1769-IF4I extent, of audit procedures to be performed directly by the external auditor, or to use internal auditors to provide direct assistance, are: (a) To determine whether the work of the internal audit function or direct assistance from internal auditors can be used, and if so, in which areas and to what extent; and having made that determination: (b) If using the work of the internal audit function, to determine whether that work is adequate for purposes of the audit; and (c) If using internal auditors to provide direct assistance, to appropriately direct, supervise and review their work. Definitions 14. For purposes of the ISAs, the following terms have the meanings attributed below: (a) Internal audit function – A function of an entity that performs assurance and consulting activities designed to evaluate and improve the effectiveness of the entity’s governance, risk management and internal control processes. (Ref: Para. A1–A4) (b) Direct assistance – The use of internal auditors to perform audit procedures under the direction, supervision and review of the external auditor. Requirements Determining Whether, in Which Areas, and to What Extent the Work of the Internal Audit Function Can Be Used Evaluating the Internal Audit Function 15. The external auditor shall determine whether the work of the internal audit function can be used for purposes of the audit by evaluating the following: (a) The extent to which the internal audit function’s organizational status and relevant policies and procedures support the objectivity of the internal auditors; (Ref: Para. A5–A9) (b) The level of competence of the internal audit function; and (Ref: Para. A5–A9) (c) Whether the internal audit function applies a systematic and disciplined approach, including quality control. (Ref: Para. A10–A11) 16. The external auditor shall not use the work of the internal audit function if the external auditor determines that: (a) The function’s organizational status and relevant policies and procedures do not adequately support the objectivity of internal auditors; (b) The function lacks sufficient competence; or (c) The function does not apply a systematic and disciplined approach, including quality control. (Ref: Para. A12–A14) ISA 610 (REVISED 2013), USING THE WORK OF INTERNAL AUDITORS 7 Determining the Nature and Extent of Work of the Internal Audit Function that Can Be Used 17. As a basis for determining the areas and the extent to which the work of the internal audit function can be used, the external auditor shall consider the nature and scope of the work that has been performed, or is planned to be performed, by the internal audit function and its relevance to the external auditor’s overall audit strategy and audit plan. (Ref: Para. A15–A17) 18. The external auditor shall make all significant judgments in the audit engagement and, to prevent undue use of the work of the internal audit function, shall plan to use less of the work of the function and perform more of the work directly: (Ref: Para. A15–A17) (a) The more judgment is involved in: (i) Planning and performing relevant audit procedures; and (ii) Evaluating the audit evidence gathered; (Ref: Para. A18–A19) (b) The higher the assessed risk of material misstatement at the assertion level, with special consideration given to risks identified as significant; (Ref: Para. A20–A22) (c) The less the internal audit function’s organizational status and relevant policies and procedures adequately support the objectivity of the internal auditors; and (d) The lower the level of competence of the internal audit function. 19. The external auditor shall also evaluate whether, in aggregate, using the work of the internal audit function to the extent planned would still result in the external auditor being sufficiently involved in the audit, given the external auditor’s sole responsibility for the audit opinion expressed. (Ref: Para. A15–A22) 20. The external auditor shall, in communicating with those charged with governance an overview of the planned scope and timing of the audit in accordance with ISA 260,7 communicate how the external auditor has planned to use the work of the internal audit function. (Ref: Para. A23) Using the Work of the Internal Audit Function 21. If the external auditor plans to use the work of the internal audit function, the external auditor shall discuss the planned use of its work with the function as a basis for coordinating their respective activities. (Ref: Para. A24–A26) 22. The external auditor shall read the reports of the internal audit function relating to the work of the function that the external auditor plans to use to obtain an understanding of the nature and extent of audit procedures it performed and the related findings. 23. The external auditor shall perform sufficient audit procedures on the body of work of the internal audit function as a whole that the external auditor plans to use to determine its adequacy for purposes of the audit, including evaluating whether: (a) The work of the function had been properly planned, performed, supervised, reviewed and documented; (b) Sufficient appropriate evidence had been obtained to enable the function to draw reasonable conclusions; and 7 ISA 260, Communication with Those Charged with Governance, paragraph 15 ISA 610 (REVISED 2013), USING THE WORK OF INTERNAL AUDITORS 8 (c) Conclusions reached are appropriate in the circumstances and the reports prepared by the function are consistent with the results of the work performed. (Ref: Para. A27–A30) 24. The nature and extent of the external auditor’s audit procedures shall be responsive to the external auditor’s evaluation of: (a) The amount of judgment involved; (b) The assessed risk of material misstatement; (c) The extent to which the internal audit function’s organizational status and relevant policies and procedures support the objectivity of the internal auditors; and (d) The level of competence of the function;8 (Ref: Para. A27–A29) and shall include reperformance of some of the work. (Ref: Para. A30) 25. The external auditor shall also evaluate whether the external auditor’s conclusions regarding the internal audit function in paragraph 15 of this ISA and the determination of the nature and extent of use of the work of the functio |
