All about audits
We’ve put together this guide to help readers understand public sector audits and to explain the language auditors use. We hope you’ll find it useful.
You can find more information about Audit New Zealand and our people on our website www.auditnz.govt.nz.
If you have any questions, or suggestions to make this guide more useful, please feel free to contact me or your Audit Director.
Why do we audit public sector entities?
All public entities are accountable to Parliament or a local authority and to the public for their use of public resources.
Everyone who pays taxes or rates has a right to know that the money is being spent wisely and in the way the entity said it would be spent. Looking at the forward plans and annual reports of entities spending taxpayers’ and ratepayers’ money will give some answers. But how can you be assured that the information in the annual reports is reliable?
The Auditor-General, through her Appointed Auditors, provides independent assurance that public entities are operating properly and accounting for their performance. Under the Public Audit Act 2001, the Auditor-General is required to carry out annual audits of all public entities and may also carry out performance audits and inquiries.
Audit New Zealand is a business unit of the Auditor-General and one of the Audit Service Providers. We carry out public sector audits on the Auditor-General’s behalf.
What is a public sector audit?
An auditor gives an independent report (“opinion”) on an entity’s financial and service performance statements. These statements are an important part of an entity’s annual report and the auditor’s report is a guide for the reader about the reliability of the information in the annual report.
When the audit team looks at an entity, they’ll be looking for accurate reporting of both financial and non-financial information.
The auditor’s report says whether you can rely on the information that’s gone into the financial statements and service performance information in the annual report. The auditor giving the opinion won’t have looked at everything, but they understand financial and non-financial performance systems and reporting a lot better than most of us ever will. They will look at riskier and more significant matters to ensure that they are reflected correctly in the annual report.
The auditors’ report is usually accompanied by a management report or management letter that will give more detailed information and often suggestions about areas where an entity can look for improvements in the future.
As a general guide, the primary audience for an auditor’s report is the entity’s stakeholders (generally the public). The primary audience for the management report or management letter is governors and senior management.
When the auditor gives their “opinion”, they use auditing expressions that come from international standards and conventions. The next section gives an explanation of some these terms.
Standard/unmodified audit opinion
Getting a “standard” audit report with an unmodified audit opinion means: in the auditor’s view, the information they looked at is a fair reflection of what actually happened, and the information is in keeping with the many practices and international standards on how to set out the financial statements.
In other words, the auditor didn’t spot anything that raised an eyebrow or needed pointing out to the reader.
It’s still important for governors and managers to read the management report that accompanies the opinion. The auditor will have spent a lot of time and effort on the audit and they often have suggestions for improvement. The most effective entities appreciate an independent pair of eyes looking over their performance and practices.
Non-standard audit opinions
If the auditor issued some form of “nonstandard” opinion, it can indicate several things. A non-standard opinion can range from the equivalent of throwing your hands up in the air and walking away through to highlighting a specific matter for the readers.
There are three types of non-standard audit opinions:
Adverse opinion – These opinions are quite rare and means the entity put something in the annual report that made the auditor think “I don’t think so!” It’s a serious disagreement between the entity and the auditor.
The adverse opinion is like an alarm sounding – the reader should not be relying on the content to give them a solid view of the entity’s finances or what it has delivered in services to the public. When you see an adverse opinion, the auditor will often use words like “material misstatement” and “pervasive”.
Material means that whatever hasn’t been reported properly in the financial statements is big enough to matter. There is no hard-and-fast rule about how much money counts as material – it all depends on how much money that entity is dealing with. Material for some is small change to others. Material can also be about the “nature” of the item.
Pervasive means that it isn’t an isolated problem – it affects so much that the information that’s been reported, as a whole, is misleading.
Disclaimer of opinion – When the audit opinion uses the words disclaimer of opinion, that’s a “yeah, nah” result. The auditor can’t give the entity a clean bill of health, because they couldn’t do everything they needed to do.
It often means that the entity couldn’t provide the auditor with enough evidence about something, and that has limited the scope of the audit.
While an adverse opinion is material and pervasive, a disclaimer of opinion is pervasive – it affects a lot of the information. It’s likely to be material, too – but that limitation-in-scope thing means that the auditor can’t really tell whether the information is reliable.
