Changes to ISA 600

ISA 600 (Revised) is a significant step forward in the efforts to enhance the consistent performance of quality group engagements and it also supports the Financial Reporting Council’s (FRC) strategy for renewed confidence and trust in the auditing profession.

Effective 15 December 2023, ISA 600 (revised) aims to enhance audit quality by strengthening the accountability of group auditors by clarifying the interactive relationship between group and component auditors.

The new and revised requirements strengthen the auditor’s responsibilities in relation to:

• Professional scepticism
• Planning and performing a group audit, including scoping and risk assessment by closer aligning the standard to the principles in ISA 315 (revised)
• Reinforcing the need for robust two-way communications between the group auditor and component auditors
• Clarification of how concepts of materiality and aggregation risk apply in a group audit
• Documentation
• Encouraging proactive quality at engagement level and the involvement of the group engagement team (GET) in the work of component auditors.

One of the key principles of the standard, which is closely aligned with the principles in ISA 315 (Revised 2019), is the risk-based approach. Under this approach, the GET takes responsibility for the identification and assessment of the risks of material misstatement.

The risk-based approach better focuses the GET on determining the significant classes of transactions, account balances and disclosures in the group financial statements, and on identifying and assessing the related risks of material misstatement of the group financial statements.

Other key changes

• An updated definition of group financial statements that defines the process of consolidation and a component. The definition of a component is an entity, business unit, function or business activity, or some combination thereof, determined by the group auditor for purposes of planning and performing audit procedures in a group audit.
• The concept of re aggregated risk (the probability that the aggregate of uncorrected and undetected misstatements exceeds materiality for the financial statements as a whole), component performance materiality, and component auditor (an auditor who performs audit work related to a component for purposes of the group audit).
• A component auditor is part of the engagement team for a group audit.
• ISA600 (revised) provides clarity on what it means to be involved in the work of other auditors, which entails taking responsibility for the direction, supervision and review of the work of the auditor.
• ISA 600 (Revised) includes special considerations for the involvement of the GET in the work of component auditors where the component auditor determines what work to do in areas of higher and significant risk in the group financial statements. Therefore, timing of communication with the component auditor is important here!
• The group engagement partner is required to take overall responsibility for managing and achieving quality in the group audit engagement. In doing so, the group engagement partner shall:
• Take responsibility for creating an environment for the group audit engagement that emphasises the expected behaviour of engagement team members;
• sufficiently and appropriately involved throughout the group audit engagement, including in the work of component auditors, such that the group engagement partner has the basis for determining whether the significant judgements made, and the conclusions reached.
• The foundation of the risk-based approach in the audit of group financial statements is based on obtaining an understanding of the group and its environment, the financial reporting framework, and the internal control environment of the group.
• It is important for the GET to exercise professional judgement and professional scepticism, which includes the stand-back requirement to ensure that sufficient and appropriate audit evidence has been obtained.
• Regarding acceptance and continuance, the GET must perform a preliminary assessment to ensure that the GET will be able to obtain sufficient and appropriate audit evidence and management acknowledge that they will provide unrestricted access to information and relevant persons.

The overarching principle of ISA 600 (Revised) is the responsibility of the GET in assessing risk of the group financial statements and then designing appropriate procedures to respond to the risk.

Conclusion

The changes to ISA 600 (Revised) are aimed at ensuring proactive management of quality at engagement level and ensuring that the GET takes responsibility for the direction, supervision, and review of component auditors.

Related articles:

PLEASE NOTE: By the very nature of this type of information the details of tax law might have changed since they were published, so contact your Barnes Roffe partner before acting on any matter contained in this document.

West London

3 Brook Business Centre,
Cowley Mill Road,
Uxbridge, UB8 2FX