ACC 310 – Audit and Assurance Principle

FUNDAMENTALS OF ASSURANCE SERVICES

Learning Objectives

After studying this chapter, you should be able to:

1. Discuss why it is essential for students to learn Auditing.
2. Define assurance engagements.
3. Discuss the five elements of assurance engagements.
4. Classify assurance engagements according to structure and according to level of
assurance provided.
5. Discuss the meaning of assertion-based engagements and give examples.
6. Identify examples of non-assurance engagements and describe each one briefly.

Introduction

Why Study Auditing and Assurance Principles?

1. Auditing and Assurance: Concepts and Principles introduce students to the theories
underlying auditing services and provides opportunities to develop technical
expertise in applying the concepts learned.

2. Financial statement users need to have an understanding of the audit function in

order to better appreciate the assurance provided by an independent auditor on the
fairness of the financial statements. An understanding of auditing would also clarify
the extent of responsibilities assumed by company management and by the auditor.

3. Auditing skills in risk management and evidence accumulation and evaluation can
be used in many non-audit situations, such as when assessing one's academic
performance, verifying news and hearsay, reading the newspaper and watching
televised advertisements.

By studying auditing theory, students acquire these skills and develop a

professionally skeptical attitude (ie., an attitude of a questioning mind).

4. Students gain a deeper understanding of the ethics underlying the practice of one's
profession. They become familiar with the situations which they might encounter
in the actual practice of the profession, and learn about the safeguards they must
take in order to handle these situations.

The Concept of Assurance

Every day, people make decisions: what time to wake up, what clothes to wear, what
breakfast too eat, how to get to work, what time to go home - the list of decisions to be
made is virtually endless. In life, decision-making is unavoidabe.

Consider the following situations:

1. A professor tells you that your book in accounting is obsolete and must be replaced.
2. The appliance store advertises a certain mp3 player as the best value for your money
3. A doctor urges you to get an anti-flu shot.
4. Management of ABC Company distributes quarterly reports showing a 156
increase in net income compared to the net income for the same period last year
5. A political campaign shows that Mr. Ronald Pump is the "man for the people, the
best choice for President"

All of these situations require making decisions. Your decisions (to get a new book, to buy
the mps3 player, get the anti-flu shot, buy shares of ABC Company or vote for Candidate
Pump) will depend on what you know about each of the available alternatives decisions

Page 1 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

and actions are influenced by the information made available to you. The relevance and
reliability of information is critical for making the best decision in a given situation.

The Information Age brought about an upsurge in the amount of data that a user can
consume. Access to, and manipulation of, information, has never been easier. It should be
recognized that not all information is accurate; some are erroneous, and worse, some are
fraudulent (intentionally misstated). Recall the many cases of fraudulent claims made for
products and services. Fraudsters earn a lot by churning out lies that catch the unaware.

Now, more than ever, there is a need for reliable information that is fairly stated,
information that presents a true and fair view of what it purports to represent.

The reliability of information depends on the credibility of the source of the information
and the ability to verify its accuracy or fairness. People avoid biased or misleading
information because misinformation can lead to less effective decisions.

In business, financial statements contain the information used by investors, creditors, and
other interested parties in making economic decisions.

Examples of Economic Decisions Made by Users of Financial Statements:

1. Investors - Whether to buy, hold, or sell shares of company
2. Creditors - Whether to approve more loans paid for by the debtor company
3. Government - Whether to adjust or retain the taxation policies currently in force
4. Customers - Whether to continue doing business with the company, or to find
another supplier
5. Employees - Whether to demand a salary Increase, whether to stay with the
company, or to go looking for another job.

These decisions depend on the information that users see in the financial statements the
company's total assets, liabilities, net income, net cash flows, etc. It will also depend on the
analysis of ratios computed based on the information presented in the financial statements.
Most of the decisions of financial statement users involve significant amounts of money
thus, it is imperative that the information contained in the financial statements is reliable
or fairly presented.

Users generally do not have the training or expertise to verify technical information, such
as those contained in financial statements. They turn to Certified Public Accountants
(CPAs) - and the CPAS provide the assurance that they need - assurance that the
information audited is indeed fairly stated.

According to Webster, to assure means "to give confidence or conviction". In the auditing
sense, assurance refers to the auditor’s satisfaction as to the reliability of an assertion being
made by one party for use by another party.

