20-2 Assurance Services Independent professional services that improve the quality of information, or its context, for decision makers Assurance service encompass attestation services but are broader Attestation, a portion of assurance services, are restricted to examination, review or agreed-upon procedures engagements Assurance services go beyond attestation, may involve analyzing data or putting them in a form to facilitate decision making
20-3 Relationship Between Assurance and Attestation
20-4 Demand for Assurance Services Reduce information risk for outside parties and enable the company to contract at more favorable terms Information technology has significantly changed expectations of information users New services being developed Continuous auditing Assurance on system reliability Performed in accordance with Statement on Standards for Attestation Services
20-5 Selected Characteristics of Assurance Services
20-6 Subject Matter Historical or prospective performance or condition Physical characteristics Historical events Analyses Systems or processes Behavior
20-7 Assertion Declaration about whether the subject matter is presented in accordance with certain criteria. Practitioners generally must obtain appropriate assertion about subject matter Report can be on either The assertion about the subject matter or The subject matter itself
20-8 Criteria Suitable Objective Permit reasonable consistent measurements Complete Relevant Available Publicly available Presented in a summary, the assertion or the practitioners report
20-9 Relationships Among Terms Used in Attestation Engagements
20-10 Attestation Risk Risk that practitioners will unknowingly fail to appropriately modify their report on subject matter that is materially misstated Consists of Inherent risk Control risk Detection risk Materiality Difficult because subject matter may not be financial Determine likely needs of intended users
20-11 Types of Attestation Engagements Examinations Highest level of assurance Attestation risk at low level Reviews Limited or negative assurance Attestation risk at moderate level Agreed-upon procedures Restricted use reports
20-14 Assurance on Internal Control over Financial Reporting Presented in Chapters 7 and 18. Public companiesPerformed as a part of the integrated audit covering financial statements and internal control. Nonpublic CompaniesHave the option of having a similar integrated audit.
20-15 Prospective Financial Statements Financial Forecasts Information about the entitys expected financial position, results of operations and cash flows Financial Projection Expected results, given one or more hypothetical assumptions CPAs engaged to examine or perform agreed-upon procedures but no review
20-16 Examinations of Prospective Financial Statements Practitioners gather evidence relating to the clients procedures for preparation of the statements Evaluate the underlying assumptions Obtain a written representation letter from the client Evaluate whether statements are in conformity with AICPA guidelines
20-17 Reporting on Prospective Financial Statements Report on subject matter States whether the statements are presented in conformity with AICPA guidelines Whether underlying assumptions provide a reasonable basis for the statements Does not vouch for the achievability of the forecast or projection
20-18 Compliance Types 1. Attesting to an entitys compliance with specified requirements of laws, regulations, rules, contracts, or grants. 2. Attesting to the effectiveness of an entitys internal control over compliance with specified requirements.
20-19 Managements Discussion and Analysis Management required to provide narrative explanation of financial results as part of 10-K and 10-Q Practitioner may examine or review Objective to provide assurance on (1) the presentation includes, in all material respects, the required elements of the rules and regulations adopted by the SEC; (2) the historical financial amounts included in the presentation have been accurately derived, in all material respects, from the entitys financial statements; and (3) the underlying information, determinations, estimates, and assumptions of the entity provide a reasonable basis for the disclosures contained in the presentation.
20-20 Trust Services Intended to address user and preparer needs regarding issues of security, availability, processing integrity, online privacy and confidentiality within e-commerce and other systems System consists of Infrastructure Software People Procedures Data
20-21 Trust Services The practitioner (1) performs procedures to determine that managements description of the system is fairly stated and (2) obtains evidence that the controls over the system are designed and operating effectively to meet the Trust Services Principles and Criteriathe suitable criteria required for an attest engagement
20-22 Principles and Criteria Principles 1. Security 2. Availability 3. Processing Integrity 4. Confidentiality 5. Privacy Criteria for each principle 1. Policies 2. Communications 3. Procedures 4.Monitoring
20-23 Types of Trust Services Engagements Examination or agreed-upon procedures WebTrust Assurance on electronic commerce systems SysTrust Assurance on any system
20-24 Reporting on Trust Services WebTrust and SysTrust reports are similar: Assurance is provided on managements assertion relating to the principles SysTrust reports may be on one or more of the five principles Designed to incorporate a seal management process Seal (logo) included on a clients website as electronic representation of the report Engagement must be updated at least annually to use the seal Initial reporting period must be at least 2 months
20-25 PrimePlus/ElderCare Services Financial Goal setting, funding analysis, needs assessment Nonfinancial Interpersonal and relationship management Management of interaction between service providers and client Target market Older clients of CPA Children of older adults Other professionals that deal with older adults
20-26 XBRL eXtensible Business Reporting Language is an international information format designed for business information. Accounting profession is in process of developing guidance for CPAs to provide assurance on XBRL-Related Documents.
20-27 Additional Future Assurance Services Committees working on: Health care performance measurement This service provides assurance about the effectiveness of health care services provided by health maintenance organizations, hospitals, doctors, and other providers. Continuous auditing provides assurance using a series of reports provided simultaneously or shortly after the related information is released.