assurance and assurance

engagements
Assurance refers to the auditor’s satisfaction as to the
reliability of an assertion being made by one party for
use by another party.
Assurance engagements or Assurance services are
three-party contracts in which assurers (such as a
CPA) reports on the quality of information. Assurance
engagements ( grandfather ) include assertion-based
services or attestation engagement ( father) such as
audits or FS audit or external audit or independent
audit ( grandson ) and reviews of financial statements
AND direct reporting engagements.
 ETHICAL REQUIREMENTS

• The firm should establish policies and procedures

designed to provide it with reasonable assurance
that the firm and its personnel comply with
ethical requirements, which include;

1) Integrity;
2) Objectivity;
3) Professional competence and due care;
4) Confidentiality; and
5) Professional behavior
 Usually and always

• Assurance Engagement is
usually address to intended
users
• Assertion based or Attestation
engagement reports always to
intended users
 Types of Assurance Engagements;level
of assurance and structure
STRUCTURE
• Assertion based or Attestation
Subject matter is measured and evaluated by
responsible party, subject matter information is in
the form of assertion, attestation is being done by
the practitioner.
Audit Engagement – reasonable assurance
engagement
Review Engagement – limited assurance engagement
Other Attestation Engagement
 Types of Assurance Engagements;level
of assurance and structure ( cont…)
STRUCTURE
• Direct Reporting Engagement ( Other Assurance
Engagements )

Subject matter is being measured and evaluated by the

practitioner

 there are many types of this, example of it is

 Suitable Criteria
• Criteria are the benchmarks used to evaluate
or measure the subject matter including,
where relevant, benchmarks for presentation
and disclosure. Criteria can be formal or less
formal.
Characteristics of Suitable Criteria
Established Criteria and Specifically
Developed Criteria
 Sufficient and Appropriate Evidence
• Sufficiency is the measure of quantity of evidence.
• Appropriateness is the measure of quality of
evidence; that is, its relevance and its reliability.
• The quantity of evidence needed is affected by the
risk of the subject matter information being
materially misstated (the greater the risk, the more
evidence is likely to be required) and also the
quality of such evidence (the higher the quality, the
less may be required). Accordingly, the sufficiency
and appropriateness of evidence are interrelated.
However, merely obtaining more evidence may not
compensate for its poor quality.
generalizations about the reliability of
evidence
assurance engagements according to level
of assurance provided
reasonable assurance and limited assurance
• 1. Reasonable Assurance Engagement - The objective of this
engagement is a reduction in assurance engagement risk to
an acceptably low level in the circumstances of the
engagement ad s the basis for positive form of expression of
the practitioner's conclusion. An example of this type of
engagement would be an audit of historical financial
statements.
• 2. Limited Assurance Engagement - The objective of this
engagement is a reduction in assurance engagement risk to a
level that is acceptable in the circumstances of the
engagement, but where the risk is greater than for a
reasonable assurance engagement, as the basis for a negative
form of expression of the practitioner's conclusion. An
example of this type of engagement would be a review of
financial statements.
 assurance engagements according to
structure
• 1. Attestation Engagement – the measurer or evaluator,
who is not a practitioner, measures or evaluates the
underlying subject against the criteria, the outcome of
which is the subject matter information
• An attestation engagement is an engagement in which a
practitioner is engaged to issue, or does issue, a written
communication that expresses a conclusion about the
reliability of a written assertion that is the responsibility
of another party. Examples include audits and reviews.
• 2. Direct Engagement – practitioner measures or
evaluates the underlying subject matter against the
criteria and presents the resulting subject matter
information as part of, accompanying the assurance
report.
Other assurance engagements
 non-assurance engagements
Examples of common non-assurance services
agreed-upon procedures; compilation of
financial and other information; preparation of
tax returns where no conclusion is expressed,
and tax consulting; and management consulting
and other advisory services
Agreed-upon procedures No conclusion is expressed by the
practitioner.
Compilations No conclusion is expressed by the practitioner
Some tax services Non- assurance of tax returns are prepared
with no conclusion expressed. Tax consulting
services are two-party contracts

