Chapter 1

Fundamentals of
Assurance Services
Why Study Auditing and Assurance
Principles?
• Auditing as a “stepping stone”
– Introduce students to theories & develop the
expertise
• Appreciate the assurance provided by an
external auditor on the fairness of the
financial statements
• Develop a professionally skeptical
attitude
• Gain a deeper understanding of the ethics
 The Concept of Assurance
• Need for reliable information
– The relevance and reliability of information
is critical for making the best decision in a
given situation
– Webster on “assure”:
• To give confidence or conviction
– In an auditing sense:
• Refers to the auditor’s satisfaction as to the
reliability of an assertion being made by one
party for use by another party.
 User of
Financial Examples of Economic Decisions
Statements
Investors Whether to buy, hold, or sell shares of a
company
Creditors Whether to approve more loans applied for
by the debtor company
Government Whether to adjust or retain the taxation
policies currently in force
Customers Whether to continue doing business with the
company or to find another supplier
Employees Whether to demand a salary increase;
whether to stay with the company, or to go
looking for another job
 Assurance Services
• Nature and Objective
– Assurance services (or assurance engagements) are
three-party contracts in which assurers reports on
the quality of information.
– Assurance engagements performed by CPAs are
intended to enhance the credibility of information
about a subject matter by evaluating whether the
subject matter conforms in all material respects
with suitable criteria.
Elements of Assurance Engagement
• Three party relationship involving a
practitioner (CPA), responsible party and
intended users
• An appropriate subject matter
• Suitable criteria
• Sufficient appropriate evidence
• A written assurance report in the form
appropriate to a reasonable assurance
engagement or a limited assurance
engagement
 Three Party Relationship
Examples of Responsible Parties and Intended Users
The investors, creditors, government and
From different other financial statement users (intended
users) may seek assurance about the fairness
entities of the presentation of financial statements that
company management (responsible party) has
prepared for their consumption
In a 2-tier board structure, the supervisory
board (intended user) may seek assurance
From the same about information provided by the
entity management board of that entity (responsible
party)
 Practitioner
• Broader than the term “auditor”
• May be requested to perform assurance
engagements on a wide range of subject
matters.
– May require the use of “experts”
 Responsible Party
• Person (s) responsible for the subject matter or the
subject matter information (the assertion) in an
assurance engagement.
• May or may not be the party who engages the
practitioner (the engaging party)
• Provides the practitioner with a written representation
that evaluates or measures the subject matter against
the identified criteria, whether or not it is to be made
available as an assertion to the intended users.
 Subject Matter, Subject Matter
Information & Responsible Party in
a Financial Statement Audit
Subject Financial position, financial
matter performance and cash flows of an
enterprise
Subject The financial statements of the
matter enterprise (balance sheet, income
information statement, statement of charges in
equity, statement of cash flows and
related notes)
Responsible Client or entity management
party
 Extent of Responsibility of the
Responsible Party
Responsible Sample Assurance Engagement
for…
Subject matter A government organization engages a
information practitioner to perform an assurance
engagement regarding a report about a private
only
company’s sustainability practices that the
organization has prepared and is to distribute
to intended users
Subject matter An entity engages a practitioner to
and subject perform an assurance engagement
matter regarding a report it has prepared about
information its own sustainability practices
 Intended Users
• Person, persons or class of persons for whom
the practitioner prepares the assurance report.
• The responsible party can be one of the
intended users, but not the only one.
• May be limited to major stockholders with
significant and common interests.
 Subject Matters
• Have different characteristics, including the
degree to which information about them is
qualitative versus quantitative, objective
versus subjective, historical versus prospective
and relates to a point in time or covers a
period.
• An appropriate subject matter is identifiable,
and capable of consistent evaluation or
measurement against the identified criteria and
capable of being subjected to procedures for
gathering sufficient appropriate evidence to
support a reasonable assurance or limited
 Subject Matter & Subject Matter
Information
Form Subject Matter Subject Matter
Information
Financial Historical or prospective Recognition, measurement,
performance or financial position, financial presentation and disclosure
conditions performance and cashflows represented in financial
statements
Non-financial Performance of an entity Key indicators or efficiency and
performance or effectiveness
conditions
Physical Capacity of a facility Specifications document
characteristics

