1.

0 ASSURANCE ENGAGEMENTS AND RELATED SERVICES

1.1 Assurance and Non-Assurance Engagements

1.1.1 Assurance Engagements
Engagement in which a practitioner expresses a conclusion designed to enhance the degree of confidence
of the intended users other than the responsible party about the outcome of the evaluation or
measurement of a subject matter against criteria; stated simply, independent professional services that
are intended to enhance the credibility of information to meet the needs of an intended user;
 CPAs in public practice who perform assurance engagements are governed by the following:
o Philippine Framework for Assurance Engagements (PFAEs)
o Philippine Code of Ethics for Professional Accountants
o Philippine Standards on Quality Control (PSQC)
 PFAEs define and describe the elements and objectives of an assurance engagement and
identifies engagements to which PSAs, PSREs, and PSAEs apply. PSAs, PSREs, and PSAEs contain
basic principles essential procedures and related guidance, consistent with the concepts in the
Framework for the performance of assurance engagements.
 PSAEs (Philippine Standards on Assurance Engagements) deal with subject matters other than
historical financial information.
 The outcome of the evaluation or measurement of a subject matter against criteria – “subject
matter information”
 Examples of such engagements include: audit of historical financial information, review of
financial information, examination of prospective financial information, compliance audit

Elements of assurance engagements

 Three party relationship (responsible party and intended users may be from different entities or
the same entity)
o Practitioner – refer to the professional accountant; a practitioner is associated with
financial information when:
 Practitioner attached a report to the financial information; or
 Practitioner consents to the use of his/her name in a professional connection
o Responsible party – the one responsible for the subject matter
o Intended users – person or class of persons for whom the practitioner or professional
accountant prepares the report of a specific use or purpose
 Appropriate subject matter – according to PFAE, an assurance engagement’s subject matter may
be:
o Financial performance or conditions, e.g. historical or prospective financial information,
financial performance, and cash flows
o Non-financial performance, e.g. performance of an entity
o Physical characteristics, e.g. capacity of a facility
o Systems and processes, e.g. entity’s internal control or IT system
o Behavior, e.g. corporate governance, compliance with regulation, and HR practices
 Suitable criteria – criteria refer to standards or benchmarks to evaluate or measure the subject
matter of an assurance engagement; establish and inform the intended user of the basis against
which the subject matter has been evaluated or measured in forming the conclusion
o Characteristics of a suitable criteria: relevance, completeness, reliability, neutrality, and
understandability
o Types of criteria identified by PFAE
 Established criteria – those that are embodied in laws or regulations or issued
by authorized or recognized bodies
 Specifically developed criteria – those designed for the purpose of the
engagement
  Sufficient appropriate evidence
o Sufficiency – measure of the quantity of evidence, and is affected by the quality of such
evidence
o Appropriateness – measure of the quality of evidence, i.e. relevance and reliability
 Written assurance report in the form appropriate to a reasonable assurance engagement or a
limited assurance engagement

Assertion-based (Attestation) vs. Direct Reporting Engagements

 In assertion-based engagements:
o the responsible party performs the evaluation of the subject matter
o the subject matter information is in the form of assertion by the responsible party that
is made available to intended users.
o responsible party is responsible for subject matter information, and may be responsible
for the subject matter
 In direct reporting engagements:
o the practitioner either: (a) directly performs the evaluation or measurement of the
subject matter, or (b) obtains representation from the responsible party that has
performed the evaluation that is not available to the intended users.
o the subject matter information is in the form of assurance report that is made available
to intended users
o responsible party is responsible for the subject matter

Types of Assurance Engagements

 Reasonable assurance engagements – objective is a reduction in assurance engagement risk to
an acceptably low level in the circumstances of the engagement as the basis for a positive form
of expression of the practitioner’s conclusion
 Limited assurance engagements – objective is a reduction in assurance engagement risk to a level
that is acceptable in the circumstances of the engagement, but where the risk is greater than for
a reasonable assurance engagement, as a basis for a negative form of expression of the
practitioner’s conclusion

Assurance Engagement Risk

This refers to the risk that the practitioner expresses an inappropriate conclusion when the subject matter
information is materially misstated. It has the following risk components:
 Risk that subject information is materially misstated
o Inherent risk
o Control risk
 Risk that practitioner will not detect a material misstatement that exists (detection risk)

