FUNDAMENTALS OF ASSURANCE ENGAGEMENTS

Assurance Services/Engagements:
 Assurance services (or assurance engagements) – are three-party contracts in which
assurers (such as a CPA) reports on the quality of information. It is designed to enhance the
degree of confidence of the intended users other than the responsible party about the outcome
of the evaluation or measurement of a subject matter against criteria

 Assurance services improve the quality of information for decision-making.

 Assurance refers to the practitioner’s satisfaction as to the reliability of an assertion
being made by one party for use by another party; it is the degree of certainty the
practitioner has attained and wishes to convey to intended users
 Independence is required whenever a professional accountant performs assurance
services.

Objective of Assurance Engagements:

According to the Philippine Framework for Assurance Engagements, an assurance engagement is

conducted:

a. To provide a high level of assurance that the subject matter conforms in all material respects
with identified suitable criteria; or
b. To provide a moderate level of assurance that the subject matter is plausible in the
circumstances.

Types of Assurance Engagements and their Objectives:

1. Reasonable assurance engagements – engagements that provide high, but not absolute,
level of assurance
 Also called high-level engagements
 The objective of a reasonable assurance engagement is a reduction in assurance
engagement risk to an acceptably low level as the basis for a positive form of expression of
the practitioner’s conclusion.

 Reasonable assurance is achieved if assurance engagement risk is reduced to an

acceptably low level (close to zero).
 For assurance engagements regarding historical financial information in particular,
reasonable assurance engagements are called audit engagements . An audit
engagement is an assurance engagement to provide a high level of assurance that the
financial statements are free of material misstatement. This high level of assurance is
expressed positively in the audit report as “reasonable assurance”.
 Absolute assurance is not attainable:
In assurance engagements, absolute assurance is generally not attainable because of
such factors as:

 Use of judgment
P a g e 1 | 14
  Use of testing
 Inherent limitations of internal control
 Most evidence available to the practitioner is persuasive rather than conclusive
 In some cases, the characteristics of the subject matter

2. Limited assurance engagements – engagements that provide only a “moderate” or

“limited” level of assurance
 The objective of a limited assurance engagement is a reduction in assurance engagement
risk to an acceptable level as the basis for a negative form of expression of the
practitioner’s conclusion. Thus, the risk in limited assurance engagement is greater than
for a reasonable assurance engagement.

 Moderate assurance is achieved if assurance engagement risk is reduced to an

acceptable level.
 For assurance engagements regarding historical financial information in particular,
limited assurance engagements are called review engagements .

Assertion-based and Direct Reporting Engagements:

1. Assertion based engagements – evaluation or measurement of the subject matter is
performed by the responsible party, and the subject matter information is in the form of an
assertion by the responsible party that is made available to the interested users
 Assertion-based engagements are also known as attestation engagements
 Examples of assertion-based engagements:
a. Audit engagements
b. Review engagements

In an assertion-based engagement, the practitioner’s conclusion can be worded in

terms of the responsible party’s assertion. For example:

“In our opinion the responsible party’s assertion that internal control is
effective, in all material respects, based on XYZ criteria, is fairly stated”

2. Direct reporting engagements – the practitioner either directly performs the evaluation or
measurement of the subject matter, or obtains a representation from the responsible party that
has performed the evaluation or measurement that is not available to the intended users

In a direct reporting engagement, the practitioner’s conclusion is worded directly in

terms of the subject matter and the criteria. For example:

“In our opinion internal control is effective, in all material respects, based on
XYZ criteria”

Examples of Assurance Engagements:

P a g e 2 | 14
 1. Audits of financial statements
2. Examination of prospective financial statements
3. Reporting on compliance with laws, rules and regulations
4. Other assurance services:
a. Business performance measurement services
b. Health care performance measurement services
c. Elder Care Plus
d. Risk Assessment Services
e. CPA Web Trust Service
f. Information Systems Reliability

