AUDITS OF GROUP FINANCIAL STATEMENTS By Larry L. Perry, CPA CPA Firm Support Services, LLC LEARNING OBJECTIVES To understand the requirements of AU-C Section 600, Special Considerations— Audits of Group Financial Statements (Including the Work of Component Auditors). To be able to design group audit strategies and plans. To determine required procedures when a group auditor takes responsibility for component auditors’ work. To determine group auditors responsibilities when referring to component auditors’ reports in a group audit report. To learn responsibilities of group audit partners for group audit procedures and documentation, including communications to and from component auditors. INTRODUCTION AU-C Section 600, Special Considerations—Audits of Group Financial Statements (Including the Work of Component Auditors) was effective, along with other Clarified Auditing Standards, for periods ending after December 15, 2012. This standard applies to audit engagements for group financial statements (previously addressed as consolidated financial statements) in particular when part of the work is performed by auditors other than the principal auditor. It also applies when one engagement team performs the group and component audits, except for the sections applicable to component auditors. In this standard, the previous term principal auditor is referred to as the group engagement partner, group engagement team or auditor of the group financial statements. The group engagement team’s degree of involvement with and supervision of the component auditor more clearly defined than in previous standards. In essence, the group auditor is responsible for directing, supervising, performing and reporting on the group audit. The group engagement team may choose to take responsibility for component auditor’s work or refer to their reports in the group audit report. These materials present an outline and summary of the typical procedures and activities for an audit engagement with the requirements of AU-C 600, group audit procedures, interfaced into applicable sections of the outline. THE AUDIT PROCESS A. Preplanning Phase 1 1. Obtain and review the prior year’s permanent, tax, correspondence and current files. a. Become familiar with the prior period’s auditor’s report, financial statements and footnotes. Beginning the preplanning phase by a review of prior period statements and inputting current period adjusted or unadjusted information can provide perspective that will facilitate inquiries of management to underpin risk assessment procedures. b. Determine that the reporting framework is appropriate given the nature, size, and complexity of the client. The auditor is responsible for evaluating the appropriateness of the applicable financial reporting framework, as well as the application of its policies by management. c. If a change to a special purpose framework, such as the AICPA’s Financial Reporting Framework for Small- and Medium-Sized Entities, can save financial statement preparation and audit time, consult with reporting entity management and the user of the financials to determine if a special purpose framework can appropriately present financial position and results of operations of the entity. d. Review the prior year’s risk assessment procedures, levels of assessed risk, audit strategy and audit plan (program) to determine if there are opportunities for changes that will save audit time charges in the current year. The auditor is responsible for determining the most cost beneficial audit strategy and audit plan given the business, environment and internal control of the reporting entity. For audits of group financial statements, the current period’s risk procedures will be affected by the determination of significant components and the consolidation process. e. Review the key forms, practice aids, working papers, and other documentation in last year’s current file to determine any client documents, unnecessary working papers or correspondence that can be eliminated this year. Consider using a general ledger analysis worksheet instead of numerous other account analyses. f. Determine if it is possible to use the prior year’s control risk assessment in the current year and if doing so can reduce the current year’s risk assessment procedures and other substantive tests. g. Read the internal control communication letter and investigate the current status of significant deficiencies and material weaknesses and their affects on the current year auditing procedures. h. Prepare a list of procedures and activities that can be performed during interim work, make staffing requests and schedule the interim work i. Determine if specialists will be needed, e.g., IT experts, attorneys, valuation experts, actuaries, etc. j. Prepare a list of schedules and other assistance to request from client and deliver at least 30 days before the engagement date. k. Begin a Planning Document or prepare a separate memo documenting procedures and findings. Additional Group Audit Preplanning Procedures: 2 Determine significant components. A significant component is a component identified by the group engagement team that has individual financial significance to the group or that because of its nature or risks may cause significant risks of material misstatement of the group financial statements. An illustration of the determination process is included later in these materials. Determine work to be performed for significant and other components. Obtain an understanding of component auditors including: Component auditor’s compliance with independence standards and professional competence. The involvement of the group engagement team in the component auditor’s work. Any regulatory environment requirements regarding auditor oversight for components. Determine any additional sources of risk of misstatements in group financial statements, such as: Risks related to the nature, size and complexity of the group entity. Risks related to the consolidation process for group financial statements. 