Systems and An entity’s internal control or As assertion about effectiveness

processes IT system

Behavior Corporate governance, A statement of compliance or a

compliance with regulation, statement of effectiveness
human resource practices
 Suitable Criteria
• Criteria are the benchmarks used to evaluate or
measure the subject matter including, where
relevant, benchmarks for presentation and
disclosure.
• Required for reasonably consistent evaluation
or measurement of a subject matter within the
context of professional judgment.
• The evaluation or measurement of a subject
matter merely on the basis of the practitioner’s
own expectations, judgments and individual
experience would not constitute suitable
criteria.
 Examples of Assurance
Engagements and Applicable Formal
Criteria
Assurance Applicable Criteria
Engagement
Audit of financial Philippine Financial Reporting Standards
statements (PFRS)

Assurance on internal Established internal control framework or

control individual control objectives specifically
designed for the engagement
Compliance audits Applicable law, regulation or contract
 Characteristics of Suitable Criteria
Characteristic Explanation

Relevance Relevant criteria contribute to conclusions that assist decision

making by the intended users
Completeness Criteria are sufficiently complete when relevant factors that
could affect the conclusions in the context of the engagement
circumstances are not omitted. Complete criteria include,
where relevant, benchmarks for presentation and disclosure
Reliability Reliable criteria allow reasonably consistent evaluation or
measurement of the subject matter including, where relevant,
presentation and disclosure, when used in similar circumstances
by similarly qualified practitioners
Neutrality Neutral criteria contribute to conclusions that are free from bias
Understandability Understandable criteria contribute to conclusions that are clear,
comprehensive and not subject to significantly different
interpretations
 Established & Specifically
Developed Criteria
• Established criteria are those embodied in laws
or regulations, or issued by authorized or
recognized bodies of experts that follow a
transparent due process.
• Specifically developed criteria are those
designed for the purpose of the engagement.
Ways Criteria are Made Available to
Intended Users
• Publicly
• Through inclusion in a clear manner in the
presentation of the subject matter information
• Through inclusion in a clear manner in the
assurance report
• By general understanding, for example the
criterion for measuring time in hours and
minutes.
 Sufficient Appropriate Evidence
• The practitioner plans and performs an assurance
engagement with an attitude of professional
skepticism to obtain sufficient appropriate evidence
about whether the subject matter information is free
of material misstatement.
• The practitioner considers materiality, assurance
engagement risk and the quantity and quality of
available evidence when planning and performing the
engagement, in particular when determining the
nature, timing and extent of evidence-gathering
procedures.
 Professional Skepticism
• The ability in recognizing that circumstances
may exist that cause the subject matter
information to be materially misstated.
• The professional makes a critical assessment,
with a questioning mind, of the validity of
evidence obtained and is alert to evidence that
contradicts or brings into question the
reliability of documents or representations by
the responsible party.
 Professional Skepticism
• Attitude of being alert to:
– Evidence that is inconsistent with other evidence
obtained;
– Information that calls into question the reliability
of documents and responses to inquiries to be used
as evidence;
– Circumstances that suggest the need for
procedures in addition to those required by
