Transcript Assurance Services
Other Assurance Services
Most are Attestation Engagements Covered by Statements on Standards for Attestation Engagements (SSAE).
Attestation Engagements Offer Some Level of Assurance on an Assertion by Another Usually Client Management.
Some New Non-Attest Assurance Services Only Offer General Assurance Not Necessarily Based on an Assertion.
20-1
Relationship Between Assurance and Attestation 20-2
What is Attest Work?
An Engagement Where We Offer Some Form or Level of Assurance About a Subject Matter or an Assertion About a Subject Matter.
20-3
Subject Matter
• • • • • •
Historical or prospective performance or condition Physical characteristics Historical events Analyses Systems or processes Behavior
20-4
Criteria for Subject Matter
To be Suitable, it must be:
– – – –
Objective Permit Reasonable, Consistent Measurement Complete Relevant to the Assertion
To be Available, it must be either:
– –
Publicly Available or Presented in a Summary, the Assertion or CPA’s Report
20-5
Relationships Among Terms Used in Attestation Engagements
20-6
•
Levels of Attest Work
Examination - Complete, Positive Opinion About the Assertion of Client Management (In our opinion, the assertion is fairly stated...)
•
Review - “Negative” Assurance Conclusion That We Have No Basis to Doubt the Assertion (Based on our review, we are not aware of...)
•
Agreed Upon Procedures - Presents the Procedures Performed and the Findings from Performing the Procedures (The procedures and findings are as follows…)
20-7
Attestation Engagements
Type of Engagement Examination Level of Assurance Highest (reasonable) Nature of Report Expresses opinion Procedures Sufficient to limit attestation risk to low level
20-8
Attestation Engagements
Type of Engagement Level of Assurance Examination Highest (reasonable) Review Moderate or Limited Nature of Report Expresses opinion Expresses negative assurance Procedures Sufficient to limit attestation risk to low level Generally limited to inquiry & analytical procedures
20-9
Attestation Engagements
Type of Engagement Level of Assurance Examination Highest (reasonable) Review Moderate or Limited Agreed-upon procedures Varies with procedures Nature of Report Expresses opinion Expresses negative assurance States findings Procedures Sufficient to limit attestation risk to low level Generally limited to inquiry & analytical procedures Procedures agreed upon with the specified users
20-10
Client Management Responsible Party)
1-1
The Attest Function
CPA Subject Matter Suitable Criteria Consider Presenting Assertion Subject Matter
*If the criteria are not generally available to the users, it should be presented in the CPA’s report or management’s presentation.
Gather and Evaluate Evidence Prepare Necessary Adjustments Issue Report on Findings Management may present: •Nothing •Description of Subject Matter, and/or •An Assertion CPA’s Attest Report* Users 20-11
1-3
Audit of Financial Statements
Client Accounting Personnel Maintain Independent Auditors Prepare Accounting Records Financial Statements Determine Fairness of Statements Propose Necessary Adjustments Issue Report on Findings Other Evidential Matter Generally Accepted Accounting Principles Audited Financial Statements Auditors’ Report Outside Decision Makers 20-12
Statements on Standards for Attestation Engagements
Note: For all clients, except attesting to internal controls at public
companies (PCAOB Standard).
20-13
Attestation Standards
Statements on Standards for Attestation Engagements (SSAE)
• •
Includes General, Field Work and Reporting Standards Like the Auditing Standards (Ch 2) (These came long before.) Then, Organized by Subject of Attest Work:
• • • • • •
Financial Forecasts & Projections Pro Forma Financial Information Internal Control Compliance w/ Laws, Regs, Contracts Mgmt Discussion & Analysis (MD&A) Applying Agreed Upon Procedures
20-14
Basic Attestation Standards
General Standards 1. The engagement shall be performed by a practitioner having adequate technical training and proficiency in the attest function.
2. The engagement shall be performed by a practitioner having adequate knowledge of the subject matter.
3. The practitioner shall perform the engagement only if he or she has reason to believe that the subject matter is capable of evaluation against criteria that are suitable and available to users.
4. In all matters relating to the engagement, an independence in mental attitude shall be maintained by the practitioner.
5. Due professional care shall be exercised in the planning and performance of the engagement.
20-15
Basic Attestation Standards
Standards of Fieldwork 1. The work shall be adequately planned and assistants, if any, shall be properly supervised.
2. Sufficient evidence shall be obtained to provide a reasonable basis for the conclusion that is expressed in the report.
20-16
Basic Attestation Standards
Standards of Reporting 1. The report shall identify the subject matter or the assertion being reported on and state the character of the engagement.
2. The report shall state the practitioner's conclusion about the subject matter or the assertion in relation to the criteria against which the subject matter was evaluated.