2. Hold preplanning meeting with the in-charge accountant and engagement leader (partner, shareholder, sole practitioner), and other engagement personnel. a. Discuss group changes in business, organization, accounting, internal control, personnel and current events that may affect this year’s audit. b. Discuss any effects of the current economic climate, any going concern issues and the need for management to develop plans to overcome potential threats to the continuing existence of the entity. c. Discuss findings, questions and other issues from the review of the prior year’s working papers (outlined above). d. Schedule due dates, interim and year-end fieldwork and assign staff personnel. e. Discuss fees, billing policies, budgets and other administrative issues. f. Begin engagement leader participation memo documenting involvement and supervision. g. Complete Client Acceptance and Continuance Form for the group entity and review similar documentation prepared by component auditors. More Group Audit Preplanning Procedures: The group engagement team should obtain an understanding of the business environments of the group and its components and identify those that are significant. The group audit partner must evaluate whether sufficient audit evidence can be obtained to report on the group financial statements. The group audit partner must consider the information on the Client Acceptance and Continuance Forms for the group and component entities and determine that sufficient evidence can be obtained to express an unqualified opinion on the group 3 financial statements. Specific information that should be part of the group engagement team’s understanding should include: The group legal and organizational structure for maintaining the financial reporting system. The business activities of components which are significant to the group, including industry, regulatory, economic and political environments. The use of service organizations or service centers. Any reports of auditors on service entities’ internal controls should be obtained. The findings of service entity auditors should be considered when designing group or component audit strategies and plans. Descriptions of group-wide controls, including those applied to the consolidation process. Effective group wide controls, and tests of those controls, may limit the amount of substantive testing of consolidation documentation. Note: Assistance by the group auditor in the consolidation process may be a non-attest service requiring procedures in Ethics Interpretation 101-3. Component auditors not from the group engagement partner’s network and the rationale for engaging more than one auditor. Quality of component auditors’ work will affect the group risk assessment procedures. In cases where the group engagement team is not familiar with the quality of component auditor’s, more extensive involvement in or review of their work may be necessary. Whether the group engagement team will have unrestricted access to all management and governance persons of the group and components, all financial information and component auditors and their audit documentation. For continuing engagements, significant changes may affect the group engagement team’s ability to gather sufficient evidence. Such changes may include the group structure, business activities, management and boards of governance members of the group or components, the integrity or competence members of management or boards of governance of the group or components, group-wide internal controls and the applicable financial reporting framework. 3. Schedule time for the engagement leader to meet with the management or governance person that engaged the CPA firm and to deliver and discuss the engagement letter. Among other things, these matters should be discussed: a. Reach an understanding about the nature of the group audit engagement, as well as client and CPA firm responsibilities. b. Discuss significant components and the group auditor’s plans to take responsibility for the work of some or all of the component auditors’ work. c. Discuss current issues affecting the group or component entities, including any affects of the current economic climate d. Make fraud inquiries. 4 e. f. g. h. i. Arrange for proper workspace for the group engagement team. Arrange for client assistance. Finalize dates for interim and year end fieldwork. Discuss target dates. Discuss range of audit fees and affects of variables (problems, no client assistance, more than expected involvement with work of component auditors, etc.). j. Document discussions in partner participation memo or other audit documentation. Group Auditor Delivery and Discussion of the Engagement Letter: The group auditor must comply with requirements of AU-C Section 210, Terms of Engagement. An engagement letter must be obtained for the group audit engagement by the group audit partner and by component auditors. The terms of the engagement must include: Identification of the applicable financial reporting network. Whether reference will be made to the work of component auditors or the group auditors plan to take responsibility for their work. 4. If possible, prepare a rough draft or block out financial statements and footnotes. Using an adjusted or unadjusted trial balance of accounts, preparing a rough draft of the financial statements will facilitate audit planning procedures and, when reporting entity personnel prepare the current period financial statements, provide details for comparison with the draft of financial