relevant Assurance Standards; and
– Conditions that may indicate likely misstatement
 Sufficiency & Appropriateness of
Evidence
• Sufficiency is the measure of the quantity of
evidence
• Appropriateness is the measure of the quality
of evidence, that is, its relevance and its
reliability.
• The quantity of evidence needed is affected by
the risk of the subject matter information being
materially misstated and also by the quality of
such evidence.
 Generalizations about the
reliability of evidence
1. Evidence is more reliable when obtained
from independent sources.
2. Evidence generated internally is more
reliable when controls are effective.
3. Evidence obtained directly by
practitioner is more reliable than
evidence obtained indirectly or by
inference.
 Generalizations about the
reliability of evidence
4. Evidence is more reliable when it exists in
documentary form, whether paper, electronic,
or other media
5. Evidence provided by original documents is
more reliable than evidence provided by
photocopies or facsimiles.
 Cost Benefit Considerations
• Generally more difficult to obtain assurance
about subject matter information covering a
period than about subject matter information at
a point in time.
• Conclusions provided on processes ordinarily
are limited to the period covered by the
engagement; the practitioner provides no
conclusion about whether the process will
continue to function in the specified manner in
the future.
 Cost Benefit Considerations
• Practitioner considers relationship between the
cost of obtaining evidence and the usefulness
of the information obtained.
• Expense cannot be an excuse to omit a
procedure.
 Materiality
• Relevant when the practitioner determines the
nature, timing and extent of evidence
gathering procedures and when assessing
whether the subject matter information is free
from misstatement.
• Assess the factors that might influence the
decisions of the intended users.
 Assurance Engagement Risk
• Risk that the practitioner expresses an
inappropriate conclusion when the subject
matter information is materially misstated.
• The more extensive the evidence gathering
procedures, the lower the chances of an
inappropriate conclusion.
 Classifications of Assurance
Engagements
• According to Level of Assurance
– Reasonable Assurance Engagement
• The objective is the reduction in assurance
engagement risk to an acceptably low level in
the circumstances of the engagement as the
basis for a positive form of expression of the
practitioner’s conclusion.
• Ex. Audit of historical financial statements
 Assurance Report
• Written report containing a conclusion that
conveys the assurance obtained about the
subject matter information.
• 2 levels of assurance:
– Reasonable (but not absolute)
– Limited
 Classifications of Assurance
Engagements
• According to Level of Assurance
– Limited Assurance Engagement
• The objective is the reduction in assurance
engagement risk to a level that is acceptable in
the circumstances of the engagement, but where
that risk is greater than for a reasonable
assurance engagement, as the basis for a
negative form of expression of the practitioner’s
conclusion.
• Ex. Review of financial statements
 Forms of conclusions
• Positive
– Form used in a reasonable assurance engagement.
– “In our opinion, the entity has complied, in all
material respects with the XYZ law.”
• Negative
– Form used in a limited assurance engagement.
– “Nothing has come to our attention that causes us
to believe that the entity has not complied, in all
material respects, with the XYZ law.”
 Styles of Reporting
• Short-form
– Ordinarily include the basic elements
• Long-form
– Include other information and explanations that are
not intended to affect the practitioner’s conclusion.
 Conclusions other than
“Unqualified”
Cause Significance Conclusion

