Top 10 breaches: audit and non-audit engagements

When it comes to engagement breaches, similar mistakes are made year after year. Read on for the top 10 for both audit and non-audit engagements.

Updated 24 April 2017

By Caroline Karavias

Every year CPA Australia’s quality review team composes its list of the top 10 breaches that are reported for both audit and non-audit engagements. While there is some movement from time to time of the standards that make the list, most of the standards reported are the same year on year.

For example, one of the most common reasons members have been found to have breached the auditing standards is that there isn’t the documentary evidence to support the work that has been performed. Members often simply "tick" or have a "yes" or "no" answer on the checklists used. This alone doesn’t provide sufficient evidence.

Audit engagements are as much of a mindset activity as an examination. The decisions made by an auditor, the documentation sighted, the reasoning and logic applied, are as important to the work papers as the signed audit report.

Another common audit breach identified is members not having, or having an inadequate, audit plan in place. This can be the result of members relying on the software program to produce the audit plan, rather than ensuring that it is tailored to the engagement. This can mean that not only does the member lack an appropriate audit plan but this action (or inaction) also may result in key steps of the audit being missed, such as risk assessments or determining assertion levels.

Professional Development: CPA Australia's Public Practice Conference is a one-stop event that addresses a range of technical, taxation and practice management topics

There are resources available for those members who offer audit and assurance services which can be found on the CPA Australia website. One particular resource of note which is complimentary as part of a member’s public practice certificate fee is our Small Entities Audit Manual (SEAM), which offers some practical guidance when planning and executing an audit of a small-to-medium-sized entity. It gives specific guidance for the relevant standards, audit risk areas and legislation for each of the small entities covered.

However, using SEAM alone will not ensure a member is compliant with the applicable audit standards. Members do need to tailor the programs to suit the individual engagement.

For non-audit related breaches one of the most commonly reported issues is a breach of APES 315 Compilation of Financial Information. This standard is often breached due to members not utilising all the functionality of the software employed or not running all the software updates provided.

However it is also due, in part, to members not being aware of the requirements of the APES 315 standard and assuming that what is produced by the software is compliant without doing the necessary checks against APES 315.

Another common breach concerns APES 320 Quality Control for Firms. Members are still failing to document their quality control policies and procedures. One of the reasons for this may be that members are feeling overwhelmed when reading the standard or trying to apply it.

Most members are using some form of quality control policies and procedures within their practice. There are a number of tools and resources available on CPA Australia’s website to help members comply with APES 320.

Members are reminded that the size and complexity of a quality control manual is dependent on the type of practice they are running. For example, a sole practitioner only performing compliance-based services may have a less formal quality control manual that is smaller in size compared to a multi-partner firm offering many engagement types.

Available on the Quality Review homepage on the CPA Australia website is a list of the top 10 breaches for audit and non-audit engagements, as well as some examples of how members have been found to have breached each of the standards. These are a very good starting point for understanding what is commonly overlooked when performing the engagements.

Find the tools, resources and guidance material developed for public practitioners

Top 10 non-audit breaches for 2016

 1 APES 315 Compilation of Financial Information
 2 APES 220 Taxation Services
 3 APES 305 Terms of Engagement
 4 APES 320 Quality Control for Firms
 5 CPA Australia’s Branding Requirements
 6 APES 325 Risk Management for Firms
 7 APES 110 Code of Ethics for Professional Accountants
 8 APES 310 Dealing with Client Monies
 9 APES 205 Conformity with Accounting Standards
 10 CA s347A Corporations Act 2001 (CA) Solvency Resolution

Top 10 audit and assurance breaches in 2016

 1 ASA 240 The Auditor’s Responsibilities Relating to Fraud in an Audit of a Financial Report
 2 ASA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Australian Auditing Standards
 3 ASA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment
 4 ASA 300 Planning an Audit of a Financial Report
 5 ASA 320 Materiality in Planning and Performing an Audit
 6 ASA 330 The Auditor’s Responses to Assessed Risks
 7 ASA 230 Audit Documentation
 8 ASAE 3100 Compliance Engagements
 9 ASA 550 Related Parties
 10 ASA 210 Agreeing the Terms of Audit Engagements

Caroline Karavias CPA is one of CPA Australia’s technical advisers for quality review education.

Special Edition
Special Edition

Read the special edition of INTHEBLACK.

In recognition of Mental Health Month, this special edition features inspiring articles, resources and tools to help you deal with uncertainty, burnout and stress.