E.

PERFORMANCE OF REVIEW ENGAGEMENTS – Reviewer Guidance Checklist AUD-3

PR#

Overview
This questionnaire has been designed to help you, the reviewer, assess whether the review engagement was conducted in accordance with New Zealand Review Engagement
Standards and other relevant professional standards and legislation.

Throughout the questionnaire the questions in bold relate to mandatory elements of the Review Standards and other professional standards or to matters required by legislation. You
must answer yes or no to these questions, or explain why they do not relate to this engagement. References have been included to assist you. The questions in normal print relate to
the review procedures which a practice would commonly carry out to comply with Review Standards.

We suggest you start with an overall review of the whole file, which will enable you to answer most of the questions. From this review identify at least one significant risk, and
examine these areas in detail. You should then have enough information to make your overall assessment of the audit in Section 7.

Note:
For Tier 3 Not-For-Profit Public Benefit Entities, the review of the Performance Report (which includes Entity Information and the Statement of Service Performance) is conducted
under ISAE (NZ) 3000, while the review of financial information is conducted under ISRE (NZ) 2400. Green sections of this checklist contain relevant aspects of ISAE (NZ) 3000
which should only be considered around the non-financial information.

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx6 Page 1 / 13
 Summary of Review Engagements which have been reviewed

A B C
1 Name of Entity

Engagement year end

2 Audit Fee

Total Revenue

Total Equity

3 Partner name

EQCR name (where applicable)

4 What type of entity was audited?

Audits required by statute

1. Privately Owned Limited New Zealand
Company
2. Subsidiary of overseas company
3. Registered Charity (expenses >$500K)
4. Maori Incorporation
5. Gaming Trust
6. Other statutory audit (please describe)

Other audits
7. Incorporated Society
8. Club
9. Registered Charity (expenses <$500K)
10. Other non-statutory audit (please describe)

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 2 / 13
 1. Independence and quality control A B C
1.1 Is there evidence the engagement partner formed and documented a conclusion on compliance with independence
requirements that applied to this engagement?
ISRE (NZ) 2400, paragraph 21

Did the practice consider whether the audit is a statutory assurance engagement? If so is it an entity which must be audited by a qualified
auditor and has the member been approved as a qualified auditor.
Sections 35, 36 Financial Reporting Act 2013.

1.2 Have the same senior personnel been used on this engagement for a long period of time, including engagement partner, EQCR,
manager or senior staff?
PES 3 (290.150)

If yes, has the effect on independence been considered and appropriate action taken as necessary?

1.3 Excluding accounting and taxation services performed by the practice for this client, were any threats to independence
identified for this engagement?
PES 3 Section 290

Situations which may give rise to threats to independence include:

 financial interest in clients;
 loans or guarantees to or from the client;
 business relationships with the client or its directors/employees;
 family or personal relationships with the client’s directors/employees;
 employment of ex-partners or staff with the client, or client staff with the firm;
 temporary staff assignments;
 serving as an officer or director of the client;
 provision of non-assurance services to the client; and
 dependence of the firm on the client for a significant portion of the firm’s fees.

1.4 If yes, has the significance of the threat/s been evaluated and where necessary, were safeguards applied to eliminate the
threat/s or reduce them to an acceptable level?
PES 3 Section 290.11.1

If yes, was the nature of the threat and the safeguard/s applied documented?
PES 3 Section 290.29

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx6 Page 3 / 13
 1.5 If the practice provided any accounting services to the client, how was the self-review threat reduced to an acceptable level?
PES 3 Section 290.171

Note – Accounting services cannot be provided to PIES, under PES 3 Section 290.171

1.6 Did the firm provide tax planning, tax advisory services or prepare tax calculations of current and deferred tax liabilities/assets
for the purposes of preparing accounting entries that are material to the financial statements?
PES 3 section 290.184:

If yes, has the effect on independence been considered and appropriate action taken as necessary? Please describe the safeguards
applied.

