Federal Register of Legislation - Australian Government

Primary content

ASA 610 Standards/Accounting & Auditing as made
Auditing Standard ASA 610 establishes mandatory requirements and provides explanatory guidance to external auditors in considering the work of internal audit.
Administered by: Treasury
General Comments: This Auditing Standard is operative for financial reporting periods commencing on or after 1 July 2006.
Exempt from sunsetting by the Legislation (Exemptions and Other Matters) Regulation 2015 s12 item 18
Registered 16 May 2006
Tabling HistoryDate
Tabled HR22-May-2006
Tabled Senate13-Jun-2006
Date of repeal 26 Nov 2020
Repealed by AUASB Repeal of Superseded Auditing Standards 2020
Table of contents.
 

ASA 610

(April 2006)

 

 

 

 

Auditing Standard ASA 610
Considering the Work of Internal Audit

 

 

Issued by the Auditing and Assurance Standards Board



Obtaining a Copy of this Auditing Standard

This Auditing Standard is available on the AUASB website: www.auasb.gov.au.

Alternatively, printed copies of this Auditing Standard are available by contacting:

Auditing and Assurance Standards Board

Level 4

530 Collins Street

Melbourne   Victoria   3000

AUSTRALIA

Phone:    (03) 8080 7400

Fax:          (03) 8080 7450

E-mail:                 enquiries@auasb.gov.au

 

Postal Address:

PO Box 204

Collins Street West

Melbourne   Victoria   8007

AUSTRALIA

 

 

 

COPYRIGHT

© Commonwealth of Australia 2006. The text, graphics and layout of this Auditing Standard are protected by Australian copyright law and the comparable law of other countries. Reproduction within Australia in unaltered form (retaining this notice) is permitted for personal and non-commercial use subject to the inclusion of an acknowledgment of the source. Requests and enquiries concerning reproduction and rights for commercial purposes within Australia should be addressed to the Principal Executive, Auditing and Assurance Standards Board, PO Box 204, Collins Street West, Melbourne Victoria 8007. Otherwise, no part of the Auditing Standard may be reproduced, stored or transmitted in any form or by any means without the prior written permission of the AUASB except as permitted by law.

 

 

 

ISSN 1833-4393


CONTENTS

PREFACE

AUTHORITY STATEMENT

Paragraphs

Application........................................................................................................ 1-2

Operative Date..................................................................................................... 3

Introduction...................................................................................................... 4-7

Scope and Objectives of Internal Audit........................................................... 8

Relationship Between Internal Audit and the External Auditor.............. 9-11

Understanding and Preliminary Assessment of Internal Audit............ 12-17

Timing of Liaison and Coordination.......................................................... 18-19

Evaluating the Work of Internal Audit..................................................... 20-23

Conformity with International Standards on Auditing................................ 24

Appendix 1: Internal Audit – Understanding and Preliminary Assessment Questionnaire

 


Preface

Reasons for Issuing Auditing Standard ASA 610 Considering the Work of Internal Audit

The Auditing and Assurance Standards Board (AUASB) issues Auditing Standard ASA 610 Considering the Work of Internal Audit due to the requirements of the legislative provisions explained below.

The Corporate Law Economic Reform Program (Audit Reform and Corporate Disclosure) Act 2004 (the CLERP 9 Act) established the AUASB as an independent statutory body under section 227A of the Australian Securities and Investments Commission Act 2001, as from 1 July 2004. Under section 336 of the Corporations Act 2001, the AUASB may make Auditing Standards for the purposes of the corporations legislation. These Auditing Standards are legislative instruments under the Legislative Instruments Act 2003.

Main Features

This Auditing Standard provides mandatory requirements and explanatory guidance to external auditors in considering the work of internal audit.

Operative Date

This Auditing Standard is operative for financial reporting periods commencing on or after 1 July 2006.

Main changes from AUS 604 (October 1995) Considering the Work of Internal Auditing

The main differences between this Auditing Standard and the Auditing Standard issued by the Auditing & Assurance Standards Board of the Australian Accounting Research Foundation, AUS 604 (October 1995) Considering the Work of Internal Auditing, are that in this Auditing Standard:

1.                   The word ‘shall’, in the bold-type paragraphs, is the terminology used to describe an auditor’s mandatory requirements, whereas an auditor’s degree of responsibility is described in AUS 604 by the word ‘should’.

2.                   The explanatory guidance paragraphs provide guidance and illustrative examples to assist the auditor in fulfilling the mandatory requirements, whereas in AUS 604 some obligations are implied within certain explanatory paragraphs. Accordingly, such paragraphs have been redrafted to clarify that the matter forms part of the explanatory guidance.

