Annual report 2021/22

Report on the quality of annual audits 2021/22

This report outlines how the Office of the Auditor-General monitors the quality of annual audits.

The way we operate

The Auditor-General appoints auditors to carry out annual audits of public organisations on his behalf. These auditors are appointed from Audit New Zealand (the Auditor-General’s in-house audit service provider) and about 25 private sector audit firms. There are about 150 auditors with the authority to audit and issue audit reports for the public organisations they are appointed to audit.

Because of the way we operate, the following key elements need to operate effectively:

  • the independence of auditors appointed to carry out audits;
  • the application of the Auditor-General’s auditing standards by auditors;1 and
  • the quality of the work that auditors carry out.

Our system of quality

Professional and ethical standards require us to establish and maintain a system of quality designed to provide reasonable assurance that we comply with standards and applicable legal and regulatory requirements, and issue appropriate reports arising from our work. The system of quality is based on five elements and the policies and procedures that address each element:

  • Leadership responsibilities.
  • Ethical requirements.
  • Human resources.
  • Carrying out audit work.
  • Monitoring the quality of audit work.

We report on the processes, policies, and procedures that support each element of audit quality as it applies to the Office of the Auditor-General, Audit New Zealand, and other audit service providers that carry out audits on behalf of the Auditor-General. We also include quality indicators, which measure performance for 2021/22.

Leadership responsibilities

Our governance and reporting structure contributes to audit quality

The Auditor-General is responsible for the system of quality for all audits carried out on his behalf.

Audit quality is governed through the Office’s Audit Performance and Quality Governance Committee. The role of the committee is to monitor audit delivery and quality. Membership of the committee includes the Auditor-General and Deputy Auditor-General. The committee normally meets six times each year and its remit includes:

  • monitoring the strategic and operational risks associated with audit quality;
  • monitoring the operating effectiveness and efficiency of the quality framework against the audit quality indicators;
  • monitoring the findings of internal and external reviews of audit quality; and
  • monitoring progress in addressing the findings and recommendations made in internal and external reviews.

The committee met five times in 2021/22, due to one meeting being cancelled.

Our Audit and Risk Committee also provides independent assurance and advice to the Auditor-General. See Appendix 1 for a report from the Committee.

Our values and systems emphasise audit quality

Our values guide us to carry out our audit work objectively and impartially. We have systems, processes, and controls that set high standards of independence and quality. These work together to ensure accountability for quality is clear throughout our organisation.

We obtain independent views about audit quality

As well as our internal monitoring of audit quality, we obtain external independent views about audit quality. The Financial Markets Authority reviews audit files of public organisations operating in capital markets, including some public sector organisations audited by private sector audit firms. We also periodically invite the Financial Markets Authority and the New Zealand Institute of Chartered Accountants Practice Review Group to carry out quality reviews of Audit New Zealand. Both organisations were invited to carry out their reviews of Audit New Zealand in 2022.

The Financial Markets Authority reviewed both the system of quality control and a sample of audit files. The report identified only low-rated findings about the system of quality control. It also identified medium and low-rated findings for the sample of audit files – this means that there is nothing that would change the audit reports that were issued. However, there are matters where we can continue to improve our systems and processes.

The New Zealand Institute of Chartered Accountants Practice Review Group reviewed a sample of audit files. We are awaiting their final report.

All findings and comments in the reports will be assessed in detail to identify improvements that can be made to our system of quality control and to the training provided to auditors.

Ethical requirements

Our policies, procedures, and methods promote an ethical workplace

Independence is fundamental to our ability to act with integrity, be objective, and maintain an attitude of professional scepticism. Professional and ethical standards require auditors to be independent of the organisation they are auditing. The Auditor-General’s auditing standards, which incorporate these professional and ethical standards, set a high standard for independence (both of mind and in appearance).

The Auditor-General’s auditing standard on independence applies to all staff, including Audit New Zealand and the private sector audit firms that carry out public sector audits.  The standard is based on the requirements of the New Zealand standard issued by the External Reporting Board to the extent there is not a conflict with the Auditor-General’s legislated mandate and responsibilities. The Auditor-General’s standard goes further than the External Reporting Board's standard by restricting the work auditors can carry out for an organisation they audit to work of an assurance nature. This reflects the Auditor-General’s view that independence is fundamental to a high-quality public sector audit.

We monitor compliance with audit independence requirements

We monitor compliance with the Auditor-General’s auditing standard on independence in several ways.

For staff, including Audit New Zealand, the work that can be done is limited by the Public Audit Act 2001. The independence of those involved in annual audits is closely monitored, including as part of our quality assurance review program for annual audits.

For private sector audit firms, we monitor the other services they carry out for public organisations they audit on behalf of the Auditor-General. We also pre-approve or decline work they propose carrying out that could cause people to question their independence. We consider independence as part of our quality assurance review program for annual audits.

For 2021/22, we were satisfied that independence standards were upheld.

We monitor how long key staff audit the same public organisation

The Auditor-General’s auditing standards limit the number of years that key audit staff can carry out the annual audit on the same public organisation. This is to safeguard against the threat to independence that might arise from auditing an organisation for a long time. The standard specifies the length of time that key audit staff can be assigned to the annual audit before being taken off that audit.

For 2021/22, we complied with the Auditor-General’s standard.

Human resources

All audits are allocated either to Directors in Audit New Zealand or to partners in private sector audit firms. Therefore, recruiting, hiring, retaining, and promoting qualified audit staff is performed by audit service providers. Our expectation is that audit work is completed by staff with the right skills and experience.  We monitor the skills of audit teams as part of our quality assurance reviews.

