevant include the function’s strategy and planning documents and reports that have been prepared for management or those charged with governance describing the findings of the internal audit function’s examinations.

A11.  In addition, in accordance with ASA 240,7 if the internal audit function provides information to the auditor regarding any actual, suspected or alleged fraud, the auditor takes this into account in the auditor’s identification of risk of material misstatement due to fraud.

A12.  Appropriate individuals within the internal audit function with whom enquiries are made are those who, in the auditor’s judgement, have the appropriate knowledge, experience and authority, such as the chief internal audit executive or, depending on the circumstances, other personnel within the function.  The auditor may also consider it appropriate to have periodic meetings with these individuals.

Considerations specific to public sector entities (Ref: Para 6(a))

A13.  Auditors of public sector entities often have additional responsibilities with regard to internal control and compliance with applicable laws and regulations.  Enquiries of appropriate individuals in the internal audit function can assist the auditors in identifying the risk of material noncompliance with applicable laws and regulations and the risk of deficiencies in internal control over financial reporting.

1.                A new footnote (Footnote 6) is attached to the third sentence in paragraph A9 (as added by paragraph 65 of this Standard) to read as follows:

The relevant requirements are contained in ASA 610.

1.                A new footnote (Footnote 7) is attached to paragraph A11 (as added by paragraph 65 of this Standard) to read as follows:

See ASA 240, paragraph 19.

1.                As a result of the changes made in paragraphs 63‑67 of this Standard, subsequent paragraphs and footnote references in ASA 315 are re‑numbered.
2.                New paragraph A79 is inserted after paragraph A71 (which is re numbered as A78 as a result of changes made by this Standard) and before the heading “Effect of the Control Environment on the Assessment of the Risks of Material Misstatement” to read as follows:

A.71 A78.  Relevant audit evidence may be obtained ...

A79.  The auditor may also consider how management has responded to the findings and recommendations of the internal audit function regarding identified deficiencies in internal control relevant to the audit, including whether and how such responses have been implemented, and whether they have been subsequently evaluated by the internal audit function.

1.                As a result of the change made in paragraph 69 of this Standard, subsequent paragraphs in ASA 315 are re‑numbered.
2.                The heading above paragraph A101 [which is re‑numbered as A109 as a result of changes made by this Standard] is amended to read as follows:

The Entity’s Internal Audit Functions (Ref: Para.23)

1.                Paragraph A101 [which is re-numbered as A109 as a result of changes made by this Standard] is amended to read as follows:

A101. A109. The entity’s internal audit function is likely to be relevant to the audit if the nature of the internal audit function’s responsibilities and activities are related to the entity’s financial reporting, and the auditor expects to use the work of the internal auditors to modify the nature or timing, or reduce the extent, of audit procedures to be performed.  If the auditor determines that the internal audit function is likely to be relevant to the audit, ASA 610 applies. If the entity has an internal audit function, obtaining an understanding of that function contributes to the auditor’s understanding of the entity and its environment, including internal control, in particular the role that the function plays in the entity’s monitoring of internal control over financial reporting.  This understanding, together with the information obtained from the auditor’s enquiries in paragraph 6(a) of this Auditing Standard, may also provide information that is directly relevant to the auditor’s identification and assessment of the risks of material misstatement.

1.                Paragraph 102 is divided into two paragraphs [which are re-numbered as A110‑A111 as a result of changes made by this Standard] and is amended to read as follows:

A102. A110.  The objectives and scope of an internal audit function, and therefore the nature of its responsibilities and its status within the organisation, including the function’s authority and accountability, vary widely and depend on the size and structure of the entity and the requirements of management and, where applicable, those charged with governance.  These matters may be set out in an internal audit charter or terms of reference. 

