Service Performance Auditing - Key concepts of NZ AS-1

What are the key concepts and objectives of NZ AS 1, and how do I incorporate them into my audit?

Paragraph 6 of NZ AS-1 outlines these:

1/ To understand the process applied by the entity to select what and how to report on its service performance

At the beginning of the audit, the terms of the engagement state the responsibilities of both the auditor and those in governance of the entity:

(a) For the preparation of service performance information in accordance with the applicable financial reporting framework.

(b) To select service performance criteria that are suitable in order to prepare service performance information in accordance with the applicable financial reporting framework

To help achieve this objective, we need to obtain information such as:

• How does the entity prepare service performance information by the applicable financial reporting?
• What is their service performance criteria and how they have been derived?
• What internal controls they have created to ensure the quality of information for their outputs and outcomes?

This is mostly a planning exercise and is covered under paragraphs 17 to 21.

We must obtain an understanding of the nature and significance of the services provided by the entity and how the environment it operates in affects the entity. Some key areas to focus on are:

• understanding what the entity’s overall purpose and strategy are,
• recording what legal and regulatory requirements the entity operates under and how these affect the decision-making process concerning its performance information.

2/ Evaluate whether the entity’s service performance criteria are suitable to result in service performance information in accordance with the applicable financial reporting framework.

The first objective provides the auditor with background information. We then use this to assess whether the entity’s service performance criteria are suitable under the characteristics of relevance, reliability, understandability, completeness, and neutrality. Each characteristic has factors that auditors can use to evaluate the service performance reporting.

Relevance Factors:
- The rationale for the selection of which service performance information to report.
- Whether information is likely to meet the needs of intended users to be useful for decision-making.
- Whether information could affect the reputation of the entity.
- The information correlates with financial expenditure.

Completeness factors:
- That the service performance information includes negative aspects of performance or areas of significant risk of performance failure by the entity.
- That all significant aspects of service performance are made that would enable the user to make an informed decision.

Reliability factors:
- Service performance information measurement or description is consistent from period to period.
- Processes are defined, and there is evidence to support the reliability of the information generated and that there are no unsubstantiated claims.
- Service performance criteria are comparable to other entities in their industry (Benchmarking).

Neutrality factors:
- The selected service performance criteria cover both favourable and unfavourable aspects of the entity’s service performance in an unbiased manner.
- The chosen service performance criteria are not changed arbitrarily to remove negative aspects of performance year on year.

Understandability factors:
- That the service performance information is laid out well and easy for users to identify the main points of the service performance.
- Information is explained, presented, and concise for users to understand its significance.

The auditor also needs to understand what potential users will want to gain from the reported information. This is significant to users who are donors because they need to know whether the entity’s reason for being, goals and achievements are worthy of their support. Auditors should also ensure that if the entity changes its service performance criteria, that it has been approved appropriately and that the reasons for the change are satisfactorily explained and disclosed.

3/ Obtain reasonable assurance about whether the service performance information included in the general-purpose financial report is free from material misstatement, whether due to fraud or error.

When trying to obtain reasonable assurance, many auditors find it difficult to determine the materiality level of the service performance information. Generally, one uniform way to measure materiality will not be sufficient. It may be easier to assess each output and outcome, determine its importance for users to make decisions based on it and make a materiality measure for each one.

The auditor should consider whether the entity’s determination of material service performance information is consistent with the auditor’s knowledge of the entity and the environment, including reporting by similar entities and previous reporting by the entity and information obtained from sources such as minutes of meetings, media reports and any stakeholder outreach activities, including satisfaction surveys.

When assessing materiality in the service performance reporting, it is essential to be aware of the multiple factors that may lead to a material misstatement:
(a) Omissions of fact – could omissions result in misleading the user?
(b) Misstatements of fact – could a misstatement result in misleading the user?
(c) Misrepresentation of trend – does the service performance information make claims that do not represent the facts available?
(d) Bias – does the service performance information focus unduly on positive aspects of performance, or omit negative elements?
(e) Unsubstantiated claims.

Professional judgement will be vital in assessing materiality. Some examples of professional judgement factors to consider:

• How the information is presented. Does the presentation draw attention to certain details and hide or make them less prominent than other information? The auditor may be less tolerant of misstatements in the information that is given the most prominence.
• The volatility of reported service performance information from period to period.
• The extent of interest shown in aspects of service performance by, for example, the applicable legislation, funders, the media or the public and whether the service performance information is likely to cause funders to increase or decrease funding in the entity.
• The quality of the systems used to record and control results for the service performance information, and the nature and quality of evidence available. For instance, a weak recording or control system may force the auditor to use primarily substantive procedures.
• In some instances, there may not be control activities that can be identified by the auditor, or the extent to which their existence or operation has been documented by the entity may be limited. In such cases, it may be more efficient for the auditor to perform audit procedures that are primarily substantive procedures. For example, a manager's bonus may be tied to specific outputs which could lead them to misrepresent outputs and outcomes to governance if the manager has not met targets to still receive their bonus.

Some other areas to be aware of to achieve this objective are:

Assertions

1. Occurrence – service performance that has been reported has occurred.
2. Attributable to the entity – the service performance reported by the entity includes only service performance that the entity has evidence to support its involvement with.
3. Completeness – all significant service performance that should have been reported has been included in the service performance information.
4. Accuracy – Service performance has been reported, measured and described appropriately and is not inconsistent with financial statement information.
5. Cut-off – the service performance has been reported in the correct period.
6. Presentation – service performance is appropriately aggregated or disaggregated and clearly described, and related disclosures are relevant and understandable.

Procedures that may be performed include:

• Testing and evaluating the systems, processes and controls.
• Performing analytical review procedures.
• Performing other substantive or re-performance tests.

4/ Whether the service performance information included in the general-purpose financial report is prepared, in all material respects in accordance with the applicable financial reporting framework.

This includes (per paragraph 45) reporting that service performance criteria are suitable and available to users, and assessing whether anything about the overall presentation of the service performance information undermines a proper understanding of the matters disclosed (say by including information that is not relevant or that obscures readers understanding).

It also includes whether the overall presentation, structure and content of the service performance information represent the service performance of the entity in a manner that achieves fair presentation. The auditor must also assess whether the disclosure of the judgements made in reporting the service performance information is reasonable.

The auditor must also refer to the relevant reporting framework requirements - PBE FRS 48 for Tier 1 and 2, and the Simple Format Reporting standards for Tier 3 and 4.

5. To communicate further as required by the ISAs and NZ AS-1, in accordance with auditor findings.

When the audit engagement is over the auditor communicates with those charged with governance.

The report includes deficiencies in the internal controls, the suitability of the information presented and processes implemented, any management bias detected in the selection and preparation of service performance information and whether more information needs to be given to provide the users with the information required to make informed decisions.

The auditor must encourage the entity to act neutrally in the presentation and disclosure of service performance information to increase the reliability of the information presented over time.

Appendix 3 of NZ AS-1 forms a good overview of the whole process: