AG-8

Statutory Requirements for the Auditor-General to Report, Other than Annual Audits

Introduction

Scope of this Standard

This Auditor-General’s Auditing Standard (the Standard) establishes principles to be followed, establishes requirements, and provides application guidance, where appropriate, for the Auditor-General, the Deputy Auditor-General, and those working on behalf of the Auditor-General who carry out engagements (other than annual audits) that are required to be carried out by the Auditor-General under legislation.
Examples of statutory responsibilities placed on the Auditor-General (other than annual audits) include:
1. Audits of local authority long-term plans under the Local Government Act 2002;
2. Assurance of information disclosures by regulated industries under Determinations issued by the Commerce Commission under the Commerce Act 1986;
3. The audit of the New Zealand Health Plan under the Pae Ora (Healthy Futures) Act 2022; and
4. Reporting on the New Zealand Transport Agency’s implementation of systems and procedures to enable it to give effect to the “scrutiny principle” under the Land Transport Management Act 2003.
This Standard only applies to audit and assurance engagements that directly arise from legislation that place an obligation on the Auditor-General to report, other than annual audits. Explanatory material sets out how the Auditor-General’s auditing standards regulate engagements, other than engagements carried out under this Standard or annual audits (Ref: Para. A1-A6).

Application

Compliance with this Standard is mandatory for the Auditor-General, the Deputy Auditor-General, and those working on behalf of the Auditor-General for who carry out engagements (other than annual audits) that are required to be carried out by the Auditor-General under legislation (collectively referred to as “the auditor” in this Standard).
This Standard recognises that more appropriate standards may apply to engagements (other than annual audits) that are required to be carried out by the Auditor-General under legislation. For example, the audits of local authority long-term plans are carried out under International Standard on Assurance Engagements (New Zealand) 3000 (Revised): Assurance Engagements Other Than Audits or Reviews of Historical Financial Information and International Standard on Assurance Engagements 3400: The Examination of Prospective Financial Information, in addition to the Auditor-General’s auditing standards. If there are conflicting requirements between this Standard and a more appropriate standard, then the requirements of the more appropriate standard shall apply.
The relationship between this Standard and the other Auditor-General’s auditing standards that directly relate to engagements (other than annual audits) that are required to be carried out by the Auditor-General under legislation is explained in Figure 1.

Figure 1 – Application of the Auditor-General’s Auditing Standards

AG PES 3: Quality Management for Firms that Perform Audits or Reviews of Financial Statements, or Other Assurance or Related Services Engagements and the underlying PES 3

↓

AG 8

This Standard applies to all engagements (other than annual audits) required to be carried out by the Auditor-General under legislation that are commenced on or after 1 July 2025.

Objectives

The objective of the auditor is to carry out engagements (other than annual audits) required to be carried out by the Auditor-General under legislation in compliance with this Standard so that:
1. conclusions are formed based on sufficient and appropriate evidence; and
2. findings, conclusions, and, where appropriate, recommendations are clearly communicated.

Principles

Engagements under this Standard are required to be carried out in accordance with the following principles of the Auditor-General’s Code of Ethics (the Code):
1. integrity;
2. objectivity;
3. professional competence and due care;
4. confidentiality; and
5. professional behaviour.

Definitions

For the purpose of this Auditor-General’s Auditing Standard the terms listed below have the following meanings:

Audited entity: means a public entity (or entities), as defined in section 5 of the Act, that is responsible for the subject matter of the engagement (other than the annual audit) required to be carried out by the Auditor-General under legislation.
Auditor: means the Auditor-General, the Deputy Auditor-General, and those working on behalf of the Auditor-General.
Engagement: means a discrete exercise or assignment that is carried out in response to a statutory requirement placed on the Auditor-General to report (other than an annual audit).
Relevant party: means any party, other than the audited entity, who, in the opinion of the auditor, may be directly affected by, and/or may have information material to the engagement.
Terms of the engagement: means the documentation specifying the nature and scope of the engagement.
The Act: means the Public Audit Act 2001.