A102. A111.  The responsibilities of an internal audit function may include, for example, monitoring of internal control, risk management, and review of compliance with laws and regulations performing procedures and evaluating the results to provide assurance to management and those charged with governance regarding the design and effectiveness of risk management, internal control and governance processes.  If so, the internal audit function may play an important role in the entity’s monitoring of internal control over financial reporting.  On the other hand However, the responsibilities of the internal audit function may be limited to the review of focussed on evaluating the economy, efficiency and effectiveness of operations, for example, and accordingly, if so, the work of the function may not directly relate to the entity’s financial reporting.

1.                Paragraph A103 [which is re-numbered as A112 as a result of changes made by this Standard] is amended to read as follows:

A103. A112.  If the nature of the internal audit function’s responsibilities are related to the entity’s financial reporting, the external auditor’s consideration of the activities performed, or to be performed by, the internal audit function may include review of The auditor’s enquiries of appropriate individuals within the internal audit function in accordance with paragraph 6(a) of this Auditing Standard help the auditor obtain an understanding of the nature of the internal audit function’s responsibilities.  If the auditor determines that the function’s responsibilities are related to the entity’s financial reporting, the auditor may obtain further understanding of the activities performed, or to be performed, by the internal audit function by reviewing the internal audit function’s audit plan for the period, if any, and discussion discussing of that plan with the internal auditors appropriate individuals within that function. 

1.                Paragraphs A113‑A116 are inserted after paragraph A103 [which is re‑numbered as A112 as a result of changes made by this Standard] and before the heading “Sources of Information” to read as follows:

A113. If the nature of the internal audit function’s responsibilities and assurance activities are related to the entity’s financial reporting, the auditor may also be able to use the work of the internal audit function to modify the nature or timing, or reduce the extent, of audit procedures to be performed directly by the auditor in obtaining audit evidence.  Auditors may be more likely to be able to use the work of an entity’s internal audit function when it appears, for example, based on experience in previous audits or the auditor’s risk assessment procedures, that the entity has an internal audit function that is adequately and appropriately resourced relative to the size of the entity and the nature of its operations, and has a direct reporting relationship to those charged with governance. 

A114. If, based on the auditor’s preliminary understanding of the internal audit function, the auditor expects to use the work of the internal audit function to modify the nature or timing, or reduce the extent, of audit procedures to be performed, ASA 610 applies. 

A115. As is further discussed in ASA 610, the activities of an internal audit function are distinct from other monitoring controls that may be relevant to financial reporting, such as reviews of management accounting information that are designed to contribute to how the entity prevents or detects misstatements.

A116. Establishing communications with the appropriate individuals within an entity’s internal audit function early in the engagement, and maintaining such communications throughout the engagement, can facilitate effective sharing of information.  It creates an environment in which the auditor can be informed of significant matters that may come to the attention of the internal audit function when such matters may affect the work of the auditor.  ASA 200 discusses the importance of the auditor planning and performing the audit with professional scepticism, including being alert to information that brings into question the reliability of documents and responses to enquiries to be used as audit evidence.  Accordingly, communication with the internal audit function throughout the engagement may provide opportunities for internal auditors to bring such information to the auditor’s attention.  The auditor is then able to take such information into account in the auditor’s identification and assessment of risks of material misstatement.

1.                As a result of the changes made in paragraphs 72‑75 of this Standard, subsequent paragraphs in ASA 315 are re‑numbered.

Amendments to ASA 402

1.                The fifth point in paragraph A1 is amended to read as follows:

• Reports by service organisations, the internal auditors function or regulatory authorities on controls at the service organisation.

Amendments to ASA 500

1.                The second sentence in paragraph A51 is amended to read as follows:

For example, the auditor may intend to make use of the entity’s performance measures for the purpose of analytical procedures, or to make use of the entity’s information produced for monitoring activities, such as internal auditor’s reports of the internal audit function. 

1.                The second sentence in paragraph A57 is amended to read as follows:

This may be the case when, for example, responses to enquiries of management, internal auditors, and others are inconsistent, or when responses to enquiries of those charged with governance made to corroborate the responses to enquiries of management are inconsistent with the response by management. 

