AG ISA (NZ) 260

The Auditor-General’s Statement on Communication with Those Charged with Governance

At a glance

The standard expands on the underlying standard ISA (NZ) 260 (XRB website) in that:

you need to provide those charged with governance a management letter that reports the significant matters from the audit;
you need to refer to any other correspondence provided to entity staff (that reported audit findings not copied to those charged with governance) in the management letter; and
you need to refer to the OAG any requests from a third party for any version of the management letter.

Introduction

Scope of this Statement

This Auditor-General’s Auditing Statement:
1. establishes the Auditor-General’s requirements in relation to ISA (NZ) 260 (Revised) Communication with those charged with governance (ISA (NZ) 260);¹ and
2. provides guidance to reflect the public sector perspective.

Application

Compliance with this Statement is mandatory for Appointed Auditors who carry out annual audits on behalf of the Auditor-General. This Statement requires compliance with ISA (NZ) 260 and the additional requirements included in this Statement.
This Statement applies to audits of financial statements and/or performance information commencing on or after 1 April 2023.

Objectives

The objectives of the Appointed Auditor in terms of this statement are to:
1. meet the objectives of ISA (NZ) 260 on communication with those charged with governance in relation to the annual audit;
2. prepare and present a written management letter to management and those charged with governance; and
3. refer third party requests for the written management letter to the OAG.

Definitions

For the purpose of this Auditor-General’s Auditing Statement, the defined term listed below has the following meaning:

Appointed Auditor: means the person or persons appointed by the Auditor-General to carry out the annual audit or other engagement on behalf of the Auditor-General, and who are supported by other members of the audit team. Where an Auditor-General’s Statement or Standard expressly intends that a requirement be fulfilled by the Appointed Auditor personally, the requirement will indicate that the Appointed Auditor shall personally satisfy the requirement.

Requirements

Preparing a written management letter

The Appointed Auditor shall prepare a written management letter containing the significant matters arising from the audit to those charged with governance or, where authorised by those charged with governance, to the audit committee of the public entity. Where there are no significant matters to raise, the Appointed Auditor shall report that fact in writing to those charged with governance or the audit committee (Ref: Para. A1).
The management letter shall be signed by the Appointed Auditor on behalf of the Auditor-General and include the date it was signed.
The management letter shall clearly outline that the annual audit has been carried out in accordance with the Auditor-General’s Auditing Standards.
Where a non-standard audit report is issued, the management letter shall explain the reasons why the non-standard audit report was necessary and make relevant suggestions on how to resolve the matters that have been identified.

Requirement to inform those charged with governance of all reports issued

Reports to those charged with governance shall refer to other management letters, related to the annual audit, that were issued to persons involved in managing the public entity or sub-groups of those charged with governance (Ref: Para. A2).

Precautions in respect of draft versions of the management letter

The Appointed Auditor shall include a “DRAFT” watermark on each page of a draft version of the management letter (Ref: Para. A3).
The Appointed Auditor shall advise management and those charged with governance to preserve the confidentiality of draft versions of the management letter (Ref: Para. A3-A6).

Requests for access to versions of the management letter (Ref: Para. A7-A8)

The Appointed Auditor shall refer requests for any version of the management letter from a third party to the OAG.
The request shall include a copy of the management letter in question and the reasons why the third party is requesting the management letter.

Application and other explanatory material

Preparing a written management letter (Ref: Para. 6)

In many public entities, those charged with governance have a collective responsibility for governance. Those charged with governance may assign some of their responsibilities to an audit committee. In other public entities, such as government departments, there is no governing body as such, but there are other persons who fulfil the governance role (for example, the chief executive or a committee of management).

Precautions in respect of draft versions of the management letter (Ref: Para. 11-12)

A2	In many larger audits, correspondence may be issued to functional managers within the public entity on matters that the auditor considers relevant to that function, but not necessarily to those charged with governance. Those charged with governance may however be interested in the matters raised with functional managers and how these matters are being dealt with. It would therefore be helpful to those charged with governance to summarise the nature of the matters included in such correspondence.
A3	A draft management letter is issued by the Appointed Auditor to obtain comments from management before release of the management letter to those charged with governance. Draft versions of the management letter are a critical part of the audit process. By their nature, they may contain information that is not factually accurate, fair and balanced. It is, therefore, essential that each page of a draft version of the audit management letter is marked with the word “DRAFT”.
A4	The preservation of the confidentiality of draft management letters enables appropriate changes to be made in keeping with the principles of natural justice and also ensures that inaccurate or unfair information is not made available to those charged with governance, or to third parties or to the public (in the event the final management letter is made available to such parties). The Appointed Auditor should also ensure that management and those charged with governance are aware that preserving the confidentiality of the draft management letters is important for open two-way communication between the Appointed Auditor and management or those charged with governance.
A5	Where an entity is subject to the Official Information Act 1982 or the Local Government Official Information and Meetings Act 1987, any correspondence with that entity may be required to be released under those Acts. This can include draft and final management letters sent by the auditor. If the entity receives a request for release of such documents, the entity will be required to consider whether it is appropriate to release them, taking into account the statutory requirements, including any applicable withholding grounds. The entity may consult the auditor about their views about whether the documents should be released. If this occurs, please contact the OAG who will request assistance from the Assistant Auditor-General – Legal, Policy, and Inquiries.
A6	The precautions about draft versions of the management letter apply to all management letters issued to individuals in a public entity irrespective of whether the individuals represent “management” or “those charged with governance”.

Requests for access to versions of the management letter (Ref: Para. 13-14)

A7	The requested management letter and the reasons for the request by the third-party, will be considered by the Assistant Auditor-General – Legal, Policy, and Inquiries.
A8	Depending on the appropriateness of third-party request, approval may be provided by the Assistant Auditor-General – Legal, Policy, and Inquiries.

1: The ISA (NZ) Auditing Standards are scoped so that they apply to audits of “historical financial information”. However, for the purposes of the Auditor-General’s Auditing Standards and Statements, all references to “historical financial information” should be read as the audit of “historical financial and historical performance information”.