Obligations of auditors and skills needed

• Risk assessment and assurance auditing Auditors must assess risks and provide reasonable assurance that organisations are compliant with scheme rules.
   
• Peer review and quality control Auditors must use thorough review processes to ensure audit reports are free from material misstatement.

• Regulatory compliance Auditors must understand key legal instruments and guidance, including:
  • the Electricity Supply Act 1995
  • Electricity Supply (General) Regulation 2014
  • ESS Rule
  • PDRS Rule
  • Our published guidance documents.
     
• Audit standards Auditors should be able to conduct audits under recognised standards like
  • ISO 14064-3, ISAE 3000
  • Australian Auditing Standards (ASAE 3000 & 3100).

• Energy efficiency and peak demand reduction Auditors should understand activities and calculations related to saving energy and reducing peak demand.
   
• Data analysis and verification Auditors need skills to review ACP and scheme participant:
  • records
  • certificate creation data
  • liable acquisition data
  • compliance history.
     
• Measurement & Verification (M&V) Auditors who are certified to assess M&V projects must understand M&V methods, particularly for Project Impact Assessment audits.

• Independence and conflict management Auditors must identify and declare conflicts of interest and remain impartial.
   
• Confidentiality and security Auditors must be responsible for protecting records and ensuring compliance with data protection laws.
   
• Clear communication and report writing Auditors need to be able to engage effectively with the auditee and their representatives, and produce clear, structured audit reports.
   
• Client engagement and advice Auditors must have good communication skills to work effectively with:
  • ACPs
  • scheme participants
  • IPART as the Scheme Administrator and Scheme Regulator.

Auditors must follow approved standards when conducting an audit. For example:

• ISO 14064-3, ISAE 3000
• Australian Auditing Standards (ASAE 3000 and ASAE 3100). 

They must ensure their audits meet regulatory and quality assurance requirements.

Auditors must remain impartial and declare any real or perceived conflicts of interest. They cannot:

• hold, trade, or create certificates
• act as an ACP or scheme participant
• be the Measurement and Verification (M&V) Professional for the project being audited.

Auditors are responsible for reviewing ACPs' record-keeping practices, certificate creation, and legislative compliance. They must also reasonably assure information in a scheme participant’s ESS Annual Statement or PDRS Individual Liable Demand.

Auditors must submit a Detailed Statement of Works (DSW) before starting an audit. The DSW must outline the methodology, personnel involved, and estimated hours. The DSW must be approved by the Scheme Administrator before the audit commences.

Auditors must first use rigorous peer review processes to make sure audit reports are complete and accurate. Then they can submit findings to IPART.

Auditors must keep all supporting records for at least six years. They must also provide full access to audit-related documentation upon request.

Auditors must hold adequate professional indemnity, public liability, and workers' compensation insurance. This needs to cover risks associated with audit engagements.

Auditors must enter into an agreement with IPART. The agreement outlines their commitments, performance expectations, and compliance obligations.

Auditors may need to participate in training workshops. This helps them stay informed about changes in:

• ESS Rule
• PDRS Rule
• audit methodology
• compliance standards.