Amendments to ASA 550

1.                The third point in paragraph A15 is amended to read as follows:

• The Iinternal auditors function;

1.                The sixth point in paragraph A17 is amended to read as follows:

• Periodic reviews by the internal auditors function, where applicable.

1.                The twelfth point in paragraph A22 is amended to read as follows:

• Reports of the Iinternal auditors’ reports function.

Amendments to ASA 600

1.                The fifth point in paragraph A27 is amended to read as follows:

• Responses of those charged with governance of the group, group management, appropriate individuals within the internal audit function (and if considered appropriate, component management, the component auditors, and others) to the group engagement team’s enquiry whether they have knowledge of any actual, suspected, or alleged fraud affecting a component or the group.

1.                Footnote 20 attached to paragraph A35 is amended to read as follows:

See ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and Other Financial Information, and Other Assurance Engagements and Related Services Engagements, paragraph 54.

1.                The fourth point in paragraph A51 is amended to read as follows:

• Whether the internal audit function has performed work at the component and any effect of that work on the group audit.

1.                In Appendix 2 Examples of Matters about Which the Group Engagement Team Obtains an Understanding, under Group‑Wide Controls, the eighth point in paragraph 1 is amended to read as follows:

• Monitoring of controls, including activities of the internal audit function and self‑assessment programs.

1.                In Appendix 2 Examples of Matters about Which the Group Engagement Team Obtains an Understanding, under Group‑Wide Controls, paragraph 2 is amended to read as follows:

Internal The internal audit function may be regarded as part of group‑wide controls, for example, when the internal audit function is centralised.  ASA 61030 deals with the group engagement team’s evaluation of the competence and whether the internal audit function’s organisational status and relevant policies and procedures adequately supports the objectivity of the internal auditors, the level of competence of the internal audit function, and whether the function applies a systematic and disciplined approach where it plans the group engagement team expects to use their the function’s work.

1.                In Appendix 2 Examples of Matters about Which the Group Engagement Team Obtains an Understanding, under Group‑Wide Controls, Footnote 30 attached to paragraph 2 is amended to read as follows:

See ASA 610 Using the Work of Internal Auditors, paragraphs 916-17.

1.                In Appendix 5 Required and Additional Matters Included in the Group Engagement Team’s Letter of Instruction, under Matters that are relevant to the planning of the work of the component auditor, the sixth point is amended to read as follows:

• The ethical requirements that are relevant to the group audit and, in particular, the independence requirements.[Deleted by the AUASB.  Refer Aus 0.4]31

1.                In Appendix 5 Required and Additional Matters Included in the Group Engagement Team’s Letter of Instruction, under Matters that are relevant to the planning of the work of the component auditor, a new footnote (Footnote 31) is attached to the sixth point, as amended, to read as follows:

[Footnote deleted by the AUASB.]

1.                In Appendix 5 Required and Additional Matters Included in the Group Engagement Team’s Letter of Instruction, under Matters that are relevant to the planning of the work of the component auditor, a new point (Aus 0.4) is inserted after the sixth point, as amended, to read as follows:

Aus 0.4    The ethical requirements that are relevant to the group audit and, in particular, the independence requirements.  For example, since the use of internal auditors to provide direct assistance is prohibited in an audit or review conducted in accordance with the Australian Auditing Standards, it is relevant for the group auditor to address this prohibition in the communication to the component auditors, including those overseas.#

1.                In Appendix 5 Required and Additional Matters Included in the Group Engagement Team’s Letter of Instruction, under Matters that are relevant to the planning of the work of the component auditor, a new footnote (Footnote #) is attached to point Aus 0.4 (as added by paragraph 91of this Standard) to read as follows:

See ASA 610 Using the Work of Internal Auditors, paragraph Aus 1.2.

1.                In Appendix 5 Required and Additional Matters Included in the Group Engagement Team’s Letter of Instruction, under Matters that are relevant to the conduct of the work of the component auditor, the third point is amended to read as follows:

• The findings of the internal audit function, based on work performed on controls at or relevant to components.