Assurance Services

Nature and Objective

Assurance services (or assurance engagements) are three-party contracts in which assurers
(such as a CPA) reports on the quality or information. Assurance engagements performed
by CPAS are intended to enhance the credibility of information about a subject matter (such
as financial statements) by evaluating whether the matter conforms in all material respects
with suitable criteria.

Examples of assurance engagements include audits of financial statements of listed and

non-listed entities, assurance on the balloting of contests, such as the Academy Awards,
and reporting on compliance with laws, rules and regulations

Page 2 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

Elements of Assurance Engagements

The following are the elements of an assurance engagement:

1. A three party relationship involving a practitioner (CPA), a responsible party, and
intended users;
2. An appropriate subject matter;
3. Suitable criteria;
4. Sufficient appropriate evidence; and
5. A written assurance report in the form appropriate to a reasonable assurance
engagement or a limited assurance engagement.

All of the five elements must be present in an engagement for the engagement to be
classified as an assurance engagement.

Three-Party Relationship

Assurance engagements involve three separate parties: a practitioner, a responsible party

and intended users. The responsible party and the intended users may be from different
entities or the same entity, as shown in Table 1-2. The relationship between the responsible
party and the intended user needs to be viewed within the context of a specific engagement
and may differ from more traditionally defined lines of responsibility.

Example: An entity's senior management (an intended user) may engage a practitioner to
perform an assurance engagement on a particular aspect of the entity's activities that is the
immediate responsibility of a lower level of management (the responsible party). but for
which senior management is ultimately responsible.

Practitioner

The term "practitioner" as used here is broader than the term "auditor" as used in
professional standards, which relates only to practitioners performing audit or review
engagements with respect to historical financial information.

A practitioner may be requested to perform assurance engagements on a wide range of

subject matters. Some subject matters may require specialized skills and knowledge
beyond those ordinarily possessed by an individual practitioner. In this situation, the
practitioner should not accept an engagement if preliminary knowledge of the engagement
circumstances indicates that ethical requirements regarding professional competence will
not be satisfied.

In some cases, the ethical requirement regarding professional competence can be satisfied
by the practitioner using the work of persons from other professional disciplines, referred
to as experts. When this happens, the practitioner should be satisfied that those persons
carrying out the engagement collectively possess the requisite skills and knowledge, and
that the practitioner has an adequate level of involvement in the engagement and
understanding of the work for which any expert is used.

Responsible Party

The responsible party is the person (or persons) responsible for the subject matter or the
subject matter information (the assertion) in an assurance engagement. Table 1-3 shows
the subject matter, subject matter information, and the responsible party in a financial
statement audit.

The Philippine Framework for Assurance Engagements provides examples of situations

when the responsible party is responsible for the subject matter information only, and when
such responsibility is extended to the subject matter itself, as shown in Table 1-4.

Page 3 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

The responsible party may or may not be the party who engages the practitioner (the
engaging party). The responsible party ordinarily provides the practitioner with a written
representation that evaluates or measures the subject matter against the identified criteria,
whether or not it is to be made available as an assertion to the intended users.

Table 1-3
Subject Matter, Subject Matter Information and Responsible Party in a Financial
Statement Audit
Subject Matter Financial Position, financial performance and cash flows of an
enterprise
Subject Matter The financial statements of the enterprise
Information
Responsible Party Client or entity management

Table 1-4
Extent of Responsibility of the Responsible Party
Responsible For…… Sample Assurance Engagement
Subject Matter A government organization engages a practitioner to perform a
Information only n assurance engagement regarding a report about private
company’s sustainability practices that the organization has
prepared and is to distribute to intended users
Subject Matter and An entity engages a practitioner to perform an assurance
Subject Matter engagement regarding a report it has prepared about its own
Information sustainability practices

Intended Users

The intended users are the person, persons or class of persons for whom the practitioner
prepares the assurance report. The responsible party can be one of the intended users, but
not the only one. Whenever practical, the a3surance report is addressed to all the intended
users, but in some cases there may be other intended users.

The practitioner may not be able to identify all those who will read the assurance report,
particularly where there are large numbers of people who have access to it. In such cases,
particularly where possible readers are likely to have a broad range of interests in thee
subject matter, intended users may be limited to major stakeholders with significant and
common interests.