statements during the completion phase of the audit. General Group Planning Activities: The group engagement team must determine the extent of the involvement with component auditors’ work when they assume responsibility for component auditors’ work. Issuing a standard report requires the group engagement team to be involved in the component auditors’ work. Otherwise, the group auditor should make reference to the component auditors’ reports in its report on the group financial statements. These materials focus primarily on circumstances when the group auditor plans to take responsibility for the component auditors’ work and issue a standard group audit report. For significant components, assuming responsibility for component auditors’ work under this clarified standard requires the group auditor to be involved in the risk assessment procedures for the component and to be informed of relevant subsequent events of the component. Additional procedures may include: Making client acceptance and continuance decisions. Expanding the group engagement team’s risk assessment process. Determining materiality levels for both the group and component financial statements. 5 Developing the group audit strategy considering the results of risk assessment procedures at the group and component levels and pervasive group internal controls over financial reporting systems and the consolidation process. Selecting significant components and their financial statement classifications to be subjected to auditing procedures. Making and documenting communications between the group engagement team and component auditors. Evaluating audit evidence obtained from the group and component audits to form an opinion on the financial statements. B. Ordinary Steps in Audit Planning: 1. Complete or update basic documentation necessary to demonstrate an understanding of the group entity’s business and environment, including internal control including. a. Client Acceptance and Continuance Form b. General Ledger Analysis Worksheet documenting unusual matters c. Internal control flowcharts, Internal Control Questionnaire and systems walk-through memo or other documentation d. Documentation of any and all inquiries of management or client personnel 2. Assess control risk by group financial statement classifications, combine with inherent risk documentation, and assess level of risk of material misstatement for material financial statement classifications. 3. Use assessed risk at financial statement level from factors documented on a Client Acceptance and Continuance Form and other documentation to establish planning materiality, tolerable misstatement (performance materiality), and the lower limit for individually significant items at the financial statement level. 4. Use assessed risk of material misstatement at the assertion (financial statement classification) level to establish tolerable misstatement (performance materiality) and the lower limit for individually significant items at the financial statement classification level. 5. Develop and document the audit strategy for material financial statement classifications. 6. Design a sampling or non-sampling plan using materiality levels for financial statement classifications. 7. Document planning activities and decisions in a Planning Document (illustrated later in these materials) or other documentation. 8. Hold a meeting with in-charge accountant, engagement leader and other members of the group engagement team to discuss planning results, brainstorm and finalize the group audit strategy. 9. Tailor the audit plan (program) based on the results of risk assessment procedures. 10. Make work assignments and provide necessary training for staff personnel. 11. Hold a planning and brainstorming meeting with all group engagement personnel. 12. Prepare engagement letter and communication with persons charged with group entity governance. Specific Group Audit Planning Procedures: 6 The group engagement team must develop a group audit strategy and audit plan (program), including the determination of the extent to which the work of component auditors will be used. The group audit partner is responsible for the review of the group and components’ audit strategies and audit plans. Key members of the group engagement team, and component auditors as considered necessary, are required to brainstorm and discuss risks of material misstatement due to error or fraud. These discussions may include: Knowledge of components, their environments, business risks and group-wide controls. Potential risks of material misstatements due to error or fraud at the group and component levels. Any biased practices by group or component management. Incentives or pressures the may cause any member of management, boards of governance or other group or component employees to commit or rationalize committing fraud. The risks group or component management may override controls. Uniformity of accounting policies used by components and how any differences are identified and adjusted. Any frauds or non-compliance with laws or regulations. The group audit strategy should include the determination of materiality levels for the group financial statements. Component materiality should be determined and documented taking into account all component units, the aggregate of which should normally be less than group materiality levels. The group auditor is required to design appropriate responses to risks of material misstatement due to error or fraud at the group level and to determine such responses are designed at the component level as are necessary. A Planning Document (illustrated later) should be prepared summarizing decision-making for the group audit and the involvement with the work of the component auditors. C. Performance Phase: 