1.1 The purpose of the Australian National Audit Office (ANAO) is to support accountability and transparency in the Australian Government sector through independent reporting to the Parliament, and thereby contribute to improved public sector performance.

1.2 The quality of ANAO audit work is reliant on the strength of its independence and quality control framework. A sound quality framework supports delivery of high-quality audit work and enables the Auditor-General to have confidence in the opinions and conclusions in the reports prepared for the Parliament. This facilitates confidence of the Parliament that the ANAO operates with independence and that the audit approach meets the auditing standards set by the Auditor-General.

1.3 The ANAO defines audit quality as the provision of timely, accurate and relevant audits, performed independently in accordance with the Auditor-General Act, ANAO Auditing Standards and methodologies, which are valued by the Parliament. Delivering quality audits results in improved public sector performance through accountability and transparency.

1.4 The Quality Assurance Framework and Plan describes the ANAO’s Quality Assurance Framework and sets out the key quality assurance activities planned for the financial year as part of this investment.

Framework for quality

1.5 The ANAO is established under the Auditor-General Act 1997 (the Act). Section 24 of the Act requires the Auditor-General to set auditing standards that are to be complied with by persons performing functions under the Act. The ANAO Auditing Standards set under this provision incorporate standards issued by the Auditing and Assurance Standards Board (AUASB) and relevant auditing and assurance standards issued by standard-setting bodies other than the AUASB as appropriate. Specific to quality assurance, this includes ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and other Financial Information, other Assurance Engagements and Related Services Engagements (ASQC 1).

Purpose of the Quality Assurance Framework and Plan

Quality Assurance Framework

1.6 In accordance with ASQC 1 the ANAO has established and maintains a system of quality control. This system is the ANAO quality framework, and provides the ANAO with reasonable assurance that:

• the ANAO complies with the ANAO Auditing Standards and applicable legal and regulatory requirements; and
• reports issued by the ANAO are appropriate in the circumstances.

1.7 The ANAO quality framework includes policies and procedures that address:

1. Leadership responsibilities for quality;
2. Relevant ethical requirements;
3. Acceptance and continuance of audits¹;
4. Human resources;
5. Audit performance, and
6. Monitoring.

1.8 The AUASB issued three new and revised Australian Quality Management Standards that become effective on 15 December 2022:

• ASQM 1 – Quality Management for Firms that Perform Audits or Reviews of Financial Reports and Other Financial Information, or Other Assurance or Related Services Engagements.
• ASQM 2 – Engagement Quality Reviews.
• ASA 220 – Quality Management for an Audit of a Financial Report and Other Historical Information.

1.9 The new and revised standards introduce a quality management approach that is focused on proactively identifying and responding to risks of quality. The standards include enhanced requirements and focus on governance and leadership, monitoring and remediation. The ANAO is preparing for the implementation of the revised standards and will make enhancements to the framework to ensure that it clearly demonstrates the ANAO responses to the quality risks that arise in audits of public sector entities by December 2022.²

Quality Assurance Plan

1.10 This Quality Assurance Plan (QA plan) is informed by the priorities identified in the ANAO Corporate Plan, the prior period’s results of the ANAO Quality Assurance Program (the QA Program), and better practice insights from engagement with peers and the wider auditing profession. The plan:

• identifies and highlights the key activities to be performed and monitored to provide assurance that critical aspects of the quality framework are operating effectively;
• includes a timetable for deliverables to provide accountability by ensuring that quality assurance work is completed and reported on as planned;
• facilitates coordination of all monitoring activities, including internal audit, internal and external quality assurance reviews and external audit; and
• identifies the resource requirements necessary for the performance of monitoring functions.

1.11 The ANAO Corporate Plan contains the following performance measure in respect of quality:

The ANAO’s independent Quality Assurance Program indicates that audit opinions and conclusions are appropriate.

1.12 The QA program is a key activity that addresses the monitoring element of the quality framework. The objective of the QA program is to form an opinion as to whether each audit report:

• complies with ANAO Auditing Standards, policies and procedures and other legal and regulatory requirements; and
• evidences sufficient appropriate audit procedures to support conclusions reached.

1.13 The QA program also provides assurance on the implementation and operating effectiveness of other elements of the ANAO Quality Framework. The scope of the QA program is discussed in the monitoring section of this document.

