Mindanao State University College of Business Administration and Accountancy
DEPARTMENT OF ACCOUNTANCY Marawi City
FUNDAMENTALS OF ASSURANCE SERVICES Accounting 151 NATURE OF ASSURANCE ENGAGEMENTS Assurance engagements are those engagements in which a practitioner expresses a conclusion designed to enhance the degree of confidence that intended users can have about the evaluation or measurement of a subject matter that is the responsibility of a party, other than the intended users or the practitioner, against criteria. A. Assurance services services are independent professional services intended to enhance or improve the credibility or quality of information to meet the needs of an intended user, i.e., decision making. B. Assurance refers Assurance refers to the practitioner ’s ’s satisfaction as to the reliability of an assertion being made by one party for use by another party. It is the degree of certainty the practitioner has attained and wishes to convey to intended users. C. Subject matter information information is used to mean the outcome of the evaluation or measurement of subject matter. It is the subject matter information about which the practitioner gathers sufficient appropriate evidence to provide a reasonable basis for expressing a conclusion in an assurance report.
Important Notes:
B.
An appropriate subject matter. The subject matter refers to the information to be evaluated or measured measured against against the the criteria. The subject matter and the subject matter information of an assurance engagement can take many forms, such as:
Objective of Assurance Engagements The objective of an assurance engagement is for a professional accountant to evaluate or measure a subject matter that is the responsibility of another party against identified suitable criteria and to express a conclusion that provides the intended user with a level of assurance about that subject matter. An assurance engagement is conducted: A. To provide a high level of assurance that the subject matter conforms in all material respects with identified suitable criteria; or B. To provide a moderate level of assurance that the subject matter is plausible in the circumstances. ELEMENTS OF AN ASSURANCE ENGAGEMENT An assurance engagement should exhibit the following elements: A.
A three party relationship involving a practitioner, a responsible party and intended users.
Assurance engagements always involve three separate parties:
Practitioner – – the the person who provides the assurance to intended users about a subject matter that is the responsibility of another party. This is the CPA in public practice that performs the assurance engagement. The term practitioner practitioner is broader than the term auditor as used in professional standards which only refer to practitioner performing audit or review engagements with respect to historical financial information.
Responsible party – the person or persons who are responsible for the subject matter in a direct reporting engagement or the subject matter information and may be the subject matter in an assertion-based engagement. Intended users – users – are are the person, persons or class of persons for whom the practitioner prepares the assurance report. They are the users to whom the practitioner usually addresses the report.
The responsible party and the intended user will often but not necessarily be from separate organizations. The practitioner may be engaged by the responsible party or the intended user. The responsible party can be one of the intended users but not the only one. The intended user may be established by agreement between the practitioner and responsible party or those engaging or employing the practitioner. In some circumstances, the intended user may be established by law.
Financial performance or conditions (for example, historical or prospective financial position, financial performance or cash flows) for which the subject matter information may be the measurement, presentation and disclosure represented in the financial statements. Non-financial performance or conditions (for example, the performance of an entity) for which the subject matter information may be key indicators of effectiveness and efficiency. Physical characteristics (for example, capacity of a facility) for which the subject matter information may be a specifications document. Systems and processes (for example, an entity’s internal control or IT system) for which the subject matter information may be an assertion about effectiveness. Behavior (for example, corporate governance, human resource practices and compliance with regulation) for which the subject matter information may be a statement of compliance or a statement of effectiveness.
For a subject matter to be considered appropriate, it must be identifiable, capable of consistent evaluation or measurement against suitable criteria and in a form that can be subjected to procedures for gathering evidence to support that evaluation or measurement. C. Suitable criteria. Criteria Criteria are the benchmarks used to evaluate or measure the subject matter, including where relevant, benchmarks for presentation and disclosure. Without frame of reference provided by suitable criteria, any conclusion is open to individual interpretation and misunderstanding. Criteria can be formal as in the case of Philippine Financial Reporting Standards or less formal as in an internally developed code of conduct. Criteria c an also be established or specifically developed.
Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014
Established criteria – those embodied in laws or regulations or issued by authorized Page|1 Page|1 of 6 of 6
or recognized bodies of experts that follow a transparent due process.
Specifically developed – those designed specifically for the purpose of the engagement.
Suitable criteria exhibit the following characteristics:
Relevance – relevant relevant criteria contribute to conclusions that assist decision making by the intended users. Completeness – criteria are sufficiently complete when relevant factors that could affect the conclusions in the context of the engagement circumstances are not omitted. Reliability – reliable reliable criteria allow reasonably consistent evaluation or measurement of the subject matter when used in similar circumstances by similarly qualified practitioners. Neutrality – neutral criteria contribute to conclusions that are free from bias. Understandability – Understandability – understandable understandable criteria contribute to conclusions that are clear, comprehensive and not subject to significantly different interpretations.
The evaluation or measurement of a subject matter merely on the basis of the practitioner’s own expectations, judgments and individual experience would not constitute suitable criteria. Suitable criteria are context sensitive, that is, relevant to the engagement circumstances. Even for the same subject matter there can be different criteria. Whether established or specifically developed, criteria need to be available to the intended users to allow them to understand how the subject matter has been evaluated or measured. Criteria are made available to the intended users in one or more of the following ways: Publicly. Through inclusion in a clear manner in the presentation of the subject matter information. Through inclusion in a clear manner in the assurance report. By general understanding, for example the criterion for measuring time in hours and minutes.
Criteria may also be available only to specific intended users, for example the terms of a contract, or criteria issued by an industry association that are available only to those in the industry. D.
Sufficient appropriate evidence. The practitioner plans and performs an assurance engagement with an attitude of professional skepticism to obtain sufficient appropriate evidence about whether the subject matter information is free from material misstatement. Evidence misstatement. Evidence refers refers to the information obtained by the practitioner in arriving at the conclusions on which the conclusion is based.
assurance engagement rarely involves the authentication of documentation, nor is the practitioner trained as or expected to be an expert in such authentication. Sufficiency and Appropriateness Appropriateness of Evidence Sufficiency Sufficiency is the measure of the quantity of evidence. The quantity of evidence is affected by the risk of the subject matter information being materially misstated (the greater the risk, the more evidence is to be required) and the quality of such evidence (the higher the quality, the less may be required). Appropriateness Appropriateness is the measure of quality of evidence, that is, its relevance and reliability. The reliability of evidence is influence by its source and by its nature. The sufficiency and appropriateness of evidence are interrelated. However, merely obtaining more evidence may not compensate for its poor quality. Generalizations on Reliability of Evidence The following generalizations about the reliability of evidence may be useful, though exceptions to these generalizations may exist: Evidence is more reliable when it is obtained from independent sources outside the entity. Evidence that is generated internally is more reliable when the related control is effective. Evidence obtained directly by the practitioner is more reliable than evidence obtained indirectly or by inference. Evidence is more reliable when it exists in documentary form, whether paper, electronic or other media. Evidence provided by original documents is more reliable than evidence provided by photocopies or facsimiles.
The practitioner ordinarily obtains more assurance from consistent evidence obtained from different sources or of a different nature than from items of evidence considered individually. Cost-Benefit Considerations The practitioner considers the relationship between cost of obtaining evidence and the usefulness of the information obtained. However, the matter of difficulty or expense involved is not in itself a valid basis for omitting an evidence gathering procedure for which there is no alternative. Assurance Engagement Risk and Materiality The risk that the practitioner expresses an inappropriate conclusion when the subject matter information is materially misstated is referred to as the assurance engagement risk . The higher the assurance engagement risk is, the more extensive the evidence gathering procedures are. Assurance engagement risk has the following components:
The practitioner also considers materiality, assurance engagement risk and the quality and quantity of available evidence when planning and performing the engagement. Professional Skepticism An attitude of professional skepticism skepticism means the practitioner makes a critical assessment, with a questioning mind, of the validity of evidence obtained and is alert to evidence that contradicts or brings into question the reliability of documents or representations by the responsible party. An
Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014
Risk of material misstatement – misstatement – the the risk that the subject matter is materially misstated. It consists of: a. Inherent risk – risk – the susceptibility of the subject matter information to a material misstatement, assuming that there are no rel ated controls. b. Control risk – the – the risk that a material misstatement that could occur will not be prevented, or detected and corrected, on a timely basis by related internal controls. Detection risk – the risk that the practitioner will not detect a material misstatement that exists. Page|2 Page|2 of 6 of 6
Materiality Materiality is relevant when the practitioner determines the nature, timing and extent of evidence gathering procedures and when assessing whether the subject matter information is free of material misstatement. When considering materiality, the practitioner understands and assesses what factors might influence the decisions of the intended users. Assessing materiality is a matter for practitioner’s judgment. E.