1.7 Is there evidence that the practitioner has satisfied themselves

a) That there is a rational purpose for the engagement
b) That a review engagement is appropriate in the circumstances? This will include checking the entity’s constitution
c) Whether the information required to complete the engagement will be available and can be relied upon?
d)The financial statements are being prepared under an acceptable financial reporting framework.
ISRE (NZ) 2400, paragraph 29

1.8 Has the practitioner completed appropriate acceptance and continuance procedures including an assessment as to whether
management lacks integrity?
ISRE (NZ) 2400, paragraph 25(d)

1.9 Does the file show the auditor has considered their ability to review the entity information and the SSP when assessing whether
to accept or continue with the engagement?
ISAE (NZ) 3000 paragraphs 21-30

2. Planning A B C
2.1 Has an engagement letter or other written agreement been issued and agreed with management or those charged with
governance prior to the commencement of the engagement?
ISRE (NZ) 2400, paragraph 30

Does the letter of engagement include:

a) Acceptance that management is responsible for the preparation of financial statements and internal control;
b) The intended use and distribution of the financial statements;
c) Identification of the intended financial reporting framework;
d) Objectives and scope of the review engagement;
e) The responsibilities of the assurance practitioner
f) A statement that the engagement is not an audit and that the practitioner will not express an audit opinion;
Reference to the expected form and content of the report along with a statement that the report may differ from what is expected.
ISRE (NZ) 2400, paragraph 37

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 4 / 13
 2.2 Is there written evidence that the reviewer and those charged with governance of the client have agreed on the terms of the
entity information and SSP engagement? This can be included in one engagement letter.

Does the engagement letter or similar include:

 References to ISAE (NZ) 3000 in respect to the review of the entity information and the SSP?
 Governance acknowledging and understanding their responsibility for identifying outcomes and outputs and quantifying
the outputs to the extent practicable that are relevant, reliable, comparable and understandable
 Governance acknowledging and understanding their responsibility for the preparation and fair presentation of the entity
information and the SSP
ISAE (NZ) 3000, paragraph 27-28

2.3 Did the reviewer establish whether the preconditions for an audit were present by:
 determining whether the financial reporting framework is acceptable?
 obtaining agreement from management that it acknowledges and understands its responsibility for:
- the preparation of the financial report?
- internal control?
- providing access to all relevant information and unrestricted access to persons within the entity?
ISRE (NZ) 2400 paragraph 30

2.4 Did the reviewer establish whether the preconditions for an audit of the entity information and the SPP was satisfied: Namely
 that the entity has identified suitable outcomes, outputs and quantification of the outputs to the extent practicable
which reflect the service performance of the entity and meet the qualitative characteristics?
IASE (NZ) 3000, paragraph 24

2.5 Did it appear that information arose during the engagement, which if known at the commencement would have caused the firm
to decline appointment? Was this dealt with appropriately?
ISRE (NZ) 2400 paragraph 32

2.6 Has the member documented their consideration of materiality for the financial statements as a whole and has this materiality
been applied to the planning of the work and the evaluation of results?
ISRE (NZ) 2400 paragraph 43

Was there adequate documentation of the factors the auditor considered in establishing the various levels of materiality?
Were there circumstances noted during the review which should have resulted in a change in materiality?

2.7 Has the auditor determined a level of materiality for the entity information and the SSP?
ISAE (NZ) 3000, paragraph 44

Is there adequate documentation of the factors the auditor considered in establishing the various levels of materiality
The basis and level may differ from the basis and level for materiality for financial information.

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 5 / 13
 2.8 Is there evidence the practitioner has obtained an adequate understanding of the entity, its environment and the reporting
framework sufficient to allow areas of risk to be identified and appropriate responses to be designed to address those risks.
ISRE (NZ) 2400, paragraph 45

2.9 Did the planning process result in procedures which addressed all material areas in the financial statements as well as those
where there is greatest risk of material error?
ISRE (NZ) 2400, paragraph 47

2.10 Is there any evidence that the practitioner considered whether the information contained in the accounting records was
sufficiently reliable and adequate for the purpose of performing analytical review procedures.
ISRE (NZ) 2400, paragraph 49

3. Risk assessment and internal controls A B C

3.1 Has the practitioner documented their understanding of:
a) The industry and the regulatory environment and any other external factors which may impact the entity;
b) The entity’s operations;
c) Ownership and governance structure;
d) Nature of entity’s investments both current and planned;
e) Structure of entity including how it is financed;
f) Objectives and strategies;
g) Accounting systems and records;
h) Selection and application of accounting policies;
i) Internal control.
ISRE (NZ) 2400, paragraph 46

3.2 Has the paragraph documented an understanding of the process used to prepared the entity information and the SSP
ISAE (NZ) 3000, paragraph 45-47

3.3 Has the practitioner established and documented a review strategy for the review which shows what procedures will be
performed to address all material items in the financial statements, including disclosures; and to focus on addressing areas in
the financial statements where material misstatements are likely to arise
ISRE (NZ) 2400, paragraph 47

3.4 Does the above review strategy and risk assessment also consider the risks of material misstatement within the entity
information and the SSP?

