What is a component auditor?
A component auditor performs work on the financial information of a component because the group engagement team cannot or chooses not to do it directly. This is common when a component operates in a different jurisdiction or falls under a different regulatory regime. The group engagement team remains responsible for the group audit opinion regardless of how much work the component auditor performs.
ISA 600 (Revised) requires the group engagement team to evaluate whether the component auditor has the competence and capabilities to perform the planned work, and to confirm the component auditor's independence. The team then issues group audit instructions specifying the work to be performed, the component materiality, the relevant risks, and the reporting format. At completion, the group engagement team evaluates the component auditor's communication (covering misstatements identified and control deficiencies) and determines whether the evidence is sufficient.
The component auditor does not issue a separate audit opinion on the component for the purposes of the group audit. Their role is to provide evidence to the group engagement team.
Key Points
- A component auditor works on component financial information for the group audit, not on a standalone engagement.
- The group engagement team must evaluate the component auditor's competence and independence before involving them.
- The component auditor follows group audit instructions, not their own audit strategy for the component.
- ISA 600 (Revised) increased requirements for two-way communication between the group engagement team and the component auditor.
Worked example: Kowalski Manufacturing S.A.
Client: Polish manufacturing group, FY2024, consolidated revenue €145M, IFRS reporter, with a subsidiary in the Czech Republic (Kowalski Výroba s.r.o., revenue €32M, 22% of consolidated).
The group auditor's firm in Warsaw cannot perform the audit work on the Czech subsidiary due to local statutory requirements. The group engagement team appoints a Prague-based firm as component auditor.
Evaluate the component auditor
The group engagement team confirms that the Prague firm holds a valid Czech audit licence and has experience with IFRS manufacturing engagements. The team also confirms the firm has no independence conflicts with Kowalski Výroba s.r.o. and reviews the Prague firm's most recent quality management review results.
Issue group audit instructions
The group engagement team issues instructions specifying that the component auditor should perform targeted procedures on inventory (€11M, with obsolescence estimation risk) and revenue recognition (intercompany sales of €6.5M). Component materiality is set at €580K (40% of group materiality of €1.45M). The instructions specify the reporting deadline and the form of the component auditor's communication back to the group.
Evaluate component auditor findings
The Prague firm reports back with one unadjusted misstatement of €38K in inventory obsolescence provision and no control deficiencies. The group engagement team evaluates the report and confirms the work addressed the identified risks. It then aggregates the misstatement with group-level findings.
Conclusion: the component auditor performed the work specified in the group audit instructions. The group engagement team's evaluation at completion confirmed the evidence was sufficient. Had the team failed to evaluate the component auditor's findings (simply filing the report), the group audit file would lack evidence that the group engagement team exercised the judgment ISA 600 (Revised) requires.
What reviewers and practitioners get wrong
The most common finding is that the group engagement team accepts the component auditor's report at face value without evaluating whether the work addressed the identified risks. ISA 600 (Revised) requires the group engagement team to evaluate the component auditor's communication, not just receive it. Filing a report is not the same as evaluating one.
Firms sometimes appoint a component auditor without documenting the evaluation of competence and independence. The standard requires this assessment before the component auditor begins work, not after the fact. On cross-border engagements, the independence evaluation must consider both the group auditor's and the component auditor's jurisdictional requirements.
Component auditor vs group engagement team
| Dimension | Component auditor | Group engagement team |
|---|---|---|
| Location | Typically at the component, often in a different jurisdiction | At the group auditor's firm |
| Appointed by | Group engagement team | N/A (established by the firm) |
| Follows instructions from | Group engagement team | Sets its own audit strategy |
| Issues an opinion | No separate opinion for the group audit | Responsible for the group audit opinion |
| Materiality | Applies the component materiality set by the group engagement team | Determines both group and component materiality |
Key standard references
- ISA 600 (Revised): Definition of component auditor and the role within the group audit framework.
- ISA 600 (Revised): Requirements for assessing component auditor competence, capabilities, and independence.
- ISA 600 (Revised): Group engagement team's responsibility to evaluate sufficiency of evidence from component auditors.
Related terms
Related reading
Frequently asked questions
Does the component auditor issue a separate audit opinion?
No. The component auditor does not issue a separate audit opinion on the component for the purposes of the group audit. Their role is to perform the work specified in the group audit instructions and provide evidence to the group engagement team. The group engagement partner is responsible for the group audit opinion.
Can the component auditor be from a different firm?
Yes. The component auditor can be from the same firm, a network firm, or an entirely unrelated firm. What matters is not the organisational relationship but that the group engagement team has evaluated the component auditor's competence, capabilities, and independence before assigning work, and that the group team directs and reviews the work performed.