1.14 The strategy and activities described in the Quality assurance strategy and deliverables for 2022–23 focus on those that address the audit performance and monitoring elements of the Quality Assurance Framework.

Overview

2.1 A sound quality framework supports high-quality evidence and standards-based audit work. This enables the Parliament to have confidence in the opinions and conclusions made by the Auditor-General.

2.2 The ANAO quality framework is in accordance with the requirements of Auditing Standard ASQC 1. The framework and its activities are developed and implemented by the Professional Services and Relationships Group (PSRG) that reports to the Auditor-General on technical quality and standards issues.

2.3 The framework encompasses a number of key elements as presented in Figure 1 which align with the requirements of the standard.

Figure 1: Elements of the ANAO quality framework
 

Leadership responsibilities for quality in the ANAO

2.4 The Auditor-General is ultimately responsible for the system of quality control in place for all assurance and related activities undertaken by the ANAO. From an operational perspective, the Deputy Auditor-General is responsible for ensuring that the system of quality control satisfies the requirements of the ANAO Auditing Standards and is assisted by the Group Executive Directors (GEDs) and Senior Executive Directors (SEDs) with this role.

2.5 The PSRG GED is responsible for the design, execution and maintenance of the Quality Assurance Framework and for monitoring compliance with the framework. PSRG reports to the ANAO Executive, Quality Committee and Audit Committee on the results of these monitoring activities. The PSRG GED is also responsible for the ANAO audit methodology, which supports compliance with the ANAO Auditing Standards. This includes the development of policies and procedures to support that audit methodology.

2.6 The Financial Statements Audit Services Group (FSASG) GED, Performance Audit Services Group (PASG) GEDs, Performance Statements Audit Services Group (PSASG) GED, and Systems Assurance and Data Analytics (SADA) SED are responsible for the delivery of quality audit services within their respective business units.

2.7 The FSASG, PASG and PSASG engagement executives and SADA executives are responsible for quality within their portfolio of audits and supporting the GEDs and SEDs in the delivery and management of quality audit services.

2.8 The Corporate Management Group (CMG) SED is responsible for the design, execution and maintenance of policies supporting the Quality Framework in respect of human resources, IT security and support, external communications and learning and development.

The ANAO Quality Committee

2.9 The ANAO Quality Committee is responsible for monitoring the implementation of the ANAO quality framework and reporting to the Executive Board of Management (EBOM) on this implementation.

2.10 The Committee is comprised of members representing all ANAO Groups and is chaired by the GED PSRG.

2.11 The Committee meets on a quarterly basis and has Terms of Reference which include the following responsibilities:

• reviewing the findings of external and internal reviews in relation to quality as reported to EBOM;
• monitoring the ANAO’s progress in addressing the findings and recommendations made in external or internal reviews;
• monitoring the operating effectiveness and efficiency of the Quality Framework against the audit quality indicators;
• monitoring the strategic and operational risks associated with quality;
• reporting to EBOM on the implementation of the Quality Framework; and
• considering proposed amendments to the ANAO Audit Manual that substantially impact the conduct of an audit and making a recommendation to the Auditor-General for approval.

Relevant ethical requirements

2.12 Under the ANAO Auditing Standards, the Auditor-General and ANAO staff are required to comply with relevant ethical requirements, including those pertaining to independence, as set out in APES 110 Code of ethics for professional accountants (including independence standards) (APES 110).

2.13 The ethical requirements of APES 110 apply in addition to the ethical requirements that apply to ANAO staff as members of the office and as Commonwealth public servants. ANAO staff are bound by the ANAO Values and Behaviours and the Australian Public Service (APS) Values and Code of Conduct made under the Public Service Act 1999. ANAO staff are also bound by the General Duties of Officials under Part 2-2 Division 3 of the Public Governance, Performance and Accountability Act 2013.

Integrity

2.14 The ANAO regards integrity as a core value of the organisation — critical in sustaining the confidence of Parliament, strengthening public trust in government and delivering quality audit products. The ANAO upholds five key principles of integrity — independence, honesty, openness, accountability and courage. To support this core value, the ANAO has developed an Integrity Framework. The Integrity framework provides an overarching structure to supporting our institution’s integrity. The framework serves to assist in ethical decision making and risk, fraud and misconduct management.

Independence

2.15 Independence is fundamental to the principles of integrity and objectivity. The ANAO quality framework ensures that threats to independence are appropriately managed in the conduct of the ANAO’s audit and assurance work and other activities through the application of ANAO independence policies.

