International Standard on Auditing (Ireland) 265. Communicating Deficiencies in Internal Control to Those Charged with Governance and Management

Similar documents
International Standard on Auditing (UK) 265

SRI LANKA AUDITING STANDARD 580 WRITTEN REPRESENTATIONS CONTENTS

Written Representations

TERMS OF REFERENCE. Audit and Risk Committee (the "Committee") of Wilmcote Holdings Plc (the "Company")

PROPOSED INTERNATIONAL STANDARD ON AUDITING (ISA) 260 (REVISED) COMMUNICATION WITH THOSE CHARGED WITH GOVERNANCE

Communication with Those Charged with Governance

AUDIT, RISK MANAGEMENT AND COMPLIANCE COMMITTEE CHARTER

Using the Work of an Auditor s Expert

ISA 580, Written Representations

Written Representations

Audit and Risk Management Committee Charter

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd

Using the Work of an Auditor s Expert

AUDIT COMMITTEE CHARTER

Audit Committee Charter

International Standard on Review Engagements (ISRE) 2400 (Revised), Engagements to Review Historical Financial Statements

Documentation / Other important Standards with SME perspective

A0aa. Assertions that the auditor may use in addressing the requirements of this ISA are further described in paragraph A121c.

THE CLOROX COMPANY AUDIT COMMITTEE CHARTER. [Effective May 8, 2017]

Audit Committee Charter

Huntington Bancshares Incorporated

Risk and Audit Committee charter

Safeguards Phase 2 Section 600/Non-assurance Services (NAS) Part 4A International Independence Standards for Audits and Reviews

FINANCE & AUDIT COMMITTEE

Audit & Risk Committee Charter

CAQ Lessons Learned. Performing an Audit of Internal Control. In an Integrated Audit

Corporate Governance Principles

GENERAL MOTORS COMPANY AUDIT COMMITTEE CHARTER. Amended and Restated: December 13, 2017

DRAFT AUDITOR S RESPONSIBILITY UNDER AUDITING STANDARDS GENERALLY ACCEPTED IN THE UNITED STATES OF AMERICA

Proposed Revised South African Auditing Practice Statement (SAAPS) 2 Financial Reporting Frameworks and the Auditor s Report

AUDIT & RISK COMMITTEE CHARTER

MiFID Supervisory Briefing Suitability

The Committee is specifically charged with the following duties and responsibilities:

AUDIT and ASSURANCE COMMITTEE TERMS OF REFERENCE

TERMS OF REFERENCE FOR THE PROVISION OF OUTSOURCED INTERNAL AUDIT SERVICE

TASSAL GROUP LIMITED ABN Procedures for the Oversight and Management of Material Business Risks. (Approved by the Board 28 May 2015)

CITIGROUP INC. AUDIT COMMITTEE CHARTER As of January 18, 2018

Overview of Statements of Investment Policies and Procedures (SIPP) Requirements

Safeguards Phase 2 Proposed Section 600 (Mark-up From September 27 IESBA Meeting Discussion)

CORPORATE GOVERNANCE POLICY

TASSAL GROUP LIMITED ABN

PSNC Briefing on the NHS Complaints procedure (from 1 April 2009)

Terms of Reference - Board of Directors (approved by the Board on 12 April 2018)

MiFID Supervisory Briefing Appropriateness and execution-only

[AGENCY NAME] Mandate and Roles Document. (Pure Advisory Committees)

Select Auditing Considerations for the 2013 Audit Cycle

Comment Letter on Exposure Draft Reporting on Audited Financial Statements: Proposed New and Revised International Standards on Auditing (ISAs)

Integrated Audits of Public Companies

CHARTER OF THE NOMINATING AND CORPORATE GOVERNANCE COMMITTEE OF THE BOARD OF DIRECTORS OF PLURALSIGHT, INC. Adopted May 3, 2018

Current Developments: Canadian Securities and Auditing Matters

NANOSTRING TECHNOLOGIES, INC. COMPENSATION COMMITTEE CHARTER. (Adopted as of October 16, 2012 and amended as of April 26, 2017)

Objectives of the review. Context. February 2015

HEIDRICK & STRUGGLES INTERNATIONAL, INC. Corporate Governance Guidelines

AUDIT & RISK COMMITTEE (ARC)

AUDIT COMMITTEE CHARTER

School Business Manager

HUMAN RESOURCES AND COMPENSATION COMMITTEE CHARTER

We have carried out the following assurance activities:

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF ON DECK CAPITAL, INC.