Qualified opinion – When the audit opinion is qualified, it means something different again. This time, whatever it is that the auditor disagrees with, it’s material – it matters – but it isn’t pervasive. So the audit opinion is saying “yes, this information does fairly reflect what the entity has been doing and how it has used our taxes or rates – but ...”
Sometimes, the auditor has got all the evidence they need and concludes that the content that isn’t stated right (called “misstatements”), individually or together, is material but not pervasive. The auditor could have concerns about the pages of financial information or the information about how well the entity performed in providing people with services, or both.
Other times, the auditor hasn’t been given or found enough evidence, and the information that’s missing could make a difference to a reader’s understanding of the audited bits of what’s in the annual report. It could be material, but the auditor doesn’t think it’s pervasive and they say “we’ve got all the evidence we need except for …”
Emphasis of matter – Sometimes the auditor will want to highlight something. They want to draw the reader’s attention to something that’s important to how the reader understands what’s in the audited bits of the annual report.
An emphasis-of-matter paragraph in the audit report doesn’t mean that anything’s wrong, but if you’re reading the annual report then you ought to know about whatever the auditor’s drawing attention to.
The emphasis-of-matter paragraph is the auditor’s way of saying “Make sure you take a note of this.”
Sometimes the words “going concern” crop up here. The auditor might give an unmodified opinion – but add in an emphasis-of-matter paragraph because the entity is dependent on the continuing support of its bankers.
If the entity is in a position to carry on, then all the financial information is put together assuming that the business is a “going concern”. If it’s winding up, then the team preparing that financial information won’t use the going-concern assumption.
There’s one other sort of paragraph that the auditor can use – the “other matter” paragraph. The auditor can include an other matter paragraph if something isn’t quite in keeping with the auditor’s expectations or isn’t made clear enough to the reader.
Whatever the other matter is, it’s something that, in the auditor’s professional judgement, is relevant to a reader’s understanding of the financial and/or service performance information but hasn’t been highlighted by the entity in its annual report.
What will the auditor normally look at?
Public sector audits have a broader scope than private sector audits.
The auditor will look at whether:
- a public entity fairly reflects the results of its activities in its financial statements and, as required, statement of service performance;
- a public entity complies with its statutory obligations;
- a public entity carries out its activities effectively and efficiently;
- waste is occurring or likely to occur as a result of any act or failure to act by a public entity;
- there is any sign or appearance of a lack of probity as a result of any act or omission by a public entity or by one or more of its members, office holders, or employees; and
- there is any sign or appearance of a lack of financial prudence as a result of any act or omission by a public entity or by one or more of its members, office holders, or employees.
The auditor may also need to use some specialists to audit the entity’s procurement, contract management, and asset management systems.
Some common misconceptions about auditing
Does an auditor look for fraud?
The focus of the audit is to give an independent report on an entity’s financial and service performance reports and control systems. The auditor may uncover fraud during the audit but it won’t be a primary focus of the audit. The auditor will perform some work to establish that fraud has been considered by governors and management as an area of focus. An entity’s control systems are the best safeguard against fraud.
Does the audit provide absolute assurance?
An audit provides reasonable assurance that the financial statements are free from material misstatement, whether caused by fraud or error. An audit is not intended to give absolute assurance or to detect all fraud or errors that may exist.
Do auditors review every transaction?
They don’t look at everything. The auditor will rely on control systems in place and statistical sampling methods to look at a small by representative percentage of an entity’s transactions to test the overall accuracy. They will also use analytical techniques to test whether things are consistent with their expectations.
Is it an auditor’s job is to oppose management?
The auditor is not the friend or the foe. The auditor must maintain professional scepticism so that they can exercise their independent judgement. For the same reason, they won’t tell an entity how to fix their systems, or do the work for the entity. They will point out gaps or when something doesn’t follow the correct policy, and they will make suggestions about areas that would benefit from improvement. However, it is important that the auditor and the entity have a strong professional relationship. Good quality engagement leads to a good quality audit.
Does the auditor prepare the financial reports and statements?
The auditor cannot help an entity prepare reports. They must be able to maintain their independence. But they will discuss what should be prepared ahead of the audit and what documentation needs to be ready for the audit.
Last updated: 9 March 2017