Requirements

Applying the principles

The auditor shall apply the principles of the Code that are summarised in paragraph 8 when carrying out the engagement (Ref: Para. A7).

Applying quality management procedures

The auditor shall apply quality management procedures in accordance with the Auditor-General’s Statement Professional and Ethical Standard 3: Quality Management for Firms that Perform Audits or Reviews of Financial Statements, or Other Assurance or Related Services Engagements (AG PES 3) and the underlying PES 3 issued by the New Zealand Auditing and Assurance Standards Board.

The terms of the engagement

The terms of the engagement shall be developed in accordance with any instructions issued by the Office of the Auditor-General (Ref: Para. A8-A9).
Where the engagement is to be carried out in accordance with a particular standard, that is deemed to be fit-for-purpose for the engagement, the terms of the engagement shall specifically refer to that standard.
The auditor shall communicate the terms of the engagement in writing to the audited entity and shall obtain written acknowledgement that the audited entity has agreed to those terms.
If there is any doubt as to whether an engagement should be accepted (when the Auditor applies their acceptance and continuance processes), the Auditor shall consult with the Office of the Auditor-General.
When the auditor becomes aware of entity specific statutory requirements that place a reporting obligation on the Auditor-General, and where the Office of the Auditor-General has not provided guidance or advice, the auditor shall notify the Sector Manager at the Office of the Auditor-General. The auditor and the Sector Manager (in conjunction with those with relevant expertise in the Office of the Auditor-General) will jointly determine the response to the statutory requirement, including the terms of the engagement.

Planning the engagement

The auditor shall plan the engagement so that it will be performed effectively (Ref: Para. A10-A11).
The auditor shall consider materiality and any significant risks when planning and carrying out the engagement (Ref: Para. A12-A13).

Obtaining and substantiating evidence (Ref: Para. A14-A17)

The Auditor shall obtain sufficient appropriate evidence on which to base the Auditor’s findings, conclusions, and, where appropriate, recommendations.
The Auditor shall evaluate the evidence obtained from the procedures performed as a basis for clearly expressing the Auditor’s findings, conclusions, and, where appropriate, recommendations.
If the Auditor has identified information that is inconsistent with the Auditor’s conclusions regarding a significant matter, the Auditor shall document how the Auditor addressed the inconsistency in forming the Auditor’s findings, conclusions, and, where appropriate, recommendations.
Where appropriate to the circumstances of the engagement, the auditor shall seek comment from the audited entity and the relevant party (where applicable) on the following matters.
1. the factual accuracy of the Auditor’s findings and conclusions;
2. whether any facts material to the Auditor’s findings, conclusions, and, where appropriate, recommendations have been omitted; and
3. the balance and fairness of the Auditor’s findings, conclusions, and, where appropriate, recommendations.
When feedback has been sought from the audited entity and the relevant party
(where appropriate) on the Auditor’s findings, conclusions, and, where appropriate, recommendations, the Auditor shall consider such feedback and make changes that the Auditor considers necessary to achieve a report that is factually accurate and balanced and fair.
If relevant to the engagement, the auditor shall consider the effect of events occurring:
1. between the period subject to the engagement (if the engagement relates to a specific period) and the release of the Auditor’s findings, conclusions, and, where appropriate, recommendations; or
2. between the completion of the formal evidence-gathering procedures and the release of the Auditor’s findings, conclusions, and, where appropriate, recommendations.

Documentation (Ref: Para. A18)

The auditor shall prepare documentation for filing on a timely basis that is sufficient and appropriate to provide:
1. a basis for the Auditor’s findings, conclusions, and, where appropriate, recommendations; and
2. evidence that the engagement was carried out in accordance with this Standard and/or other specific standards that are relevant to the engagement.