3.                   The following additional mandatory requirement, not contained in AUS 604, is included:

(a)                 the external auditor shall perform an assessment of the internal audit function when internal audit is relevant to the external auditor’s risk assessment (paragraph 14).

 


AUTHORITY STATEMENT

The Auditing and Assurance Standards Board (AUASB) makes Auditing Standard ASA 610 Considering the Work of Internal Audit as set out in paragraphs 1 to 24 and Appendix 1, pursuant to section 227B of the Australian Securities and Investments Commission Act 2001 and section 336 of the Corporations Act 2001.

This Auditing Standard is to be read in conjunction with the Preamble to AUASB Standards, which sets out the intentions of the AUASB on how the Auditing Standards are to be understood, interpreted and applied.

The mandatory requirements of this Auditing Standard are set out in bold-type paragraphs.

 

 

 

 

Dated 28 April 2006                                                                                   M H Kelsall
                                                                                                        Chairman - AUASB

 


AUDITING STANDARD ASA 610

Considering the Work of Internal Audit

Application

1                    This Auditing Standard applies to:

(a)                 an audit of a financial report for a financial year, or an audit of a financial report for a half-year, in accordance with Part 2M.3 of the Corporations Act 2001; and

(b)                 an audit of a financial report for any other purpose.

2                     This Auditing Standard also applies, as appropriate, to an audit of other financial information.

Operative Date

3                    This Auditing Standard is operative for financial reporting periods commencing on or after 1 July 2006.

Introduction

4                     The purpose of this Auditing Standard is to establish mandatory requirements and to provide explanatory guidance to external auditors in considering the work of internal audit. This Auditing Standard does not deal with instances when personnel from internal audit assist the external auditor in carrying out external audit procedures. The audit procedures noted in this Auditing Standard are ordinarily only applied to internal audit activities which are relevant to the audit of the financial report.

5                    The external auditor shall consider the activities of internal audit and their effect, if any, on external audit procedures.

6                     “Internal audit” means an appraisal activity established within an entity as a service to the entity. Its functions include, amongst other things, monitoring internal control.

7                     While the external auditor has sole responsibility for the audit opinion expressed and for determining the nature, timing and extent of external audit procedures, certain parts of internal audit work may be useful to the external auditor.

Scope and Objectives of Internal Audit

8                     The scope and objectives of internal audit vary widely and depend on the size and structure of the entity and the requirements of those charged with governance and management. Ordinarily, internal audit activities include one or more of the following:

·                     Monitoring of internal control. The establishment of adequate internal control is a responsibility of those charged with governance and management which demands proper attention on a continuous basis. Internal audit is ordinarily assigned specific responsibility by those charged with governance for reviewing controls, monitoring their operation and recommending improvements thereto.

·                     Examination of financial and operating information. This may include review of the means used to identify, measure, classify and report such information and specific enquiry into individual items including detailed testing of transactions, balances and procedures.

·                     Review of the economy, efficiency and effectiveness of operations including non-financial controls of an entity.

·                     Review of compliance with laws, regulations and other external requirements and with management policies and directives and other internal requirements.

Relationship Between Internal Audit and the External Auditor

9                     The role of internal audit is determined by those charged with governance and management, and its objectives differ from those of the external auditor who is appointed to report independently on the financial report. The internal audit function’s objectives vary according to the requirements of those charged with governance and management. The external auditor’s primary concern is whether the financial report is free of material misstatements and is prepared, in all material respects, in accordance with an applicable financial reporting framework.

10                  Nevertheless some of the means of achieving their respective objectives are often similar and thus certain aspects of internal audit may be useful in determining the nature, timing and extent of external audit procedures.

11                  Internal audit is part of the entity. Irrespective of the degree of autonomy and objectivity of internal audit, it cannot achieve the same degree of independence as required of the external auditor when expressing an opinion on the financial report. The external auditor has sole responsibility for the audit opinion expressed, and that responsibility is not reduced by any use made of internal audit. All judgements relating to the audit of the financial report are those of the external auditor.

Understanding and Preliminary Assessment of Internal Audit

12                 The external auditor shall obtain a sufficient understanding of internal audit activities to identify and assess the risks of material misstatement of the financial report and to design and perform further audit procedures.

13                  Effective internal audit will often allow a modification in the nature and timing, and a reduction in the extent of audit procedures performed by the external auditor but cannot eliminate them entirely. In some cases, however, having considered the activities of internal audit, the external auditor may decide that internal audit will have no effect on external audit procedures.