1.1.2 Non-Assurance Engagements

Engagements that lack any of the five elements of assurance engagements, such as:
 Agreed-upon procedures
 Compilation of financial or other information
 Preparation of tax returns, and tax consulting
 Management consulting
 Other advisory and transaction services

1.2 Auditing
1.2.1 Overview
An audit is a systematic process of objectively obtaining and evaluating evidence regarding assertions
about economic actions and events to ascertain the degree of correspondence between those assertions
and established criteria and communicating results to interested users.
 FS Audit Operational Audit Compliance Audit
Assertions made That FS are fairly That the organization’s That the organization
presented activities are conducted has complied with laws,
effectively and regulations, or
efficiently contracts
Established criteria PFRS or other financial Objectives set by the Laws, regulation or
reporting framework board of directors contracts
Content of auditor’s Opinion whether the FS Recommendations or Reports on the degree
report are fairly presented in suggestions on how to of compliance
conformity with PFRS improve operations
Auditors who generally External auditors Internal auditors Government auditors
perform the audits

Inherent Limitations of Audit

 Use of testing/Sampling risk – conclusions are made on the basis of sample of evidence
 Error in application of judgment (human weakness) – work is permeated by judgment, and the
auditor might misinterpret the evidence obtained
 Reliance on the responsible party’s representation
 Limitations of the client’s accounting and internal control systems, such as inadequacy of records
 Evidence gathered is persuasive rather than conclusive

1.2.2 Financial Statement Audit (PSAs)

A financial statement audit attests to the accounting information, and aids in the communication of
economic date because, by providing high level of assurance on audit reports, the audit lends and
enhances credibility to the financial statements. An independent auditor reports on the FS because
different interests may exist between the company preparing the statements and the persons using the
statements.
 Financial statement audits reduce the information risk (the risk that information in financial
statements is misstated materially), and reductions in information risk which in turn reduce a
company’s cost of capital (the cost a company endures to issue equity or incur debt).
 In auditing financial accounting data, the primary concern is with determining whether the
recorded information reflects the economic events that occurred during the accounting period.
 The independent auditor owes primary allegiance to stockholders, creditors and investing public.
 In conducting an audit of financial statements, the auditor’s overall objectives are:
o To obtain reasonable assurance about whether the FS as a whole are free from material
misstatement, whether due to fraud or error
o To report on the financial statements, and communicate in accordance with auditor’s
findings (note that an auditor’s responsibilities for the audited FS are confined to the
expression of the auditor’s opinion; however, the auditor’s opinion is not an assurance
as to the future viability of the entity as well as the effectiveness and efficiency with
which management has conducted the affairs of the entity)
 A PSA is relevant to an audit, when: PSA is in effect and circumstances addressed by the PSA exist
 The auditor is required to plan and perform the audit with professional skepticism, i.e. the
attitude that includes a questioning mind, being alert to conditions which may indicate possible
misstatement due to error or fraud, and a critical assessment of audit evidence. According to the
standard, maintaining professional skepticism reduces the risk of
o Overlooking unusual circumstances
o Over-generalizing when drawing conclusions from audit observations
o Using inappropriate assumptions in determining the nature, timing and extent of the
audit procedures and evaluating the results thereof
  Whenever a CPA professional is engaged to perform an audit of financial statements according to
PSA, he is required to comply with those standards in order to have a measure of the quality of
audit performance. Audit quality is an overall concept that encompasses:
o Adherence to independence
o Auditor competence
o Due diligence
o Quality control processes
 The audit function operates within a theoretical framework. Below are some assumptions:
o All financial data are verifiable.
o Auditor should always maintain independence
o No long-term conflict between the auditor and client management
o Effective internal control systems reduces the possibility of errors and fraud affecting FS
o Consistent application of GAAP and PFRS results in fair presentation of FS
o What was held true in the past will continue to hold true in the future
o Audit benefits the public

