ISA 600 (Revised) DEALS with Special Considerations that APPLY to group audits in particular those that involve ‘Component Auditors‘.
What Is ISA 600?
ISA 600 establishes the framework for auditing group financial statements; where one set of consolidated accounts spans multiple legal entities, geographies, and auditing firms.
ISA 600, titled Special Considerations—Audits of Group Financial Statements (Including the Work of Component Auditors), is one of the most complex and consequential standards issued by the International Auditing and Assurance Standards Board (IAASB). It recognises that auditing a consolidated entity is fundamentally different from auditing a single reporting unit.
When a parent entity prepares financial statements that consolidate the results of subsidiaries, joint ventures, and associates, the audit must extend across all material components; even those audited by entirely different firms in different countries. ISA 600 provides the architecture for how this coordinated effort should function.
Group Financial Statements are financial statements that include the financial information of more than one component. A group audit is the audit of those statements, led by the group engagement team.
Issued By
International Auditing and Assurance Standards Board (IAASB), part of the International Federation of Accountants (IFAC).
Global Reach
Adopted across more than 120 jurisdictions worldwide, including the European Union, Australia, Canada, and many emerging markets.
Revised Standard
The IAASB significantly revised ISA 600 in 2022 to strengthen requirements around understanding component auditors and communications.
Objective
To provide sufficient appropriate audit evidence about whether the group financial statements are free from material misstatement.
Quick Facts
| Field | Detail |
|---|---|
| Standard Number | ISA 600 |
| Issuing Body | International Auditing and Assurance Standards Board (IAASB) / IFAC |
| Full Title | Special Considerations—Audits of Group Financial Statements (Including the Work of Component Auditors) |
| Latest Revision | 2022 |
| Effective Date | 15 December 2023 (for periods beginning on or after this date) |
| Applies To | Audits of group financial statements that include financial information from more than one component |
| Key Role | Group Engagement Partner, holds ultimate responsibility for the group audit opinion |
| Global Adoption | More than 120 jurisdictions worldwide, including the EU, Australia, Canada, and many emerging markets |
Key Definitions
ISA 600 introduces several precise terms that carry specific meaning throughout the standard. Understanding these definitions is essential to applying the standard correctly.
| Term | Definition |
|---|---|
| Component | An entity or business activity for which group or component management prepares financial information that is required to be included in the group financial statements. |
| Component Auditor | An auditor who, at the request of the group engagement team, performs work on financial information related to a component for the group audit. |
| Component Management | Management responsible for the preparation of the financial information of a component. |
| Component Materiality | The materiality for a component determined by the group engagement team. It is always set lower than group materiality to limit the risk of aggregate uncorrected misstatements exceeding group materiality. |
| Group | All the components whose financial information is included in the group financial statements. |
| Group Audit | The audit of group financial statements. |
| Group Engagement Partner | The partner or other person in the firm who is responsible for the group audit engagement and its performance, and for the auditor’s report on the group financial statements that is issued on behalf of the firm. |
| Group Engagement Team | Partners and staff who establish the overall group audit strategy, communicate with component auditors, perform work on the consolidation process, and evaluate the conclusions drawn from the audit evidence obtained. |
| Group Financial Statements | Financial statements that include the financial information of more than one component. |
| Group Management | Management responsible for the preparation of the group financial statements. |
| Group Materiality | The materiality for the group financial statements as a whole. |
| Significant Component | A component identified by the group engagement team that is of individual financial significance to the group, or that, due to its specific nature or circumstances, is likely to include significant risks of material misstatement of the group financial statements. |
Scope and Application
ISA 600 applies whenever an auditor is engaged to perform an audit of group financial statements. It does not apply to audits of standalone financial statements, even where those statements reference or consolidate subsidiary information informally.
When Does ISA 600 Apply?
The standard is triggered when there are group financial statements i.e. statements that include financial information from more than one component. A component may be a subsidiary, associate, joint venture, or any other unit whose financial information is included in the group statements.
ISA 600 applies even when all components are audited by the same firm. The group engagement partner retains specific responsibilities regardless of whether component work is performed internally or by separate audit firms.
What Is a Component?