Intended users may be identified in different ways, for example, by agreement between the
practitioner and the responsible party or engaging party, or by law.

Parties Involved in Determining Engagement Requirements

Whenever practical, intended users or their representatives are involved with the
practitioner and the responsible party (and the engaging party if different) in determining
the requirements of the engagement. Regardless of the involvement of others however, the
practitioner is responsible for determining the nature, timing and extent of procedures to
be performed in the engagement.

In addition, the practitioner is required to pursue any matter which the practitioner becomes
aware of where such matter may lead to a material adjustment or modification to the subject
matter information. For example, when material errors are found in a financial statement
audit, the auditor is required to determine the effect of these errors on the financial
statements and the type of report to be issued.

Page 4 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

Assurance Engagements for a Specific Purpose

In some cases, intended users (for example, bankers and regulators) impose a requirement
on, or request the responsible party (or the engaging party if different) to arrange for, an
assurance engagement to be performed for a specific purpose. When engagements are
designed for specified intended users or a specific purpose, the practitioner considers
including a restriction in the assurance report that limits its use to those users or that
purpose.

Subject Matter

The subject matter, and subject matter information, of an assurance engagement can take
many forms, such as those shown in Table 1-5.

Subject matters have different characteristics, including the degree to which information
about them is qualitative versus quantitative, objective versus subjective, historical versus
prospective, and relates to a point in time or covers a period. Such characteristics affect the
precision with which the subject matter can be evaluated or measured against criteria and
the persuasiveness of available evidence. In any case, the assurance report notes
characteristics of particular relevance to the intended users.

Table 1-5
Examples of Subject Matter and Subject Matter Information
Form Subject Matter Subject Matter Information
Financial historical or prospective Recognition, measurement,
performance or financial position, financial presentation and disclosure
conditions performance and cash flow represented in financial
statements
Non-Financial Performance of an entity Key indicators of efficiency
performance or and effectiveness
conditions
Physical Capacity of a facility Specifications documents
Characteristics
Systems and An entity’s internal control or IT An assertion about
Process System effectiveness
Behavior Corporate governance, A statement of compliance or a
compliance with regulation, statement of effectiveness
human resource practices

An appropriate subject matter is identifiable, and capable of consistent evaluation or

measurement against the identified criteria and capable of being subjected to procedures
for gathering sufficient appropriate evidence to support a reasonable assurance or limited
assurance conclusion, as appropriate.

Suitable Criteria

Criteria are the benchmarks used to evaluate or measure the subject matter including, where
relevant, benchmarks for presentation and disclosure. Criteria can be formal or less formal.

Examples of Assurance Engagements and Applicable Formal Criteria

1. Audit of financial statements - Philippine Financial Reporting Standards (PFRS)
2. Assurance on internal control - Established internal control framework (e.g..
COSO) or individual control objectives specifically designed for the engagement)
3. Compliance audits - Applicable law, regulation or contract

Page 5 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

Examples of less formal criteria are an internally developed code of conduct or an agreed
level of performance (such as the number of times a particular committee is expected to
meet in a year).

Suitable criteria are required for reasonably consistent evaluation or measurement of a

subject matter within the context of professional judgment. Without the frame of reference
provided by suitable criteria, any conclusion is open to individual interpretation
misunderstanding. Suitable criteria are context-sensitive, that is, relevant to the
engagement circumstances.

For the same subject matter there can be different criteria. For example, one responsible
party might select the number of customer complaints resolved to the acknowledged
satisfaction of the customer for the subject matter of customer satisfaction; another
responsible party might select the number of repeat purchases in the three months following
the initial purchase.

The practitioner assesses the suitability of criteria for a particular engagement by

considering whether they reflect the characteristics mentioned in Table 1-7. The relative
importance of each characteristic to a particular engagement is a matter of judgement. The
evaluation or measurement of a subject natter merely on the basis of the practitioners own
expectations, judgments and individual experience would not constitute suitable criteria,

Established criteria and specifically developed criteria

Established criteria are those embodied in laws or regulations, or issued by authorized or

recognized bodies of experts that follow a transparent due process

Specifically developed criteria are those designed for the purpose of the engagement.
Whether criteria are established or specifically developed affects the work that the
practitioner carries out to assess their suitability for a particular engagement.