Audit, Risk & Compliance Committee Charter

16-18Co(17)97 Appendix 2. Panel Consideration Practice Statement. Introduction. This document has been produced to:

CHARTER OF RESERVES, HEALTH, SAFETY, ENVIRONMENT AND SOCIAL RESPONSIBILITY COMMITTEE 2018

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF DROPBOX, INC.

JAUPT Appraisal Criteria Centre Application. November 2016

CYBG PLC BOARD REMUNERATION COMMITTEE. Charter

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF PLURALSIGHT, INC. Adopted May 3, 2018

Internal Control Requirements for Adopting New Accounting Standards

Chapter 1. Introduction and Overview of Audit & Assurance

AMENDMENTS TO NASDAQ RULES ON COMPENSATION COMMITTEES

Investor Money Regulations

Clearing arrangements

NCTJ Conflicts of Interest Policy and Procedures

Equiniti Group plc (the Company) Audit Committee. Terms of Reference

Exposure Draft: Practice Note 15 (Revised) The audit of occupational pension schemes in the United Kingdom

Safeguards Phase 2 Section 600/Non-assurance Services (NAS) Part 4A International Independence Standards for Audits and Reviews

Are you ready for the FUTURE of your Quality Management system?

Board Committee Charters

Guidelines and Recommendations Guidelines on periodic information to be submitted to ESMA by Credit Rating Agencies

VIVINT SOLAR, INC. COMPENSATION COMMITTEE CHARTER. (Adopted as of May 9, 2014)

The Company is a public company incorporated in Bermuda and its securities are listed on AIM.

Local Code Of Corporate Governance

Supervisory Statement SS2/18 International insurers: the Prudential Regulation Authority s approach to branch authorisation and supervision

EXECUTIVE SUMMARY INTERNAL AUDIT REPORT. IOM Kingston JM JULY 2017

Manual of Administrative Policies and Procedures

ADANI POWER LIMITED RELATED PARTY TRANSACTION POLICY. Page 1 of 10

The UK Register of Trusts 21 December 2017

Risk Management Policy

Workers Pension Trust

Independent Director and Audit Committee

Powerlink - Corporate Entertainment & Hospitality - Policy

Human Resources & Remuneration Committee Charter. Bank of Queensland

Understanding Self Managed Superannuation Funds

Order Execution Policy

Windham School District Procurement Policy for Federal Funds

CORPORATE GOVERNANCE, NOMINATING & RISK COMMITTEE CHARTER

AUDIT COMMITTEE CHARGE

TERMS AND CONDITIONS FOR APPOINTMENT OF INDEPENDENT DIRECTOR

1 st Floor, Building 32 The Woodlands Office Park Woodlands Drive, Woodmead 2148, Johannesburg, South Africa

CRSP Index Governance Committees Terms of Reference. Introduction... 2 Governance and Oversight Control Framework... 3 Index Oversight Committee...

Stakeholder Relations and Communications Policy

Transcription:

Internatinal Standard n Auditing (Ireland) 265 Cmmunicating Deficiencies in Internal Cntrl t Thse Charged with Gvernance and Management

MISSION T cntribute t Ireland having a strng regulatry envirnment in which t d business by supervising and prmting high quality financial reprting, auditing and effective regulatin f the accunting prfessin in the public interest This publicatin cntains cpyright material f bth the Internatinal Federatin f Accuntants and the Financial Reprting Cuncil Limited. All rights reserved. Reprduced and mdified by the Irish Auditing and Accunting Supervisry Authrity with the permissin f the Internatinal Federatin f Accuntants and the Financial Reprting Cuncil Limited. N permissin granted t third parties t reprduce r distribute.

