Professional Documents
Culture Documents
2.6 Session 11 PDF
2.6 Session 11 PDF
OVERVIEW
Objective
To set out the audit considerations where an entity uses a service organization
to undertake activities on its behalf.
SERVICE
ORGANIZATIONS Uses
Activities
Basic principles
AUDIT
PLANNING
Factors to consider
ACCOUNTING &
INTERNAL
CONTROL SYSTEM
Sources of information
Audit evidence
AUDITOR'S
REPORTS Basic principles
1 SERVICE ORGANIZATIONS
ISA 402 illustrates how an entity may use a service organization, for
example:
However, large CISs are now provided by third parties (eg facilities
management companies).
1.2 Activities
May be provided:
To plan the audit and develop an effective audit approach (in accordance with ISA
300), the auditor should:
consider the effect of the service organisation on the entity’s accounting and
internal control systems;
asset management;
finance functions.
In accordance with ISA 400, if the service organization’s activities are significant and
relevant, the auditor should obtain sufficient information:
– the maximum; or
– a lower level, assuming tests of control are to be carried out.
2 AUDIT PLANNING
Contractual terms.
Extent to which client’s accounting and internal control systems interact with
service organization’s.
Existence of third party reports about the operation and effectiveness of the
service organizations’ accounting and control systems.
The following procedures may support a less than high control risk assessment:
The nature, timing and extent of tests of control should provide sufficient appropriate
audit evidence to support the assessed level of control risk.
In seeking to place reliance on the service organisation auditor’s report, the entity’s
auditor should consider:
The same principles apply whenever an auditor uses the work of others, as set out in:
** This ISA, concerning group auditors, is outside the scope of Paper 2.6
An opinion on:
accuracy of description
operational existence of controls
suitability of design to meet stated objectives.
Example 1
Suggest four factors which should be considered when assessing the extent to which a
Type B report supports a lower level of control risk.
Solution
The nature of tests of control performed (eg observation of a test of control may be
less reliable than inspecting evidence of a control having been performed).
How much time has elapsed since the service organisation auditors work was
performed.
A client auditor using a service organization auditor’s report should make no reference
to it in their auditor’s report on the financial statements.
FOCUS
describe conditions that must be met before reliance can be placed on the work of
others and the planning considerations in co-ordinating the work of others
explain the extent to which auditors are able to rely on the work of service organisations.
EXAMPLE SOLUTION
The nature of tests of control performed (eg observation of a test of control may be
less reliable than inspecting evidence of a control having been performed).
How much time has elapsed since the service organisation auditors work was
performed.