1.2.3 Operational or Internal or Performance Audit

Internal auditing is carried out within an entity by employees of the entity or by personnel contracted for
the purpose. It has become a function that evaluates and improves an organization’s risk management,
control and governance processes to add value to the organization. Its primary orientation is towards
future improvements to accomplish the goals of management.
 Internal auditing includes the audit of:
o Financial and operating information
o Compliance with policies, plans, procedures, laws, regulations and contracts
o Means of safeguarding assets and verifying their existence
o Economy and efficiency with which resources are employed
o Operations or programs to ascertain whether results are consistent with established
objectives and goals and whether they are being carried out as prescribed
 Operational auditing has three stages/phases:
o Planning
o Evidence accumulation and evaluation (note that evaluating the effectiveness and
efficiency of all phases of an entity’s operations generally account for a significant
proportion of an internal auditor’s time)
o Reporting and follow-up
 Essential to effective internal auditing organization are (a) organizational status, and (b) objectivity.
 Internal auditors:
o Review the adequacy of the company’s internal control system to determine whether
the internal control system provides reasonable assurance that the company’s
objectives and goals are met efficiently and economically.
o In conducting an appraisal of the economy and efficiency with which company resources
are used, shall determine whether operating standards have been established, met, and
if deviated, have been identified and corrected.
o Review the means of physically safeguarding assets from losses arising from exposure to
the elements, and from fire, theft, unscrupulous or illegal activities.
o Is most likely concerned with whether a transactions was necessary.
 Operational audit report is likely to be addressed to the: department supervisors, audit
committee and top management.

1.2.4 Compliance Audit

This involves a review of an organization’s procedures to determine whether the organization’s
procedures to determine whether the organization has adhered to specific procedures/rules.
1.3 Review Engagements (PSREs)
PSRE only applies to review of historical financial information either (a) by a practitioner other than the
entity’s auditor (PSRE 2400), or (b) by the entity’s auditor (PSRE 2410). In a review engagement, the
practitioner provides a moderate level of assurance that nothing has come to the practitioner’s attention
that causes the practitioner to believe that the FS are not prepared in accordance with an identifiable
framework. Note that a CPA firm can issue a review report only if all the partners and the staff in the
office performing the engagement are independent.

Auditor’s responsibility
 In a review, the practitioner is required to have an understanding of the entity and its
environment, including its internal control.
 Review comprises principally of inquiry and analytical procedures, which are designed to review
the reliability of an assertion that is the responsibility of one party for use by another party.
While a review involves the application of audit skills and techniques in gathering evidence, it
does not ordinarily involve:
o Assessment of accounting and internal control systems
o Testing accounting records and of responses to inquiries by obtaining corroborating
evidence through inspection, observation, confirmation and computation.
 If the auditor has reason to believe that the information subject to review may be materially
misstated, the auditor should carry out additional or more extensive procedures as are necessary
to be able to express negative assurance or to confirm that a modified report is required.
 When considered appropriate, the auditor should obtain written representation from members
of management who have responsibility for financial and accounting matters.
 The auditor should issue an unmodified review report when the auditor believes that there are
no material modifications that should be made to the FS. However:
o If FS contain misstatements that are material or the scope limitation is material –
express a qualification of the negative assurance
o If FS contain misstatements that are material and pervasive – give an adverse statement
that the FS are not presented fairly
o If scope limitation is material and pervasive – auditor should not provide assurance
 The auditor should date the review report as of the date the review is completed, and should not
date it earlier than the date on which the FS are approved by management.
 In a review service where the client has failed to follow PFRS, the auditor is not required to
determine the effect of departure if management has not done so, but that fact must be
disclosed in the report

1.4 Examination of Prospective Financial Information (PSAE 3400)

This assurance engagement is governed by Philippine Standards on Assurance Engagements (PSAEs).
Auditors may also be associated with future-oriented FS, and be asked to examine and report on
prospective financial information (i.e. financial information based on assumption about events that may
occur in the future and possible actions of the entity) to enhance its credibility, regardless if it is intended
for use by third parties or for internal purposes. Any type of prospective financial statements would
normally be appropriate for limited use only.