3. The report shall state all of the practitioner's significant reservations about the engagement, the subject matter, and, if applicable, the assertion related thereto.
4. The report shall state that the use of the report is restricted to specified parties under certain circumstances.
20-17
Other Primary Attest Examples
Compliance With Laws, Regulations, Contracts/Grants or Agreements
Financial Forecasts
Financial Projections
Internal Controls
Management Discussion & Analysis
Marketing Claims (Assertions) WebTrust SysTrust
Trust Services
20-18
Compliance With Laws, Regulations, Contracts/Grants or Agreements
May be Required Periodically by 3rd Party.
Can Address One or Both Assertions:
Actual Compliance
Effectiveness of Internal Controls for Ensuring Compliance
Can be Either an Examination or an Agreed Upon Procedures Engagement.
Cannot be a Review.
20-19
Financial Forecasts & Projections
Forecasts: Estimating What is Expected.
Projections: Estimating based on Given Assumptions or “What if”.
Can be Either an Examination or an Agreed Upon Procedures Engagement.
Cannot be a Review.
20-20
Management Report on Internal Control
Wilson Company maintains internal control over financial reporting, which is designed to provide reasonable assurance to the Company's management and board of directors regarding the preparation of reliable published financial statements. Internal control contains self-monitoring mechanisms, and actions are taken to correct deficiencies as they are identified. Even with effective internal control, no matter how well designed, has inherent limitations---including the possibility of the circumvention or overriding of controls---and therefore can provide only reasonable assurance with respect to financial statement preparation. Further, because of changes in conditions, internal control effectiveness may vary over time. The Company assessed its internal control as of December 31, 20X2, in relation to criteria for effective internal control over financial reporting described in Internal Control---Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission. Based on this assessment, the Company believes that, as of December 31, 20X2, its internal control over financial reporting met those criteria.
20-21
Accountants’ Report on Internal Control 1st Paragraph
We have examined Wilson Company’s internal control over financial reporting as of December 31, 20X2, based on criteria established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Wilson Company’s management is responsible for maintaining effective internal control over financial reporting, and for its assertion of the effectiveness of internal control over financial reporting, included in the accompanying Management Report on Internal Control. Our responsibility is to express an opinion on Wilson Company’s internal control over financial reporting based on our examination.
20-22
Accountants’ Report on ICS 2nd Paragraph
We conducted our examination in accordance with attestation standards established by the American Institute of Certified Public Accountants. Those standards require that we plan and perform the examination to obtain reasonable assurance about whether effective internal control over financial reporting was maintained in all material respects . Our examination included obtaining an understanding of internal control over financial reporting, assessing the risk that a material weakness exists, and testing and evaluating the design and operating effectiveness of internal control based on the assessed risk. Our examination also included performing such other procedures as we considered necessary in the circumstances. We believe that our examination provides a reasonable basis for our opinion .
20-23
Accountants’ Report on ICS 3rd Paragraph
An entity’s internal control over financial reporting is a process effected by those charged with governance, management and other personnel, designed to provide reasonable assurance regarding the preparation of reliable financial statements in accordance with accounting principles generally accepted in the United States of America. An entity’s internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and disposition of the assets of the entity; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with accounting principles generally accepted in the United States of America, and that receipts and expenditures of the entity are being made only in accordance with authorizations of management and those charged with governance; and (3) provide reasonable assurance regarding prevention, or timely detection and correction of unauthorized acquisition, use, or disposition of the entity’s assets that could have a material effect on the financial statements.
20-24
Accountants’ Report on ICS 4th Paragraph
Because of
inherent limitations of internal control ,
errors or irregularities may occur and not be detected . Also, projections of any evaluation of internal control over financial reporting to future periods are subject to the risk that internal control may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate. Because of its inherent limitations, internal control over financial reporting may not prevent, or detect and correct misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate .
20-25
Accountants’ Report on ICS 5
th
& 6th Paragraphs
In our opinion, Wilson Company maintained, in all material respects , effective internal control over financial reporting as of December 31, 20X2, based on criteria established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) We also have audited, in accordance with auditing standards generally accepted in the Untied States of America, the financial statements of Wilson Company and our report dated February 15, 20X3 expressed an unqualified opinion.
20-26
Report on Internal Controls
•
Can be Either an Examination or Agreed Upon Procedures (AUP).
•
Cannot be a Review if on Internal Controls over Financial Reporting.
20-27
Mgmt Discussion & Analysis
MD&A is Management’s Narrative on the Historical & Maybe Prospective Performance.
It Appears in the Annual Report and part of the SEC 10Q and 10K.
CPAs Perform an Examination or Review. Normally, No 3rd Party to Specify Agreed Upon Procedures.