Reporting

The final report shall contain a clear expression of the Auditor’s findings, conclusions, and, where appropriate, recommendations. For some engagements the Office of the Auditor-General will prescribe the form and content of the report to be issued, and where an opinion is required, the expression of that opinion.
The auditor shall report significant matters that come to their attention during the engagement to those charged with governance of the audited entity and the relevant party (where applicable), in writing and in a timely manner.
The auditor shall provide copies of the final report to the Office of the Auditor-General and, when the auditor is not the Appointed Auditor for the annual audit of the audited entity, to the Appointed Auditor.

Identification of additional matters for follow-up

The auditor shall consider whether any matters that have come to their attention (and that are outside the terms of the engagement) are of relevance to the Auditor-General.
The auditor shall refer relevant matters to the Sector Manager at the Office of the Auditor-General for follow-up.

Communication of other matters arising during the engagement

The auditor shall consider any other reporting obligations to regulators and other parties, outside the terms of the engagement, in relation to matters identified during the engagement and refer the other reporting obligations to the Assistant Auditor-General – Legal, Policy and Inquiries. Any reporting to regulators and/or other third parties shall only be carried out following consultation with the Assistant Auditor-General – Legal, Policy and Inquiries.

Application and other explanatory material

Scope of this Standard

Application of the Auditor-General’s auditing standards to audit and assurance engagements that place a statutory obligation on the Auditor-General to report (Ref: Para. 3)

A1	This Standard only applies to engagements that directly arise from legislation that places an obligation on the Auditor-General to report, other than annual audits.. However, auditors are expected to carry out other engagements that are required, but that do not directly arise from legislation. Examples of such engagements include providing assurance to: a trustee about a public entity’s compliance with the terms of a Trust Deed in connection with borrowing; and a provider of grant funding to confirm that a grant has been expended by a public entity on a designated project.
A2	Engagements falling into the category of engagement in A1 above, that are carried out by the Auditor-General, the Deputy Auditor-General, and employees on behalf of the Auditor-General are given statutory authority to do so under section 17 of the Public Audit Act 2001 (the Act) and are carried out in accordance with AG-7: Other Auditing Services (AG-7).
A3	However, AG-7 does not apply to other auditors who carry out engagements (other than engagements under this Standard and annual audits) in respect of public entities. Such engagements are regulated by the Auditor-General’s Code of Ethics (the Code) and the accompanying Guide that generally limits these engagements to “work of an assurance nature”.
A4	The Guide helps auditors who are not employees of the Auditor-General to determine whether the engagement should be carried out in the name of the Auditor-General or in the name of the auditor’s firm. This decision is a matter for professional judgement and is primarily determined on whether the evidence used to support the auditor’s conclusion is based on evidence obtained when carrying out work on behalf of the Auditor-General (such as the annual audit).
A5	Certain engagements (other than annual audits) that are not required by legislation, may be required under the terms of contractual agreements between two (or more) parties. In most instances the auditor is not a party to the contractual agreement and the requirement placed on the auditor is written into the contract by the parties without consulting the auditor. In some instances the requirement placed on the auditor may be beyond the capability of the auditor, or may conflict with the auditor’s ethical responsibilities under the Code.
A6	Before accepting an engagement where a contractual requirement is beyond the capability of the auditor, or may conflict with the auditor’s ethical responsibilities under the Code, the auditor should report this matter to the public entity that is seeking the service, and to the OAG.

Applying the principles (Ref: Para. 10)

Auditors may also need to comply with an ethical code (or equivalent) that applies to them because they are members of a profession or occupational group other than Chartered Accountants Australia and New Zealand or a professional accounting body of equivalent standing. Where a conflict arises, or may arise, because of a conflict between the Code and any other ethical code (or equivalent) that the auditor is required to comply with, then the auditor is expected to raise the actual or perceived conflict with the individual ultimately responsible for the engagement with a view to resolving the conflict. In some instances, the resolution of the actual or perceived conflict may require the matter to be referred to the Audit Quality team at the Office of the Auditor-General at [email protected].