2.16 The Auditor-General is an independent officer of the Parliament as set out in section 8 of the Auditor-General Act 1997 (the Act). The statutory independence is provided for in the Act through defining the scope of an Auditor-General’s mandate, the appointment and removal of an Auditor-General and the performance of his or her responsibilities. The Auditor-General has complete discretion in the performance or exercise of his or her functions or powers and is not subject to direction from anyone in relation to:

• whether or not a particular audit is to be conducted; or
• the way in which a particular audit is to be conducted; or
• the priority to be given to any particular matter.

2.17 Section 40(2) of the Act further provides for independence of ANAO functions providing that directions to ANAO staff in relation to the performance of the Auditor-General’s functions may only be given by the Auditor-General or a member of the staff of the Audit Office authorised to give such directions.

2.18 ANAO independence policies apply to all staff and contractors of the ANAO. The policies are based on the requirements of APES 110 to the extent that there is not a conflict with the ANAO’s legislated mandate and responsibilities.

2.19 Independence comprises both independence of mind and independence in appearance. It is fundamental to the ANAO’s ability to act with integrity and objectivity and is central to maintaining an attitude of professional scepticism.

2.20 The completion of the declaration of independence is to be undertaken prior to participating in an audit, review, or other assurance engagement or information report. The declaration is required to be maintained on the file and reviewed by the responsible Engagement Executive.

2.21 Under the ANAO independence policies, suspected or actual contraventions of the independence requirements of legislation, APES 110 or ANAO policy requirements must be reported immediately to the responsible GED.

Rotation of key audit personnel

2.22 The ANAO Independence Policy sets key audit personnel rotation requirements for financial statements audits. Their purpose is to safeguard against the threat to independence that may arise from a long association with an auditee. This policy specifies the length of time that key audit personnel can be assigned to the financial statements audit of an entity before rotation or approval to extend involvement is required. Monitoring of the assignment and rotation of key audit personnel is performed by the FSASG SED responsible for Resourcing and Budgeting.

2.23 The ANAO also monitors potential conflicts of interest through:

• declaration of personal interests policy — requires all ANAO SES and other relevant employees in sensitive positions to submit, at least annually, a written declaration of their, and their immediate family’s, financial and other interests that could involve a real or apparent conflict of interest.
• ANAO employment manual — requires ANAO employees to seek prior approval to engage in outside activities or employment. In the approval process, the Deputy Auditor-General considers if the outside activities or employment create a real or perceived conflict of interest.
• procurement policies and procedures — require the declaration of conflicts of interest.

Other services

2.24 The ANAO contracts private sector firms to undertake some audits on behalf of the Auditor-General. The Audit Manual requires contracted firms to request approval from the ANAO to provide other services.

Gifts and benefits monitoring

2.25 The ANAO must meet public expectations of integrity, accountability, independence, transparency and professionalism. This requires that staff not be influenced, or perceived to be influenced, by gifts, benefits or inducements. The Auditor-General’s Instructions and supporting Financial Management Procedures require staff to report any offered gift or benefit (whether accepted or refused), within 10 business days of the offer being made, in the gifts and benefits register. In limited circumstances, staff may retain the gift after following the appropriate approval processes.

Audit mandate and selection

2.26 Financial statements, performance statements and performance audits must be carried out consistent with the Auditor General’s mandate under the Auditor-General Act 1997 (the Act). The Auditor-General is responsible for financial and performance audits of all Commonwealth entities, companies and subsidiaries, with the exception that performance audits and an audit of performance measures of Government Business Entities (GBE) can only be undertaken if they are requested by the Joint Committee for Public Accounts and Audit (JCPAA). In addition, a performance audit of a Commonwealth partner that is part of, or controlled by, a state or territory government cannot be undertaken unless it is requested by the responsible minister or the JCPAA. Performance statements audits can be requested by the responsible Minister for a Commonwealth entity or the Finance Minister, although, the Auditor-General may at any time conduct a performance audit of a Commonwealth entity as per the Act.

2.27 The Auditor-General may also conduct audits by arrangement under s20 of the Act. The ANAO audit methodology contains requirements for acceptance of a s20 engagement.