20-28
Marketing Claims (Assertions)
Usually Assertions of Lowest Prices or Other Comparison with Competition.
Grocery Prices (Text example & problem 20-36)
MCI Price Comparison Methodology
How About Best Slot Machine Payout?
Usually an Examination to be Beneficial.
20-29
Price Comparison “Methodology”
We have examined the Proof Positive Methodology of MCI Telecommunications Corp. (MCI) for the period . . . The Proof Positive Methodology for comparing MCI’s billing charges to AT&T and between MCI services is described in the You Save Money With MCI section of the enclosed Proof Positive Account Review . . .
In our opinion, the Proof Positive Methodology properly compares billing charges between MCI and AT&T and between alternative MCI services and accurately reflects the price differences for the period . . .
20-30
Casino Payout Promises
We have audited the accompanying schedule of theoretical payout percentages for slot and video poker machines located in the casino area known as . . .
We conducted our audit in accordance with generally accepted auditing standards. . .to obtain reasonable assurance about whether the schedule of theoretical payout percentages is free of material misstatement . . .
In our opinion, such schedule of theoretical payout percentages for slot and video poker machines located in the casino area known as . . . presents fairly, in all material respects, the theoretical payout percentages for such . . .
Note: This report is not compliant with current attestation
Trust Services
Generally relates to assurance offered for IT services via eCommerce (generally called
WebTrust
) or other IT Applications (generally called
SysTrust
and was originally for trading partners, but now for Service Organizations)
Original services were developed jointly by the AICPA and the Canadian Institute of Chartered Accountants (CICA).
WebTrust & SysTrust are logos/seals to post on web sites. Examination required .
32
AICPA Trust Services Principles
1. Security 2. Availability 3. Processing Integrity 4. Confidentiality 5. Privacy
Criteria
(for each principle) 1. Policies 2. Communications 3. Procedures 4. Monitoring
Under AICPA standards, can be an examination or AUP.
33
Service Organization Control (SOC) Reports
34
Environmental
Independent Accountant’s Report We have examined the accompanying
schedule of greenhouse gas emissions
of XYZ Company for [identify period, for example, the year ended December 31, 20XX]. XYZ Company’s management is responsible for the schedule. Our responsibility is to express an opinion based on our examination.
Our examination was conducted in accordance
with attestation standards established by the American Institute of Certified Public Accountants
and, accordingly, included obtaining an understanding of the nature of the company’s greenhouse gas emissions; examining, on a test basis, evidence supporting the company’s schedule of greenhouse gas emissions; and performing such other procedures as we considered necessary in the circumstances. We believe that our examination provides a reasonable basis for our opinion.
As described in footnote X, environmental and energy use data are subject to measurement uncertainties resulting from limitations inherent in the nature and methods used for determining such data.
The selection of different but acceptable measurement techniques can result in materially different measurements
. The precision of different measurement techniques may also vary.
In our opinion, the schedule referred to above presents, in all material respects, the greenhouse gas emissions of XYZ Company for [identify period, for example, the year ended December 31, 20XX] in conformity with [identify criteria].
35
Political
•
“Conflict Minerals”: certain minerals—tantalum, tungsten, tin, and gold—that are mined in the Democratic Republic of the Congo (DRC) or the surrounding areas.
•
The Dodd-Frank Act requires:
–
Issuers who use conflict minerals in their manufacturing processes and supply chain to disclose whether the minerals came from the DRC or the surrounding areas.
–
If a company determines its conflict minerals originated in those countries, it will have to file a “Conflict Minerals Report” with the SEC and publish it on its website.
–
The reports outline all of the due diligence the company performed as it sourced its supply chain and must be independently audited .
20-36
Political
•
Purpose of the audit is to express an opinion or conclusion as to whether the: 1) Design of the issuer’s due diligence framework as set forth in the Conflict Minerals Report is in conformity with, in all material respects, the criteria set forth in the nationally or internationally recognized due diligence framework used by the issuer, and 2) Issuer’s description of the due diligence measures it performed as set forth in the Conflict Minerals Report is consistent with the due diligence process that the issuer undertook.
•
The audit is required to be performed in accordance with the “Yellow Book” & can consist of either an examination attestation engagement or a performance audit.
20-37
NonAttest Assurance Services
Somewhat Loosely Defined Category
Part of AICPA and Profession’s move to Develop new Business for CPAs.
CPA may offer Assurance as to the Quality of Care Given or Services Provided.
Criteria Very Subjective.
20-38
PrimePlus/ElderCare Services
•
Financial
– Goal setting, funding analysis, needs assessment •
Nonfinancial
– Interpersonal and interrelationship management – Management of interaction between service providers and client •
Target market
– Older clients of CPA – Children of older adults – Other professionals that deal with older adults 20-39