The terms of the engagement (Ref: Para. 12)

A variety of approaches may be applied when developing the terms of the engagement. For example, the terms of engagement may be developed by:

The Office of the Auditor-General;
The Office of the Auditor-General jointly with the auditor;
The auditor, in accordance with guidelines issued by the Office of the Auditor-General.

On occasions, it may be necessary to revise the terms of engagement. Other than for minor and inconsequential changes, the same or a similar process should be followed as the process used in determining the original terms of engagement.

Planning the engagement (Ref: Para. 17-18)

A10	The auditor should plan and carry out the engagement with professional scepticism, recognising that circumstances may exist that cause the audited entity and the relevant party (where applicable) to portray the subject matter of the engagement in a favourable (or unfavourable) light.
A11	The auditor should obtain an understanding of the entity or activity, the subject matter of the engagement (including any supporting policies, systems, and processes), and other relevant information. This understanding should be sufficient to identify and assess the key risks surrounding the engagement, and sufficient to design and carry out evidence-gathering procedures.
A12	In determining materiality the Auditor needs to judge whether a matter would be significant to users’ overall understanding of the Auditor’s findings, conclusions, and, where appropriate, recommendations.
A13	Considering materiality requires the Auditor to understand and assess the factors that are likely to influence users’ understanding of the Auditor’s findings, conclusions, and, where appropriate, recommendations. Auditors should use their judgement to assess whether matters are material. A matter may be considered material if it: indicates a serious threat to, or lack of, financial viability of a public entity or an activity; indicates that a public entity or an activity is not achieving, or is unlikely to achieve, its objectives; undermines basic accountability arrangements of a public entity or an activity; is outside the capacity of, or undermines the purpose of, a public entity or an activity; represents a significant abuse or misuse of powers conferred by Parliament; calls into question the probity of a major part or all of a public entity or activity; relates to an activity that could be of significant interest to the public; affects public health and safety; has disadvantaged the public (for example, through actual or opportunity cost to the taxpayer or ratepayer); or indicates a significant departure from an industry or generally accepted standard of good practice.

Obtaining and substantiating evidence (Ref: Para. 19-24)

A14	Where appropriate, the auditor should give the audited entity and the relevant party (where applicable) the opportunity to provide information relevant to the engagement. Providing this opportunity is essential to ensuring that a fair process is followed in obtaining evidence.
A15	When the work of experts is used, the auditor should: ensure that the expert is independent or, if independence in fact or in appearance cannot be achieved, take measures to ensure the work of the expert is objective and unbiased – for instance, the auditor may need to engage their own expert to assess the work carried out by an expert employed or engaged by an audited entity; specify, in writing, the following matters with the expert: the nature, scope, and objectives of that expert’s work; the respective roles of the auditor and that expert; and the nature, timing, and extent of communication between the auditor and that expert, including the form of any report to be provided by that expert; adopt appropriate quality management procedures covering the work of any experts the auditor engages in the collection and evaluation of evidence; and be involved in and understand the work for which the expert is used, to an extent sufficient to: obtain sufficient appropriate evidence that the expert’s work is adequate for the purpose of the engagement; and be able to accept responsibility for the findings, conclusions, and, where appropriate, recommendations expressed in the expert’s report.
A16	The auditor should not attempt to limit or reduce their findings by including reference in those findings to their dependence on the work that may have been carried out by an expert. This is because the auditor should have formed a view on the work of the expert in accordance with paragraph A15.
A17	Where the work involves subject matter that can only be appropriately audited or examined by an expert, the Auditor may disclose details of the expert’s work, including the name of the expert, in order to add credibility to the report. However, the Auditor should not refer to the expert in the Auditor’s findings, conclusions, and, where appropriate, recommendations.

Documentation (Ref: Para. 25)

A18	The Auditor should document discussions of significant matters, including when and with whom the discussions took place.