14                 The external auditor shall perform an assessment of the internal audit function when internal audit is relevant to the external auditor’s risk assessment.

15                  The external auditor’s assessment of the internal audit function will influence the external auditor’s judgement about the use which may be made of internal audit in making risk assessments and thereby modifying the nature, timing and extent of further external audit procedures.

16                  When obtaining an understanding and performing an assessment of the internal audit function, the important criteria are ordinarily the following:

·                     Organisational status: Specific status of internal audit in the entity and the effect this has on its ability to be objective. In the ideal situation, internal audit will report administratively to the highest level of management and functionally to those charged with governance and be free of any other operating responsibility. Any constraints or restrictions placed on internal audit by management or those charged with governance would ordinarily be carefully considered. In particular, the internal auditors will need to be free to communicate fully with the external auditor.

·                     Scope of function: The nature and extent of internal audit assignments performed. The external auditor would also ordinarily consider whether management and those charged with governance act on internal audit recommendations and how this is evidenced.

·                     Technical competence: Whether internal audit is performed by persons having adequate technical training and proficiency as internal auditors. The external auditor may, for example, review the policies for hiring and training the internal audit staff and their experience and professional qualifications.

·                     Due professional care: Whether internal audit is properly planned, supervised, reviewed and documented. The existence of adequate audit manuals, work programs and working papers would ordinarily be considered.

17                  A suggested questionnaire to assist in obtaining an understanding and making a preliminary assessment of internal audit is attached at Appendix 1.

Timing of Liaison and Coordination

18                  When planning to use the work of internal audit, the external auditor will ordinarily need to consider internal audit’s tentative plan for the period and discuss it at as early a stage as possible. Where the work of internal audit is to be a factor in determining the nature, timing and extent of the external auditor’s procedures, it is desirable to agree in advance the timing of such work, the extent of audit coverage, materiality levels and proposed methods of sample selection, documentation of the work performed and review and reporting procedures.

19                  Liaison with internal audit is more effective when meetings are held at appropriate intervals during the period. The external auditor would ordinarily be advised of and have access to relevant internal audit reports and be kept informed of any significant matter that comes to the internal auditor’s attention which may affect the work of the external auditor. Similarly, the external auditor would ordinarily inform the internal auditor of any significant matters which may affect internal audit.

Evaluating the Work of Internal Audit

20                 When the external auditor intends to use specific work of internal audit, the external auditor shall evaluate and perform audit procedures on that work to confirm its adequacy for the external auditor’s purposes.

21                  Under paragraph 20 of this Auditing Standard, the auditor needs to evaluate the specific work of internal audit which involves consideration of the adequacy of the scope of work and related programs and whether the assessment of the internal audit remains appropriate. This evaluation may include consideration of whether:

·                     the work is performed by persons having adequate technical training and proficiency as internal auditors and the work of assistants is properly supervised, reviewed and documented;

·                     sufficient appropriate audit evidence is obtained to be able to draw reasonable conclusions;

·                     conclusions reached are appropriate in the circumstances and any reports prepared are consistent with the results of the work performed;

·                     identified issues and risks were reported to the relevant governance body; and

·                     any exceptions or unusual matters disclosed by internal audit are properly resolved.

22                  The nature, timing and extent of the audit procedures performed on the specific work of internal audit will depend on the external auditor’s judgement as to the risk of material misstatement of the area concerned, the assessment of internal audit and the evaluation of the specific work by internal audit. Such audit procedures may include examination of items already examined by internal audit, examination of other similar items and observation of internal audit procedures.

23                  Under ASA 230 Audit Documentation, the external auditor needs to record conclusions regarding the specific internal audit work that has been evaluated and the audit procedures performed on the internal auditor’s work.


Conformity with International Standards on Auditing

24                  Except as noted below, this Auditing Standard conforms with International Standard on Auditing ISA 610 Considering the Work of Internal Audit, issued by the International Auditing and Assurance Standards Board of the International Federation of Accountants. The main differences between this Auditing Standard and ISA 610 are:

·                     This Auditing Standard includes in Appendix 1 a questionnaire which assists the auditor in obtaining an understanding and making a preliminary assessment of internal audit, whereas ISA 610 does not.

·                     This Auditing Standard does not include a separate section on the public sector as it is sector neutral. ISA 210 includes a Public Sector Perspective section.

Compliance with this Auditing Standard enables compliance with ISA 610.

 


APPENDIX 1
INTERNAL AUDIT – UNDERSTANDING AND PRELIMINARY ASSESSMENT QUESTIONNAIRE

The answers to the following questions may assist in obtaining an understanding and making a preliminary assessment of internal audit.