Whether established or specifically developed, criteria need to be available to the intended

users to allow them to understand how the subject matter has been evaluated or measured.
Criteria are made available to the intended users in one or more of the following ways:
1. Publicly.
2. Through inclusion in a clear manner in the presentation of the subject matter
information.
3. Through inclusion in a clear manner in the assurance report.
4. By general understanding, for example the criterion for measuring time in hours
and minutes.

Criteria may also be available only to specific intended users, for example the terms of a
contract, or criteria issued by an industry association that are available only to those in the
industry.

When identified criteria are available only to specific intended users, or are relevant only
to a specific purpose, use of the assurance report is restricted to those users or for that
purpose.

Sufficient Appropriate Evidence

The practitioner plans and performs an assurance engagement with an attitude of

professional skepticism to obtain sufficient appropriate evidence about whether the subject
matter information is free of material misstatement. The practitioner considers materiality,
assurance engagement risk, and the quantity and quality of available evidence when
planning and performing the engagement, in particular when determining the nature, timing
and extent of evidence-gathering procedures.

Page 6 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

Professional Skepticism

The practitioner plans and performs an assurance engagement with an attitude of

professional skepticism recognizing that circumstances may exist that cause the subject
matter information to be materially misstated. An attitude of professional skepticism means
the practitioner makes a critical assessment, with a questioning mind, of the validity of
evidence obtained and is alert to evidence that contradicts or brings into question the
reliability of documents or representations by the responsible party.

For example, an attitude of professional skepticism is necessary throughout the

engagement process for the practitioner to reduce the risk of overlooking suspicious
circumstances, of over generalizing when drawing conclusions from observations, and of
using faulty assumptions in determining the nature, timing and extent of evidence gathering
procedures and evaluating the results thereof.

Professional skepticism is an attitude that includes being alert to, for example:
1. Evidence that is inconsistent with other evidence obtained;
2. Information that calls into question the reliability of documents and responses to
inquiries to be used as evidence
3. Circumstances that suggest the need for procedures in addition to those required by
relevant Assurance Standards; and
4. Conditions that may indicate likely misstatement.

An assurance engagement rarely involves the authentication of documentation, nor is the

practitioner trained as or expected to be an expert in such authentication. However, the
practitioner considers the reliability of the information to be used as evidence, for example
photocopies, facsimiles, filmed, digitized or other electronic documents, including
consideration of controls over their preparation and maintenance where relevant.

Sufficiency and Appropriateness of Evidence

Sufficiency is the measure of the quantity of evidence. Appropriateness is the measure of

the quality of evidence; that is, its relevance and its reliability. The quantity of evidence
needed affected by the risk of the subject matter information being materials misstated (the
greater the risk, the more evidence is likely to be required) and also by the quality or such
evidence quality, the less may be required). Accordingly, the sufficiency and the
appropriateness of evidence are interrelated. However, obtaining more evidence may not
compensate for its poor quality

The reliability of evidence is influenced by its source and by its nature, and is dependent
on the individual circumstances under which it is obtained.

Generalizations about the reliability of evidence

Generalizations about the reliability of various kinds of evidence can be made; however,
such generalizations are subject to important exceptions. Even when evidence is obtained
from sources external to the entity, circumstances may exist that could affect the reliability
of the information obtained. For example, evidence obtained from an independent external
source may not be reliable if the source is not knowledgeable. While recognizing that
exceptions may exist, the following generalizations about the reliability of evidence may
be useful:
1. Evidence is more reliable when it is obtained from independent sources outside the
entity.\
2. Evidence that is generated internally is more reliable when the related controls are
effective.

Page 7 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

3. Evidence obtained directly by the practitioner (for example, observation of the

application of a control) is more reliable than evidence obtained indirectly or by
inference (for example, inquiry about the application of a control).
4. Evidence is more reliable when it exists in documentary form, whether paper,
electronic, or other media (for example, a contemporaneously written record of a
meeting is more reliable than a subsequent oral representation of what was
discussed’
5. Evidence provided by original documents is more reliable than evidence provided
by photocopies or facsimiles.

The practitioner ordinarily obtains more assurance from consistent evidence obtained from
different sources or of a different nature than from items of evidence considered
individually.

In addition, obtaining evidence from different sources or of a rent nature may indicate that
an individual item of evidence is not reliable.