Management consulting and other advisory Two-party contracts that recommend uses for
services information.
Types of Audit
Financial Statement audit
This is an audit conducted to determine whether the financial statements of an
entity are fairly presented in accordance with an identified financial reporting framework
Compliance Audit
Compliance audit involves a review of an organization’s procedures to determine
whether the organization has adhered to specific procedures, rules or regulations. The
performance of compliance audits is dependent upon the existence of verifiable data and
recognized criteria established by an authoritative body. A common example of this type of
audit is the examination conducted by BIR examiners to determine whether entities comply
with tax rules and regulations.
Operational audit
An operational audit is a study of a specific unit of an organization for the purpose
of measuring its performance. The main objective of this type of audit is to assess entity’s
performance, identity areas for improvements and make recommendation to improve
performance. This type of audit is also known as performance audit or management audit.

It should be noted that, although there are different types of audit, all audits possess the
same general characteristics. They all involve:
1.)Systematic examination and evaluation of evidence which are undertaken to ascertain
whether assertions comply with established criteria; and
2.)Communication of the results of the examination, usually in a written report, to the party
by whom, or on whose behalf, the auditor was appointed.
Unlike compliance and financial statement audits, where the criteria are usually defined,
criteria used in operational audit to evaluate the effectiveness and efficiency of operations are
not clearly established.
Types of Auditors
Auditors can be classified according to their affiliation with the entity being
examined.
External Auditors
These are independent CPAs who offer their professional services to
different clients on a contractual basis. External auditors are the ones who
generally perform financial statement audits.
Internal Auditors
Internal auditors are entity’s own employees who investigate and
appraise the effectiveness and efficiency of operations and internal controls.
The main function of internal auditors is to assist the members of the
organization in the effective discharge of their responsibilities. Internal
auditors usually perform operational audits.
Government Auditors
These are government employees whose main concern is to
determine whether persons or entities comply with government laws and
regulations. Government auditors usually conduct compliance audits.
 Comparison among the different types of audit.
Financial audit Compliance audit Operational audit
Assertions made That the financial That the That the
by the auditee statement are fairly organization has organization’s
presented complied with laws, activities are
regulations or conducted
contracts effectively and
efficiently
Established Financial reporting Laws, regulations Objectives set by
criteria standards or other and contracts the board of
financial reporting directors
framework
Content of the An opinion about Reports on the Recommendations
auditor’s report whether the degree of or suggestions on
financial statements compliance with how to improve
are fairly presented applicable laws, operations
in conformity with regulations and
an identified contracts
financial reporting
framework
Auditors who External auditors Government Internal auditors
generally perform auditors
 Auditing Defined
As to the American Accounting Association
(AAA):
Auditing is “a systematic process of objectively
obtaining and evaluating evidence regarding
assertions about economic actions and events
to ascertain the degree of correspondence
between these assertions and established
criteria and communicating the results to
interested users.“
Auditing encompass two processes:
Investigative Process
-involves the systematic gathering and evaluation
of evidence as a basis for determining whether
assertions or representations made by a
responsible person in a company’s financial
statements, correspond with the established
criteria, such as GAAP.
Reporting Process
-involves communicating an evaluation or
opinion in an audit report to interested users
Auditing and Accounting Distinguished
Accounting- is the process of recording,
classifying and summarizing economic
events in logical manner for the purpose of
providing financial information for decision
making.
Auditing- is concerned with the
determination of whether the recorded
accounting information for the entity
properly reflects the economic events that
occurred during the accounting period.
“Auditing begins where
accounting ends.”
 Assurance Services and Audit Services
Distinguished
The difference between them lies in the
scope of services.
The Independent Financial Statement
Audit
• The objective of an audit of financial
statement is to enable the auditor to express
an opinion whether the financial statement
are prepared, in all material respects, in
accordance with an identified financial
reporting framework or acceptable financial
reporting standard.
 Responsible for the financial
statements
• The management is responsible for preparing and
presenting the financial statement in accordance
with the financial reporting framework.
• The auditor’s responsibility is to form and
express an opinion on these financial statements
based on his audit. An audit of financial
statements does not relieve management’s
responsibility to adopt and implement adequate
accounting and internal control systems that will
help ensure, among others, the preparation of
reliable financial statements.
 Assurance provided by the auditors

