Report on a Review of the Annual Audit Practice—Practice Reviews Conducted in the 2013–14 Fiscal Year

Report on a Review of the Annual Audit Practice—Practice Reviews Conducted in the 2013–14 Fiscal Year

Table of Contents


1. The Office of the Auditor General conducts independent audits that provide objective assurance, advice, and information to Parliament, territorial legislatures, governments, boards of directors, and Canadians alike. The Office has several product lines, including performance audits, annual audits, and special examinations.

2. Annual audits include audits of the summary financial statements of the Government of Canada and the three northern territories, and of the financial statements of Crown corporations and other entities. They are performed in accordance with Canadian Auditing Standards. The objective of annual audits is to provide an opinion on whether financial statements are presented fairly, in accordance with the applicable financial reporting framework. Where required, the auditor also provides an opinion on whether the transactions examined comply, in all significant respects, with the legislative authorities that are relevant to a financial audit.

3. The Practice Review and Internal Audit team conducted practice reviews of seven selected annual audits that were reported in 2013. This work was done in accordance with the monitoring section of the Canadian Institute of Chartered Accountants (CICA) Handbook—Quality Control for Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance Engagements (CSQC 1)Footnote 1. It was also done in accordance with the Office’s 2013–14 Practice Review and Internal Audit Plan, which was recommended by the Audit Committee and approved by the Auditor General. The Plan is based on systematic monitoring of the work of all audit principals in the Office, on a cyclical basis.

4. To meet CICA standards, the Office establishes policies and procedures for its work. These are outlined in an audit manual, a system of quality control and various other audit tools that guide auditors through a set of required steps to ensure that the audits are conducted according to professional standards and Office policies. There is a product leader at the assistant auditor general level for the annual audit product line, whose primary functions are to provide leadership and oversight for the product line and to contribute to the quality of the individual audits.

5. This report summarizes the major observations related to the practice reviews of the selected annual audits.



6. The objective of practice reviews is to provide the Auditor General with assurance that

Scope and methodology

7. We planned to conduct six practice reviews of annual audits in the 2013–14 fiscal year. We conducted seven practice reviews of audit files.Footnote 2 Audit opinions had been issued for five of these audits. The other two files were components of group audits, for which opinions were not issued. The reviews were conducted on audit files for financial statements with fiscal years ending between July 2012 and July 2013.

8. Our reviews used electronic (TeamMate) and paper audit files. We reviewed documentation related to the planning, examination, and reporting of the audits. We also interviewed audit team members, engagement quality control reviewers (EQCRs), and other internal specialists, as appropriate.

System of Quality Control elements and process controls reviewed

9. We focused our work on the selected elements (Appendix A) and key process controls (Appendix B) of the System of Quality Control (SoQC) for annual audits that we considered to be of key or high risk.

10. We also looked at how the EQCRs carried out their responsibilities. EQCRs are management-level employees of the Office who provide an objective evaluation, before the auditor’s report is issued, of the significant judgments that the audit team made and of the conclusions that it reached when it was formulating the audit opinion. The EQCRs are an important part of the Office’s SoQC. They are involved in selected individual audits from the initial planning decisions to the closing of the audit file.

Rating system

11. We applied one of the following ratings to each selected SoQC element of the individual audits under review:

12. After completing each practice review, we concluded on whether the audit opinion was supported and appropriate.

13. This report highlights the procedures performed, the observations and recommendations made, and management responses.

Results of the Reviews

Appropriateness of the audit reports

14. Overall, we found that in the five files reviewed for which audit opinions were issued, the opinions were supported and appropriate. In the two files that were part of group audits, the communications to the group auditor were supported and appropriate.

Compliance with the System of Quality Control and process controls

15. Generally, the level of compliance with the System of Quality Control (SoQC) elements was very good. One file was fully compliant with professional standards and Office policies. Six files needed improvement in at least one SoQC element. One of these six files was non-compliant because of lack of evidence of the nature and extent of the practitioner’s review.

16. There were no observations related to work of the engagement quality control reviewer (EQCR).Footnote 3

Good practices

17. During our reviews of the audit files, we observed the following good practices:

These documents were very useful to review the work planned and completed, and to ensure that staff was provided with appropriate direction and feedback on a timely basis.

Main observations

18. Paragraphs 19 to 26 refer to the engagement performance element of the SoQC.

19. We are unable to report statistically significant practice-wide observations in this summary report.Footnote 4 Such observations require a larger sample of reviews, which will not be available until the 2014–15 fiscal year. However, we are able to report the following findings that we observed in a number of files:

Difficulty in evaluating and documenting the design and implementation of relevant controls and other related observations

20. As we noted last year, an audit team should evaluate the design and implementation of relevant controls, regardless of whether or not reliance on controls is planned. Relevant documentation should be prepared to demonstrate that an understanding of the controls put in place by management has been considered as part of the risk assessment process, and that appropriate conclusions have been reached and audit plans developed. In some instances (for the cycles and components reviewed),

Lack of consistency in carrying forward risks and linking them to the audit strategy during audit planning

21. Two of the audit files reviewed failed to properly document

Lack of evidence of the nature, extent, and timeliness of review by senior management in the audit file

22. In two files, we noted that senior management (director and/or principal) had not performed a timely review at the planning phase of the audit including a lack of evidence of the review of the key planning documentation. In addition, one of the files lacked evidence of the practitioner involvement with the high-risk section of the file.