For example, corroborating information obtained from a source independent of the entity
may increase the assurance the practitioner obtains from a representation from the
responsible party. Conversely, when evidence obtained from one source is inconsistent
with that obtain from another, the practitioner determines what additional evidence-
gathering procedures are necessary to resolve the inconsistency.

Cost-Benefit Considerations

In terms of obtaining sufficient appropriate evidence, it is generally more difficult to obtain

assurance about subject matter information covering a period than about subject matter
information at a point in time. In addition, conclusions provided on processes ordinarily
are limited to the period covered by the engagement; the practitioner provides no
conclusion about whether the process will continue to function in the specified manner in
the future.

The practitioner considers the relationship between the cost of obtaining evidence and the
usefulness of the information obtained. However, the matter of difficulty or expense
involved is not in itself a valid basis for omitting an evidence-gathering procedure for
which there is no alternative. The practitioner uses professional judgment and exercises
professional skepticism in evaluating the quantity and quality of evidence, and thus its
sufficiency and appropriateness, to support the assurance report.

Materiality

Materiality is relevant when the practitioner determines the nature, timing and extent of
evidence-gathering procedures, and when assessing whether the subject matter information
is free of misstatement. When considering materiality, the practitioner understands and
assesses what factors might influence the decisions of the intended users. The assessment
of materiality and the relative importance of quantitative and qualitative factors in a
particular engagement are matters for the practitioner's Judgment.

Assurance Engagement Risk

Assurance engagement risk is the risk that the practitioner expresses an inappropriate
conclusion when the subject matter information is materially misstated. It is considered
when determining the nature, timing and extent of evidence-gathering procedures. The
more extensive the evidence-gathering procedures, the lower the chances of an
inappropriate conclusion (assurance engagement risk), and the higher the level of assurance
that a practitioner can provide.

Page 8 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

Assurance Report

The practitioner provides a written report containing a conclusion that conveys the
assurance obtained about the subject matter information. A practitioner normally can
express two levels of assurance: a reasonable (but not absolute) level of assurance, and a
limited level of assurance.

Professional engagement standards establish basic elements for assurance reports. In

addition, the practitioner considers other reporting responsibilities, including
communicating with those charged with governance of the entity when it is appropriate to
do so.

Forms of Conclusions

The conclusion in an assurance engagement may be expressed positively or negatively,

depending on the level of assurance being provided. There are two levels of assurance that
may be provided by a practitioner: reasonable assurance (also known as high level of
assurance) and limited assurance (also known as moderate level of assurance).

In a reasonable assurance engagement, the practitioner expresses the conclusion in the

positive form, for example:
1. In our opinion, the entity has complied, in all material respects, with XYZ law;"
2. In our opinion, the financial statements present fairly, in all material respects, the
financial position of the entity as at [date] and its finarncial pertormance and its
cash flows for the year then ended in accordance with XYZ framework;"
3. "In our opinion, the [appropriate party's] statement that the entity has complied with
XYZ law 1s, in all material respects, fairly stated," or "In our opinion, the
appropriate party's] statement that the key performance indicators are presented in
accordance with XYZ criteria is, in all material respects, fairly stated."

In a limited assurance engagement, the practitioner expresses the conclusion in the negative
form, for example,
"Based on the procedures performed and evidence obtained, nothing has come to
our attention that causes us to believe that the entity has not complied, in all material
respects, with XYZ law."

While both statements express assurance, users derive more comfort from positive
assurance than negative assurance. As an overly simplified example, positive assurance
says users, the information is fairly stated" while negative assurance says "users, I did not
find a material error."

The reason for differing levels of assurance lies in the nature, extent and timing of
procedures to gather evidence as a basis for the practitioner's conclusion. To reiterate: The
more extensive the evidence-gathering procedures, the higher the level of assurance that a
practitioner can provide.

The practitioner may choose a "short-form" or "long-form" style of reporting to facilitate

effective communication to the intended users. Short-term reports ordinarily include only
the basic elements. "Long-form reports include other information and explanations that are
not intended to affect the practitioner's conclusion. As well as the basic elements, long-
form reports may describe in detail the terms of the engagement, the criteria being used,
findings relating to particular aspects of the engagement, details of the qualifications and
experience ne practitioner and others involved with the engagement, disclosure of
materiality levels, and, in some cases, recommendations.

