2017-11-30
436
Explain the five elements of an assurance engagement
An assurance engagement is one in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the subject matter information (that is, the outcome of the evaluation or measurement of a subject matter against criteria).
Elements of an assurance engagement
An assurance engagement performed by a practitioner will consist of the following elements:
· A three party relationship. The three parties are the intended user, the responsible party and thepractitioner.
Intended users are the person, persons or class of persons for whom the practitioner prepares theassurance report.
The responsible party is the person (or persons) responsible for the subject matter (in a direct reportingengagement) or subject matter information of the assurance engagement.
The practitioner is the individual providing professional services that will review the subject matter and provide the assurance.
· A subject matter. This is the data to be evaluated that has been prepared by the responsible party.It can take many forms including financial performance (eg historical financial information), non-financial performance (eg key performance indicators), processes (eg internal control) andbehaviour (eg compliance with laws and regulations).
· Suitable criteria. The subject matter is evaluated or measured against criteria in order to reach anopinion.
· Evidence. Sufficient appropriate evidence needs to be gathered to support the required level of assurance.
· An assurance report. A written report containing the practitioner's opinion is issued to the intended user, in the form appropriate to a reasonable assurance engagement or a limited assurance engagement.
|
|
|
Describe the types of assurance engagement
There are two types of assurance engagements: attestation engagements and direct engagements. The main difference between the two lies in who is measuring, or evaluating, the underlying subject matter against the criteria.
(a) An attestation engagement: This is where the underlying subject matter has not been measured or evaluated by the practitioner, and the practitioner concludes whether or not the subject matter information is free from material misstatement.
A good example of an attestation engagement is the review of a sustainability report, which has been prepared by management. In this case, management measures and evaluates the extent to which the company has achieved its sustainability targets, and the practitioner provides a conclusion as to whether the measurement and evaluation is free from material misstatement.
(b) A direct engagement: This is where the underlying subject matter has been measured and evaluated by the practitioner, and the practitioner then presents conclusions on the reported outcome in the assurance report.
An example of this is when the practitioner is engaged to carry out a review of the effectiveness ofa company’s system of internal controls. The practitioner would evaluate the internal controls, andthen issue an assurance report explaining the outcome of the review.
Briefly describe what internal auditing is
Internal auditors are employed as part of an organization’s system of controls. Their responsibilities are determined by management and may be wide-ranging.
Internal auditing is an appraisal or monitoring activity established or provided as a service to the entity. Its functions include examining, evaluating and monitoring the adequacy and effectiveness of internal control.
Up to now we have discussed assurance services where an independent outsider provides an opinion on financial information. Assurance can also be provided to management (and by implication, to other parties) by internal auditors.
As part of good corporate governance all directors are advised to review the effectiveness of the company's risk management and internal control systems. They should also consider the need for an internal audit function to help them carry out their duties.
Larger organisations may therefore appoint full-time staff whose function is to monitor and report on the running of the company's operations. Internal audit staff members are one type of control. Although some of the work carried out by internal auditors is similar to that performed by external auditors, there are important distinctions between the two functions in terms of their responsibilities, scope and relationship with the company, and we will examine these in more detail in Chapter 5.
|
|
|
There are a number of assignments that may be carried out by internal auditors and these include:
· Value for money (VFM) audits which examine the economy, efficiency and effectiveness of activities and processes
· An information technology (IT) audit, which is a test of controls in a specific area of the business
· Best value audits. ‘Best value’ is a performance framework introduced into local authorities by theUK government. They are required to publish annual best value performance plans and review all oftheir functions over a five year period and internal audit can carry out this review
· Financial, operational and procurement audits
