Chapter 1.

3
Assurance Engagements
acceptance Of Appointment
• The contents of a letter of
engagement for audit services are
listed in ISA 210 Agreeing the
Terms of Audit Engagements.
 Definition and Objective of an Assurance
Engagement
“Assurance engagement” means an engagement in which a
practitioner expresses a conclusion designed to enhance the degree of
confidence of the intended users other than the responsible party
about the outcome of the evaluation or measurement of a subject
matter against criteria.
The outcome of the evaluation or measurement of a subject matter is
the information that results from applying the criteria to the subject
matter.
For example: • The recognition, measurement, presentation and
disclosure represented in the financial statements (outcome) result
from applying a financial reporting framework for recognition,
measurement, presentation and disclosure, such as International
Financial Reporting Standards, (criteria) to an entity’s financial position,
financial performance and cash flows (subject matter).
Engagement letters

In plain English, the term “assurance”

refers to how confident (or assured) you
are that your financial reports are
reliable, timely and relevant.
The engagement letter will be sent before the audit. It
specifies the nature of the contract between the audit
firm and the client and minimise the risk of any
misunderstanding of the auditor’s role.
Objectives of Engagement Letter

• Define auditors’/management responsibilities and it

should be reviewed every year.
• Written evidence of auditors’ acceptance: the
auditor must issue a new engagement letter if the
scope or context of assignment changes after initial
appointment.
• Send a new letter every year to emphasise its
importance to client.
• Identify any reports to be produced in addition to
audit report
Procedures before accepting an audit appointment
Prior to accepting an appointment, the audit firm must take the following steps:


It must assess whether acceptance would
create any threats to compliance with the fundamental
principles. For example, a personal relationship between a partner at the firm
and a senior member of the client’s staff could create a threat to objectivity.
Lack of technical expertise could create a threat to professional competence
and due care.
It must ensure that resources are available to


complete the audit assignment; in particular, it must ensure

that there will be sufficient staff available at the right time. Again, not to have
sufficient resources available would create a threat to professional
competence and due care.

It must take up references on the proposed



client corporation and its directors, if they are not

already known to the auditors. This is usually referred to as client screening.
It must communicate with the current auditors, if


there are any, to establish if there are any matters that it

must be aware of when deciding whether or not to accept the appointment.
Although this is partly a matter of courtesy between professionals, this will
involve discussion of the appointment, the client and the audit work. Such
discussion will allow the firm to decide if the client is someone for whom it
would wish to act.
The contents/elements of the engagement letter

The contents of a letter of engagement for audit

services are listed in ISA 210 Agreeing the Terms of
Audit Engagements. The contents should include:

• the objective and scope of the audit

• the responsibilities of the auditor
• the responsibilities of management
• the identification of an applicable financial
reporting framework
• reference to the expected form and content of any
reports to be issued.
Relevant ethical requirements
As a legislative audit office, we have a responsibility to act in the public interest. In doing so, we observe and
comply with the OAG’s Code of Values, Ethics and Professional Conduct and other relevant ethical requirements
set out in rules of professional conduct and codes of ethics applicable to the practice of public accounting issued
by the various professional accounting bodies in Canada. Employees who belong to a professional association
may also be governed by the codes and by-laws of that body.
Relevant ethical requirements are derived from five fundamental principles of ethics:
integrity,

objectivity,

professional competence and due care,

confidentiality,

professional behaviour.
Integrity. To be straightforward and honest in all professional and business relationships.
Employees are expected to be straightforward, honest, and fair in all professional relationships. A person who
acts with honesty and truthfulness, and whose actions, values, and principles are consistent, is described as
having integrity.
Objectivity. To not allow bias, conflict of interest, or the undue influence of others to override professional or
business judgments.
The public interest in the objectivity of the Office requires that the Office and its employees be, and be seen to
be, free of influences that would impair the Office’s and its employees’ objectivity. Accordingly, the Office and its
employees must be independent. The ethical standard of independence requires the Office and its employees to
be and remain free of any influence, interest, or relationship regarding an entity’s affairs that impairs or, in the
view of a reasonable observer, would impair the Office’s and its employees’ professional judgment or objectivity.
An objective person does not allow bias, conflict of interest, or the influence of others to compromise judgment.
Proessional competence and due care. To maintain professional knowledge
and skill at the level required to ensure that an entity receives competent
professional services based on current developments in practice, legislation,
and techniques, and to act diligently and according to applicable technical and
professional standards.
Parliament, territorial legislatures, governments, and Canadians expect the
Office of the Auditor General of Canada and its employees to maintain a high
level of competence. This underscores the need to maintain individual
professional skill and competence by keeping abreast of and complying with
developments in professional standards and pertinent legislation in all areas
where the Office and its employees practise or are relied upon. The
expectation to operate with due care requires employees to act diligently and
according to applicable technical and professional standards when performing
assurance engagements. Diligence includes the responsibility to act, in
respect of an engagement, carefully, thoroughly, and on a timely basis.
Confidentiality. To respect the confidentiality of information acquired as a result of professional and business
relationships and, therefore, not disclose any such information to third parties without proper and specific
authority, unless there is a legal or professional right or duty to disclose, nor use the information for the personal
advantage of the employee or third parties.
The principle of confidentiality includes the need to maintain the confidentiality of information within the Office of
the Auditor General of Canada (OAG Audit 1192 Confidentiality, safe custody, integrity, accessibility, and
retrievability of engagement documentation).
The disclosure of confidential information by the Office and its employees may be required or appropriate where
such disclosure is
permitted or authorized by the entity;
required by law; or
permitted or required by a professional right or duty, when not prohibited by law.
Professional behaviour. Employees conduct themselves at all times in a manner that will maintain the good
reputation of the profession and the Office and its ability to serve Parliament, territorial legislatures, governments,
and Canadians.
In doing so, employees are expected to avoid any action that would discredit the Office of the Auditor General of
Canada. An employee’s behaviour should be based primarily on a reputation for professional excellence. An
employee is expected to provide other employees with the courtesy and consideration he or she would expect to
receive from them.
Engagement Acceptance
A practitioner accepts an assurance engagement only where the practitioner’s
preliminary knowledge of the engagement circumstances indicates that: (a) Relevant
ethical requirements, such as independence and professional competence will be
satisfied; and (b) The engagement exhibits all of the following characteristics:
(i) The subject matter is appropriate;
(ii) The criteria to be used are suitable and are available to the intended users;
(iii) The practitioner has access to sufficient appropriate evidence to support the
practitioner’s conclusion;
(iv) The practitioner’s conclusion, in the form appropriate to either a reasonable
assurance engagement or a limited assurance engagement, is to be contained in a
written report; and
(v) The practitioner is satisfied that there is a rational purpose for the engagement. If
there is a significant limitation on the scope of the practitioner’s work it may be unlikely
that the engagement has a rational purpose. Also, a practitioner may believe the
engaging party intends to associate the practitioner’s name with the subject matter in an
inappropriate manner Specific ISAs, ISREs or ISAEs may include additional
requirements that need to be satisfied prior to accepting an engagement.
When a potential engagement cannot be accepted as an assurance engagement
because it does not exhibit all the characteristics in the previous paragraph, the
engaging party may be able to identify a different engagement that will meet the needs
of intended users. For example: (a) If the original criteria were not suitable, an
assurance engagement may still be performed if:
(i) The engaging party can identify an aspect of the original subject matter for which
those criteria are suitable, and the practitioner could perform an assurance
engagement with respect to that aspect as a subject matter in its own right. In such
cases, the assurance report makes it clear that it does not relate to the original
subject matter in its entirety; or
(ii) Alternative criteria suitable for the original subject matter can be selected or
developed.
(b) The engaging party may request an engagement that is not an assurance
engagement, such as a consulting or an agreed-upon procedures engagement.