A component is an entity or business activity for which group or component management prepares financial information that is required to be included in the group financial statements. Components can include:
| Component Type | Description | Common Examples |
|---|---|---|
| Subsidiary | Entity controlled by the parent (majority ownership or effective control) | Wholly-owned subsidiaries, majority-owned entities |
| Associate | Entity over which the group has significant influence (typically 20–50%) | Equity-accounted investments |
| Joint Venture | Jointly controlled arrangement with another party | 50:50 joint ventures, joint operations |
| Division / Branch | Operationally distinct segment of the parent entity itself | Geographic divisions, business units |
| Special Purpose Entity | Structured entity consolidated under IFRS 10 or equivalent | Securitisation vehicles, captive funds |
Key Parties in a Group Audit
ISA 600 introduces a specific cast of roles that must be clearly understood. Each party has distinct responsibilities and must interact with the others through structured communication channels.
Group Engagement Partner (GEP): The partner responsible for the group audit engagement, the auditor’s report on the group financial statements, and the direction, supervision, and performance of the group audit.
The Group Engagement Team
The group engagement team is responsible for the group audit strategy and audit plan, including the instructions issued to component auditors. They evaluate the work performed by component auditors and determine whether sufficient appropriate audit evidence has been obtained for the group audit opinion.
Component Auditors
A component auditor is an auditor who performs work on financial information related to a component for the group audit. Component auditors may be from the same network as the group engagement team or from entirely separate, unaffiliated firms.
The 2022 revision significantly strengthened requirements for the group engagement team to understand the component auditors’ professional environment, applicable financial reporting frameworks, and relevant regulatory factors even before accepting or continuing the engagement.
Group Management vs Component Management
Group management is responsible for the preparation of the group financial statements. Component management is responsible for the preparation of component financial information used in preparing the group financial statements. Both interact with auditors at their respective levels, but the group engagement team’s primary relationship is with group management.
Responsibilities Under ISA 600
The group engagement partner bears ultimate responsibility for the group audit opinion, this cannot be delegated. Understanding this hierarchy is fundamental to complying with ISA 600.
Group Engagement Team: Core Duties
Obtain an Understanding of the Group
Understand the group, its components, their environments, and the consolidation process before designing the audit approach.
Identify and Assess Risks of Material Misstatement
Identify significant risks at both group and component level, including risks arising from the consolidation process itself (e.g., elimination of intercompany transactions).
Determine the Work to be Performed on Components
Decide which components are significant and what type of work i.e. full audit, audit of specific balances, agreed procedures, or analytical procedures is appropriate.
Issue Instructions to Component Auditors
Provide written instructions covering scope, materiality, significant risks, reporting requirements, and deadlines. Instructions must be sufficiently detailed to enable component auditors to perform required work.
Review Component Auditors’ Work
Evaluate whether the work performed by component auditors is adequate for group audit purposes. This may include reviewing component auditor working papers or communicating directly with component auditors.
Form the Group Audit Opinion
Aggregate all evidence obtained from the group team’s own work and from component auditors to form the opinion on the group financial statements.
Materiality in Group Audits
Materiality in a group audit has multiple layers. ISA 600 requires the group engagement team to establish distinct materiality thresholds for different purposes, creating a cascading framework.
| Materiality Level | Purpose | Relationship to Others |
|---|---|---|
| Group Materiality | Used for the group financial statements as a whole | The ceiling — all other thresholds fall below this |
| Group Performance Materiality | Set below group materiality to reduce risk of aggregate misstatements | Used to design group-level procedures |
| Component Materiality | Used for planning work at component level | Always lower than group materiality |
| Threshold for Reporting | Misstatements below this need not be communicated to group team | Typically much lower than component materiality |
Component materiality must be set lower than group materiality because multiple components, each with misstatements just below their respective component materiality thresholds, could together produce an aggregate misstatement that exceeds group materiality.
Significant Components
A significant component is one that has been identified as financially significant to the group typically because it represents an individually significant portion of the group’s assets, liabilities, revenues, or cash flows or one that poses significant risks of material misstatement to the group financial statements.
For significant components, ISA 600 requires either a full audit using component materiality, or an audit of one or more specific account balances, classes of transactions, or disclosures that relate to the significant risks identified at the group level.
