Skip to content
How did your June exams go?

Ask the Tutor ACCA AAA

assuming management responsibility

NNoah4y ago
ma'am how does management threat arise when external auditor provides internal audit services also? from what I remember audit committee assesses the need for internal audit department (IAD) and IAD is even responsible for reporting to audit committee, so then how exactly does a threat to assuming management responsibility arise when external auditor is proving internal audit services?
KimKimTutor4y ago#1
"Management threat" is not a separate category (see page 24 of the notes) - nor is it a term used in the Code. There is a general prohibition in the Code that an audit firm should not assume a management responsibility for an audit client. This is a para from the Code re the provision of internal audit services: "605.4 A1 Paragraph R600.7 precludes a firm or a network firm from assuming a management responsibility. Performing a significant part of the client’s internal audit activities increases the possibility that firm or network firm personnel providing internal audit services will assume a management responsibility." 605.4 A2 Examples of internal audit services that involve assuming management responsibilities include: ?? Setting internal audit policies or the strategic direction of internal audit activities. ?? Directing and taking responsibility for the actions of the entity’s internal audit employees. ?? Deciding which recommendations resulting from internal audit activities to implement. ?? Reporting the results of the internal audit activities to those charged with governance on behalf of management. ?? Performing procedures that form part of the internal control, such as reviewing and approving changes to employee data access privileges. ?? Taking responsibility for designing, implementing, monitoring and maintaining internal control. ?? Performing outsourced internal audit services, comprising all or a substantial portion of the internal audit function, where the firm or network firm is responsible for determining the scope of the internal audit work; and might have responsibility for one or more of the matters noted above.
NNoah4y ago#2
ma'am from my understanding there are two possible responses in case of assuming management responsibility: LISTED(any non-audit work) The threats created would be so significant that no safeguards can be used to reduce it to an acceptable level. UNLISTED CLIENT(any non-audit work) -mgt accepts its responsibility for taking any actions based on recommendations from auditor -mgt accepts its responsibility for oversight of services performed by auditor and monitoring of any reports produced. Can you please confirm them?
KimKimTutor4y ago#3
Assuming management responsibilities is one of the few things that is a "no no". The relevant section (R600.7) has the heading "Prohibition on Assuming Management Responsibilities" and applies to ALL audit clients. What you suggest are not safeguards as defined in the Code (they are not actions taken by the AUDITOR) - they are means to avoid assuming management responsibilities.
Sign into reply to this topic.