Other Attestation and Accounting Services
Download
Report
Transcript Other Attestation and Accounting Services
Chapter 20
Additional
Assurance
Services: Other
Information
McGraw-Hill/Irwin
Copyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
Assurance Services
Independent professional services that “improve the
quality of information, or its context, for decision makers”
Assurance service encompass attestation services but
are broader
Attestation, a portion of assurance services, are
restricted to examination, review or agreed-upon
procedures engagements
Assurance services go beyond attestation, may involve
analyzing data or putting them in a form to facilitate
decision making
20-2
Relationship Between Assurance and
Attestation
20-3
Demand for Assurance Services
Reduce information risk for outside parties and
enable the company to contract at more
favorable terms
Information technology has significantly changed
expectations of information users
New services being developed
Continuous auditing
Assurance on system reliability
Performed in accordance with Statement on
Standards for Attestation Services
20-4
Selected Characteristics of Assurance Services
20-5
Subject Matter
Historical
or prospective performance or
condition
Physical characteristics
Historical events
Analyses
Systems or processes
Behavior
20-6
Assertion
Declaration
about whether the subject
matter is presented in accordance with
certain criteria.
Practitioners generally must obtain
appropriate assertion about subject matter
Report can be on either
The assertion about the subject matter or
The subject matter itself
20-7
Criteria
Suitable
Objective
Permit reasonable consistent measurements
Complete
Relevant
Available
Publicly available
Presented in a summary, the assertion or the
practitioners’ report
20-8
Relationships Among Terms Used in
Attestation Engagements
20-9
Attestation Risk
Risk that practitioners will unknowingly fail to
appropriately modify their report on subject matter that is
materially misstated
Consists of
Inherent risk
Control risk
Detection risk
Materiality
Difficult because subject matter may not be financial
Determine likely needs of intended users
20-10
Types of Attestation Engagements
Examinations
Highest level of assurance
Attestation risk at low level
Reviews
Limited or negative assurance
Attestation risk at moderate level
Agreed-upon
procedures
Restricted use reports
20-11
Examination Report
20-12
Review Report on Subject Matter
20-13
Assurance on Internal Control over
Financial Reporting
Presented in Chapters 7 and 18.
Public companies—Performed as a part of the
integrated audit covering financial statements
and internal control.
Nonpublic Companies—Have the option of
having a similar integrated audit.
20-14
Prospective Financial Statements
Financial
Information about the entity’s expected
financial position, results of operations and
cash flows
Financial
Forecasts
Projection
Expected results, given one or more
hypothetical assumptions
CPAs
engaged to examine or perform
agreed-upon procedures but no review
20-15
Examinations of Prospective
Financial Statements
Practitioners
gather evidence relating to
the client’s procedures for preparation of
the statements
Evaluate the underlying assumptions
Obtain a written representation letter from
the client
Evaluate whether statements are in
conformity with AICPA guidelines
20-16
Reporting on Prospective Financial
Statements
Report
on subject matter
States whether the statements are
presented in conformity with AICPA
guidelines
Whether underlying assumptions provide a
reasonable basis for the statements
Does not vouch for the achievability of the
forecast or projection
20-17
Compliance
Types
1. Attesting to an entity’s compliance with
specified requirements of laws, regulations,
rules, contracts, or grants.
2. Attesting to the effectiveness of an entity’s
internal control over compliance with
specified requirements.
20-18
Management’s Discussion and Analysis
Management required to provide narrative explanation of
financial results as part of 10-K and 10-Q
Practitioner may examine or review
Objective to provide assurance on
(1) the presentation includes, in all material respects, the required
elements of the rules and regulations adopted by the SEC;
(2) the historical financial amounts included in the presentation have
been accurately derived, in all material respects, from the entity’s
financial statements; and
(3) the underlying information, determinations, estimates, and
assumptions of the entity provide a reasonable basis for the
disclosures contained in the presentation.
20-19
Trust Services
Intended to address user and preparer needs regarding
issues of security, availability, processing integrity, online
privacy and confidentiality within e-commerce and other
systems
System consists of
Infrastructure
Software
People
Procedures
Data
20-20
Trust Services
The practitioner
(1) performs procedures to determine that
management’s description of the system is fairly stated
and
(2) obtains evidence that the controls over the system
are designed and operating effectively to meet the Trust
Services Principles and Criteria—the suitable criteria
required for an attest engagement
20-21
Principles and Criteria
Principles
1. Security
2. Availability
3. Processing Integrity
4. Confidentiality
5. Privacy
Criteria for each principle
1. Policies
2. Communications
3. Procedures
4. Monitoring
20-22
Types of Trust Services Engagements
Examination
or agreed-upon procedures
WebTrust
• Assurance on electronic commerce
systems
SysTrust
• Assurance on any system
20-23
WebTrust: Reporting on Trust Services
Designed to incorporate a seal management process
Seal (logo) included on a client’s website as
electronic representation of the report
Engagement must be updated at least annually to use
the seal
Initial reporting period must be at least 2 months
Competition
BBBOnLine program
TRUSTe
Service Organization Control (SOC)
Reports
SOC 1: Restricted use reports on controls at a service
organization relevant to a user entity’s internal control
over financial reporting (presented earlier in Chapter 7).
SOC 2: Restricted use reports on controls at a service
organization related to security, availability, processing
integrity, confidentiality, and/or privacy.
SOC 3: General use SysTrust reports related to security,
availability, processing integrity,
20-25
ElderCare/PrimePlus Services
GOAL: help seniors face financial and other challenges that come with
aging
Financial
For elders: Estate & tax planning, investment planning,
budgeting, bookkeeping, protecting from predators, serving as
power-of-attorney
Nonfinancial
Coordinating healthcare and legal services
Provide monitoring and assurance to family members of quality
of care, financial issues, etc.
Target market
Older clients of CPA and their children
Other professionals that deal with older adults
XBRL
eXtensible
Business Reporting Language
is an international information format
designed for business information.
Accounting profession is in process of
developing guidance for CPAs to provide
assurance on XBRL-Related Documents.
20-27
Additional Future Assurance Services
Committees working on:
Health care performance measurement
This service provides assurance about the
effectiveness of health care services provided by
health maintenance organizations, hospitals,
doctors, and other providers.
Continuous auditing
provides assurance using a series of reports
provided simultaneously or shortly after the
related information is released.
20-28