Types of Prospective Financial Information (PFI)

 Financial forecast – prepared on the basis of the assumptions as to future events which
management expects to take, as of the date information is prepared (best-estimate assumptions)
 Financial projections – prepared on the basis of hypothetical assumptions or a mixture of both
best-estimate and hypothetical assumptions
 Auditor’s responsibility
 The auditor is required to obtain sufficient knowledge of the client’s business, as well as the
entity’s process for preparing financial information, in order to evaluate the completeness and
reasonableness of the underlying assumptions as disclosed in the prospective financial info.
 According to PSAE 3400, the auditor should obtain sufficient appropriate evidence:
o If best-estimate assumptions, they are reasonable; if hypothetical assumptions, they are
consistent with the purpose of the information
o The prospective financial information is:
 Properly prepared on the basis of assumptions and consistent with historical FS
 Properly presented, and all material assumptions are adequately disclosed
 The auditor should obtain written representations from management regarding the intended use
of the prospective financial information, the completeness of significant management
assumptions, and management’s acceptance of its responsibility for the PFI.
 The auditor is not in a position to express an opinion as to whether the results shown will be
achieved, since the evidence itself is generally future oriented and speculative in nature.
Consequently, when reporting (expressing an opinion) on the reasonableness of management’s
assumption, the auditor provides only a moderate level of assurance.
 The auditor should not accept, or should withdraw from, an engagement when the assumptions
are clearly unrealistic, or when the auditor believes that the prospective financial information
will be inappropriate for its intended use.

1.5 Related Services (PSRSs)

1.5.1 Agreed-Upon Procedures (PSRS 4400)
In an agreed-upon procedures agreement, the auditor is engaged to carry out those procedures of an
audit nature (to individual items of financial date, a single financial statement, or a complete set of
financial statements) and simply provides a report of the factual findings and expresses no assurance in
his/her report. The report is restricted to those parties that have agreed to the performed, since others,
unaware of the reasons for the procedures, may misinterpret the results. Users of the report make an
assessment of the procedures and findings reported by the auditor and draw their own conclusion from
the auditor’s work. Accordingly, the client takes full responsibility for the adequacy of procedures to be
performed.

Auditor’s responsibility
 The auditor should that there is a clear understanding regarding the terms of the engagement.
Thus, the users of the report should participate in establishing the procedures to be performed.
If the auditor cannot discuss the procedures with all the parties who will receive the report,
he/she may:
o Discuss the procedures applied with appropriate representatives of the parties involved
o Review relevant correspondence from the parties involved
o Distribute a draft of the type of report that will be issued to the parties involved
 According to PSRS 4400, report on an agreed-upon procedures engagement needs to describe
the purpose for which the procedures were performed and to list specific procedures of the
engagement in sufficient detail to enable the users of the report to understand the nature and
extent of the work performed.

1.5.2 Compilation (PSRS 4410)

In a compilation agreement, the accountant is engaged to use accounting expertise, as opposed to
auditing expertise, to collect, classify and summarize financial information. This ordinarily entails reducing
detailed data to a manageable and understandable form without a requirement to test the assertion
underlying that information. Users of the compiled information derive some benefit as a result of the
accountant’s involvement because the service has been performed with due professional skill and care.
Accountant’s responsibility
 The accountant should read the compiled information and consider whether such:
o Appears to be appropriate in form
o Is free from obvious material misstatements
 If the accountant becomes aware that information supplied by management is correct,
incomplete or otherwise unsatisfactory, the accountant shall consider:
o Performing procedures the accountant is not ordinarily required to do in a compilation
agreement provided in PSRS 4419, par. 13:
 Make inquiries of management to assess the reliability and completeness of
the information provided
 Assess internal controls
 Verify matters and explanations
o Request management to provide additional information; and if management refuses so,
the accountant should withdraw from the engagement.
 If the accountant becomes aware of misstatements, the accountant should try to agree
appropriate amendments with the entity; and if such amendments are not made, the accountant
should withdraw from the engagement.
 The compilation report:
o Should expressly indicate that no assurance is provided on the FS.
o Should contain reference, such as the following (a) on each page of the financial
information, or (b) front of the complete set of FS:
 “Unaudited”
 “Compiled without Audit or Review”
 “Refer to Compilation Report”
o Should be modified if there are material misstatements in the FS by disclosing the
nature of the misstatement in a separate paragraph of the reports, although their
effects need not be quantified (if such modification is insufficient and client refuses to
adjust, the accountant may withdraw from the engagement)
 Scope limitations normally cause the accountant to withdraw from the engagement.