Requirements before a practitioner can accept an assurance engagement:

Only where the practitioner’s knowledge of the engagement circumstances indicates that:

1. Relevant ethical requirements, such as independence and professional competence will be

satisfied; and
2. The assurance engagement exhibits all of the following characteristics:
a. The subject matter is appropriate
b. The criteria to be used are suitable and are available to the intended users
c. The practitioner has access to sufficient appropriate evidence to support the practitioner’s
conclusion;
d. The practitioner’s conclusion, in the form appropriate to either a reasonable assurance
engagement or a limited assurance engagement, is to be contained in a written report, and
e. The practitioner is satisfied that there is a rational purpose for the engagement.

Elements of Assurance Engagements:

Not all engagements performed by practitioners are assurance engagements. An assurance

engagement must have the following elements:

1. Three party relationship (involving a practitioner, a responsible party and intended users)
2. Appropriate subject matter
3. Suitable criteria
4. Sufficient appropriate evidence
5. Written assurance report in the form appropriate to a reasonable assurance engagement or a
limited assurance engagement

Three Party Relationship:

a. Practitioner – CPA in public practice who performs the assurance engagement

The term practitioner is broader than the term “auditor” as used in professional standards,
which only refers to practitioner performing audit or review engagements with respect to
historical financial information.

P a g e 3 | 14
 b. Responsible party – person/s who is responsible for the subject matter or the assertion
(subject matter information)
For example, an entity’s management is responsible for the preparation and presentation of
financial statements or the establishment and implementation of internal control.

c. Intended user/s – person, persons or class of persons for whom the practitioner prepares
the assurance report; they are the users to whom the practitioner usually addresses the report

Responsible party and intended user:

 The responsible party and the intended users may be from different entities or the
same entity.
 The practitioner may be engaged by the responsible party or the intended user.
 The responsible party can be one of the intended users, but not the only one.
 Whenever practical, the assurance report is addressed to all the intended users, but
in some cases, there may be other intended users. In cases where the CPA may
not be able to identify all intended users, intended users may be limited to major
stockholders with significant and common interests.
 In some circumstances, the intended user may be established by law.
 The responsible party may also be one of the intended users.
 The intended user may be established by agreement between the practitioner and
responsible party or those engaging or employing the practitioner.

Appropriate Subject Matter:

Subject matter refers to the information to be evaluated or measured against the criteria.
Subject matter information means the outcome of the evaluation or measurement of a subject
matter.

Requirements for subject matter to be considered appropriate:

a. Identifiable
b. Capable of consistent evaluation and measurement against suitable criteria
c. In the form that can be subjected to procedures for gathering evidence to support that
evaluation or measurement

Forms of subject matter of an assurance engagement:

1. Financial performance or conditions (for example, historical or prospective financial

position, financial performance and cash flows) for which the subject matter information
may be the recognition, measurement, presentation and disclosure represented in the
financial statements
2. Non-financial performance or conditions (for example, performance indicators of an
entity) for which the subject matter information may be key indicators of efficiency and
effectiveness
3. Physical characteristics (for example, capacity of a facility) for which the subject matter
information may be a specifications document
4. Systems and processes (for example, entity’s internal control or IT system) for which
the subject matter information may be an assertion about effectiveness

P a g e 4 | 14
 5. Behavior (for example, corporate governance, compliance with regulation, human
resource practices) for which the subject matter information may be a statement of
compliance or a statement of effectiveness

Suitable Criteria:

Criteria refer to the standard or benchmark used to evaluate or measure the subject matter of an
assurance engagement, including, where relevant, benchmarks for presentation and disclosure.

