additional assurance services: other information chapter 20 mcgraw-hill/irwin copyright © 2012 by...
TRANSCRIPT
Additional Assurance Services: Other Information
Chapter 20
McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
20-2
Assurance ServicesAssurance Services
Independent professional services that “improve the quality of information, or its context, for decision makers”
Assurance service encompass attestation services but are broader
Attestation, a portion of assurance services, are restricted to examination, review or agreed-upon procedures engagements
Assurance services go beyond attestation, may involve analyzing data or putting them in a form to facilitate decision making
20-3
Relationship Between Assurance and Relationship Between Assurance and AttestationAttestation
20-4
Demand for Assurance ServicesDemand for Assurance Services
Reduce information risk for outside parties and enable the company to contract at more favorable terms
Information technology has significantly changed expectations of information users
New services being developed Continuous auditing Assurance on system reliability
Performed in accordance with Statement on Standards for Attestation Services
20-5
Selected Characteristics of Selected Characteristics of Assurance Services Assurance Services
20-6
Subject MatterSubject Matter
Historical or prospective performance or condition
Physical characteristics Historical events Analyses Systems or processes Behavior
20-7
AssertionAssertion
Declaration about whether the subject matter is presented in accordance with certain criteria.
Practitioners generally must obtain appropriate assertion about subject matter
Report can be on either The assertion about the subject matter or The subject matter itself
20-8
CriteriaCriteria
Suitable Objective Permit reasonable consistent measurements Complete Relevant
Available Publicly available Presented in a summary, the assertion or the
practitioners’ report
20-9
Relationships Among Terms Used Relationships Among Terms Used in Attestation Engagementsin Attestation Engagements
20-10
Attestation RiskAttestation Risk
Risk that practitioners will unknowingly fail to appropriately modify their report on subject matter that is materially misstated
Consists of Inherent risk Control risk Detection risk
Materiality Difficult because subject matter may not be financial Determine likely needs of intended users
20-11
Types of Attestation EngagementsTypes of Attestation Engagements
Examinations Highest level of assurance Attestation risk at low level
Reviews Limited or negative assurance Attestation risk at moderate level
Agreed-upon procedures Restricted use reports
20-12
Examination ReportExamination Report
20-13
Review Report on Subject Matter
20-14
Assurance on Internal Control over Assurance on Internal Control over Financial ReportingFinancial Reporting
Presented in Chapters 7 and 18. Public companies—Performed as a part of the
integrated audit covering financial statements and internal control.
Nonpublic Companies—Have the option of having a similar integrated audit.
20-15
Prospective Financial StatementsProspective Financial Statements
Financial Forecasts Information about the entity’s expected
financial position, results of operations and cash flows
Financial Projection Expected results, given one or more
hypothetical assumptions CPAs engaged to examine or perform
agreed-upon procedures but no review
20-16
Examinations of Prospective Examinations of Prospective Financial StatementsFinancial Statements
Practitioners gather evidence relating to the client’s procedures for preparation of the statements
Evaluate the underlying assumptions Obtain a written representation letter from
the client Evaluate whether statements are in
conformity with AICPA guidelines
20-17
Reporting on Prospective Reporting on Prospective Financial Statements Financial Statements
Report on subject matter States whether the statements are
presented in conformity with AICPA guidelines
Whether underlying assumptions provide a reasonable basis for the statements
Does not vouch for the achievability of the forecast or projection
20-18
ComplianceCompliance
Types1. Attesting to an entity’s compliance with
specified requirements of laws, regulations, rules, contracts, or grants.
2. Attesting to the effectiveness of an entity’s internal control over compliance with specified requirements.
20-19
Management’s Discussion and Management’s Discussion and AnalysisAnalysis
Management required to provide narrative explanation of financial results as part of 10-K and 10-Q
Practitioner may examine or review Objective to provide assurance on
(1) the presentation includes, in all material respects, the required elements of the rules and regulations adopted by the SEC;
(2) the historical financial amounts included in the presentation have been accurately derived, in all material respects, from the entity’s financial statements; and
(3) the underlying information, determinations, estimates, and assumptions of the entity provide a reasonable basis for the disclosures contained in the presentation.
20-20
Trust ServicesTrust Services
Intended to address user and preparer needs regarding issues of security, availability, processing integrity, online privacy and confidentiality within e-commerce and other systems
System consists of Infrastructure Software People Procedures Data
20-21
Trust ServicesTrust Services
The practitioner
(1) performs procedures to determine that management’s description of the system is fairly stated and
(2) obtains evidence that the controls over the system are designed and operating effectively to meet the Trust Services Principles and Criteria—the suitable criteria required for an attest engagement
20-22
Principles and CriteriaPrinciples and Criteria
Principles
1. Security
2. Availability
3. Processing Integrity
4. Confidentiality
5. Privacy
Criteria for each principle
1. Policies
2. Communications
3. Procedures
4. Monitoring
20-23
Types of Trust Services EngagementsTypes of Trust Services Engagements
Examination or agreed-upon procedures WebTrust
• Assurance on electronic commerce systems
SysTrust
• Assurance on any system
20-24
Reporting on Trust ServicesReporting on Trust Services
WebTrust and SysTrust reports are similar: Assurance is provided on management’s assertion relating to the principles
SysTrust reports may be on one or more of the five principles
Designed to incorporate a seal management process Seal (logo) included on a client’s website as electronic
representation of the report Engagement must be updated at least annually to use
the seal Initial reporting period must be at least 2 months
20-25
PrimePlus/ElderCare ServicesPrimePlus/ElderCare Services
Financial Goal setting, funding analysis, needs assessment
Nonfinancial Interpersonal and relationship management Management of interaction between service providers
and client Target market
Older clients of CPA Children of older adults Other professionals that deal with older adults
20-26
XBRLXBRL
eXtensible Business Reporting Language is an international information format designed for business information.
Accounting profession is in process of developing guidance for CPAs to provide assurance on XBRL-Related Documents.
20-27
Additional Future Additional Future Assurance ServicesAssurance Services
Committees working on: Health care performance measurement
This service provides assurance about the effectiveness of health care services provided by health maintenance organizations, hospitals, doctors, and other providers.
Continuous auditing
provides assurance using a series of reports provided simultaneously or shortly after the related information is released.