INTERNATIONAL STANDARD ON AUDITING (IRELAND) 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT (Effective fr the audits f financial statements fr perids cmmencing n r after 17 June 2016, fr Intrductin which pinins are issued n r after 1 February 2017) CONTENTS Paragraph Scpe f this ISA (Ireland)... 1 3 Effective Date... 4 Objective... 5 Definitins... 6 Requirements... 7 11 Applicatin and Other Explanatry Material Determinatin f Whether Deficiencies in Internal Cntrl Have Been Identified... Significant Deficiencies in Internal Cntrl... Cmmunicatin f Deficiencies in Internal Cntrl... A1 A4 A5 A11 A12 A30 Internatinal Standard n Auditing (Ireland) (ISA (Ireland)) 265, Cmmunicating Deficiencies in Internal Cntrl t Thse Charged with Gvernance and Management shuld be read in cnjunctin with ISA (Ireland) 200, Overall Objectives f the Independent Auditr and the Cnduct f an Audit in Accrdance with Internatinal Standards n Auditing (Ireland).

Intrductin Scpe f this ISA (Ireland) 1. This Internatinal Standard n Auditing (Ireland) (ISA (Ireland)) deals with the auditr s respnsibility t cmmunicate apprpriately t thse charged with gvernance and management deficiencies in internal cntrl 1 that the auditr has identified in an audit f financial statements. This ISA (Ireland) des nt impse additinal respnsibilities n the auditr regarding btaining an understanding f internal cntrl and designing and perfrming tests f cntrls ver and abve the requirements f ISA (Ireland) 315 and ISA (Ireland) 330. 2 ISA (Ireland) 260 3 establishes further requirements and prvides guidance regarding the auditr s respnsibility t cmmunicate with thse charged with gvernance in relatin t the audit. 2. The auditr is required t btain an understanding f internal cntrl relevant t the audit when identifying and assessing the risks f material misstatement. 4 In making thse risk assessments, the auditr cnsiders internal cntrl in rder t design audit prcedures that are apprpriate in the circumstances, but nt fr the purpse f expressing an pinin n the effectiveness f internal cntrl. The auditr may identify deficiencies in internal cntrl nt nly during this risk assessment prcess but als at any ther stage f the audit. This ISA (Ireland) specifies which identified deficiencies the auditr is required t cmmunicate t thse charged with gvernance and management. 3. Nthing in this ISA (Ireland) precludes the auditr frm cmmunicating t thse charged with gvernance and management ther internal cntrl matters that the auditr has identified during the audit. Effective Date 4. This ISA (Ireland) is effective fr the audits f financial statements fr perids cmmencing n r after 17 June 2016, fr which pinins are issued n r after 1 February 2017. Objective 5. The bjective f the auditr is t cmmunicate apprpriately t thse charged with gvernance and management deficiencies in internal cntrl that the auditr has identified during the audit and that, in the auditr s prfessinal judgment, are f sufficient imprtance t merit their respective attentins. Definitins 6. Fr purpses f the ISAs (Ireland), the fllwing terms have the meanings attributed belw: (a) Deficiency in internal cntrl This exists when: 1 2 3 4 ISA (Ireland) 315, Identifying and Assessing the Risks f Material Misstatement thrugh Understanding the Entity and Its Envirnment, paragraphs 4 and 12. ISA (Ireland) 330, The Auditr s Respnses t Assessed Risks. ISA (Ireland) 260, Cmmunicatin with Thse Charged with Gvernance. ISA (Ireland) 315, paragraph 12. Paragraphs A60-A65 prvide guidance n cntrls relevant t the audit. 1