2.28 The Auditor-General publishes an annual audit work program (AAWP) in July each year which outlines the proposed audit activities to be undertaken in the financial year. The AAWP includes potential performance audit and assurance review topics, annual performance statements audits and the annual program of mandated financial statements audits. The ANAO develops the AAWP guided by the following objectives:

• having regard to the priorities of the Parliament of Australia as determined by the JCPAA along with any reports of the JCPAA;
• consider the interests of other parliamentary committees and parliamentarians;
• provide a balanced program of activity that is informed by risk, and promotes accountability, transparency and improvements to public administration;
• follow up on past recommendations and identify trends for improvement, or declines in performance across government; and
• apply all of the Auditor-General’s mandate.

2.29 Throughout the year, the Auditor-General determines which audits will commence based on a risk assessment, priorities identified by the JCPAA, and achieving sufficient breadth and depth across the government sector. The Auditor-General also considers any recent developments in the public sector and areas of public concern, opportunities to demonstrate good practice in public administration and accountability, requests for audit and resourcing. Approaches by parliamentarians, parliamentary committees and others with suggestions for audits are also considered by the Auditor-General for potential audit activity.

2.30 In August 2019, the Minister for Finance requested that the Auditor-General conduct a pilot program of audits of performance statements of Commonwealth entities subject to the Public Governance, Performance and Accountability Act 2013, in consultation with the JCPAA. Following the Auditor-General’s agreement, a pilot was commenced under section 15 of the Auditor-General Act 1997. As part of the 2021–22 Budget, the ANAO received additional funding to deliver a staged program of performance statement audits — from six audits in 2021–22 increasing to 19 audits by 2024–25.

Human resources

2.31 The ANAO’s human resources policies and procedures aid in the selection of employees who have the necessary integrity, capability, and competence to perform the work required.

2.32 The ANAO is committed to the continuing competence of its staff through its performance and career development program. To further support continuing competence, the ANAO provides comprehensive learning and development and talent management programs. In addition, the ANAO has developed a strategic workforce plan to ensure the future competencies required for the ANAO are met.

Performance and career development

2.33 Performance management at the ANAO is an ongoing process of communication between employees and their direct supervisor with a view to improve organisational effectiveness and individual performance. The ANAO’s Performance and Career Development Policy and Procedures have been designed to facilitate high performance across the ANAO, which in turn supports the ANAO to achieve its business and quality objectives.

2.34 The service group plans that operationalise the strategies and priorities from the ANAO Corporate Plan inform individual performance agreements of staff. This provides a link from the Corporate Plan to staff performance and assists all ANAO staff to understand the importance of their work in achieving the ANAO’s outcomes, including supporting high audit quality. Supervisors also consider the results of each quality assurance review in reviewing staff performance. The ANAO’s Performance and Career Development Policy also details procedures to support staff in improving their performance when required.

Learning and development

2.35 The ANAO is a learning organisation, with the ANAO supporting, and our staff committed to, continuous learning, growth and development. Mandatory training requirements facilitate and support this commitment, including annual continuous professional development (CPD) and e-learning training courses.

2.36 The ANAO offers staff a blended curriculum of classroom training comprising both technical and non-technical courses and a library of e-learning modules. ANAO courses have been designed and developed in consultation with the service groups and are aligned to the six core capabilities contained in the ANAO Capability Framework.

2.37 The suite of e-learning courses includes courses the ANAO requires staff to complete within four weeks of induction and then on an annual basis. The ANAO promotes the completion of annual e-learning courses for all staff through monitoring of completion rates of annual e-learning courses and through the ANAO Learning Management System automatic enrolment function with set due dates for completion. As part of the ANAO annual performance assessment process, staff include a declaration confirming the completion of all corporate mandatory training requirements.

Assignment of engagement teams

2.38 ANAO polices for the allocation of engagement executives and staff to audits ensures the engagement team has the appropriate level of expertise and time to perform their role. Under these policies, the workload and availability of engagement executives is monitored to ensure they have sufficient time to adequately discharge their responsibilities.

2.39 The ANAO uses resourcing and time charging tools to report and monitor the workload of each individual staff member.

Audit performance

ANAO audit methodology

2.40 ANAO auditors apply a robust methodology as set out in the ANAO Audit Manual and supported by standardised documentation tools and templates. Application of this methodology ensures ANAO audits are of a consistent quality and are performed in accordance with the ANAO Auditing Standards.