Having accepted an assurance engagement, a practitioner may not

change that engagement to a non-assurance engagement, or from a
reasonable assurance engagement to a limited assurance
engagement without reasonable justification. A change in
circumstances that affects the intended users’ requirements, or a
misunderstanding concerning the nature of the engagement,
ordinarily will justify a request for a change in the engagement. If
such a change is made, the practitioner does not disregard evidence
that was obtained prior to the change.
 Types & levels
In order of increasing level of rigor, accountants generally offer three
types of assurance services:

Compilations. These engagements provide no assurance that

financial statements are free from material misstatement and
conform with Generally Accepted Accounting Principles (GAAP).
Instead, the CPA puts financial information that management
generates in-house into a GAAP financial statement format. Footnote
disclosures and cash flow information are optional and often omitted.

Reviews. Reviewed financial statements provide limited assurance

that the statements are free from material misstatement and
conform with GAAP. Here, the accountant applies analytical
procedures to identify unusual items or trends in the financial
statements. She or he inquires about these anomalies, as well as
the company’s accounting policies and procedures.
Reviewed statements always include footnote disclosures and a
statement of cash flows. But the accountant isn’t required to evaluate
internal controls, verify information with third parties or physically
 Audits. The most rigorous level of assurance is provided by
an audit. It offers a reasonable level of assurance that your
financial statements are free from material misstatement and
conform with GAAP.
•The Securities and Exchange Commission requires public
companies to have an annual audit. Larger private companies
also may opt for this service to satisfy outside lenders and
investors. Audited financial statements are the only type of
report to include an express opinion about whether the
financial statements are fairly presented and conform with
GAAP.
•Beyond the analytical and inquiry steps taken in a review,
auditors perform “search and verification” procedures. They
also review internal control systems, tailor audit programs for
potential risks of material misstatement and report on control
weaknesses when they deliver the audit report.
Confidentiality/ Information disclosed
Members of an assurance team should not disclose
any information to anyone outside of the engagement
team, whether or not they work for the same firm.
Information should only be disclosed with proper and
specific authority or when there is a legal or
professional right or duty to disclose.
Duty to disclose:
• Breaches of specific laws to the appropriate public
authority, e.g. money laundering, terrorism, treason,
or drug trafficking.
• If a court order has been obtained.
• If it is required by ACCA or another professional
body.
Right to disclose:

• If the client has given their permission.

• To protect a member or firm's interests, e.g. to
defend themselves in court or at a disciplinary
hearing.
• Where authorised by law.
• Breaches of regulations to a nongovernmental
regulatory body that has the power to compel
disclosure, e.g. financial services authority.
• If it is in the public interest to do so.
e notable differences between audit and assurance are as follows:

1. Audit is a procedure of closely monitoring the accounting information prov

a company’s financial statements. Assurance, on the other hand, involves
assessing and analyzing different operations, processes, and procedures
2. Another key difference between audit and assurance services relates to t
aims of these procedures. Audit ensures that the financial reports are pre
fairly, ethically, accurately, and comply with the accounting standards/prin
Assurance evaluates the accuracy in given financial reports/records and
the authenticity of such information to all stakeholders.
3. An auditor owns extended rights, which help to access any kind of inform
On the contrary, assurance auditor is provided with fewer rights, as this p
relates to a specific area in the company’s financial records.
4. Audit requires more time and resources as compared to assurance servic
5. Audit is the first step, whereas assurance procedure starts once the audit
complete.
6. Audit is a way to disclose any fraudulent or dishonest activity i.e misuse o