(i) (ii) A cntrl is designed, implemented r perated in such a way that it is unable t prevent, r detect and crrect, misstatements in the financial statements n a timely basis; r A cntrl necessary t prevent, r detect and crrect, misstatements in the financial statements n a timely basis is missing. (b) Requirements Significant deficiency in internal cntrl A deficiency r cmbinatin f deficiencies in internal cntrl that, in the auditr s prfessinal judgment, is f sufficient imprtance t merit the attentin f thse charged with gvernance. (Ref: Para. A5) 7. The auditr shall determine whether, n the basis f the audit wrk perfrmed, the auditr has identified ne r mre deficiencies in internal cntrl. (Ref: Para. A1-A4) 8. If the auditr has identified ne r mre deficiencies in internal cntrl, the auditr shall determine, n the basis f the audit wrk perfrmed, whether, individually r in cmbinatin, they cnstitute significant deficiencies. (Ref: Para. A5-A11) 9. The auditr shall cmmunicate in writing significant deficiencies in internal cntrl identified during the audit t thse charged with gvernance n a timely basis. (Ref: Para. A12-A18, A27) 10. The auditr shall als cmmunicate t management at an apprpriate level f respnsibility n a timely basis: (Ref: Para. A19, A27) (a) (b) In writing, significant deficiencies in internal cntrl that the auditr has cmmunicated r intends t cmmunicate t thse charged with gvernance, unless it wuld be inapprpriate t cmmunicate directly t management in the circumstances; and (Ref: Para. A14, A20-A21) Other deficiencies in internal cntrl identified during the audit that have nt been cmmunicated t management by ther parties and that, in the auditr s prfessinal judgment, are f sufficient imprtance t merit management s attentin. (Ref: Para. A22-A26) 11. The auditr shall include in the written cmmunicatin f significant deficiencies in internal cntrl: (a) (b) A descriptin f the deficiencies and an explanatin f their ptential effects; and (Ref: Para. A28) Sufficient infrmatin t enable thse charged with gvernance and management t understand the cntext f the cmmunicatin. In particular, the auditr shall explain that: (Ref: Para. A29-A30) (i) (ii) The purpse f the audit was fr the auditr t express an pinin n the financial statements; The audit included cnsideratin f internal cntrl relevant t the preparatin f the financial statements in rder t design audit prcedures that are apprpriate in the circumstances, but nt fr the purpse f expressing an pinin n the effectiveness f internal cntrl; and 2

(iii) The matters being reprted are limited t thse deficiencies that the auditr has identified during the audit and that the auditr has cncluded are f sufficient imprtance t merit being reprted t thse charged with gvernance. *** Applicatin and Other Explanatry Material Determinatin f Whether Deficiencies in Internal Cntrl Have Been Identified (Ref: Para. 7) A1. In determining whether the auditr has identified ne r mre deficiencies in internal cntrl, the auditr may discuss the relevant facts and circumstances f the auditr s findings with the apprpriate level f management. This discussin prvides an pprtunity fr the auditr t alert management n a timely basis t the existence f deficiencies f which management may nt have been previusly aware. The level f management with whm it is apprpriate t discuss the findings is ne that is familiar with the internal cntrl area cncerned and that has the authrity t take remedial actin n any identified deficiencies in internal cntrl. In sme circumstances, it may nt be apprpriate fr the auditr t discuss the auditr s findings directly with management, fr example, if the findings appear t call management s integrity r cmpetence int questin (see paragraph A20). A2. In discussing the facts and circumstances f the auditr s findings with management, the auditr may btain ther relevant infrmatin fr further cnsideratin, such as: Management s understanding f the actual r suspected causes f the deficiencies. Exceptins arising frm the deficiencies that management may have nted, fr example, misstatements that were nt prevented by the relevant infrmatin technlgy (IT) cntrls. A preliminary indicatin frm management f its respnse t the findings. Cnsideratins Specific t Smaller Entities A3. While the cncepts underlying cntrl activities in smaller entities are likely t be similar t thse in larger entities, the frmality with which they perate will vary. Further, smaller entities may find that certain types f cntrl activities are nt necessary because f cntrls applied by management. Fr example, management s sle authrity fr granting credit t custmers and apprving significant purchases can prvide effective cntrl ver imprtant accunt balances and transactins, lessening r remving the need fr mre detailed cntrl activities. A4. Als, smaller entities ften have fewer emplyees which may limit the extent t which segregatin f duties is practicable. Hwever, in a small wner-managed entity, the wner-manager may be able t exercise mre effective versight than in a larger entity. This higher level f management versight needs t be balanced against the greater ptential fr management verride f cntrls. Significant Deficiencies in Internal Cntrl (Ref: Para. 6(b), 8) A5. The significance f a deficiency r a cmbinatin f deficiencies in internal cntrl depends nt nly n whether a misstatement has actually ccurred, but als n the 3