2.41 The ANAO Audit Manual and supporting tools and templates are reviewed on an annual basis to incorporate any improvements or amendments arising from changes in the ANAO Auditing Standards, responses to findings from quality monitoring processes and audit staff consultation.

2.42 The ANAO audit methodology incorporates policies regarding direction, supervision and review of team-members by more senior staff, consultation on significant technical and ethical issues, engagement quality control review (EQCR) of high risk audits and documentation of audit evidence and work performed.

Direction, supervision and review

2.43 Auditors are provided with levels of direction, supervision and on-the-job training appropriate to their skills and experience. Engagement executives are responsible for ensuring that adequate direction and supervision is provided to all auditors working on an engagement.

2.44 Review responsibilities are allocated on the basis that the more experienced auditors, including engagement executives, review work performed by the less experienced members of the audit team. The engagement executive on each audit is required to review a sufficient quantity of the work performed to provide assurance that the audit has been properly performed and appropriate evidence-based conclusions reached. Reviews are conducted in a timely fashion at appropriate stages during the audit.

2.45 Review processes differ in timing and extent of executive involvement for performance audits, performance statements audits and financial statements audits. This reflects the differences in the length and nature of the audits.

Performance audits

2.46 The key stages of review and approval for performance audits are:

• Audit selection process — each quarter the Auditor-General approves the selection of performance audits, from the AAWP or otherwise identified as a priority, that are to commence.
• Audit work plan (AWP) — the audit team, Executive Director (ED) and GED meet with the Auditor-General and Deputy Auditor-General to discuss the proposed AWP prior to an audit commencing. The Auditor-General approves the audit scope, audit objective and criteria, proposed audit methods and audit resourcing. Audit team members from financial statements audit and systems assurance and data analytics attend the workshop where the audit topic is relevant to their portfolio.
• Progress review 1 — occurs when approximately 20% of the allocated audit hours have been consumed. The performance audit team meets with the ED for low and medium risk audits and the ED and GED for high-risk audits. The focus of this meeting is on assessing the plan agreed at the AWP approval stage and how achievable it is given new information as well as considering the test program and risk assessment and how the audit is tracking against timeframes.
• Progress review 2 — occurs when approximately 50% of the allocated audit hours have been consumed. The audit team meets with the ED, GED, Deputy Auditor-General and Auditor-General to consider key findings, recommendations, the preliminary audit conclusion and the evidence base for these.
• Progress review 3 — this may be required in rare circumstances for performance audits with major complexities. If a meeting is held, it will occur before or after the exit interview and can be requested by the ED, GED or Auditor-General.
• Section 19 — a meeting is held to discuss the proposed audit report prior to it being issued to the accountable authority of the auditee for comment under s19 of the Auditor-General Act. The report is reviewed by the ED, GED, Deputy Auditor-General and the Auditor-General for discussion at the s 19 meeting. Following the incorporation of any comments, the ED and, as necessary, the GED, reviews the s 19 report for final approval and formal signoff by the Auditor-General.
• Final audit report — all final audit reports are formally signed-off by the responsible ED and GED and approved for tabling in Parliament by the Auditor-General.

Financial statements audits

2.47 The engagement executive reviews a sufficient quantity of the work to ensure that the audit has been properly performed and appropriate conclusions reached, given the evidence obtained. In particular, this includes a review of critical areas of judgment, especially those relating to difficult or contentious matters, significant risks and any other areas the engagement executive considers important. This review is conducted at the planning, interim and final stages of the audit and is completed on or before the date of the auditor’s report.

2.48 Where the signing officer and engagement executive are different people, the signing officer approves:

• key aspects of the audit approach;
• the engagement executive’s assessment of overall and performance materiality;
• the schedule of unadjusted differences;
• the audited financial statements; and
• the audit report.

2.49 The FSASG GED, in consultation with the Auditor-General, may appoint a second reviewer to an audit. This is separate to the engagement quality control review executive described below. A second reviewer will usually be appointed where a new signing officer is assigned to an audit or an audit is conducted in-house after being contracted out for a period.

2.50 The ANAO contracts firms to undertake some audits on behalf of the Auditor-General. The determination of which audits are contracted out and which are performed in-house by the ANAO is performed using a risk-based model which takes the need for specific expertise into account. Under this model, audits are classified as follows:

• audits requiring public sector specialist skills — this includes: Departments of State, National security agencies, regulatory authorities and bodies key to the functioning of the APS. These audits are performed in-house by ANAO staff;
• audits requiring specific industry expertise or in a location where it is not cost-efficient for the ANAO to perform the audit. These audits are contracted out to private sector firms; and
• all other audits — performed either in-house or contracted out to balance workloads and to rotate audits that are contacted out.