• The auditor’s opinion on the financial statements

is not a guarantee that the financial statements
are dependable. An audit conducted in
accordance with Philippine Standards on Auditing
(PSAs) is designed to provide only reasonable
assurance (not absolute assurance) that the
financial statements taken, as a whole are free
from material misstatements. In every audit,
there are always inherent limitations that affect
the auditor’s ability to detect materials
misstatement.
 These limitations result from such
factors as:
1) The use of testing / Sampling risk
• For practical reasons, auditors do not examine
all evidence available. Many audit conclusions are
made by examining only sample of evidence.
Whenever a sample is taken there is always a
possibility that the auditor’s conclusion, based in
the sample, may be different from the conclusion
that would have been reached if the auditor
examines the entire population.
2.) Error in application of judgment / Non-
sampling risk
• The work undertaken by the auditor to
form an opinion is permeated by judgment.
Human weaknesses can cause auditors to
commit mistakes in the application of audit
procedures and evaluation of evidence.
•
3.) Reliance on management’s representation
• Some evidence supporting the financial
statement must be obtained by obtaining oral or
written representations from management. For
example, it is difficult for the auditors to
determine the proper valuation of accounts
receivable without management’s honest
assessment. If the management lacks integrity,
management may provide the auditor with false
representations causing the auditor to rely on
unreliable evidence.
4.) Inherent limitations of the client’s
accounting and internal control system
• Although the auditor performs procedures
to detect material misstatements when
auditing financial statements, such procedures
may not be effective in detecting
misstatements resulting from collusion among
employees or management’s circumvention of
internal control.
5.) Nature of evidence
• Evidence obtained by the auditor does not
consist of “hard facts” which prove or disprove
the accuracy of the financial statement. Instead,
it comprises pieces of information and
impressions which are gradually accumulated
during the course of an audit and which, when
taken together, persuade the auditor about the
fairness of the financial statements. Thus, audit
evidence is generally persuasive rather than
conclusive in nature.
 General principles governing the
audit of financial statements
• The procedures required to conduct an audit
in accordance with PSAs should be determine
by the auditor having regard to the
requirements of PSAs, relevant to professional
bodies, legislations, regulations, and where
appropriate, the terms of the engagement and
the reporting requirements.
 PSA provides the following guidelines
when auditing financial statements:
1. The audit should only comply with the “Code of Professional Ethics for Certified Public
Accountants” promulgated by the Board of Accountancy (BOA).
In order to retain public confident in the credibility of the auditors’ work, auditors must
adhere to standards of ethical conduct that embody and demonstrate integrity,
objectivity, and concern for the public rather than self interest.
2. The auditor should conduct an audit in accordance with Philippine Standards on
Auditing
These standards contain the basic principles and essential procedures which the auditor
should follow. The standards also include explanatory and other materials which, rather
than being prescriptive (that is mandatory), is designed to assist auditors in interpreting
and applying the auditing standards.
 3.
The auditor should plan and perform the audit with an attitude of professional
skepticism recognizing that circumstances may exist which may cause the financial
statements to be materially misstated.
An attitude of professional skepticism means the auditor makes a critical assessment,
with a questioning mind, of the validity of audit evidence obtained and is alert to audit
evidence that contradicts or bring into questions the reliability of documents or
management representations.
In planning and performing an audit, the auditor neither assumes that the management is
honest nor assumes unquestioned honesty. Thus, representations from management are
not a substitute for obtaining sufficient appropriate audit evidence to be able to draw
reasonable conclusions on which to base the audit opinion.
 Need for an independent financial statement audit
The need for an independent audit of financial statements stems from following interrelated
sources:
1. Conflict of interest between management and users of financial statements.
In a sense, financial statement may be viewed as the report by management as to
how the entity performed under their direction and supervision. Managers are
frequently placed in positions where they can benefit by providing outside parties
with overly optimistic or even false financial information. Outside parties, however,
want unbiased realistic financial statements. Recognizing this inherent conflict of
interest, users of financial statements have become skeptical of unaudited financial
statements.
2. Expertise
The complexity of accounting and auditing requires expertise in verifying the
quality of the financial information. Since most of the users of financial information
are not equipped with the necessary skills and competence to determine whether the
financial statements are reliable, a qualified person is hired by users to verify the
reliability of the financial statements on their behalf.
 3-4
Remoteness
Users of financial information are usually prevented from directly assessing the
reliability of the information. Most of the users do not have access to the entity’s
record to personally verify the quality of the financial information. Consequently, an
independent auditor is needed to assist them in verifying the reliability of the
financial information.
Financial consequences
Misleading financial information could have substantial economic consequence
for a decision maker. It is therefore important that financial statements be audited first
before they are used for making important decisions.
 Theoretical framework of Auditing
The audit function operates within a theoretical framework. Below are selected postulates,
assumptions or ideas that support many auditing concepts and standards.
1. Audit function operates on the assumption that all financial data are verifiable.
All balances reported in the financial statements mush have supporting documents or
evidence to prove their validity. If no evidence exist in relation to the financial
statements on which an auditor is to express an opinion, then there can be no audit to
perform.
2. The auditors should always maintain independence with respect to the financial
statements under audit.
Independence is essential for ensuring the credibility for ensuring the credibility of
the auditor’s report. The report of the auditor will be of little or no value to the
readers of the financial statements if the readers are aware that the auditors is not
independent with respect to the client.
3. There should be no long-term conflict between the auditor and the client
management.
Short-term conflicts may exist regarding the application of auditing procedures and
accounting principles, but in the end, both the auditor and the management must be
interested in the fair presentation of the financial statements.
 Auditing and
Assurance
Standards Council
PHILIPPINE STANDARDS ON AUDITING
(PSA’s)
• The Auditing and Assurance Standards
Council (AASC) has been given the task to
promulgate auditing standards, practices and
procedures which shall be generally accepted
by the accounting profession in the
Philippines.
Quality controls are policies and procedures adopted
by CPAs to provide reasonable assurance of conforming
with professional standards in performing audit and
related services.