1. Perform the maximum amount of interim work that is practical before the reporting date. Some examples follow at both the group and component levels. a. Risk assessment procedures b. Reading minutes from meetings of boards of governance c. Substantive tests for property, plant and equipment, debt and expenses d. Interim analytical procedures including scanning the general ledger e. Cycle counts of perpetual inventories f. Receivables confirmations g. Loan files exams--banks h. Site inspections--contractors i. Planning activities, including completing or replicating core documentation j. Oversee client working paper preparation k. Assemble or prepare basic audit documentation 7 l. Other work 2. Perform highly-effective analytical procedures whenever possible that can generate evidence for evaluating all financial statement assertions for accounts such as sales and revenues, certain salaries and wages, payroll taxes, depreciation, interest income and expense, etc. 3. Perform tests of balances procedures in the group audit program and prepare appropriate audit documentation to demonstrate compliance with applicable quality control and auditing standards.. Additional Group Audit Performance Procedures The group auditor is required to design and respond to identified risks of material misstatement from analytical, risk assessment and tests of balances procedures, including those resulting from the consolidation process. Tests of the group internal controls over the consolidation process on a groupwide basis will normally be required as part of the risk assessment procedures. Consolidating adjustments and reclassifications should be evaluated for appropriateness, completeness and accuracy, including any adjustments of accounting policies or principles in the applicable reporting framework for components that are not consistent with the framework used by the group entity. D. General Audit Completion (Wrap-Up) Procedures: 1. Complete in-charge accountant’s review of assistant’s work as soon as it is completed and clear review points as soon as possible. 2. Plan to clear open items early (do not leave items to last minute). 3. Complete or review the consolidation process. 4. Draft audit report, financial statements and footnotes (finalize if client prepares). 5. Prepare a list to facilitate engagement leader’s final review. a. Identify any significant issues not discussed with the leader and their resolution. b. Identify specific documentation prepared by the in-charge that needs the leader’s review. Additional Group Audit Completion Procedures: Review results of component auditor’s work and determine sufficiency of evidence obtained and conclusions reached. Obtain component auditor’s confirmation letters. Make final review of group financial statements. Prepare group audit report. 6. The group in-charge accountant should schedule the leader’s review (and all other required reviews) in the field whenever possible (otherwise schedule staff time to complete in-office wrap-up and review). 8 7. After the group engagement leader’s (partner’s) final review of working papers, audit report and financial statements and footnotes, review points and open items should be cleared as soon as possible. 8. The group in-charge accountant should prepare the group internal control communication letter and obtain the engagement leader’s (partner’s) review. 9. Obtain client’s approval of a draft of the group financial statements, present a draft of the group internal control communication letter and get the group entity management representation letter signed. 10. Meet and communicate with persons charged with group governance. 11. Perform the group administrative wrap-up procedures, including: a. Furnishing clients with proposed adjustments, discussing their content and documenting client responses. b. Obtaining all signed correspondence. c. Making sure all review notes and open items lists are cleared and destroyed. d. Preparing a list of time savings issues for next year. e. Preparing, reviewing and issuing all necessary tax returns. f. Completing final time accumulation schedules and comparing with budgets (if required by firm policy). 12. Hold post-engagement training meeting with group engagement personnel. 13. Complete final quality control procedures, document report release date and lock or secure audit documentation. 14. Evaluate the CPA firm’s client service. 15. Identify, discuss, and communicate to the group or component entities any additional services that could help them accomplish their operational objectives. KEY ISSUES RELATED TO GROUP AUDITS Selecting Significant Components Risk of material misstatement in the group financial statements increases due to the significance of individual components. Professional judgment will be applied in each engagement circumstance to determine significant components. Considering the potential volume of assets, liabilities, revenues, expenditures, net income of cash flows in the group financial statements, the group engagement team may determine percentages that indicate which components are significant. components. Based on the group auditor’s understanding of the business, environment and internal control of the components, a component may likely include significant risks of material misstatement in the group financial statements. A smaller component, for example, may 9 have non-controlling interests that are owned by related parties thereby raising the risk of misstatement in significant related party transactions. Following is an illustration of an entity and its majority-owned components as an example of determination of significant components. ENTITY REVENUES INCOME BEFORE TAX FIXED ASSETS ABCCONTRACTOR/ PARENT RM PAVING $50,000,000 $4,000,000 CASH, SIGNIFICANT RECEIVABLES, COMPONENT