2.51 A large proportion of the ANAO’s mandated financial statements audits (just over 65 per cent of the total number of audits, and just under 40 per cent of the total audit fees charged by the ANAO for mandated financial statements audits) are contracted-out to private sector auditing firms in order to deliver the total coverage of entities in a timely and cost-effective way. Responsibility for signing audit reports remains with the ANAO.

2.52 In the case of audits conducted by contract firms, the ANAO engagement executive remains responsible for the audit. The engagement executive is required to be satisfied that the contract engagement partner has completed their work consistent with the ANAO Auditing Standards and that the contractor’s work p rovides sufficient appropriate audit evidence to support the issue of the auditor’s report. This is achieved through briefings by the contract engagement partner at appropriate times during the audit. The signing officer also approves key aspects of the audit approach, including:

• audit responses to significant risks;
• the contract engagement partner’s assessment of overall and performance materiality;
• the schedule of uncorrected misstatements;
• the signing officer review memorandum;
• the audited financial statements; and
• the auditor’s report.

2.53 For larger or higher risk audits, the engagement executive’s involvement is extended with a greater involvement in audit planning and execution, regular meetings with the contract firm and auditee, and review of significant matters arising during the audit.

Performance statements audit

2.54 The PSASG GED provides recommendations to the Auditor-General on the selection and commencement of audits of annual performance statements.

2.55 The Engagement Executive takes responsibility for the overall quality on the performance statements audit, including:

• the audit being planned, performed and documented in accordance with the ANAO auditing standards, the ANAO audit manual and any other relevant ANAO policy and legal and regulatory requirements;
• appropriate review of the engagement documentation to be satisfied that sufficient appropriate audit evidence has been obtained to support the conclusions reached and for the auditor’s report to be issued; and
• that appropriate consultation has been undertaken on difficult and contentious matters.

2.56 The Signing Officer approves:

• key aspects of the audit approach;
• the interim management letter;
• the audited performance statements; and
• the auditor’s report.

2.57 For higher risk audits, the PSASG GED is more involved in the monitoring of audit planning, execution and reporting, including significant matters arising during the audit.

Consultation

2.58 The ANAO audit methodology includes policies requiring appropriate consultation on difficult or contentious matters. Depending on the nature of the matter, consultation is with either the engagement quality control review executive, the relevant GED or with specialists in PSRG.

Qualifications and Technical Advisory Committee

2.59 The ANAO has a Qualifications and Technical Advisory Committee, which provides a forum for engagement executives to consult on difficult or contentious matters and, where necessary, resolve differences of opinion on audit related matters. ANAO policy identifies the matters that must be referred to the committee, and the committee meets as required to provide advice to the Auditor-General. These matters include:

• issuing a modified financial statements or performance statements audit opinion or conclusion;
• differences of opinion;
• accounting or audit matters which are likely to attract significant Parliamentary or public attention;
• consideration of the adequacy of the underlying audit evidence;
• accounting or related matters that are material to the Commonwealth’s Consolidated Financial Statements where there is, or there is significant potential for, different professional opinions; and
• proposal to not comply with an ANAO Auditing Standards or ANAO Audit Manual policy.

Ad-hoc reviews initiated by the Auditor-General

2.60 The Auditor-General may initiate reviews of in-process or completed audits on an ad-hoc basis. These reviews are conducted by the GED or other relevant specialists in PSRG, who are independent of the performance of the audit. Circumstances that may result in an ad-hoc quality review include parties external to the ANAO raising concerns or questions about the quality of work performed by the ANAO or the evidence supporting a conclusion or finding in an audit.

Risk assessment process

2.61 Engagement risk is the risk of expressing an inappropriate audit conclusion based on evidence that is not soundly based. This may include evidence that is improper or incomplete as a result of inadequacies in the evidence gathering process, misrepresentation or fraud. In all ANAO audits and engagements an engagement risk rating is assigned at planning. Engagement risk is monitored throughout the engagement and updated for changes in circumstances.