A written assurance report in the form appropriate to a reasonable assurance or limited assurance engagement.
level level in the circumstances of the engagement as the basis for a positive form form of expression of the practitioner’s conclusion. These engagements provide a high, but not absolute, level of assurance. This is also known as reasonable assurance assurance which is achieved if the assurance engagement risk is reduced to an acceptably low level, that is, close to zero. Example: Independent financial statement audits. B.
The practitioner provides practitioner provides a written report containing a conclusion that conveys the assurance obtained about the subject matter information. In addition, the practitioner considers other reporting responsibilities, including communicating with those charged with governance when it is appropriate appropriate to do so. In reasonable assurance engagements, the practitioner expresses the conclusion in the positive form, for example: “In our opinion internal control is effective, in all material respects, based on XYZ criteria.” In limited assurance engagement, the practitioner expresses the conclusion in the negative form, for example: “Based on our work described in t his report, nothing has come to our attention that causes us to believe that internal control is not effective, in all material respects, based on XY Z criteria.” Not all conclusions are unqualified conclusions or those with no categorization in the expression of the practitioner’s conclusions. Cause
Conclusion
Auditor is prevented from obtaining sufficient appropriate evidence (scope limitation)
If material but not pervasive, qualified conclusion. If both material and pervasive, disclaimer of opinion.
Assertion or subject matter information is materially misstated
If material but not pervasive, qualified conclusion. If both material and pervasive, adverse opinion.
Criteria are unsuitable or subject matter is inappropriate thus misleading users of information
If material but not pervasive, qualified conclusion. If both material and pervasive, adverse opinion.
Important Notes:
The reason for differing levels of assurance lies in the nature, extent and timing of procedures to gather evidence as a basis for the practitioner’s conclusion. Whenever practical, the assurance report is addressed to all the intended users, but in some cases there may be other intended users. In cases where the practitioner may not be able to identify all intended users, the intended users may be limited to major stakeholders with significant and common interests. When identified criteria are available only to specific intended users, or are relevant only to a specific purpose, use of the assurance report is restricted to those users or for that purpose.
TYPES OF ASSURANCE ENGAGEMENTS – LEVEL OF ASSURANCE According to the Framework for Assurance Engagements, there are two types of assurance engagements that a practitioner is permitted to perform as follows: A. Reasonable assurance engagements – also known as high level engagements, aim to reduce the assurance engagement risk to an acceptably low
Limited assurance engagements – aim to reduce assurance engagement risk to an acceptable level in the circumstances of the as the basis for a negative form of expression of the practitioner’s conclusion. Thus, the assurance engagement risk in a limited assurance engagement is greater than for a reasonable assurance engagement. These engagements provide a moderate level of assurance. This is also known as limited assurance which is achieved if the assurance engagement risk is reduced to an acceptable level. Example: Review Example: Review of financial statements.
ABSOLUTE ASSURANCE IN ASSURANCE ENGAGEMENTS Reducing assurance engagement risk to zero is very rarely attainable or cost beneficial as a result of factors such as the following: A. The use of judgment in gathering and evaluating evidence and forming conclusions based on that evidence. B. The use of selective testing. C. The inherent limitations of internal control. D. The fact that much of the evidence available to the practitioner is practitioner is persuasive rather than conclusive. E. In some cases, the characteristics of the subject matter when evaluated or measured against the identified criteria. TYPES OF ASSURANCE ENGAGEMENTS – STRUCTURE A.