Five characteristics of suitable criteria:

a. Relevance – relevant criteria contribute to conclusions that assist decision-making by the

intended users
b. Completeness – criteria are sufficiently complete when relevant factors that could affect
the conclusions in the context of the engagement circumstances are not omitted.
Complete criteria include, where relevant, benchmarks for presentation and disclosure.
c. Reliability – reliable criteria allow reasonably consistent evaluation or measurement of the
subject matter when used in similar circumstances by similarly qualified practitioners
d. Neutrality – neutral criteria contribute to conclusions that are free from bias
e. Understandability – understandable criteria contribute to conclusions that are clear,
comprehensive, and not subject to significantly different interpretations

Two types of criteria:

1. Established criteria – are those criteria that are embodied in laws or regulations or issued by
authorized or recognized bodies of experts that follow a transparent due process.
2. Specifically developed criteria – those criteria specifically designed for the purpose of the
engagement.

Examples of suitable criteria:

 Applicable financial reporting framework which is the Philippine Financial Reporting

Standards (PFRS) – in case of audit of financial statements
 Applicable law or regulation or contract – in case of compliance audit
 Established internal control framework or stated internal control criteria – in case of
report on internal control

Availability of criteria to intended users:

Criteria need to be made available to the intended users in one or more of the following
ways:

a. Publicly
b. Through inclusion in a clear manner in the presentation of the subject matter
information
c. Through inclusion in a clear manner in the assurance report
d. By general understanding, for example, the criterion for measuring time in hours
P a g e 5 | 14
 and minutes

Sufficient Appropriate Evidence:

The practitioner shall plan and perform the engagement with an attitude of professional skepticism
to obtain sufficient appropriate evidence that the assertions are free of material misstatements.

 Professional skepticism – an attitude that includes a questioning mind, being alert to

conditions which may indicate possible misstatement due to error or fraud, and a critical
assessment of evidence
 Evidence – refers to the information obtained by the practitioner in arriving at the
conclusions on which the conclusion is based
 Sufficiency – refers to the measure of the quantity of evidence
 Appropriateness – refers to the measure of the quality of evidence, that is, its relevance
and its reliability

Written Assurance Report:

A written assurance report should be in the form appropriate to a reasonable assurance

engagement or a limited assurance engagement.

The practitioner should provide a written report containing a conclusion that conveys the assurance
obtained about the subject matter information. In addition, the practitioner considers other reporting
responsibilities, including communicating with those charged with governance when it is appropriate to
do so.

Levels of assurance provided in the written report:

Type or level Form of conclusions Example

of assurance

Reasonable Positive form of “In our opinion internal control is effective,

assurance expression of the in all material respects, based on XYZ criteria.”
practitioner’s conclusion

Limited Negative form of “Based on our work described in this

assurance expression of the report, nothing has come to our attention that
practitioner’s conclusion causes us to believe that internal control is not
effective, in all material respects, based on XYZ
criteria.”

Attestation Services

An attestation service is a type of assurance service in which a practitioner is engaged to issue a

written communication that expresses a conclusion about the reliability of a written assertion that is

P a g e 6 | 14
the responsibility of another party. Attestation generally refers to an expert's written communication
of a conclusion about the reliability of someone else's assertions.

Non-assurance Engagements

Not all engagements are assurance engagements. Other engagements performed by practitioners
that do not meet the definition of assurance engagement are classified as non-assurance
engagements or services. Non-assurance engagements are those that do not result in the
practitioner’s expression of a conclusion that provides a level of assurance, whether negative assurance
or other form of assurance. The practitioner does not convey to the intended users any assurance as
to the reliability of an assertion.

The practitioner’s primary purpose for performing non-assurance services is to provide advice and
technical assistance that will enable a client to conduct its business more effectively.

Examples of non-assurance engagements:

1. Related services, such as:

a. Agreed-upon procedures engagements, and
b. Compilations of financial or other information engagements
2. Tax services (such as the preparation of tax returns where no conclusion conveying assurance is
expressed)
3. Consulting (or advisory) engagements, such as management and tax consulting

Agreed-upon Procedures Engagements:

 Objective of agreed-upon procedures engagements: For the auditor to carry out

procedures of an audit nature as agreed by the auditor and the entity and any appropriate
third parties and to report on factual findings.
 No assurance is expressed in the report: The users/recipients of the report assess for
themselves the procedures and findings reported by the auditor and form their own
conclusions from the report by the auditor.
 Distribution of report is restricted: The report on agreed upon procedures engagement is
restricted to those parties that have agreed to the procedures to be performed since others
who are unaware of the reasons for the procedures may misinterpret the results.