Engagement Quality Control Review

2.62 An EQCR executive is appointed to:

• all high risk performance audits;
• all high risk mandated financial statements audits of entities that are material to the Commonwealth’s Consolidated Financial Statements;
• all audits of entities determined to be Public Interest Entities; and
• any other audit at the discretion of the relevant GED, the Deputy Auditor-General or the Auditor-General.

2.63 In the case of financial statements audits of non-material entities that are assessed as high risk, the engagement executive considers the appropriate response to that risk assessment, which may result in the appointment of an EQCR executive.

2.64 The EQCR executive provides an objective evaluation of the significant judgements made by the audit team and conclusions reached in formulating the audit report.

2.65 The ANAO Quality Assurance Program reviews compliance with the EQCR policy including:

• an assessment of whether an EQCR was required to be appointed;
• whether an appointed EQCR met the eligibility criteria; and
• whether the documentation of that involvement throughout the audit was in accordance with the ANAO Audit Manual policy requirements.

Engagement documentation

2.66 The ANAO’s policies and procedures are designed to maintain the confidentiality, safe custody, integrity, accessibility and retrievability of audit documentation. All ANAO documentation is retained in accordance with the ANAO record keeping policy. At the completion of the audit, the audit file is finalised and locked to prevent any changes after the finalisation of the audit. Backups of all ANAO computerised files are made regularly and a disaster recovery plan is in place. Policy and guidelines in this area are based on the Australian Government Protective Security Policy Framework.

Monitoring and remediation

2.67 A key element of the ANAO Quality Assurance Framework is monitoring of compliance with policies and procedures that comprise the system of quality management. The monitoring system involves internal and external quality assurance reviews of the ANAO’s audits and other assurance engagements.

2.68 Monitoring activities are the responsibility of PSRG, and results of these activities are reported to EBOM, the Quality Committee and the ANAO Audit Committee. The ANAO Quality Committee is responsible for monitoring the ANAO’s progress in addressing the findings and recommendations arising from the monitoring and remediation programs. The ANAO Audit Committee also receives reports at each meeting on any quality risks arising as well as the status of the implementation of recommendations arising from all monitoring processes.

2.69 Monitoring processes include:

• annual quality assurance reviews of completed audits covering all of the functions of the ANAO;
• real time quality assurance reviews of in-process financial statements audits;
• an annual internal audit of compliance with components of the ANAO Audit Manual;
• biennial external peer reviews of completed performance audits performed by the Office of the Auditor General New Zealand; and
• external reviews of the quality framework and completed audits, as considered appropriate.

Internal reviews

2.70 The objective of ANAO internal quality assurance reviews is to form an opinion on whether each engagement file inspected:

• complies with the Act, professional requirements, ANAO auditing standards and other legal and regulatory requirements;
• complies with the ANAO’s policies and procedures, including quality control; and
• evidences sufficient and appropriate assurance procedures to support conclusions reached.

2.71 Compliance with the independence policies, including the completion of independence declarations, is tested as part of the ANAO’s quality control processes, internal audits and quality assurance monitoring reviews.

2.72 The mix of audits selected for review comprises audits conducted utilising in-house resources and those undertaken by contracted firms. The ANAO selects audits and other engagements in accordance with the ANAO Audit Manual QA review selection policy, which provides sufficient coverage of all responsible Engagement Executives on a cyclical basis.

2.73 All deficiencies noted as a result of the monitoring process are evaluated and classified according to an agreed rating scale. Audits are given an overall rating of satisfactory or unsatisfactory.

2.74 The ANAO conducts root-cause analysis to understand more deeply any areas in our work where we have identified scope for improvement to continue to improve our audit practice. The root-cause analysis assists with identifying training needs and support required for thematic issues, including targeted training and is targeted towards any audit files rated unsatisfactory under the quality assurance program and also a selection of identified thematic findings

2.75 Findings from monitoring processes are communicated to ANAO audit staff and contract firms and supported with tailored training programs as required.

External reviews

2.76 External oversight of quality at the ANAO is provided through peer review arrangements with international colleagues; scrutiny from the Parliament; the ASIC review and external audits.

2.77 The ANAO engages the Australian Securities and Investments Commission (ASIC) to conduct an annual review of the ANAO quality assurance framework and financial statements audit files, in a similar way to the review work conducted by ASIC on external auditors in the private sector.