Assertion-based engagements – those those that involve the evaluation or measurement of the subject matter by the responsible party and the subject matter information in the form of an assertion by the responsible party is made available to the intended users. The practitioner’s conclusion can be worded in terms of the responsible party’s assertion. These are also known as attestation engagements. engagements.
B.
Direct reporting engagements – those where the practitioner either directly performs the evaluation or measurement of the subject matter or obtains a representation from the responsible party that has performed the evaluation or measurement that is not available to the intended users. The subject matter is provided to the intended users in the assurance report.
RANGE OF ASSURANCE ENGAGEMENTS There is a broad range of assurance engagements, which includes any combination of the following: A. Engagements to report on a broad range of subject matters covering financial and nonfinancial information. B. Engagements intended to provide high or moderate level of assurance. C. Attest and direct reporting engagements. D. Engagements Engagements to report internally and e xternally. E. Engagements Engagements in private and public sector. NATURE OF ATTESTATION SERVICES Attestation services services are a type of assurance service in which a practitioner is engaged to issue a written communication that expresses a conclusion about the reliability of a written assertion that is the responsibility of another party. Attestation generally refers to an expert’s written communication of a conclusion about the reliability of someone else’s assertions. The following characteristics are what separate attestation services from other assurance services a CPA may provide:
Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014
Page|3 Page|3 of 6 of 6
A.
There must be a written assertion being made by one party, the reliability of which is of interest to another party. B. There must be agreed upon and objective criteria that can be utilized to assess the accuracy of assertion. C. The assertion must be amenable to verification by an independent party. D. The accountant should prepare a written conclusion about the reliability of the assertion.
Auditing, Attestation and Assurance Services Though the services e ncompass the same decision process, the three services differ in the scope of their service. Assurance services are broader in scope and in concept than either auditing or attestation. Attestation and audit services are subsets of assurance services. Attestation services, on the other hand, are broader than audit services. Audit, particularly a financial statement audit, involves the examination of a historical financial statement in accordance with GAAP. Attestation goes beyond historical financial statements. They cover even non-GAAP financial statements. Service Provided
Valued Added to Information
Assurance engagements
Reliability, credibility, relevance and timeliness
Attestation engagements
Reliability and credibility
Audit engagements
Reliability and credibility
EXAMPLES OF ASSURANCE ENGAGEMENTS A.
Audit – the most predominant type of assurance engagement that the professional accountant may be involved in is the independent audit, primarily that of financial statements. In conducting an audit of financial statements, the auditor’s overall objectives are: To obtain reasonable assurance assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling the auditor to express an opinion on whether the financial statements are prepared in accordance with an applicable financial reporting framework. To report on the financial statements and communicate as required by the PSAs in accordance with the auditor’s findings.
Audits require greater scrutiny of the financial statements. B.
Reviews – involve limited investigation of much narrower scope than an audit and undertaken for the purpose of providing limited assurance that the statements are presented in accordance with identified financial reporting standards. Reviews may also involve other type of information aside from historical financial information. The objective of a review of financial statements is to enable a practitioner to state whether on the basis of procedures which do not provide all the evidence that would be required in an audit, anything has come to the practitioner’s attention that causes the practitioner to believe that the financial statements are not prepared in accordance with an identified financial reporting framework (negative assurance). A review comprises inquiry and analytical procedures which are designed to review the reliability of an assertion that is the responsibility of one party for use by another party. A review does not ordinarily involve an assessment of accounting and internal control systems, tests of records and of responses to inquiries by obtaining
C. Other assurance services – designed to provide assurance on other types of information other than historical financial information. These services include examination of prospective financial statements, reporting on compliance with laws, rules and regulations and the following: Business performance measurement – an engagement that provides assurance whether financial and non-financial information being reported from the entity’s performance measurement system is reliable and whether the performance measures being used are accurately leading the entity toward meeting its strategic goals and objectives. Healthcare performance measurement – an evaluation of the quality of health care, medical services and outcome. It looks into the health care delivery system, the medical services provided and quality attributes associated with those services. Elder care plus – an an evaluation designed to provide assurance to the elderly and their relatives about the quality of care being provided by various care givers by comparing their specific objectives in providing care with actual services rendered. Risk assessment services – identifies identifies a set of risks that affect the organization by studying the link between risks and organization’s vision, mission, objectives and strategies and development of new and relevant measures to address these risks. CPA Web Trust service – a a seal of assurance service developed by AICPA and CICA that enables consumers and businesses to purchase goods and services over the Internet with the confidence that the website business meet high standards of business practice as set forth in the CPA web trust principles and criteria. Information systems reliability – involves evaluating whether financial and nonfinancial information systems provide reliable information for operating and financial decisions by an entity’s management.