Whether to include any such information depends on its significance to the information
needs of the intended users.

Page 9 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

Not all conclusions are unqualified conclusions. There are situations which may lead the
practitioner to express a different type of conclusion.

In some cases where criteria are found unsuitable or subject matter is inappropriate, the
practitioner expresses a qualified conclusion or a disclaimer of conclusion depending on
how material or pervasive the matter is. In some cases the practitioner considers
withdrawing from thee engagement.

Classification of Assurance Engagements

According to Level of Assurance

1. Reasonable Assurance Engagement - The objective of this engagement is a
reduction in assurance engagement risk to an acceptably low level in the
circumstances of the engagement as the basis for a positive form of expression of
the practitioner’s conclusion. An example of this type of engagement would be an
audit of historical financial statements.
2. Limited Assurance Engagement - The objective of this engagement is a reduction
in assurance engagement risk to a level that is acceptable in the circumstances of
the engagement, but where that risk is greater than for a reasonable assurance
engagement, as the basis for a negative form of expression of the practitioner's
conclusion. An example of this type of engagement would be a review of financial
statements.

According to Structure
1. Attestation Engagement - In an attestation engagement, the measurer or evaluator,
who is not the practitioner, measures or evaluates the underlying subject matter
against the criteria, the Outcome of which is the subject matter information. Subject
matter information can fail to be properly expressed in the context of the underlying
subject matter and the criteria, and can therefore be misstated, potentially to a
material extent. The role of the practitioner in an attestation engagement is to obtain
sufficient appropriate evidence in order to express a conclusion about whether the
subject matter information, as prepared by the measurer or evaluator, is free from
material misstatement.
2. Direct Engagement - In a direct engagement, the practitioner measures or evaluates
the underlying subject matter against the criteria and presents the resulting subject
matter information as part of, or accompanying the assurance report. The
practitioner’s conclusion in a direct engagement addresses the reported outcome of
the measurement or evaluation of the underlying subject matter against the criteria.
In some direct engagements, the practitioner’s conclusion is, or is part of, the
subject matter information.

Attestation Engagements

An attestation engagement is an engagement in which a practitioner is engaged to issue, or

does issue, a written communication that expresses a conclusion about the reliability or a
written assertion that is the responsibility of another party.

This definition implies four basic conditions that distinguish an attestation engagement
from other services an accountant may provide:
1. There must be a written assertion being made by one party, the reliability of which
is of interest to another party. An assertion is a representation or statement, which
may be expressly stated or implied by the responsible party.
2. There must be agreed-upon and objective criteria that can be utilized to assess the
accuracy of the assertion. All parties must agree as to how the assertion is to be
evaluated using a common unit of measure and measurement technology. The
measurement approach should be refined enough to allow different individuals to
arrive at conclusions that are not materially different

Page 10 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

3. The assertion must be amenable to-verification by an independent party. That is,

the accountant must be able to obtain adequate, diagnostic evidence to support or
refute the assertion being made.
4. The accountant should prepare a written conclusion about the reliability of the
assertion(s).

Examples of Attestation Engagements

There are two common attestation engagements in practice today: audit engagements and
review engagements.
1. An independent audit engagement is one that provides a reasonable (but not
absolute) level of assurance that the subject matter (such as financial statements) is
free of material misstatement.
2. A review engagement involves a limited investigation of much narrower scope than
an audit and undertaken for the purpose of providing limited assurance that the
subject matter is presented in accordance with identified suitable criteria.

Audits require greater scrutiny of the financial statements, while reviews consist of making
inquiries and performing analytical procedures on the statements. Consequently, audits
provide a higher level of assurance as compared to reviews.

