Other Audits, Assurance Engagements and related services

Review Engagement Process (CRSE 2400)

Limited to negative assurance

Mainly relies on inquiry, analytical procedures and discussion during the engagement.

Does not involve substantive tests such as conformations or tests of controls

Acceptance and continuance procedures are still done.

Materiality is based on the FS as a whole

No need for performance materiality

Reviews

provide a limited level of assurance and require significant audit evidence

Compilation

need limited audit evidence and no level of assurance

Obtaining an understanding of the entity (comploation)

The nature of the organization and business transactions

The management and governance structure that underpins the preparation of the FS

The “tone at the top” and control environment through which the entity addresses risk

Its accounting records and employees

The basis form and content of the financial statements

Accounting matters unique to the client's business

Determine Materiality (review)

Based on the economic decisions of an informed group of users

Ranges:

Income from continuing operations 3 - 8%

Gross revenue 0.5-2%

Total revenues or expenses for a non-profit 0.5 to 2%

Perform Planned Procedures (review)

Use inquiry to understand if FS are daily presented, then use AP in the area where MM may exist based on the initial inquiry.

Modifications to the Review Engagement Report

Use either: qualified conclusion, adverse conclusion or disclaimer of a conclusion.

If the financial statements have a going concern problem CSRE 2400 requires an emphasis of matter paragraph

Compilation Engagements (CSRS 4200)

Is the lowest level of involvement with FS that can lead to communication

No assurance is provided

Provide assistance in compiling financial information and does not perform procedures to verify the accuracy or completeness of the information.

No opinion is provided

Scope of Services (Compilation)

assist management in the preparation of the compiled financial information in accordance with a basis of accounting selected by management

Management is responsible for (compilation)

The compiled information

Selecting the basis of accounting

The accuracy and completeness of the information

Requirements of the practitioner (Compilation)

Obtain knlowege of the business operations, accounting systems and basis of accounting used

If the practitioner assists management with significant judgments then a discussion with management must be dont to ensure management understands

Prepare the compiled financial info

Read the compiled financial information and consider if it is misleading

If there are matters that are misleading, request additional information

Obtain knowledge of the management's responsibility for compiled information

Document the work performed.

Review of Intrim Financial Statements (s 7060)

May be audited, reviewed or compiled

The main goal is to inform the audit committee of any material modifications to the interim FS.

CAS 805 / CSRE 2400: Audits and Reviews of Other Historical Financial Information

PAs may be asked to provide assurance on:

Specific items in the FS

Audits/review of a single financial statement

Materiality is defined in terms of the elements, accounts or items being audited rather than the overall statements.

CSAE 3000: Nonfinal information for which public accounts can provide assurance

Attestation engagements other than audits or reviews of historical financial information

CASE 3001: Nonfinal information for which public accounts can provide assurance

Direct engagements are “umbrella standards” and are meant to cover a broad range of assurance engagements on a wide variety of underlying subject matter.

Difference between attestation vs direct

The main difference is that an attestation engagement is one where management measures or evaluates the underlying subject matter against the criteria.

In a direct engagement, the practitioners measure or evaluate the underlying subject matter against the applicable criteria

Can provide reasonable assurance when the audit level is high

Can provide limited assurance when the audit level is moderate

Examples of CASE 3000

selected sustainability information included in a social responsibility report

The statement of student full-time equivalent (FTE) enrollment statement (for the Ministry of Advanced Education)

management’s statement of the total quantities of non-refillable beer containers

an entity’s cybersecurity risk management program and controls (SOC for Cybersecurity)

An examination of controls at a service organization relevant to security, availability, processing integrity, confidentiality, or privacy (SOC 2)

management’s assertion that the entity has appropriate disclosures and controls in accordance with the WebTrust Principles and Criteria for Certification Authorities

management’s statement of the days of attendance for children in a childcare facility

management’s statement of units of performance measures in a healthcare facility

Examples of CASE 3001

sustainability

the entity’s disclosures and controls in accordance with the WebTrust Principles and Criteria for Certification Authorities

The performance of the duties and functions of Election Officials in accordance with the responsibilities within the Election Act (performance audits)

The preparation of annual reports in accordance with Public Performance Reporting Principles

Determining Materiality and Significance (CASE 3000/3001)

Use professional judgment to help determine matearility as the quantitative threshold for the different matters.

Compliance with Agreements and Regulations (CSAE 3530/3531)

Compliance audit to provide assurance over statute, regulation and agreement.

The auditor identifies the relevant provisions of the agreements or regulations on which the compliance assessment is based and determines how the client will monitor them.

Can provide limited vs reasonable assurance.

Other reports to help users draw their own conclusions through:

CSRS 4460, Reports on Supplementary Matters Arising from the Audit or Review Engagement, and

CSRS 4400, Agreed-Upon Procedures Engagement.

Compliance Requirements

May be required by regulation or law:

Compliance Requirements Examples:

A lease agreement that requires the tenant to comply with limitations on the nature of business conducted on the premises

A borrowing agreement that requires the borrower to comply with a specified debt equity requirement

The franchise agreement requires the franchisee to spend a certain amount of funds in accordance with advertising policies

Attestation engagement: CASE 3530

The responsible party must provide a statement about the results of their own evaluation of compliance against suitable criteria.

Direct engagement: CASE 3530

The entity does not need to perform its own evaluation or provide a statement. Because of this, the assurance practitioner must perform more work, especially in planning and understanding the compliance activities.

Agreed-Upon Procedures Engagements (CSRS 4400)

Agreed-upon procedures (AUP) engagements involve procedures that are pre-determined and agreed to by the practitioner, the responsible party, and the intended users.

The practitioner does not provide an opinion or conclusion—only factual findings.

Procedures must be specific and objective, not based on judgment.

Independence is required, unlike compilations.

AUPs are not assurance engagements, and the practitioner does not assess materiality or evaluate internal controls.

Reporting (CSRS 4400);

The subject matter on which the procedures were performed

The purpose of the AUP engagement

A description of the procedures performed and the factual findings resulting from them

Reports on Supplemental Matters Arising from an Audit or Review Engagement (CSRS 4460)

The practitioner must plan the engagement properly and supervise assistants.

The practitioner must ensure the audit or review team is informed of the additional reporting responsibilities.

They must perform sufficient procedures to support the AUP report.

The practitioner must identify relevant criteria and assess whether the supplemental matter complies with those criteria.

s 5925: Audits of Effectiveness of Internal Control Over Financial Reporting

The objective is to provide an opinion on the effectiveness of internal control over financial reporting (ICFR).

This audit is performed together with the financial statement audit.

The COSO framework is the standard (criteria) used to assess control effectiveness.

The related standard prescribes specific report formatting requirements.

The ICFR audit may be combined with the financial statement audit report into a single combined report.