• The following standards cover quality controls:

1.) Philippine Standard on Quality Control 1 (PSQC1),

Quality Controls for firms that Perform Audits and
Reviews of Financial Statements and other Assurance
and Related Services Engagement applicable to
assurance services and related services in general
2.) Philippine Standard on Auditing 220 (Redrafted),
Quality Controls for an Audit of an Financial Statements
• Quality Review –- a study, appraisal, or review
by the Board or its duly authorized
representatives, of the quality of audit of
financial statements through a review of the
quality control measures instituted by an
Individual CPA, Firm or Partnership of CPAs
engaged in the practice of public accountancy
to ascertain his/her/its compliance with
prescribed professional, ethical and technical
standards of public practice.
Elements of a System of Quality Control
• PSA 220 states that audit firm should
implement policies and procedures
designed to ensure that all audits are
conducted in accordance with PSA’s.
The quality control policies and
procedures adopted by audit firms vary
depending on the firm’s size and
nature of its practice, cost benefit
considering and other factors
 PSA 220 has identified the following
quality control policies that may serve as
guide to audit firms in establishing their
own system of quality control
1.) LEADERSHIP RESPONSIBILITIES FOR QUALITY ON
AUDITS
The engagement partner should take responsibility
for the overall quality on each audit engagement to
which the partner is assigned. The engagement
partner should set example regarding the quality of
audit by emphasizing work that complies with
professional standards, complying with the firm’s
quality control policies, and issuing appropriate audit
reports.
 2.) ETHICAL REQUIREMENTS
The engagement partner should consider whether
members of the engagement team have complied
with these ethical principles. Any issues involving
engagement team member’s non-compliance with
ethical requirements must be properly resolved
All CPAs in the Philippines are expected to comply
with the ethical requirements of the Code and other
ethical requirements that may be adopted by PICPA
and approved by the Board of Accountancy and PRC.
Apparent failure to do so may result in an
investigation into the CPA’S conduct.
• Identify threats- How?
• At least annually the firm will
obtain a written confirmation from
its personnel that they have complied
with the independence requirements
• Independence of mind-The state of mind that permits
the expression of a conclusion without being affected
by influences that compromise professional judgment,
allowing an individual to act with integrity and exercise
objectivity; and professional skepticism.