Compilation of Financial or Other Information Engagements:

 Objective of compilation engagements: For the accountants to use accounting expertise,

as opposed to auditing expertise, to collect, classify and summarize financial information.
Compilation engagements ordinarily include preparation of financial statements.
 No test of assertions: A compilation engagement ordinarily entails reducing detailed data to
a manageable and understandable form without a requirement to test the assertions
underlying that information.
 No assurance is expressed in the report: The procedures employed are not designed to
enable the accountant to express any assurance on the financial information.
 Benefit to users: Users of the compiled financial information derive some benefit as a result
of the accountant's involvement because the service has been performed with professional
competence and due care.

P a g e 7 | 14
Tax Services
1. Tax compliance – includes the preparation of tax returns (for individuals, corporations, estates
and trusts, and other entities) and acting as client’s representative to tax authorities or in tax
litigations
2. Tax planning – includes the determination of the tax consequences of planned or potential
transactions (legally minimizing client’s tax liability) followed by making suggestions on the most
desirable course of action

Management Consulting
Management advisory (consulting) services – refers to the function of providing professional
advisory (consulting) services, the primary purpose of which is to improve client’s use of its capabilities
and resources to achieve the objectives of the organization. Advisory (consulting) services are
professional services that provide advice and assistance to clients by improving their condition directly.
Advice or assistance to clients may cover the entity’s organization, operations, risk management,
systems design and implementation, process personnel, corporate finances, or other activities.

Comparative Examples of Assurance and Non-Assurance Services:

Categories of Services / Engagements

Assurance Services Non-Assurance Services

Audit Review Other assurance

1. Audit of FS 1. Review of FS 1. Business 1. Agreed-upon procedures

Performance 2. Compilation of financial or
Measurement other information
2. Audit of internal 2. Review of 3. Preparation of tax returns
control over interim financial when no conclusion is
financial information 2. Risk expressed
reporting Assessment 4. Consulting or advisory
services services:
 Tax consulting
 Management consulting
 Other advisory services

Levels of Assurance for Audit, Review, Agreed-upon Procedures and Compilation

The basic distinction between audit, review and related services is the level of assurance provided
by the auditor in the engagement.

Assurance refers to the practitioner’s satisfaction as to the reliability of an assertion being made
by one party for use by another party. The level of assurance is the degree of the practitioner’s
satisfaction or degree of certainty the practitioner has attained and wishes to convey to intended users.
Such level or degree of assurance depends on the procedures performed and the evidence collected by
the practitioner.

P a g e 8 | 14
 Engagements and level of assurance:

1. Audit: The auditor provides a reasonable (high, but not absolute) level of assurance that the
information subject to audit is free of material misstatement. This is expressed positively in the
audit report as reasonable assurance .
2. Reviews: The auditor provides a moderate/limited level of assurance that the information
subject to review is free of material misstatement. This is expressed in the form of negative
assurance.
3. Agreed-upon procedures: No assurance is expressed. The auditor simply provides a report
of the factual findings. Users of the report assess for themselves the procedures and findings
reported by the auditor and draw their own conclusions from the auditor's work.
4. Compilation: Although the users of the compiled information derive some benefit from the
accountant's involvement, no assurance is expressed in the report.