INVENTORY, CONTRACTS COSTS $1,000,000 $5,000,000 NA $15,000,000 $2,000,000 $4,000,000 $2,000,000 YES MOUNTAIN BUILDERS CHEAP SUPPLIER RELATED PARTY EQUIPMENT LESSOR TOTALS $20,000,000 $3,000,000 $1,000,000 $3,000,000 YES $9,000,000 $500,000 $500,000 $1,000,000 NO $3,000,000 $200,000 $15,000,000 $500,000 YES $97,000,000 $9,700,000 $21,500,000 $11,500,000 Hypothetical Reasoning for Selecting Significant Components in the Illustration: Assume the group engagement team decides that components with revenues or total assets in excess of 10% of the respective totals are significant components in the group financial statements for ABC Contractor. For most audits, total revenues or total assets are the bases for determination of audit planning materiality and, for a contractor entity, both totals will be important in planning the audit of group financial statements. This criterion leaves only the Cheap Supplier as a non-significant component. However, if ABC receives special pricing due to a related-party relationship, it could be a significant component. In addition, the Equipment Lessor is a related party and the possibility of preferential lease arrangements may present a significant risk of material misstatement to the group financial statements. Additional factors that may be considered in selecting significant components include: Newly formed or acquired components may ordinarily be selected because of the auditor not having prior experience with the component. Components with significant changes in organization or operations that may indicate higher risks. 10 Components not using common information processing systems and applying group-wide internal control policies that may have a higher risk of misstatement. Components with unusual fluctuations in analytical procedures that compare data among years. The individual financial significance of components and the possible effects of their risks on the group financial statements. Legal or regulatory requirements for an audit of a component. Work to be Performed for Components When the group auditor is taking responsibility for the work of component auditors, the nature, extent and timing of the group auditor’s procedures for auditing components depends on the assessed level of risk of material misstatement and the determination of related materiality levels at the component level. The group auditor’s work may, depending on component risks, be performed by reviewing and assessing the adequacy of the work of component auditors or may require re-performance of risk assessment and/or other procedures when the group auditor is not satisfied with the component auditor’s work. For significant components likely to include significant risks, the following would be required: Generally accepted auditing standards would be applied, including development of an audit strategy and an audit plan. Material financial statement classifications, transactions classes and disclosures relating to the significant risks would be subjected to appropriate procedures. Audit responses would be prepared and specific procedures would be performed for the significant risks. For components that aren’t significant, at a minimum, these procedures would be performed: Basic analytical procedures, including comparisons among years of account balances and ratios developed from the balances. For account balances, transactions classes and disclosures that have high assessed levels of risk of material misstatements, and appropriate audit evidence is not available from component auditors, either the group or component auditor may need to perform additional auditing procedures. Specific Involvement in Work Performed by Component Auditors When the auditor of group financial statements is assuming responsibility for a component auditor’s work, the group engagement team must be involved in the component auditor’s risk assessment process. This normally would include: Understanding the business activities of the component that are significant to the group. Discussing the component’s risks of material misstatement due to error or fraud and the audit strategy and audit plan with the component auditor. Reviewing and evaluating the component auditor’s documentation and conclusions regarding the risk assessment process and the significant identified risks. 11 Evaluating the appropriateness of the component auditor’s responses to significant identified risks and whether the group auditor should be involved in further audit procedures. Communication to and from a Component Auditor The group auditor is responsible for communicating its requirements to component auditors. This communication should include: The component auditor’s commitment to cooperate with the group engagement team and the work to be performed by the component auditor. Specific ethical requirements applicable to the group audit, particularly independence issues. Identification of all related parties known to the group engagement team and a request for the component auditor to communicate any additional related parties not known to the group engagement team. Risks of material misstatements in the group financial statements identified by the group engagement team that may affect the work of the component auditor. Specific instructions for reviewing subsequent events. Findings of the group auditor’s tests of controls that are applicable to all components and additional tests of controls to be performed by the component auditor. Written representation letter from management of the component. Documentation requirements. Significant matters affecting financial statements and footnotes. Notification of unusual events, frauds and other matters relevant to the group auditor’s conclusions on the group audit. The component auditor’s communication of