likelihd that a misstatement culd ccur and the ptential magnitude f the misstatement. Significant deficiencies may therefre exist even thugh the auditr has nt identified misstatements during the audit. A6. Examples f matters that the auditr may cnsider in determining whether a deficiency r cmbinatin f deficiencies in internal cntrl cnstitutes a significant deficiency include: The likelihd f the deficiencies leading t material misstatements in the financial statements in the future. The susceptibility t lss r fraud f the related asset r liability. The subjectivity and cmplexity f determining estimated amunts, such as fair value accunting estimates. The financial statement amunts expsed t the deficiencies. The vlume f activity that has ccurred r culd ccur in the accunt balance r class f transactins expsed t the deficiency r deficiencies. The imprtance f the cntrls t the financial reprting prcess; fr example: General mnitring cntrls (such as versight f management). Cntrls ver the preventin and detectin f fraud. Cntrls ver the selectin and applicatin f significant accunting plicies. Cntrls ver significant transactins with related parties. Cntrls ver significant transactins utside the entity s nrmal curse f business. Cntrls ver the perid-end financial reprting prcess (such as cntrls ver nn-recurring jurnal entries). The cause and frequency f the exceptins detected as a result f the deficiencies in the cntrls. The interactin f the deficiency with ther deficiencies in internal cntrl. A7. Indicatrs f significant deficiencies in internal cntrl include, fr example: Evidence f ineffective aspects f the cntrl envirnment, such as: Indicatins that significant transactins in which management is financially interested are nt being apprpriately scrutinized by thse charged with gvernance. Identificatin f management fraud, whether r nt material, that was nt prevented by the entity s internal cntrl. Management s failure t implement apprpriate remedial actin n significant deficiencies previusly cmmunicated. Absence f a risk assessment prcess within the entity where such a prcess wuld rdinarily be expected t have been established. 4

Evidence f an ineffective entity risk assessment prcess, such as management s failure t identify a risk f material misstatement that the auditr wuld expect the entity s risk assessment prcess t have identified. Evidence f an ineffective respnse t identified significant risks (fr example, absence f cntrls ver such a risk). Misstatements detected by the auditr s prcedures that were nt prevented, r detected and crrected, by the entity s internal cntrl. Restatement f previusly issued financial statements t reflect the crrectin f a material misstatement due t errr r fraud. Evidence f management s inability t versee the preparatin f the financial statements. A8. Cntrls may be designed t perate individually r in cmbinatin t effectively prevent, r detect and crrect, misstatements. 5 Fr example, cntrls ver accunts receivable may cnsist f bth autmated and manual cntrls designed t perate tgether t prevent, r detect and crrect, misstatements in the accunt balance. A deficiency in internal cntrl n its wn may nt be sufficiently imprtant t cnstitute a significant deficiency. Hwever, a cmbinatin f deficiencies affecting the same accunt balance r disclsure, relevant assertin, r cmpnent f internal cntrl may increase the risks f misstatement t such an extent as t give rise t a significant deficiency. A9. Law r regulatin in sme jurisdictins may establish a requirement (particularly fr audits f listed entities) fr the auditr t cmmunicate t thse charged with gvernance r t ther relevant parties (such as regulatrs) ne r mre specific types f deficiency in internal cntrl that the auditr has identified during the audit. Where law r regulatin has established specific terms and definitins fr these types f deficiency and requires the auditr t use these terms and definitins fr the purpse f the cmmunicatin, the auditr uses such terms and definitins when cmmunicating in accrdance with the legal r regulatry requirement. A10. Where the jurisdictin has established specific terms fr the types f deficiency in internal cntrl t be cmmunicated but has nt defined such terms, it may be necessary fr the auditr t use judgment t determine the matters t be cmmunicated further t the legal r regulatry requirement. In ding s, the auditr may cnsider it apprpriate t have regard t the requirements and guidance in this ISA (Ireland). Fr example, if the purpse f the legal r regulatry requirement is t bring t the attentin f thse charged with gvernance certain internal cntrl matters f which they shuld be aware, it may be apprpriate t regard such matters as being generally equivalent t the significant deficiencies required by this ISA (Ireland) t be cmmunicated t thse charged with gvernance. A11. The requirements f this ISA (Ireland) remain applicable ntwithstanding that law r regulatin may require the auditr t use specific terms r definitins. 5 ISA (Ireland) 315, paragraph A66. 5