Has the auditor determined the nature, timing and extent of the planned procedures to be performed over the entity information
and the SSP?
IASE (NZ) 3000, paragraph 40-47

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 6 / 13
 4. Audit evidence A B C
4.1 Was there evidence that the procedures undertaken by the practitioner addressed all material items in the financial statements
along with those where it had been identified that the risk of material misstatement was most likely.
ISRE (NZ) 2400, paragraph 47

4.2 Was there adequate documentation of:

a) The nature, timing and extent of procedures undertaken;
b) Results obtained from those procedures;
c) Significant matters arising during the engagement along with conclusions on those matters and significant judgements
made in reaching those conclusions.
ISRE (NZ) 2400, paragraph 93

4.3 Was there documentation on the file identifying the person performing the work and the date the work was performed?
ISRE (NZ) 2400, paragraph 94

4.4 Is there evidence that appropriate enquiry of management were ,made regarding subsequent events (financial and non-
financial) occurring after balance date and up to the date of the review report were identified? Identify the procedures
performed.
ISRE (NZ) 2400, paragraph 58

4.5 Where the practice has used information produced by the entity (e.g. ageing analysis of receivables) to perform procedures,
has evidence been obtained about the accuracy and completeness of the information before placing reliance on it?
ISRE (NZ) 2400, paragraph 22 & A17

4.6 Does the audit file show appropriate execution of procedures to gain assurance over the entity information and the SSP?

These procedures may include any combination which gain the required level of limited assurance, including enquiry and
analytical review procedures.
ISAE (NZ) 3000, paragraph 48-49

Specific areas
4.7 Related Parties.
Is there any evidence on the file that the practitioner made appropriate enquiries regarding related parties? Is there any
indication of any material related party transactions which were incorrectly omitted from the financial statements?
ISRE (NZ) 2400, paragraph 48 & 50

If there were any significant transactions outside the normal course of business, did the practitioner enquire as to the nature
and rationale of the transactions and whether they involved related parties.
ISRE (NZ) 2400, paragraph 51

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 7 / 13
 4.8 Fraud.
Was there any indication that the practitioner had made enquiry of management or governance regarding fraud or non-
compliance with laws or regulations
ISRE (NZ) 2400, paragraph 48

If there was any indication of fraud or breaches of law, did the practitioner communicate the circumstances to management or
governance and seek their assessment as to the impact on the financial statements.
ISRE (NZ) 2400, paragraph 52

4.9 Going Concern

Was there any evidence on the file the practitioner made appropriate enquiries of management as to the entity’s ability to
continue as a going concern?
ISRE (NZ) 2400, paragraph 48

Were there any circumstances noted during the engagement, which indicated the going concern assumption was inappropriate?
If so did the practitioner obtain management’s assessment of the circumstances and conclude whether the assumption was
appropriate?
ISRE (NZ) 2400, paragraph 53 & 54

4.10 There may be instances where the practitioner is required to rely on work undertaken by another assurance practitioner or by an
expert in a field other than accounting. Is there evidence the practitioner has assessed whether that work is adequate for their
purposes?
ISRE (NZ) 2400, paragraph 55

Where an auditor’s expert has been used over the entity information or the SSP, has the auditor evaluated whether the expert
has the necessary competence, capabilities and objectivity for the nature and type of information which is being disclosed?
ISAE (NZ) 3000, paragraph 52

4.11 Did the practitioner make enquiry of management as to how significant estimates inherent in the financial statements were
determined?
ISRE (NZ) 2400, paragraph 48

4.12 Has the practitioner agreed the financial statements to the underlying accounting records?
ISRE (NZ) 2400, paragraph 56

4.13 Has the practitioner made appropriate enquiry regarding significant journal entries and adjustments to the financial statements.
Were there any significant entries recognised near the end of the reporting period that should have been considered by the
practitioner?
ISRE (NZ) 2400, paragraph 48(c)

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 8 / 13
 4.14 Did the practitioner obtain a letter of representation from the client as close as practical to the date of the engagement report
which covered the following matters:
(a) Management has fulfilled their responsibility for the preparation of financial statements which comply with the
appropriate framework;
(b) They have provided access to all relevant information and records;
(c) All appropriate transactions are reflected in the financial statements;
(d) All related parties have been disclosed;
(e) All known incidents involving fraud have been disclosed;
(f) All known incidents of non-compliance with laws and regulations have been disclosed to the practitioner;
(g) All matters relevant to the continued use of the going concern assumption have been disclosed;
(h) All subsequent events which would require disclosure or adjustment have been disclosed;
(i) All material commitments and contingencies have been disclosed;
(j) Any material non-monetary transactions or transactions undertaken without consideration have been disclosed;
Was a summary of uncorrected errors included or attached to the letter of representation?
ISRE (NZ) 2400, paragraph 61-62