matters to the group auditor, including whether applicable ethical requirements have been met, identification of the financial information on which it is reporting and its overall findings, conclusions or opinion (an illustrative letter is in Exhibit B of AU-C 600). This should include: The component auditor’s compliance with requirements of the group engagement team. Non-compliance with laws or regulations at the component or group level that could cause a material misstatement of group financial statements. Significant risks of material misstatements to group financial statements identified in component financial statements and the component’s audit responses. Corrected and uncorrected misstatements in the component’s financial statements. Any management bias in the application of accounting estimates or principles. Significant deficiencies and material weaknesses in the component’s internal control. Other significant audit findings or issues or matters that may be relevant to the group audit. The group engagement partner must decide that all requirements of generally accepted auditing standards have been met by a component auditor to make reference to a 12 component auditor in the group audit report, even when not taking responsibility for the component auditor’s work. The component auditor should communicate to the group audit partner it has met the requirement of the applicable audit standards. Evaluation of Audit Evidence The group auditor is required to obtain sufficient, competent evidence on which to base an opinion on group financial statements. This includes the audit procedures performed during the consolidation process, the work performed by the group engagement team and the work performed by component auditors. The group engagement partner has the responsibility to evaluate the effects of any uncorrected misstatements and any unobtainable audit evidence identified by the group or component auditors. Communications with Group Management and Those Charged with Governance Communications required by the group auditor include: Material weaknesses and significant deficiencies in internal control that are relevant to the group in accordance with AU-C Section 265, Communicating Internal Control Related Matters Identified in an Audit. Identification of a fraud, or that one may exist, identified by the group engagement team or a component auditor. For component auditors that express an audit opinion on the financial statements of a component, the group engagement team should request group management to inform component management of any matter that may be significant to financial statements of the component. If group management refuses, the group engagement team should discuss the matter with persons charged with group governance. Specific communications of the group engagement team with persons charged with group governance, in addition to other requirements in audit standards, include: During engagement planning: The nature and extent of work to be performed on component financial information, including the basis for the decision to make reference to component auditors’ work instead of taking responsibility for it. The group engagement team’s involvement in component auditor’s work for significant components. During engagement completion: Any concerns the group engagement team has about the quality of a component auditor’s work. Any limitations or restrictions on the group audit. Any suspected or actual fraud involving group or component management or others with significant involvement in group-wide controls or material misstatements due to fraud. Subsequent Events 13 Whenever audits of financial statements are being performed either by group auditors or component auditors, procedures should be performed to identify events occurring between the reporting date and the date of the group auditor’s report that may require adjustment or disclosure in group financial statements. Required Documentation Documentation required to be included by the group engagement team includes: A summary of components identifying those that are significant and the nature and extent of work performed their financial information. The group engagement team will use this documentation to determine that sufficient evidence has been collected for the group audit. Components’ financial statements and audit reports for which reference is made in the group audit report and/or when the group auditor takes responsibility for component auditors’ work. Written communications of the group engagement team’s requirements for component auditors and component auditors’ confirmation of compliance with those requirements. Other practice aids and working papers normally included in audit documentation. Other common group auditor documentation would normally include: Correspondence: Group Audit Engagement Letter Communication to Component Auditors Confirmation from Component Auditors Request for Lawyer Letter Group Management Representation Letter Group Communications of Significant Deficiencies and Material Weaknesses Communication with Those Charged with Group Governance—Planning Phase Communication with Those Charged with Group Governance—Completion Phase Practice Aids: Group Engagement Acceptance and/or Continuance Form Group Materiality Computation Worksheet Group Planning Document General Ledger Analysis Worksheet or Exception Report from Data Extraction Software Financial Reporting System Flowcharts or Other Documentation Internal Control Questionnaires Systems Walkthrough Documentation Internal Control Deficiency Worksheet Risk of Material Misstatements Form and Linking Working Paper Sampling Analysis Worksheet (for design of sampling and non-sampling plans) Group Analytical Procedures Documentation Test of Controls Program (if determined