Based on our quality assurance reviews for 2021/22, we were satisfied with the skills and experience of staff allocated to audits.

Carrying out audit work

We establish, maintain, and communicate audit expectations

The Office of the Auditor-General requires all audit service providers to have their own audit methodology and to apply the professional quality standards. This typically results in multiple levels of review of audit files. Auditors carry out audits based on the Auditor-General’s auditing standards and requirements and guidance provided by the Office in an audit brief.

In 2021/22, we revised our standard for when we require an engagement quality review. The changes were made to reflect new quality standards. We require our auditor service providers to consider a wide range of quality risk factors as part of assessing whether to appoint an engagement quality reviewer. The intent of these changes is to better assess and respond to risks to quality.

We require auditors to consult about matters that could affect an audit report

The Auditor-General’s auditing standards require auditors to consult with the Office on specific matters that could result in a non-standard audit report. The Office of the Auditor-General has an Opinions Review Committee that meets, as required, to determine the modifications to be included in audit opinions and other matters to be highlighted in audit reports. For 2021/22, the Committee met 40 times.

We analyse the matters considered by the Committee and communicate them to auditors so they can be aware of them during their audit work.

We require auditors to inform us of issues discovered in audited information

Sometimes during an audit an auditor discovers, or is made aware of, an error or misstatement in the previous year’s financial statements or performance information. If known at the time, this would have resulted in changes to the financial statements or performance information or a qualification of the opinion in the auditor’s report. The number and impact of these errors or misstatements can signal potential problems with the audit.

Such errors or misstatements in financial information require the previous year’s financial statements to be restated, and information included in the current year’s financial statements about the error or misstatement and its impact.

During the past year, there were 48 errors reported to us. This is compared with 31 in 2020/21. This represents 1.7% of the total number of audit reports issued in 2021/22, compared with 0.9% in 2020/21. Most of the errors were for local authorities, council-controlled organisations,  and State-owned enterprises. Most of the previous period adjustments related to differences in accounting policies between the group entity and the parent entity.

We investigate these matters to establish why the error was not identified during the audit and whether improvements can be made for future audits.  

The errors included misclassification between financial statement line items, which did not affect the reported surplus or deficit, as well as non-compliance with generally accepted accounting practice. There was no common theme in non-compliance.

We also incorporate the findings of our analysis in our future quality assurance reviews.

We have engagement quality review for complex and high-risk audits

The Auditor-General’s auditing standards require an engagement quality review for large and high-risk audits, and the audits of FMC reporting entities and councils’ long-term plans.

An engagement quality review provides an objective evaluation of the significant judgements made by the auditor and the conclusions reached before the auditor signs the audit opinion.

We assess compliance of an engagement quality review as part of our quality assurance reviews, including evidence that the review met the requirements of the standard. For 2021/22, we were satisfied, based on our quality reviews, that all audits that required an engagement quality review had one. 

Monitoring the quality of audit work

Quality reviews and findings

Monitoring compliance with the Auditor-General’s auditing standards is a key element of our system of quality assurance. Our quality assurance reviews are in addition to audit service providers monitoring their own system of quality control and complying with professional ethical standards.

Our quality assurance reviews of annual audits determine whether audit engagements complied with the Auditor-General’s auditing standards, relevant regulatory and legal requirements, and our policies.

In 2021/22, we monitored 34 auditors (2020/21: 44 auditors). Our monitoring covers, on a cyclical basis, all auditors appointed to carry out audits. We choose the audit files we want to review in accordance with our quality assurance policy, which considers the size and complexity of the audit.

Our monitoring activities in 2021/22 included:

  • annual quality assurance reviews of 79 completed audits; and
  • real-time quality assurance reviews of six in-process audits.

Of the 85 audit files reviewed, we identified 14 that required improvement. There were no issues that put into question the appropriateness of the opinion included in the audit report. We will monitor the remediation of the issues found or perform further quality assurance reviews of audits carried out by that auditor.

A high number of findings from quality assurance reviews, particularly when these are repetitive, indicate issues with audit quality. Timely identification and appropriate remediation of issues is necessary to facilitate improvements in audit quality.

We evaluate findings identified in internal and external quality assurance reviews and determine any repetitive issues. We ask our auditors to carry out root cause analysis for repetitive issues to understand the underlying drivers of quality issues and address them with targeted action plans.

Issues for which we want audit improvement include procedures to test fair value and other estimates, evaluate the design of internal controls for information technology systems, assess completeness of revenue, and test performance information.

How we determine the cause of quality assurance review findings

We ask audit service providers to perform root cause analysis for the significant findings from our quality assurance reviews. Such analysis provides a deeper understanding of improvements that are needed, including improvements to audit methodologies. By gaining a deeper understanding of the drivers of quality issues identified, targeted changes and follow-up actions can be developed.

We are monitoring the planned interventions that audit firms are implementing to help prevent these recurring. 

How we assess timely and effective remediation of quality assurance review findings

In each report to the Office’s Audit Performance and Quality Governance Committee on quality assurance reviews, we report on the follow-up actions for audit files with significant issues.

We require our auditors to remediate all significant issues and, where necessary, make changes to the audit approach for subsequent audits. For 2021/22, auditors are responding to our quality assurance review findings and remediating where necessary. Our follow-up to assess remediation will also occur as part of our 2022/23 quality assurance review programme.

1: The Public Audit Act 2001 requires the Auditor-General to set auditing standards for carrying out audits. These are referred to as the Auditor-General’s auditing standards. These standards incorporate the New Zealand auditing standards and include professional and ethical standards specific to independence and audit quality.