 

 

                                      Questionnaire

Yes

No

N/A

 

Organisational Status

1                     Who does the head of internal audit report to and is this appropriate?

2                     Do those charged with governance's and/or management’s view of internal audit appear not to limit internal audit?

3                     Is the head of internal audit free from:

(a)                 the influences of operational management which would impact on the head of internal audit’s objectivity?

(b)                 any operating responsibility?

4                     Does the head of internal audit have:

(a)                 direct access (in case of need) to:

(i)                  the governing body?

(ii)                 the chairman of the governing body?

(iii)               the chief executive?

(iv)               the audit committee (if applicable)?


 

 




                                      Questionnaire

Yes

No

N/A

 

Organisational Status  –  continued

(b)                 freedom/flexibility from direct instruction from those charged with governance as to the scope and direction of audit activity?

(c)                 freedom to communicate with the external auditor on relevant matters on a regular basis?

(If the answer to any of questions 3(a) or (b) or 4(a) to (c) is negative, describe how objectivity is achieved and maintained).

 

Scope of Function

5                     (a)           Does internal audit regularly examine the controls over all significant accounting operations which affect the financial report? (If not, describe the areas not covered by internal audit).

                (b)           Does the head of internal audit have flexibility to act using discretion on suggestions made by the external auditor as to areas to be included in the internal audit program?

                (c)           Do internal audit reports and working papers indicate that internal audit applies a professional approach to audit assignments?

                (d)           Has past experience shown that internal audit has been able to complete previous internal audit programs?


 

 

                                      Questionnaire

Yes

No

N/A

 

Scope of Function  –  continued

6                     (a)           (i)            Do internal audit reports identify weaknesses/problems and contain recommendations for improvements?

                                (ii)           Are such reports addressed to the appropriate level of those charged with governance capable and able to achieve satisfactory audit results?

                                (iii)          Are copies of all reports forwarded to:

·                     the chairman of the governing body or chief executive? and/or

·                     the audit committee (if applicable)?

                (b)           Are copies of all reports relating to accounting and associated records available to the external auditor?

(If 6(a) or (b) are answered in the negative, describe the method of reporting).

7                     (a)           Is there evidence, for example in the minutes of governing body and/or audit committee meetings that internal audit reports have been considered?

                (b)           Is there evidence that a person of senior authority, for example the chief executive, has taken action to see that internal audit recommendations are properly considered?


 

                                      Questionnaire

Yes

No

N/A

 

 

Scope of Function  –  continued

(If the answer to 7(a) or (b) is negative, describe the process for ensuring that consideration is given to internal audit reports and recommendations).

 

 

Technical Competence

8                     Is the head of internal audit a professionally trained auditor? (If not, describe qualifications by training and by experience for the position held).

9                     (a)           Do the entity's hiring and/or internal promotion/transfer policies for internal audit require:

(i)                  tertiary qualifications?

(ii)                 formal professional qualifications?

(iii)               previous internal audit experience?

(b)                 Does the entity provide internal audit staff with the opportunity to maintain professional competence, for example by encouraging:

(i)                  internal staff training?

(ii)                 attendance at external training and professional courses?

10                  Do assignments undertaken reflect those charged with governance confidence in internal audit, and provide experience in audit related work?


 

 

                                      Questionnaire

Yes

No

N/A

 

 

Technical Competence  -  continued

11                  Do the reports prepared by internal audit reflect a clear understanding of the audit task undertaken and the expression of valid conclusions?

12                  If the entity has a large internal audit function, does it contain an adequate proportion of professionally trained/experienced auditors?

 

 

Due Professional Care

13                  (a)           Does internal audit have a procedures manual clearly describing staff responsibilities and audit procedures concerning documentation?

                (b)           Is the work of internal audit controlled and supervised through managers or supervisors responsible to the head of the department, each of whom supervises the work of staff allocated?

14                  (a)           Does internal audit use written audit programs prepared in conformity with appropriate professional standards and practice?

                (b)           Are comprehensive audit programs prepared for all internal audit engagements?

15                  (a)           Does internal audit prepare working papers to record work done and conclusions drawn?

                (b)           Are the working papers reviewed by appropriate internal audit staff?

 

 

                                      Questionnaire

Yes

No

N/A

 

 

Due Professional Care  -  continued

16                  Where the internal audit activity is co-sourced or fully outsourced, is the relationship between the organisation and the third party provider appropriate and well managed?

(If the answer to any of questions 13 to 16 is negative describe the process used for planning, supervising, reviewing and documenting internal audit work).