Other observations

Validation of accuracy and completeness of the populations used for sampling

23. When using information produced by the entity or when relying on the work of an expert (such as an actuary), audit teams should evaluate whether the information is sufficiently reliable—in particular, when obtaining evidence of accuracy and completeness of the information. This evaluation was not sufficiently documented in three of the files reviewed.

Inconsistencies in documentation of the accept/reject testing

24. Two of the files reviewed had inconsistencies surrounding the results from the accept/reject testing. It was often unclear how the audit team assessed the nature of the error, which was not in line with the original definition of the exception and what the impact would be on the audit testing.

Considerations for the Practice

25. During our practice reviews of annual audits, we noted some areas where audit teams would appreciate methodological clarification.

26. One area is in the time audit teams spent on assessing the relationship with Shared Services Canada (SSC) and whether there was a need to obtain audit evidence over the services provided. Shared Services Canada provides a variety of services to many government departments and agencies. Given that all audit teams of departments and agencies may need to assess the relationship with SSC, we believe that the Office should consider if taking a centralized approach to this assessment would be more efficient.


27. For each of the seven annual audits that we reviewed, the auditor’s report was supported and appropriate.

28. While the level of compliance with Office policies and professional audit standards is high, we observed that improvement is needed in some areas, specifically

29. While we note that some practitioners could make improvements in the application of some professional standards, we are making no recommendations to the Practice or to the Professional Practices Group, as the nature and extent of our observations do not yet suggest systemic or pervasive issues.

Management’s response

Management thanks the Practice Review and Internal Audit team for its report and agrees that the observations do not reflect systemic or pervasive practice-wide issues. As a result, management will discuss the implications of the report with those affected.

Appendix A—System of Quality Control Elements (Annual Audit)Footnote 5

Appendix B—System of Quality Control Elements and Process Controls Reviewed

Our review covers the following System of Quality Control elements:

Engagement performance. We reviewed whether the audit was planned, executed, and reported in accordance with Canadian generally accepted auditing standards, applicable legislation, and Office policies and procedures. We considered whether the Office meets its reporting responsibilities by having in place appropriate audit methodology, recommended procedures, and practice aids that support efficient audit approaches, producing sufficient audit evidence at the appropriate time.

As part of the conduct of the audit, we also reviewed audit file finalization. We determined whether audit files were closed within 60 days of the auditor’s report being given final clearance by the signatory and the financial statements being approved by the Board of Directors of the entity, or its equivalent, as required by Office policy.

We reviewed whether consultation was sought from authoritative sources and specialists with appropriate competence, judgment, and authority to ensure that due care was taken, particularly when dealing with complex, unusual, or unfamiliar issues. We also reviewed whether the consultations were adequately documented, and whether the audit team took appropriate and timely action in response to the advice received from the specialists and other parties consulted.

We reviewed whether the quality reviewer carried out, in a timely manner, an objective evaluation of

We reviewed whether the work of the quality reviewer was adequately documented, and whether the audit team took appropriate and timely action in response to the advice received from the quality reviewer.

Resources. We reviewed whether the adequacy, availability, proficiency, competence, and resources of the audit team were appropriately assessed and documented.

Independence. We reviewed whether the independence of all individuals performing audit work, including specialists, had been properly assessed and documented.

Leadership and supervision. We reviewed evidence of whether individuals working on the audit received an appropriate level of leadership and direction and whether adequate supervision of all individuals, including specialists, was provided to ensure that audits were carried out properly.


Footnote 1

Effective 1 November 2013, the CICA Board of Directors approved the renaming of the three handbooks to reflect that they are now published by the Chartered Professional Accountants of Canada (CPA Canada). Because practice reviews are conducted on products from the past, this report refers to the CICA, rather than the CPA.

Return to footnote 1 referrer

Footnote 2

Of seven practice reviews conducted, six were planned and executed in the 2013–14 fiscal year. One review, related to the 2012–13 practice review cycle, was started and completed in 2013.

Return to footnote 2 referrer

Footnote 3

Of the seven files reviewed, only one file had been assigned an EQCR.

Return to footnote 3 referrer

Footnote 4

As stated in the Practice Review and Internal Audit Plan 2013–14, we will present the statistically significant practice-wide observations in the 2014–15 Annual Audit summary report.

Return to footnote 4 referrer

Footnote 5

The standards used for audit quality at the Office level are Canadian Standards on Quality Control (CSQC 1). A quality control standard at the engagement level for annual audits is the Canadian Auditing Standard (CAS) 220 Quality Control for an Audit of Financial Statements.

Return to footnote 5 referrer