NON-ASSURANCE ENGAGEMENTS Not all engagements performed by practitioners are assurance engagements. Other frequently performed engagements do not meet the definition of an assurance engagement are called non-assurance services, services, which are those that do not result in the expression of a conclusion that provides a level of assurance. The practitioner does not convey to the intended users any assurance as to the reliability of an assertion. Non-assurance engagements could be: A.
Related services – are are non-assurance engagements engagements that are ordinarily performed in connection with an entity’s financial statements just like an audit. Related services include agreed-upon procedures engagements, compilation of financial and other information and other engagements as specified by the AASC.
B.
Other non-assurance engagements – are nonassurance engagements that are not ordinarily performed in connection with an a n entity’s financial statements such as management advisory services and some tax services like income tax return preparation where no assurance is provided.
corroborative evidence through inspection, observation and confirmation, which are procedures ordinarily performed during an audit. The level of assurance provided in a review report is less than that given in an audit.
Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014
Page|4 Page|4 of 6 of 6
Agreed-upon Procedures Engagements Engagements The objective is for an auditor to carry out those procedures of an audit nature to which the auditor and the entity and any appropriate third parties have agreed and to report on f actual findings. B. The recipients of the report must form their own conclusion from the report of the auditor. C. The report must be restricted to those parties that have agreed to the procedures to be performed since others, unaware of the reasons for the procedures, may misinterpret results. D. The report needs to describe the purpose and the agreed-upon procedures of the engagement in sufficient detail to enable the users of the report to understand the nature and extent of the work performed.
Assurance Services
Consulting Services
To improve quality or context of information by enhancing its credibility
To recommend uses for information designed to improve client’s condition directly
Intended to improve decision maker’s condition only indirectly through the use of high-quality information
Designed to improve client’s condition directly through findings, conclusions and recommendation
Three-party contracts
Two-party contracts
Focus is on decision makers and information used for optimum decisions
Focus is on outcomes
Results are communicated through a written report
Results and recommendations recommendations are communicated either written or orally
Competing interests may exist between the responsible party and the intended users
No competing interests
A.
Compilation of Financial or Other Information Engagements A.
The objective is for the accountant to use accounting expertise as opposed to auditing expertise to collect, classify and summarize financial information. B. Compilations ordinarily entail reducing detailed data to manageable and understandable form without a requirement to test the assertions underlying that information. They ordinarily include the preparation of financial statements. C. The procedures performed are not designed and do not enable the accountant to express any assurance on the financial information. D. Users of compiled financial information derive some benefits as a result of the accountant’s involvement because the service has been performed with due professional skill and care. E. When performing a compilation engagement, the accountant is not ordinarily required to: Make any inquiries of management to assess the reliability and completeness of the information provided. Assess internal controls. Verify any matters and explanations. F. The accountant’s compilation report should identify the financial statements compiled and should clearly indicate that no assurance is provided on the financial statements. G. In addition, the financial information compiled by the accountant should contain a reference such as, “Unaudited”, “Compiled without Audit or Review” or “Refer to Compilation Report” on each page of the financial information or on the front of the complete set of financial statements.