Other Assurance Services

Assurance services have existed long before CPAs started to provide them. The AICPA
has formed the Special Committee on Assurance services (chaired by Robert K. Elliot, a
KPMG partner) to develop a strategic plan for the profession's further forays into the
assurance market. Some of the assurance services that resulted from this project include
the following:
1. Business Performance Measurement - provides assurance about whether
financial and non-financial information being reported from the entity's
performance measurement system (e.g, balanced scorecard) is reliable and whether
the performance measures being used are accurately leading the entity toward
meeting its strategic goals and objectives.
2. Health Care Performance Measurement - involves the evaluation of the quality
of health care, medical services and outcome. It looks into the health care delivery
system, the medical services provided, and quality attributes associated with those
services.
3. Elder Care Plus is an evaluation designed to provide assurance to the elderly and
their relatives about the quality of care being provided by various care givers by
comparing their specific objectives in providing care with actual services rendered.
4. Risk Assessment Services - identifies a set of risks that affect the organization. It
also involves the study of the link between risks and organization's vision, mission,
objectives and strategies and development of new and relevant measures to address
these risks.
5. CPA WebTrust. WebTrust is a seal of assurance service developed jointly by the
American Institute of Certified Public Accountants (AICPA) and the Canadian
Institute of Chartered Accountants (CICA). WebTrust enables consumers and
businesses to purchase goods and services over the Internet with the confidence that
the Web site business meet high standards of business practice as set forth in the
CPA WebTrust Principles and Criteria
6. Information Systems Reliability involves evaluating whether financial and non-
financial information systems provide reliable information for operating and
financial decisions by an entity's management.

Page 11 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

Limitations of Assurance Engagements

Despite the performance of an assurance engagement, the highest level of assurance that
may be provided is reasonable assurance. Reasonable assurance is less than absolute
assurance. Reducing assurance engagement risk to zero is very rarely attainable or cost
beneficial as a result of factors such as the following:
1. The use of selective testing.
2. The inherent limitations of internal control.
3. The fact that much of the evidence available to the practitioner is persuasive rather
than conclusive".
4. The use of judgment in gathering and evaluating evidence and forming conclusions
based on that evidence.
5. The characteristics of the subject matter (in some cases).

Non-Assurance Services

Not all engagements performed by CPAs are assurance services. Non-assurance services
lack one or more of the elements of assurance engagements. Examples of common non-
assurance services are:

Agreed-upon procedures

In an engagement to perform agreed-upon procedures, an auditor is engaged to carry out

those procedures of an audit nature to which the auditor and the entity and any appropriate
third parties have agreed and to report on factual findings. The recipients of the report must
form their own conclusions from the report by the auditor. The report is restricted to those
parties that have agreed to the procedures to be performed since others, unaware of the
reasons for the procedures, may misinterpret the results".

Compilation of Financial or Other Information

In a compilation engagement, the accountant is engaged to use accounting expertise as

opposed to auditing expertise to collect, classify and summarize financial information. This
ordinarily entails reducing detailed data to a manageable and understandable form without
a requirement to test the assertions underlying that information. The procedures employed
are not designed and do not enable the accountant to express any assurance on the financial
information. However, users of the compiled financial information derive some benefit as
a result of the accountant's involvement because the service has been performed with due
professional skill and care.

Some tax services, such as preparation of tax returns where no conclusion is

expressed, and tax consulting

Individuals and business leaders look to CPAs for advice on income tax and business tax
strategies. A CPA can develop tax strategies to help individuals or businesses legally
minimize their tax liability. Tax services save clients’ money and worry. Non-assurance
tax services also include assistance in preparing tax returns; and representation or clients
to tax authorities.

Management Consulting and Other Advisory Services

Technically, "Management consulting refers to both the industry, and the practice of,
helping organizations improve their performance, primarily through the thorough analysis
of existing business problems and development or plans for improvement. "Some examples
or areas where CPAS can offer advice are:
1. Small business management
2. Cash management

Page 12 of 13

Prepared by: Daniel John F. Falo

 ACC 310 – Audit and Assurance Principle

3. Compensation plan evaluations

4. Growth planning
5. Purchasing or selling a business
6. Measuring the performance of a business
7. Disaster recovery planning

Table 1-9 summarizes the non-assurance services, together with the elements of assurance
engagements that are missing from each one:

Table 1-9
Non-assurance Services and Missing Assurance Engagement Elements
Agreed-upon procedures No conclusion is expressed by the practitioner.
Compilations No conclusion is expressed by the practitioner.
Some tax services Non-assurance if tax returns are prepared with no
conclusion expressed. Tax consulting services are
two-party contracts.
Management Two-party contracts that recommend uses for information.
consulting and other
advisory services

Reference:

J.M. Ireneo, S.C. Ireneo, G.R. James. 2018. Audit & Assurance Principle. Manila,
Philippines: La Limariza Printing Corp.

Page 13 of 13

Prepared by: Daniel John F. Falo