Audit teams and quality management

An audit team typically comprises an audit team leader and other members.

Audit team leader

An audit team leader must be an individual registered as an auditor.

It is important for an audit team leader to have a certain level of control over the audit process. The leader is expected to: 

● Agree to the terms of the audit engagement.

● Select the audit team and supervise their work.

● Ensure that the peer reviewer remains impartial and objective.

● Participate in preparing and executing the audit.

● Lead the assessment of the audit results and prepare the audit report.

● It is important to ensure that the audit aligns with the requirements of the audit framework and other relevant standards.

The audit team leader should also ensure the quality and completeness of work papers and audit files.

Although it is not necessary for them to personally fulfill each requirement, they should supervise the completion of said requirements and make important decisions.

The requirements for an audit team leader are outlined in Part 2 of the Audit Codes of Practice.

Peer reviewer

According to the Audit Codes of Practice, it is required that decisions made by the audit team leader during an audit undergo peer review. This review must be conducted by an impartial and objective person who is either a registered greenhouse and energy auditor.

While decisions are subject to peer review, audit team leaders should not limit their use of other expertise from outside the audit team.

In accordance with International Standard on Assurance Engagements (ISAE) 3000, the assurance report should be signed by the audit team leader only after the peer review has been completed.

The peer review requirements are outlined in Section 3.7(2) of the Audit Codes of Practice.

The role of a peer reviewer

It is recommended that a

● peer reviewer possess an equivalent or greater level of authority and experience compared to the audit team leader.

● The peer reviewer may be an internal or external.

● member of the audit firm, but should not be a part of the audit team.

Prior to conducting a peer review, the reviewer should ensure that they possess the necessary subject matter expertise and should be involved in all stages of the audit.

After completing their review, it is recommended that the peer reviewer keep:

● the proposed independent audit report and documentation prepared in developing the report,

● the audit plan (including all comments and tracked changes),

● and independence and conduct checks on file.

Neutrality and objectivity

During an audit, it is important for all team members to maintain impartiality, objectivity, and exercise professional skepticism when reviewing the information provided to them.

To comply with these requirements, it is recommended that audit team leaders engage different peer reviewers for each audit.

It is also suggested that auditors and peer reviewers rotate to remain independent and impartial.

To promote transparency and avoid any potential conflicts of interest, it is recommended that the audit team leader engage a different peer reviewer after conducting 5 consecutive audits, for at least the next 2 audits.

Additionally, peer reviewers should ensure their independence and review their impartiality and objectivity on an annual basis.

Roles and Responsibilities of the Team

Selecting audit team members

The appointment of the audit team leader is carried out by the audited body through a written instrument of appointment, as mandated by the GHGR Standard.

As a result, audit teams are composed of professionals from various disciplines and may include:

● engineers,

● assurance practitioners, and

● environmental scientists,

● financial and legal experts, and corporate specialists.

If appropriate candidates are not available within the organization, the audit team leader may consider inviting an external expert who meets the same requirements as other team members, including independence, quality management, and conflict of interest requirements.

While the audit team leader holds the responsibility of ensuring that the team possesses the necessary skills and experience to conduct the audit, it is recommended that the entire team participate in the evaluation process.

Additionally, the leader should assess whether the team has sufficient resources to complete the audit, including:

● time,

● equipment,

● access to management and key personnel.

Inviting external experts

For some complex audits, the audit team leader may need to include an external expert in the audit team.

To decide if an expert is needed, the audit team leader can consider the:

● The team appears to have a good understanding of the audit subject matter.

● Given the complexity, significance, and nature of the audit subject, there is a possibility of errors.

For instance, when conducting an audit, an audit team leader may choose to include an expert:

● The audited body has developed a direct measurement method that is quite complex to measure its emissions or other relevant information.

● Furthermore, the audited body has provided legal opinions on the interpretation of key regulatory requirements or terms.

If an audit team leader plans to include an expert in the team, it is recommended that they consider the following:

● Evaluate the professional's abilities and impartiality.

● It is recommended to obtain evidence that the expert's assurance procedures are suitable and effectively address the identified assurance risks.

● that the whole audit team, including the expert, gathers evidence to support the conclusions made by the expert.

It is recommended that the audit team provide guidance to the expert, especially if they do not have prior audit experience.

Additionally, the team leader should ensure that records are kept of any testing, evidence, or reports that are completed by the experts.

Recording the choice of the peer reviewer

The selection and appointment of a peer reviewer must be documented in the audit file by the audit team leader. This documentation should include details about:

● how the peer reviewer met the requirements for impartiality, expertise, and

● characteristics, as well as what the peer reviewer did and how they were involved throughout the audit.

● Furthermore, the outcome of the peer review should be included.

This documentation may be necessary for a greenhouse inspection and for the registration of an energy auditor.

Audit standards

Auditors utilize a variety of international standards or the national equivalent during the course of assurance engagements.

It is recommended that audit team leaders ensure that audits are in compliance with section 2.5(c) of the Audit Codes of Practice, which includes ISAE 3000. In some cases, auditors may need to adhere to further requirements depending on the subject matter of the audit：

● compliance: ISSAI 4000, SAE 3100

● future oriented information: ASAE 3420, ASAE 3450

● controls: ISAE 3402

● historical non-financial reports: ISAE 3410

Auditors may also consider following the relevant International Organization for Standardization (ISO), including:

● ISO 14064-1:2018 Greenhouse gases Part 1: Specification with guidance at the organization level for quantification and reporting of greenhouse gas emissions and removals.

● ISO 14064-2:2019 Greenhouse gases Part 2: Specification with guidance at the project level for quantification, monitoring and reporting of greenhouse gas emission reductions or removal enhancements.

● ISO 14064-3:2019 Greenhouse gases Part 3: Specification with guidance for the verification and validation of greenhouse gas statements.

● ISO 14065:2020 General principles and requirements for bodies validating and verifying environmental information.

Auditors may also use the International Code of Ethics for Professional Accountants, published by the International Federation of Accountants (IFAC), or the APES 110 Code of Ethics for Professional Accountants, published by the Accounting Professional and Ethical Standards Board.

Quality management systems

For audits conducted in accordance with ISAE 3000, ISSAI 4000, or ISAE 3410, it is necessary to have a robust quality management system in place for all auditors.

The quality management system must adhere to ISQM 1 Quality Management for Firms that Perform Audits or Reviews of Financial Reports and Other Financial Information, or Other Assurance or Related Services Engagements (ISQM 1).

Peer reviews conducted in accordance with ISAE 3000, ISSAI 4000, or ISAE 3410 should consider adhering to ISQM 2 Engagement Quality Reviews (ISQM 2).

For further information, we recommend watching our webinar on quality management standards for audits.