Tax Services Individuals and business leaders turn to CPAs for advice on income tax and business tax strategies. A CPA can develop tax strategies to help taxpayers legally reduce their tax liability. Moreover, a CPA is considered qualified to prepare corporate individual tax returns for both audit and nonaudit clients. Ordinarily, CPAs render two types of tax services as follows: A. Tax compliance compliance includes the preparation of tax returns for individuals, corporations, estates, trusts and others. B. Tax planning determines planning determines the tax consequences of planned or potential transactions and suggests desirable course of action to minimize the tax liability liability while achieving the client’s objectives. Management Advisory Services Management advisory services services are professional services that employ the practitioner’s technical skills, education, observations, experiences and knowledge of the analytical approach and procedures used in a consulting engagement. Advisory services may include the design and installation of accounting systems, computer risk management and corporate finance. A pervasive characteristic of a CPA’s role in a consulting services engagement is that of being an objective advisor on the use of information.
REPORTS ON NON-ASSURANCE ENGAGEMENTS So as not to confuse users, a report that is not an assurance report avoids the following: A. Implying compliance with the Framework for Assurance Engagements and the assurance engagement standards (PSAs, PSREs and PSRSs). B. Inappropriately using the words, “assurance”, “audit”, or “review”. C. Including a statement that could reasonably be mistaken for a conclusion designed to enhance the degree of confidence of intended users about the outcome of the evaluation or measurement of a subject matter against criteria. ACCEPTING AN ASSURANCE ENGAGEMENT A practitioner accepts an assurance engagement only where the practitioner’s practitioner’s preliminary knowledge of the engagement circumstances indicates that relevant ethical requirements such as independence will be satisfied and that the engagement exhibits all of the following characteristics: A. The subject matter is appropriate. B. The criteria to be used are suitable and are available to the intended users. C. The practitioner has access to sufficient appropriate evidence to suppor t the practitioner’s conclusion. D. The practitioner’s practitioner’s conclusion, in the form appropriate to either a reasonable assurance engagement or a limited assurance engagement, is to be contained in a written report. E. The practitioner is satisfied that there is a rational purpose for the engagement. If there is a significant limitation on the scope of the practitioner’s work, it may be unlikely that the engagement has a rational purpose. Specific engagement standards may include additional requirements that need to be satisfied prior to accepting an engagement. Association with a Subject Subject Matter A practitioner is associated with a subject matter when: A. The practitioner reports on information about that subject matter. B. Consents to the use of the practitioner’s name practitioner’s name in a professional connection with that subject matter. If the practitioner is not associated in this manner, third parties can assume no responsibility of the practitioner. If the practitioner learns that a party is inappropriately using the practitioner’s name in association with a subject matter, the practitioner should: A. Requires the party to cease doing so. B. Considers what other steps may be needed, such as informing any known third party. C. Seek legal advice if necessary.
Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014
Page|5 Page|5 of 6 of 6
COMPARISON AMONG THE DIFFERENT TYPES OF SERVICES POINT OF DISTINCTION
ASSURANCE SERVICES
RELATED SERVICES Agreed-upon Compilation Procedures
Audit
Reviews
Objective
To express an opinion on the fairness of financial statements
To report whether anything has come to the auditor’s attention that causes to believe that the financial statements are not fair
To perform audit procedures agreed on with the client and any appropriate third parties identified in the report
To assist the client in preparing financial statements by using accounting expertise as opposed to auditing expertise
Evidence gathering procedures
Risk assessment procedures, tests of control and substantive procedures
Limited to inquiry and analytical procedures
Procedures as agreed
Reading of the financial statements for obvious misstatements
Level of assurance provided
Reasonable or high but not absolute assurance
Moderate or limited assurance
No assurance
No assurance
Report provided
An audit report containing a positive form of assurance on assertion
An review report containing a negative form of assurance on assertion
A factual findings of procedures
A compilation report which identify information compiled
Skills used
Audit skills
Audit skills
Audit skills
Accounting skills
Other Characteristics
Audit opinion enhances the credibility of financial information
Substantially less in scope of procedures than audit
Recipients of the report must form their own conclusions and the report is restricted to contracting parties
Users derive benefit because the service has been performed with due professional skill and care
Prepared by: Mohammad Muariff S. Balang, CPA, First Semester, AY 2013-2014
Page|6 Page|6 of 6 of 6