Distinctions between Typical Assurance and Non-Assurance Services:

Non-Assurance Services

Point of Assurance Services (Related Services)

distinction
Audit Review Agreed-upon Compilation
procedures

Objective To express To report whether To perform audit To assist the client in

opinion on anything has come procedures agreed financial statements
fairness of to the auditor’s on with the client preparation by using
financial attention that and any accounting expertise
statement causes him to appropriate third as opposed to
believe that the parties identified in auditing expertise
financial statements the report
are not fair

Characteristic Audit opinion Substantially less in  Recipients of  Accounting

s enhances the scope of the report expertise, rather
credibility of procedures than must form than auditing, is
their own used
financial audit
conclusions  Users derive
statements from the some benefit
report because the
 Report is service has been
restricted to performed with
contracting due professional
parties skill and care

Evidence Risk Limited to: Reading of the FS for

gathering assessment, obvious
P a g e 9 | 14
 procedures Tests of  Inquiry; and As agreed misstatements
controls and  Analytical
Substantive procedures
(The auditor
tests
obtains an
understanding of
the entity and its
environment,
including internal
control, but no
evaluation of
internal control is
conducted.)

Level of Reasonable
assurance assurance
provided by Moderate (limited) No assurance No assurance
the CPA (High, but not assurance
absolute,
assurance)

Report Audit Report Review Report Factual findings of Compilation Report

provided containing containing procedures which identify
positive information compiled
assurance on negative assurance
assertion on assertion

Skills used by Audit skills Audit skills Audit skills Accounting skills
the auditor

Suggested Readings
Audit and Assurance Principle, 2018 Edition, by Jose M. Ireneo

Resource and Additional Resources

Audit and Assurance Principle, 2018 Edition, by Jose M. Ireneo
Philippine Framework for Assurance Engagements
https://aasc.org.ph/downloads/PSA/publications/PDFs/Philippine-Framework-for-Assurance-
Engagements.pdf

P a g e 10 | 14
ASSESSMENT:

1. Which of the following statements best describes assurance services?

A. Independent professional services that are intended to enhance the credibility of
information to meet the needs of an intended user.
B. Services designed to express an opinion on the fairness of historical financial statements
based on the results of an audit.
C. The preparation of financial statements of the collection, classification, and summarization
of other financial information.
D. Services designed for the improvement of operations, resulting in better outcomes.
2. Which of the following is not an assurance service?
A. Examination of prospective financial information
B. Audit of historical financial statements
C. Review of financial statements
D. Compilation of financial information
3. Assurance services differ from consulting services in that they
I. Focus on providing advice.
II. Involve monitoring of one party by another.
A. I only
B. II only
C. Both I and II
D. Neither I nor II
4. How many separate parties are involved in an assurance engagement?
A. 2
B. 3
C. 4
D. 5
5. An assurance engagement should have which of the following elements?
Subject Matter Criteria
A. Yes No
B. No Yes
C. Yes Yes
D. No No
6. The subject matter of an assurance engagement may include
Financial Information Internal Controls Compliance with Regulation
A. Yes Yes Yes
B. No No No
C. Yes No Yes
P a g e 11 | 14
 D. No Yes No
7. Suitable criteria are required for reasonably consistent evaluation or measurement of the
subject matter of an assurance engagement. Which of the following statements concerning the
characteristics of suitable criteria is correct?
A. Reliable criteria contribute to conclusions that are clear, comprehensive, and not subject to
significantly different interpretations.
B. Relevant criteria allow reasonably consistent evaluation or measurement of the subject
matter including, where relevant, presentation and disclosure, when used in similar
circumstances by similarly qualified practitioners.
C. Neutral criteria contribute to conclusions that are free from bias.
D. Criteria are sufficiently complete when they contribute to conclusions that are clear,
comprehensive, and not subject to different interpretations.
8. Criteria that are embodied in laws or regulations, or issued by authorized or recognized bodies
of experts that follow a transparent due process are called
A. Suitable criteria
B. Established criteria
C. Specifically developed criteria
D. General criteria
9. In an assurance engagement, the outcome of the evaluation or measurement of a subject
matter against criteria is called
A. Subject matter information
B. Subject matter
C. Assurance
D. Conclusion
10. In some assurance engagement, the evaluation or measurement of the subject matter is
performed by the responsible party, and the subject matter information is in the form of an
assertion by the responsible party that is made available to intended users. These engagements
are called
A. Direct reporting engagement
B. Assertion-based engagements
C. Non-Assurance engagements
D. Recurring engagements
11. What type of assurance engagement is involved when the practitioner expresses a positive form
of conclusion?
A. Limited assurance engagement
B. Positive assurance engagement
C. Reasonable assurance engagement
D. Absolute assurance engagement
12. What type of assurance engagement is involved when the practitioner expresses a negative
form of conclusion?
A. Reasonable assurance engagement
B. Negative assurance engagement
C. Assertion-based assurance engagement
D. Limited assurance engagement
13. Which of the following statements is true concerning evidence in an assurance engagement?
A. Sufficiency is the measure of the quantity of evidence
B. Appropriateness is the measure of the quality of evidence, that is, its reliability and
persuasiveness.