Types of Component Work
ISA 600 prescribes different types of audit work depending on whether a component is significant and the nature of the risks associated with it. The group engagement team determines the appropriate type of work for each component.
| Type of Work | When Used | Level of Assurance |
|---|---|---|
| Full Audit of Component | Significant components; complex entities; high-risk components | Highest — reasonable assurance |
| Audit of Specific Balances | Significant components with specific identified risks; targeted procedures | High — for the specific elements audited |
| Specified Procedures | Non-significant components where the group team needs specific evidence | Moderate — procedures defined by group team |
| Analytical Procedures | Non-significant components; low-risk, predictable entities | Lower — limited analytical evidence only |
| Review | Non-significant components where limited assurance is proportionate | Limited — negative assurance |
Understanding Component Auditors
A critical aspect of ISA 600 particularly under the 2022 revision is the group engagement team’s obligation to obtain an understanding of the component auditors. This goes well beyond simply receiving their reports. The group team must assess:
- Whether the component auditor understands and will comply with the ethical requirements relevant to the group audit, including independence
- The component auditor’s professional competence, including knowledge of the applicable financial reporting framework and the component’s industry
- Whether the group engagement team will be able to be involved in the component auditor’s work to the extent necessary
- Whether the regulatory environment in the component’s jurisdiction is one in which audit documentation may be accessed and reviewed
Communication and Reporting
ISA 600 establishes robust two-way communication requirements. The group engagement team must communicate clearly with component auditors at all stages of the audit, and component auditors must respond with timely, complete information.
Instructions to Component Auditors
Before component work begins, the group engagement team must issue written instructions covering, at minimum: the work to be performed, the use of component materiality, identified significant risks, the group’s timetable, the required form of the component auditor’s communication, and a list of related parties known to group management.
Component Auditor’s Report to Group Team
Component auditors must communicate their findings to the group engagement team. This communication should cover: the component auditor’s conclusion on the work performed, significant findings including significant risks and their responses, identified misstatements, any instances of non-compliance, and matters requiring the group engagement team’s attention.
Regulators globally have found that poor-quality communication between group and component auditors is one of the most frequent deficiencies identified in group audit inspections. Ensuring robust, timely, two-way communication is essential to ISA 600 compliance.
The Auditor’s Report on Group Financial Statements
The group engagement partner signs the audit report on the group financial statements. ISA 600 does not require reference to be made to the component auditor in the group audit report. However, some jurisdictions (notably the United States under PCAOB standards) do require or permit such disclosure. Under ISA 600, the group engagement partner assumes full responsibility for the group audit opinion irrespective of the component auditors’ work.
Frequently Asked Questions
What is the difference between ISA 600 and ISA 600 (Revised)?
The IAASB issued a significantly revised ISA 600 in 2022. The revised standard strengthens requirements around the group engagement team’s understanding of component auditors, introduces more explicit requirements regarding independence and competence assessments of component auditors, and provides clearer guidance on involvement of the group team in the work of component auditors. The revised standard is effective for audits of group financial statements for periods beginning on or after 15 December 2023.
Can the group engagement team rely entirely on the component auditor’s work?
No. While the group engagement team may use the work of component auditors as audit evidence, they cannot simply adopt a component auditor’s report without performing their own evaluation. The group team must assess whether the component auditor’s work is adequate, communicate their requirements, and review the component auditor’s findings. Ultimate responsibility for the group audit opinion always rests with the group engagement partner.
What happens if a component auditor is not independent?
If the group engagement team determines that a component auditor lacks the required independence, or cannot confirm independence, the group team must consider the implications for the group audit. This may require the group team to perform additional procedures themselves, engage a different component auditor, or in extreme cases modify the group audit opinion. The 2022 revision placed heightened emphasis on independence assessment prior to engagement acceptance.
How is component materiality determined in practice?
There is no prescriptive formula in ISA 600 for setting component materiality. Practitioners typically set component materiality at a percentage of group materiality often between 50% and 75% to account for the aggregation risk across multiple components. The exact level requires professional judgment, taking into account the number of components, the degree of centralisation of controls, and the risk profile of each component.
Does ISA 600 apply to audits of non-profit or public sector groups?
Yes, ISA 600 applies whenever group financial statements are being audited, regardless of the sector. Auditors of public sector entities and non-profits that consolidate subsidiary or controlled entities must comply with ISA 600, subject to any jurisdiction-specific modifications made by relevant standard-setters such as INTOSAI for public sector auditors.
What are the most common ISA 600 deficiencies found by regulators?
Regulators including the FRC, PCAOB, and ASIC have identified several recurring deficiencies: insufficient understanding of component auditors; inadequate or vague group audit instructions; failure to properly identify all significant components; insufficient review of component auditor working papers; and inadequate evaluation of component findings before forming the group opinion. The 2022 revision was specifically designed to address many of these recurring issues.
(Qualified) Chartered Accountant – ICAP
Master of Commerce – HEC, Pakistan
Bachelor of Accounting (Honours) – AeU, Malaysia