Cmmunicatin f Deficiencies in Internal Cntrl Cmmunicatin f Significant Deficiencies in Internal Cntrl t Thse Charged with Gvernance (Ref: Para. 9) A12. Cmmunicating significant deficiencies in writing t thse charged with gvernance reflects the imprtance f these matters, and assists thse charged with gvernance in fulfilling their versight respnsibilities. ISA (Ireland) 260 establishes relevant cnsideratins regarding cmmunicatin with thse charged with gvernance when all f them are invlved in managing the entity. 6 A12-1. In Ireland, where applicable, timely cmmunicatin f significant deficiencies, in writing, t directrs f listed entities can assist them t cmply with the prvisins f the UK Crprate Gvernance Cde relating t internal cntrl and reprting t sharehlders. A13. In determining when t issue the written cmmunicatin, the auditr may cnsider whether receipt f such cmmunicatin wuld be an imprtant factr in enabling thse charged with gvernance t discharge their versight respnsibilities. In additin, fr listed entities in certain jurisdictins, thse charged with gvernance may need t receive the auditr s written cmmunicatin befre the date f apprval f the financial statements in rder t discharge specific respnsibilities in relatin t internal cntrl fr regulatry r ther purpses. Fr ther entities, the auditr may issue the written cmmunicatin at a later date. Nevertheless, in the latter case, as the auditr s written cmmunicatin f significant deficiencies frms part f the final audit file, the written cmmunicatin is subject t the verriding requirement 7 fr the auditr t cmplete the assembly f the final audit file n a timely basis. ISA (Ireland) 230 states that an apprpriate time limit within which t cmplete the assembly f the final audit file is rdinarily nt mre than 60 days after the date f the auditr s reprt. 8 A13-1. Fr audits f financial statements f public interest entities, ISA (Ireland) 260 8a requires the auditr t cmmunicate in the additinal reprt t the audit cmmittee any significant deficiencies in the entity s internal financial cntrl system r in the accunting system, and whether r nt the deficiencies reprted have been reslved by management. A14. Regardless f the timing f the written cmmunicatin f significant deficiencies, the auditr may cmmunicate these rally in the first instance t management and, when apprpriate, t thse charged with gvernance t assist them in taking timely remedial actin t minimize the risks f material misstatement. Ding s, hwever, des nt relieve the auditr f the respnsibility t cmmunicate the significant deficiencies in writing, as this ISA (Ireland) requires. A15. The level f detail at which t cmmunicate significant deficiencies is a matter f the auditr s prfessinal judgment in the circumstances. Factrs that the auditr may 6 7 8 8a ISA (Ireland) 260, paragraph 13. ISA (Ireland) 230, Audit Dcumentatin, paragraph 14. ISA (Ireland) 230, paragraph A21. ISA (Ireland) 260, paragraph 16R-2(j). 6