P a g e 12 | 14
 C. The reliability of evidence is influenced not by its nature but by its source.
D. The obtaining more evidence may compensate for its poor quality.
14. After accepting an assurance engagement, a practitioner is not allowed to change the
engagement to a non-assurance engagement, or from a reasonable assurance engagement to a
limited assurance engagement, except when there is reasonable justification for the change.
Which of the following ordinarily will justify a request for change in the engagement?
I. A change kin circumstances that affects the intended users’ requirements.
II. A misunderstanding concerning the nature of the engagement.
A. I only
B. II only
C. Both I and II
D. Neither I nor II
15. What level of assurance is provided by the auditor in an audit engagement?
A. Absolute
B. High, but not absolute
C. Moderate
D. No assurance
16. What level of assurance is provided by the practitioner in a review engagement?
A. No assurance
B. High, but not absolute
C. Reasonable
D. Moderate
17. When performing a compilation engagement, the accountant is required to
A. Assess internal controls.
B. Make inquiries of management to assess the reliability and completeness of the information
provided.
C. Verify matters and explanations.
D. Obtain a general knowledge of the business and operations of the entity.
18. What assurance is provided by the auditor in an agreed-upon procedures engagement?
A. Reasonable
B. Absolute
C. Moderate
D. No assurance
19. The review a company’s financial statements by a CPA firm
A. Is substantially less in scope of procedures that an audit.
B. Requires detailed analysis of the major accounts.
C. Is of similar scope as an audit and adds similar credibility to the statements.
D. Culminates in issuance of a report expressing the CPA’s Opinion as to the fairness of the
statements.
20. An engagement to perform agreed-upon procedures may involve the auditor in performing
certain procedures concerning
I. Individual items of financial data
II. A single financial statement.
III. A complete set of financial statements.
A. I and II only
B. II and III only
C. I and III only
D. I, II, and III

P a g e 13 | 14
21. A summary of findings rather that assurance is most likely to be included in a/an
A. Agreed-upon procedures report.
B. Compilation report.
C. Examination report.
D. Review report.
22. Inquiries and analytical procedures ordinarily form the basis for which type of engagement?
A. Agreed-upon procedures
B. Audit
C. Examination
D. Review
23. Independence is not a requirement for which of the following engagements?

Compilation Review Agreed-upon Procedures

A. No Yes No
B. No No No
C. Yes No Yes
D. Yes Yes Yes
24. A practitioner should accept an assurance engagement only if
A. The subject matter is in the form of financial information.
B. The criteria to be used are not available to the intended users.
C. The practitioner’s conclusion is to be contained in a written report.
D. The subject matter is the responsibility of either the intended users or the practitioner.
25. A practitioner is associated with financial information when
I. The practitioner attaches a report to that financial information.
II. The practitioner consents to the use of his/her name in a professional connection.
A. I only
B. II only
C. Either I or II
D. Neither I nor II

P a g e 14 | 14