Does the written management representations also include:

(a) that governance has provided all information relevant to the entity information and the SSP
(b) that governance acknowledge and have fulfilled their responsibility for selecting outcomes and outputs to report,
including ways to quantify those outputs, where practicable.
ISAE (NZ) 3000 paragraph 56-60

Where the above representations were not obtained or were considered unreliable, was this responded to appropriately?
ISRE (NZ) 2400, paragraph 54

4.15 Does it appear that there were circumstances where the practitioner should have withdrawn from the engagement such as:
a) Management imposing scope limitations on the practitioner subsequent to the commencement of the engagement;
b) The practitioner forms the view that the possible effects of undetected misstatements on the financial statements are both
material and pervasive.
ISRE (NZ) 2400, paragraph 82

4.16 Does it appear appropriate security and confidentiality was maintained over the engagement work papers?
PES 3 paragraph 46

5. Assessment of audit evidence A B C

5.1 Has the auditor concluded whether sufficient appropriate evidence over the financial statements has been obtained from the
procedures performed? Is there sufficient appropriate evidence on the file to support the conclusions in the engagement
report?
ISRE (NZ) 2400, paragraph 69-85

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 9 / 13
 Has the auditor concluded whether sufficient appropriate audit evidence over the entity information and the SPP has been
obtained from the audit procedures performed?
ISAE (NZ) 3000 paragraph 64-66

5.2 Based on the file does it appear that the practitioner adequately considered:
a) Whether the financial statements adequately describe the applicable financial reporting framework;
b) Whether the terminology used in the financial statements, including the tittle of each financial statement is appropriate;
c) That the accounting policies are appropriate for the framework and adequately disclosed;
d) Accounting estimates made by management are reasonable
e) The information contained in the financial statements appears relevant, reliable, comparable and understandable;
The financial statements provide adequate disclosure, to enable the intended users to understand the effects of material
transactions and events on the financial statements.
ISRE (NZ) 2400, paragraph 69

5.3 Was there any evidence that the practitioner had not applied professional scepticism while performing the review?
ISRE (NZ) 2400, paragraph 22 & A17
Examples of circumstances where audit documentation often demonstrates that professional scepticism has not been applied include:
 discussions amongst the audit team
 significant decisions regarding the susceptibility of the financial statements to material misstatement due to fraud or error
 identified or suspected non-compliance with laws and regulations
 the basis for the practitioner’s conclusions on accounting estimates
 identified information that is inconsistent with the practitioner’s final conclusion regarding a significant matter
 the basis for the auditor’s conclusions on the reasonableness of areas of subjective judgement
 communications with client management and staff

5.4 Were uncorrected misstatements assessed to determine whether they were material either individually or in aggregate? Did the
practitioner consider the impacts of current period and the prior period uncorrected misstatements on the financial statements?
ISRE (NZ) 2400, paragraph 70

5.5 Is there evidence the engagement partner took responsibility for the direction, supervision and performance of the engagement
in accordance with Review Standards?
ISRE (NZ) 2400, paragraph 25
Ordinarily this involves, for example:
 informing members of the audit team of their responsibilities
 tracking the progress of the engagement
 addressing significant issues arising during the engagement
 determining review responsibilities on the basis that more experienced team members review work performed by less experienced
team members.

5.6 Select at least one significant risk (or if none, select a material account) and review this area in detail.
Risk area:
 Were assertions at risk appropriately identified, and were substantive procedures performed that were responsive to that risk?
 Was there an appropriate review of the information system and related internal controls?
E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 10 / 13
  Were tests performed to ensure controls (if any) related to the significant audit risk had been implemented?
 Was the extent of reliance on controls to reduce substantive testing appropriate under the circumstances?
 Were the substantive procedures selected sufficient and appropriate?
 Do the work papers adequately document the work performed and the conclusions reached?
 Do the work papers adequately document the resolution of all significant issues?
 Were any errors or weaknesses found dealt with appropriately, given their impact on:
 review strategy/plan and risk assessment?
 review scope?
 extent of testing?
 assessment of misstatements?