Auditor is prevented from Material Qualified conclusion

obtaining sufficient,
appropriate evidence Very material Disclaimer of conclusion
(scope limitation)
Assertion or subject matter Material Qualified conclusion
information is materially
misstated Very material Adverse conclusion

Criteria are unsuitable or Material Qualified conclusion

subject matter is
inappropriate, thus Very material Adverse conclusion
misleading users of
information
 Classifications of Assurance
Engagements
• According to Level of Assurance
1. Reasonable Assurance Engagement
The objective is a reduction in assurance
engagement risk to an acceptably low level in the
circumstances of the engagement as the basis for the
positive form of expression of the practitioner’s
conclusion.
Example: audit of historical financial statements.
 Classifications of Assurance
Engagements
• According to Level of Assurance
2. Limited Assurance Engagement
The objective is a reduction in assurance
engagement risk that is acceptable in the
circumstances of the engagement, but where that risk
is greater than for a reasonable assurance
engagement, as the basis for the negative form of
expression of the practitioner’s conclusion.
Example: review of financial statements.
 Classifications of Assurance
Engagements
• According to Structure
– Attestation Engagement
The measurer or evaluator, who is not the
practitioner, measures or evaluates the underlying
subject matter against the criteria, the outcome of
which is the subject matter information.
The role of the practitioner is to obtain
sufficient appropriate evidence in order to express a
conclusion about whether the subject matter
information is free from material misstatement.
 Classifications of Assurance
Engagements
• According to Structure
– Direct Engagement
• The practitioner either directly performs the
evaluation or measurement of the subject
matter against the criteria and presents the
resulting subject matter information as part of ,
or accompanying the assurance report.
 Attestation Engagements
• An engagement in which a practitioner is
engaged to issue, or does issue, a written
communication that expresses a conclusion
about the reliability of a written assertion that
is the responsibility of another party
 Conditions Distinguishing Attestation
Engagement from Other Services
1. Written assertion being made by one party,
the reliability of which is of interest to
another party
2. Agreed upon and objective criteria that can
be utilized to assess the accuracy of the
assertion.
3. Assertion must be amenable to verification by
an independent party.
4. Written conclusion must be prepared about
the reliability of the assertion.
 Attestation Engagement
Examples
• Independent Audit Engagement
– Provides a reasonable level of assurance that the
subject matter is free of material misstatement
• Review Engagement
– Involves a limited investigation of much narrower
scope than an audit and undertaken for the purpose
of providing limited assurance that the subject
matter is presented in accordance with identified
suitable criteria.
 Other Assurance Services
• Business Performance Measurement
– Provides assurance about whether financial and
non-financial information being reported from the
entity’s performance measurement system is
reliable and whether the performance measures are
being used are accurately leading the entity toward
meeting its strategic goals and objectives.
 Other Assurance Services
• Health Care Performance Measurement
– Involves the evaluation of the quality of health
care, medical services and outcome. It looks into
the health care delivery system, the medical
services provided and quality attributes associated
with those services
• Elder Care Plus
– Evaluation designed to provide assurance to the
elderly and their relatives about the quality of care
being provided by various care givers by
comparing their specific objectives in providing
care with actual services rendered.
 Other Assurance Services
• Risk Assessment Services
– Identifies a set of risks that affect the organization.
Studies also the link between risks and
organization’s vision, mission, objectives and
strategies and development of new and relevant
measures to address these risks
 Other Assurance Services
• CPA Web Trust
– Web Trust is a seal of assurance
service developed jointly by AICPA
and CICA. Enables consumers and
businesses to purchase goods and
services over the Internet with the
confidence that the Web site business
meet the high standards of business
practice as set forth in the CPA
WebTrust Principles and Criteria
 Other Assurance Services
• Information Systems Reliability
– Involves evaluating whether financial and non-
financial information systems provide reliable
information for operating and financial decisions
by an entity’s management.
 Limitations of Assurance
Engagements
• Despite the performance of an assurance engagement,
the highest level of assurance that may be provided is
reasonable assurance. Reducing assurance
engagement risk to zero is very rarely attainable or
cost beneficial as a result of factors such as :
– The use of selective testing
– Inherent limitations of internal control
– Much evidence available to the practitioner is persuasive
rather than conclusive
– Use of judgment in gathering and evaluating evidence and
forming conclusions based on that evidence
– Characteristics of the subject matter (in some cases)
 Non-Assurance Services
• Lacks one or more of the elements of
assurance engagements.
• Examples:
– Agreed-upon procedures
• Auditor is engaged to carry out only agreed procedures.
Recipients of the report must form their own
conclusions.
– Compilation of Financial or Other Information
• Accountant uses accounting expertise to classify and
summarize financial information. No assurance is
expressed
 Non-Assurance Services
• Other Examples:
– Some tax services
• such as preparation of tax returns where no conclusion
is expressed, and tax consulting
– Management consulting and other advisory
services
• Refers to helping organizations improve their
performance, primarily through the thorough analysis of
existing business problems and development of plans
for improvement.
 Non-Assurance Services
Agreed upon No conclusion is expressed by the
procedures practitioner
Compilations No conclusion is expressed by the
practitioner
Some tax Non-assurance if tax returns are prepared
services with no conclusion expressed. Tax
consulting services are two-party contracts
Management Two-party contracts that recommend uses
consultancy and
other advisory for information
services
Future of the Profession

Market for
Assurance
Exists