cnsider in determining an apprpriate level f detail fr the cmmunicatin include, fr example: The nature f the entity. Fr instance, the cmmunicatin required fr a public interest entity may be different frm that fr a nn-public interest entity. The size and cmplexity f the entity. Fr instance, the cmmunicatin required fr a cmplex entity may be different frm that fr an entity perating a simple business. The nature f significant deficiencies that the auditr has identified. The entity s gvernance cmpsitin. Fr instance, mre detail may be needed if thse charged with gvernance include members wh d nt have significant experience in the entity s industry r in the affected areas. Legal r regulatry requirements regarding the cmmunicatin f specific types f deficiency in internal cntrl. A16. Management and thse charged with gvernance may already be aware f significant deficiencies that the auditr has identified during the audit and may have chsen nt t remedy them because f cst r ther cnsideratins. The respnsibility fr evaluating the csts and benefits f implementing remedial actin rests with management and thse charged with gvernance. Accrdingly, the requirement in paragraph 9 applies regardless f cst r ther cnsideratins that management and thse charged with gvernance may cnsider relevant in determining whether t remedy such deficiencies. A17. The fact that the auditr cmmunicated a significant deficiency t thse charged with gvernance and management in a previus audit des nt eliminate the need fr the auditr t repeat the cmmunicatin if remedial actin has nt yet been taken. If a previusly cmmunicated significant deficiency remains, the current year s cmmunicatin may repeat the descriptin frm the previus cmmunicatin, r simply reference the previus cmmunicatin. The auditr may ask management r, where apprpriate, thse charged with gvernance, why the significant deficiency has nt yet been remedied. A failure t act, in the absence f a ratinal explanatin, may in itself represent a significant deficiency. Cnsideratins Specific t Smaller Entities A18. In the case f audits f smaller entities, the auditr may cmmunicate in a less structured manner with thse charged with gvernance than in the case f larger entities. Cmmunicatin f Deficiencies in Internal Cntrl t Management (Ref: Para. 10) A19. Ordinarily, the apprpriate level f management is the ne that has respnsibility and authrity t evaluate the deficiencies in internal cntrl and t take the necessary remedial actin. Fr significant deficiencies, the apprpriate level is likely t be the chief executive fficer r chief financial fficer (r equivalent) as these matters are als required t be cmmunicated t thse charged with gvernance. Fr ther deficiencies in internal cntrl, the apprpriate level may be peratinal management with mre direct invlvement in the cntrl areas affected and with the authrity t take apprpriate remedial actin. 7

Cmmunicatin f Significant Deficiencies in Internal Cntrl t Management (Ref: Para. 10(a)) A20. Certain identified significant deficiencies in internal cntrl may call int questin the integrity r cmpetence f management. Fr example, there may be evidence f fraud r intentinal nn-cmpliance with laws and regulatins by management, r management may exhibit an inability t versee the preparatin f adequate financial statements that may raise dubt abut management s cmpetence. Accrdingly, it may nt be apprpriate t cmmunicate such deficiencies directly t management. A21. ISA (Ireland) 250 establishes requirements and prvides guidance n the reprting f identified r suspected nn-cmpliance with laws and regulatins, including when thse charged with gvernance are themselves invlved in such nn-cmpliance. 9 ISA (Ireland) 240 establishes requirements and prvides guidance regarding cmmunicatin t thse charged with gvernance when the auditr has identified fraud r suspected fraud invlving management. 10 Cmmunicatin f Other Deficiencies in Internal Cntrl t Management (Ref: Para. 10(b)) A22. During the audit, the auditr may identify ther deficiencies in internal cntrl that are nt significant deficiencies but that may be f sufficient imprtance t merit management s attentin. The determinatin as t which ther deficiencies in internal cntrl merit management s attentin is a matter f prfessinal judgment in the circumstances, taking int accunt the likelihd and ptential magnitude f misstatements that may arise in the financial statements as a result f thse deficiencies. A23. The cmmunicatin f ther deficiencies in internal cntrl that merit management s attentin need nt be in writing but may be ral. Where the auditr has discussed the facts and circumstances f the auditr s findings with management, the auditr may cnsider an ral cmmunicatin f the ther deficiencies t have been made t management at the time f these discussins. Accrdingly, a frmal cmmunicatin need nt be made subsequently. A24. If the auditr has cmmunicated deficiencies in internal cntrl ther than significant deficiencies t management in a prir perid and management has chsen nt t remedy them fr cst r ther reasns, the auditr need nt repeat the cmmunicatin in the current perid. The auditr is als nt required t repeat infrmatin abut such deficiencies if it has been previusly cmmunicated t management by ther parties, such as the internal audit functin r regulatrs. It may, hwever, be apprpriate fr the auditr t re-cmmunicate these ther deficiencies if there has been a change f management, r if new infrmatin has cme t the auditr s attentin that alters the prir understanding f the auditr and management regarding the deficiencies. Nevertheless, the failure f management t remedy ther deficiencies in internal cntrl that were previusly cmmunicated may becme a significant deficiency requiring cmmunicatin with thse charged with 9 10 ISA (Ireland) 250, Cnsideratin f Laws and Regulatins in an Audit f Financial Statements, paragraphs 22-28. ISA (Ireland) 240, The Auditr s Respnsibilities Relating t Fraud in an Audit f Financial Statements, paragraph 41. 8