necessary) 14 Confirmation Control Worksheet Confirmation Statistics Worksheet Group Error Analysis (Audit Differences) Form Group Audit Programs Planning Document Client: _________________________________________________________________ Engagement Date: _______________________________________________________ Instructions: This document should be completed by the group engagement in-charge accountant and reviewed by the group engagement leader (partner, sole proprietor) before engagement personnel begin fieldwork. It should describe engagement procedures accomplished and/or planned for both the group and component audits. It may contain cross-references to other planning documentation as applicable. I. Group Engagement Administration: A. Delivery of Group Engagement Letter: The engagement letter is one of the primary tools for obtaining client understanding of their responsibilities and auditors’ responsibilities. A good understanding before the engagement begins will prevent misunderstandings from arising later. To accomplish this, the group engagement leader should deliver the letter and discuss its contents with the group CEO and/or representative member of the board of group governance. The letter should indicate the components for which the group auditor is taking audit responsibility and the component auditors’ reports to which it will refer in the group audit report. Discussion of the letter with the party or parties engaging the CPA firm should be one of the primary sources for discovering potential misstatements, fraud or illegal acts, as well as other information relevant to the group audit. The group audit partner should determine that component auditor partners have delivered and discussed their engagement letters with responsible management persons, even if the group auditor is not taking responsibility for the component auditor’s work. B. Use of Client Assistance or Paraprofessionals: 15 Client assistance should be used to the maximum extent possible on every engagement. When client personnel are unavailable, consider using firm paraprofessionals to perform accounting services and clerical work in connection with the engagement. C. Planning for Proper Workspace: The group engagement leader has the responsibility to arrange adequate workspace before the fieldwork begins. Poor lighting, lack of adequate heat or air conditioning, desks or tables that are too small, or work locations that are not near client accounting personnel are examples of situations that hinder the efficient completion of an engagement. D. Assignment of Staff Personnel: Assigning the right people to engagements ensures high quality and helps complete the engagements in the minimum amount of time. SQCS No. 8, effective January 1, 2012, requires CPA firm documentation of this element of quality control. Personnel should be assigned to engagements and tasks that are commensurate with their experience and capabilities. When persons assigned don’t have experience and capabilities commensurate with engagement risks, more and more frequent supervision is required from the engagement leader. A primary audit response to risk at the financial statement level required by audit and quality control standards is to assign experienced staff persons to the highrisk area or provide more supervision to lesser experienced persons. When the group auditor is taking responsibility for component auditor’s work, the component auditor should confirm compliance with this element of quality control and required audit standard, and that appropriate documentation has been included in its engagement documentation files. E. Target Dates: Timely engagement completion involves setting target dates during planning. These target dates should be entered in the firm’s staff scheduling system. Communications to component auditors should include target dates for the group auditor’s involvement when taking responsibility for the component auditor’s work, as well as dates financial information is required by the group auditor from all components F. Use of Specialists: 16 Consider using outside specialists whenever any auditing procedures outside the firm’s expertise are expected to be performed. Such circumstances may include actuarial computations for pension funds, questions of law, observations of inventories of products or materials, required tests of client accounting software, and complex accounting and auditing problem situations. When the auditor outsources any services in connection with an engagement, the engagement letter should contain a paragraph notifying the client. The auditor is also required to obtain a confidentiality agreement from the person or organization performing outsourced services. When group audit specialists are engaged to perform work that will also be applicable to components, the group auditor’s communication to component auditors should discuss the selection of the specialists and their processes. G. Electronic Auditing Opportunities: Trial balance and financial statement preparation software, electronic practice aids, file container software, spreadsheets, word processing software, document scanners, data extraction software (such as Idea, Monarch or ACL) and “cloud” services should be used to create efficiencies on the group and component audit engagements. List the specific, planned applications for discussion among the group engagement team and for communication to component auditors. H Audit Budgets: Prepare a group audit budget based on circumstances, not fees, during engagement planning. Summarize the budget here for discussion among the group engagement team. Include a separate section for involvement in the work of component auditors. II. Group Technical Audit Planning Decisions: A. Describe the process for selecting significant components. Cross-reference this section to a separate memorandum or other documentation summarizing organizational, operational and financial information for all components. Summarize the components determined to be significant and whether the group engagement team will take responsibility for component auditors’ work or, instead, refer to component auditors in the group audit report. 