• Independence in appearance-The avoidance of facts and

circumstances that are so significant that a reasonable
and informed third party, having knowledge of all
relevant information, including safeguards applied,
would reasonably conclude a firm’s or member of the
assurance team’s, integrity, objectivity or professional
skepticism had been compromised.
• Self-interest threat
• Self-review threat
• Advocacy threat
• Familiarity threat
• Intimidation threat
• The threat that a financial or other interest will
inappropriately influence the professional
accountants judgment or behavior
The threat that a professional accountant will not
appropriately evaluate the results of a previous
judgment made or service performed by the
professional accountant’s firm or employing
organization, on which the accountant will rely when
forming a judgment as part of providing a current
service.
• The threat that a professional
accountant will promote a client’s or
employer’s position to the point that
the professional accountant’s
objectivity is compromised.

1.) Promoting shares in an audit

client
2.) Acting as an advocate on behalf
of an audit client in litigation or
disputes with third parties.
• The threat that due to a long or close
relationship with a client or employer, a
professional accountant will be too
sympathetic to their interest or too
accepting of their work.
• The threat that a professional accountant
will be deterred from acting objectively
because of actual or perceived pressures,
including attempts to exercise undue
influence over the professional accountant.
• An audit senior Jack Smith has
declared that his wife is financial
controller at client C.

• What will you do as team leader?

• Another senior Sanjay Kumar has
declared that he has received a gift
from a client- an i-phone.
• What will you do as team leader?
• The existence and significance of such threats will depend on
the nature, value and intent behind the offer. Where gifts or
hospitality are offered that a reasonable and informed third
party , weighing all the specific facts and circumstances , would
consider trivial and inconsequential, a professional accountant
in public practice may conclude that the offer is made in the
normal course of business without the specific intent to
influence decision making or to obtain information. In such
cases, the professional accountant in public practice may
generally conclude that any threat to compliance with the
fundamental principles is at an acceptable level.
• Education and training
• Adherence to CPD requirements
• Adherence to professional standards,
monitoring and professional
development procedures
• External review of the firms quality
control procedures
• Adherence to legislation
 3.) ACCEPTANCE AND CONTINUING OF
CLIENT RELATIONSHIPS
• The engagement partner should be satisfied that
appropriate procedures regarding the acceptance
and continuance of client relationships and
specific audit engagement have been followed and
that conclusions reached in this regard are
appropriate and have been documented.
• continue relationships and engagement where it;
1) Has considered the integrity of the client;
2) Is competent to perform the engagement and
has the capabilities, time and resources to do so;
and
3) Can comply with ethical requirements.
 The integrity and reputation of the prospective client’s
management and governance body should be scrutinized
through inquiries of knowledgeable parties from various
sources, both internal and external. Investigations involve the
following procedures:
1) Obtain and review available financial statements
regarding the prospective client, such as annual
reports, interim financial statements and income tax
returns.
2) Inquire of third parties as to any information regarding
the prospective client and its management and
principals which may have a bearing on evaluating the
prospective clients. Inquires may be directed to the
prospective client’s banker, legal advisers, investments
banker, and other in the financial or business
community who may have such knowledge.
• Communicate the predecessor auditor. The successor auditor (auditor who
replaces another auditor with respect to a specific client) has the burden of
initiating communication with the predecessor auditor (the auditor who was
replaced by another auditor). The successor auditor should request permission of
the prospective client before contacting the predecessor auditor (this is because
the predecessor auditor is bound by the Code of ethics to follows the duty of
confidentiality and therefore cannot be disclose confidential information without
the prospective client’s consent).