6. Reporting A B C
6.1 Is there evidence the engagement partner reviewed the audit documentation and was satisfied sufficient, appropriate audit
evidence had been obtained to support the conclusions reached? Has the engagement partner ensured that appropriate
engagement documentation has been prepared and retained?
ISRE (NZ) 2400, paragraph 25

6.2 Has the member issued a report which includes:

a) A title which indicates that it is the report on a review engagement by an Independent assurance practitioner;
b) The appropriate addressee;
c) An introductory paragraph identifying the financial statements subject to the review including the title of each financial
statement and the date and period covered each, the significant accounting policies as well as the fact they have been
reviewed;
d) Description of the responsibility of management, including responsibility for internal control and the financial statements
being prepared in accordance with the appropriate framework;
e) If the financial statements are special purpose, disclosure of that purpose along with the intended users of the financial
statements;
f) A description of the practitioner’s responsibility to express an opinion along with a reference to ISRE (NZ) 2400;
g) A description of a review and its limitations including a statement that a review provides less assurance than an audit,
and that no audit opinion is provided in respect to the financial statements;
h) Any relationships the practitioner has with the entity;
ISRE (NZ) 2400, paragraph 72 & 86

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 11 / 13
 6.3 Does the audit report contain the following elements:
 A statement that the entity information and the SSP has been reviewed
 A statement that the audit of the entity information and the SSP was conducted in accordance with ISAE (NZ) 3000 Revised
 A statement that those charged with management/governance are responsible for the selection of outcomes, outputs and
quantification of outputs to the extent practicable
 A description of the auditor’s responsibility which involves procedures to obtain evidence around the suitability of the
reported outcomes, outputs and quantification of outputs to the extent practicable
 An opinion that nothing has come to the practitioner’s attention that causes the practitioner to believe that the reported
outcomes, outputs and quantification of outputs to the extent practicable are not suitable, and that the entity information
and the SPP are not fairly stated in accordance with Public Benefit Entity Simple Format Reporting – Accrual (Not-For-
Profit).
ISAE (NZ) 3000 paragraph 67-69

6.4 If the practitioner has provided a modified conclusion, is there a paragraph heading which states the nature of the modification,
along with a description of the matters giving rise to the modification under an appropriate heading such as “Basis for
Qualified Conclusion”?
ISRE (NZ) 2400, paragraph 76

6.5 Are there any other matters which are fundamental to user’s understanding of the financial statements and which should
therefore be subject to an emphasis of matter?
ISRE (NZ) 2400, paragraph 87

6.6 Does the emphasis of matter paragraph follow on the paragraph immediately after the paragraph which contains the
practitioner’s conclusion?
ISRE (NZ) 2400, paragraph 89

6.7 In respect to a special purpose reporting entity does the review report include an emphasis of matter as required by ISA (NZ)
800 paragraph 14 that the financial statements may not be suitable for any other purpose?
ISRE (NZ) 2400, paragraph 88

6.8 Ensure the practitioner’s report is not dated prior to the date that all appropriate work has been completed or the date that those
with authority have acknowledged their responsibility for the financial statements.
ISRE (NZ) 2400, paragraph 92

6.9 Were there any matters where the engagement partner or the team should have consulted with others either within the team, or
if appropriate on a wider basis? Were these consultations documented? Were all relevant facts and matters considered as part
of the consultation process?
ISRE (NZ) 2400, paragraph 25.2 & 25.3

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 12 / 13
 7. Overall assessment A B C
Answer “no” unless there is evidence that the engagement
was unsatisfactory

7.11 Based on your review of the audit engagement are you satisfied that
on an overall basis the engagement has been completed in
accordance with ISRE NZ 2400?

If not ensure that this is detailed as a key matter in the report to the
practitioner, setting out the significant matters that require action.

7.2 Was the file well structured so that it was easy to navigate and did it
include:
a) An index;
b) Well-developed programs;
c) Referenced workpapers;
d) Explanations on the workpaper so that it was easy to
understand the work completed.

This Guide has been prepared for use by members of Chartered Accountants Australia and New Zealand (CA ANZ) in New Zealand only. It is not intended for use by any person who is not a CA ANZ member and/or does not have appropriate expertise in the Guide's subject
matter. Laws, practices and regulations may have changed since publication of this Guide. Users should make their own inquiries as to the currency of relevant laws, practices and regulations. No warranty is given as to the correctness of the information contained in this
Guide, or of its suitability for use by you. To the fullest extent permitted by law, CA ANZ is not liable for any statement or opinion, or for any error or omission contained in this publication and disclaims all warranties with regard to the information contained in it, including,
without limitation, all implied warranties of merchantability and fitness for a particular purpose. CA ANZ is not liable for any direct, indirect, special or consequential losses or damages of any kind, or loss of profit, loss or corruption of data, business interruption or indirect
costs, arising out of or in connection with the use of this publication or the information contained in it, whether such loss or damage arises in contract, negligence, tort, under statute, or otherwise.

E.3 AUD-3 Checklist ISRE 2400 Jan 2016 (UPDATED) .docx Page 13 / 13