2.78 All audit reports produced by the ANAO are public documents and tabled in the Parliament. The Joint Committee of Public Accounts and Audit (JCPAA) reviews all tabled Auditor-General reports and conducts inquiries into selected reports.

2.79 Section 41 of the Auditor-General Act 1997 (the Act) establishes the position of the Independent Auditor, appointed by the Governor-General. Under Part 7 Division 2 of the Act, the Independent Auditor is required to audit the ANAO annual financial statements and may at any time conduct a performance audit of the ANAO (having regard to the audit priorities of the Parliament determined by the JCPAA). The Independent Auditor also audits the ANAO’s annual performance statements at the request of the Auditor-General.

Complaints and allegations

2.80 The ANAO Audit Manual sets policies and processes for the formal management of any complaints or allegations that the work performed by the ANAO does not comply with applicable standards, requirements, systems of quality control or independence policies. The policies include escalation and consultation procedures to resolve any complaints or allegations made. The policy also sets out remedial actions required if a deficiency in the design or operation of the ANAO’s quality control policies and procedures, or non-compliance with the ANAO’s system of quality control by an individual or individuals, are identified during the investigation into a complaint or allegation.

3.1 The ANAO’s focus in 2022–23 will include the implementation of the quality assurance plan and enhancements to the quality framework with particular emphasis on:

• implementing the revised Australian Quality Management Standards ASQM 1 – Quality Management for Firms that Perform Audits or Reviews of Financial Reports and Other Financial Information, or Other Assurance or Related Services Engagements; ASQM 2 – Engagement Quality Reviews; and ASA 220 – Quality Management for an Audit of a Financial Report and Other Historical Financial Information by December 2022;
• refining the performance statements audit methodology and continuing to pilot various approaches to completing the performance statements audits;
• finalising the design of an appropriate audit framework against which to test ethics;
• revisiting the methodology associated with auditing ‘efficiency’;
• implementing the revised Auditing Standard ASA 315 – Identifying and Assessing the Risks of Material Misstatement; and
• continuing to expand our root cause analysis program.

Corporate plan performance measure

4.1 The ANAO Corporate Plan includes one performance measure in respect of quality:

The ANAO’s independent Quality Assurance Program indicates that audit opinions and conclusions are appropriate.

4.2 Performance against this measure is assessed through the ANAO Quality Assurance Program (QA program) and the results reported in the ANAO annual performance statements.

Audit quality indicators

4.3 Audit quality indicators (AQIs) are reliable quantitative measures regarding individual audits and organisations that perform audits which provide insights about key matters that may contribute to the quality of an audit. Taken together with qualitative context, the indicators may inform discussions regarding auditing process and lead to strengthened audit planning, execution, and communication.

4.4 The ANAO 2022–23 Quality Report will measure 10 quantitative AQIs. Four AQIs are measures from the Australasian Council of Auditors-General (ACAG) macro benchmarking survey in which most Australian audit offices, including the ANAO, participate.³ The ACAG macro benchmarking survey project is an annual exercise that has been conducted since 1994. The overall purpose of the project is to provide, to the extent practicable, comparable information to audit offices across Australasia on quantitative and qualitative benchmarks of the operations of audit offices and specific characteristics of each jurisdiction. The remaining six AQIs are derived from ANAO performance measures, audit manual policy requirements and expectations regarding independence and audit quality.

4.5 Measuring AQIs against specific benchmarks can inform and enhance reporting about audit quality and assist in understanding the root causes of quality inspection findings. This in turn enhances audit quality by ensuring that remediation activities address the issues that potentially impact audit quality.

4.6 The ANAO has identified benchmarks for each of these AQIs against which ANAO results are assessed and interpreted in the Audit Quality Report. ANAO benchmarks for the AQIs derived from the ACAG macro benchmarking survey are developed using past results of comparable audit offices⁴ to calculate a three-year rolling average.

4.7 The ANAO measures the following AQIs against the nominated benchmarks:

Note a: The 2021–22 plan benchmark for this AQI was 23%.

Note b: The 2021–22 plan benchmark was 3%.

Audit quality reporting

4.8 The ANAO publishes an Audit Quality Report at the end of the financial year on the ANAO website. The Audit Quality Report provides transparency in respect of the processes, policies, and procedures that are used to address or support each element of audit quality. Performance in respect of the AQIs is also measured and reported against the indicated benchmarks. The achievement of the quality assurance strategy and deliverables is reported on to enhance accountability.