17 B. Risk of misstatement at the group financial statement level: Use of Group Statements: Describe high-risk uses of statements. Potential for Group Going-Concern Problems: Describe continued losses, high debt and external situations that threaten the continued existence of the group or any of its components. Integrity of Group Management: Discuss specific information that could cast doubt on group or component management’s integrity. Evaluate the risk of material misstatement at the group and component financial statement levels and document the subjective impact on audit responses and engagement procedures. C. Document the group and components’ risk of misstatements evaluation at the assertion level (financial statement classification level for smaller entities), and the impact on the group and components’ audit strategy by major financial statement classification. This and other sections may be cross-referenced to other documentation. D. Group Materiality Judgments: Present a summary of the tolerable misstatement (performance materiality) and lower limit for individually significant items calculations and document group engagement team reasoning for group and component financial statements materiality levels. E. Group Sampling and Non-Sampling Decisions: Describe the reasons for making decisions to sample or not sample at the group and component levels. If decisions are made to sample, explain the rationale for sample size calculations. F. Group Audit Strategies: Describe the general group audit strategy including detailed substantive tests of balances, risk assessment procedures, tests of controls and/or extensive analytical procedures. Cross-reference this section to other 18 group audit documentation for specific audit strategies at the group and component financial statement classification levels. G. Nature of Group Audit Procedures: Summarize the nature and extent of work for significant components and components to be referred to in the group audit report. Describe the nature, extent and timing of tests of balances procedures and analytical procedures for material financial statement classifications or cross-reference to other documentation describing planned procedures for material financial statement classifications at the group and component levels. H. Significant Time-Savings Opportunities: Describe here the opportunities to save time on the group and/or component audits not discussed elsewhere. I. Group Engagement Team Meeting: Summarize the significant potential risks of misstatement at the group and component levels due to error or fraud, planned audit responses and other matters discussed at the group engagement team meeting. All group engagement personnel, including partners or sole practitioners, are required to attend this meeting. Matters discussed affecting the work of component auditors should be communicated to them. J. Planned Involvement with Component Auditors Summarize here, if not present above, the extent of involvement in the work of component auditors when the group engagement team plans to take responsibility for their work and/or when component auditors reports will be referred to in the group audit report. This should include both administrative and technical activities similar to those summarized above for the group audit. This planned involvement should be part of the group engagement team’s communication to component auditors. I. Potential Risks of Misstatement due to Errors or Fraud and Audit Responses—Group Audit: From risk assessment procedures: Document potential risks of misstatement discovered during the risk assessment procedures and the planned audit responses. From scanning the general ledger account activity and performing other analytical procedures: 19 Document unusual matters, variances or other potential risks, and record the planned audit responses here. Factors discovered throughout the engagement, along with audit responses and their results: From inquiries of management personnel: From inquiries of staff personnel: From communication with persons charged with governance: From performing fieldwork and other auditing procedures: From performing subsequent events procedures: J. Potential Risks of Misstatement due to Errors or Fraud and Audit Responses—Component Audits Summarize the same information from involvement with the work of component auditors as presented above for group audits. Prepared by:________________________________Date:_________________________ Reviewed by:_______________________________ Date:_________________________ CONCLUSION The requirements for group audits apply when the group auditor audits both the group and component financial statements, when the group auditor takes responsibility for component auditors’ work, or when the group auditor refers to component auditors’ reports in the group audit report. All requirements of the Clarified Auditing Standards are applicable to group audits. Group auditors must document compliance all applicable quality control and auditing standards in engagement files. Finally, the group audit partner is the pinnacle of quality control for a group audit, as well as the group engagement team member that has the responsibility for determining that all necessary procedures have been performed and that an acceptable level of error remains in the financial statements at the date they are available for issue. 20