• Inquires would include questions regarding the facts that might bear on the
integrity of management, on disagreements with management as to accounting
policies, audit procedures, or other similarly significant matters, and on the
predecessor’s understanding as to the reasons for the change in auditors. Such
inquiries of the predecessor auditor may help the successor auditor determine
whether to accept the engagement.

• The predecessor auditor should respond fully to the successor’s request (an
exception would be when the predecessor auditor and the prospective client are
entangled in a lawsuit, in which case, the predecessor auditor may choose to
remain silent).

• In case the prospective client refuses to grant the predecessor auditor permission
to respond, the successor auditor should consider the reasons refusal. Such refusal
leads to questions about the prospective client’s integrity and intentions, and may
ultimately cause the successor auditor to reject the engagement.
4
 5.) ENGAGEMENT PERFORMANCE
The engagement partner should take responsibility for the
direction, supervision, review and overall performance of the
audit engagement.
• Direction
Assistant should be informed of their responsibilities, the
nature of the entity’s business, potential problems that may
arise and the detailed approach to the performance of the
engagement.
• Supervision
This involves monitoring the progress of the audit, resolving
accounting and audit issues, and considering the level of
consultation appropriate for the engagement.
• Review
Work performed by assistants should be reviewed to consider
whether the audit procedures, evidence and documentation
are appropriate to support the conclusion reached.
 5.) ENGAGEMENT PERFORMANCE
The engagement partner should take responsibility for the
direction, supervision, review and overall performance of the
audit engagement.
• Direction
Assistant should be informed of their responsibilities, the
nature of the entity’s business, potential problems that may
arise and the detailed approach to the performance of the
engagement.
• Supervision
This involves monitoring the progress of the audit, resolving
accounting and audit issues, and considering the level of
consultation appropriate for the engagement.
• Review
Work performed by assistants should be reviewed to consider
whether the audit procedures, evidence and documentation
are appropriate to support the conclusion reached.
 6
• MONITORING
• The continued adequacy and operational
effectiveness of quality control policies and
procedures is to be monitored. Policies and
procedures must be adopted to provide reasonable
assurance that the systems of quality control are
relevant, adequate and opening effectively.
• The firm’s quality control policies and procedures
should be communicated to its personnel in a
manner that provides and procedures are
understood and implemented.
  NONCOMPLIANCE WITH LAWS AND REGULATIONS

Noncompliance refers to act of omission or commission by the entity

being audited, either intentional or unintentional, which are contrary t the
prevailing laws or regulations. Such acts include transactions entered into
by, or in the name of, the entity or on its behalf by its management or
employees. Common examples included:
 Tax evasion
 Violation of environmental protection laws
 Inside trading of securities

Management’s Responsibility

It is management’s responsibility to ensure the entity’s operations are conducted

in accordance with laws and regulations. The responsibility for the prevention and
detection of noncompliance rests with managements. (PSA 250))

The following policies and procedures, among other, may assist management in
discharging its responsibilities for the prevention and detection of noncompliance:
 Monitoring legal requirements and ensuring that operating procedures are
designed to meet these requirements.
 Instituting and operating appropriate systems of internal control.
 Developing publicizing and following a Code of Conduct.
 Ensuring employs are properly trained and understand the Code of
Conduct.
 Monitoring compliance with the Code of Conduct and acting appropriately
to discipline employees who fail to comply with it.
 Engage legal advisor to assist in monitoring legal requirements.
 Maintaining a register of significant laws with which the entity has to
comply within its particular industry and a record of complaints.
In larger entities, thee policies and procedures may be
supplemented by assigning appropriate responsibilities to
internal audit function an audit committee.

Auditor’s responsibility

An audit cannot be expected to detect noncompliance

with all laws and regulations. Nevertheless, the auditor
should recognize that noncompliance by the entity with
laws and regulations may materially affect the financial
statements.
Nature of audit procedures refers to both their
purpose (tests of controls or substantive
procedures) and their type (inspection,
observation, inquiry, confirmation, recalculation,
reperformance, or analytical procedures ).