gvernance. Whether this is the case depends n the auditr s judgment in the circumstances. A25. In sme circumstances, thse charged with gvernance may wish t be made aware f the details f ther deficiencies in internal cntrl the auditr has cmmunicated t management, r be briefly infrmed f the nature f the ther deficiencies. Alternatively, the auditr may cnsider it apprpriate t infrm thse charged with gvernance f the cmmunicatin f the ther deficiencies t management. In either case, the auditr may reprt rally r in writing t thse charged with gvernance as apprpriate. A26. ISA (Ireland) 260 establishes relevant cnsideratins regarding cmmunicatin with thse charged with gvernance when all f them are invlved in managing the entity. 11 Cnsideratins Specific t Public Sectr Entities (Ref: Para. 9-10) A27. Public sectr auditrs may have additinal respnsibilities t cmmunicate deficiencies in internal cntrl that the auditr has identified during the audit, in ways, at a level f detail and t parties nt envisaged in this ISA (Ireland). Fr example, significant deficiencies may have t be cmmunicated t the legislature r ther gverning bdy. Law, regulatin r ther authrity may als mandate that public sectr auditrs reprt deficiencies in internal cntrl, irrespective f the significance f the ptential effects f thse deficiencies. Further, legislatin may require public sectr auditrs t reprt n brader internal cntrl-related matters than the deficiencies in internal cntrl required t be cmmunicated by this ISA (Ireland), fr example, cntrls related t cmpliance with legislative authrities, regulatins, r prvisins f cntracts r grant agreements. Cntent f Written Cmmunicatin f Significant Deficiencies in Internal Cntrl (Ref: Para. 11) A28. In explaining the ptential effects f the significant deficiencies, the auditr need nt quantify thse effects. The significant deficiencies may be gruped tgether fr reprting purpses where it is apprpriate t d s. The auditr may als include in the written cmmunicatin suggestins fr remedial actin n the deficiencies, management s actual r prpsed respnses, and a statement as t whether r nt the auditr has undertaken any steps t verify whether management s respnses have been implemented. A29. The auditr may cnsider it apprpriate t include the fllwing infrmatin as additinal cntext fr the cmmunicatin: An indicatin that if the auditr had perfrmed mre extensive prcedures n internal cntrl, the auditr might have identified mre deficiencies t be reprted, r cncluded that sme f the reprted deficiencies need nt, in fact, have been reprted. An indicatin that such cmmunicatin has been prvided fr the purpses f thse charged with gvernance, and that it may nt be suitable fr ther purpses. 11 ISA (Ireland) 260, paragraph 13. 9

A30. Law r regulatin may require the auditr r management t furnish a cpy f the auditr s written cmmunicatin n significant deficiencies t apprpriate regulatry authrities. Where this is the case, the auditr s written cmmunicatin may identify such regulatry authrities. 10

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback