Assurance

Question 1

Assurance Due diligence

Answer 1

This is a form of assurance engagement and usually takes place in an acquisition or
refinancing, therefore it is likely to be a common requirement in the SBM exam.
Objectives may include:
 Confirming the accuracy of information
 Providing the bidder with an independent assessment of the target business
 Identifying and quantifying areas of commercial and financial risk
 Giving assurance to finance providers
 Place the bidder in a better position to determine the value of the target
company
There are several types of due diligence work:
 Financial – to check the accuracy of financial information
 Commercial – to understand the market, customers, satisfaction
 Technical – to see what research and development is taking place
 IT – to highlight any issues in merging the systems
 Legal – to check for legal impediments
 HR – to highlight any HR issues, or redundancies required
 Tax – to search for any historical tax liabilities
However, financial due diligence will most likely be the focus in this exam.

Question 2

Assurance Due diligence 1.1 Exam technique

Answer 2

Typical questions
 Set out preliminary financial due diligence procedures on the draft financial
statements
 An explanation of the key issues that your due diligence will need to consider
and the procedures that you would perform to address these
Note: These types of requirements are actually similar to the planning questions you
did in professional level audit and assurance.
You are effectively required to explain risks and describe procedures.
However, the nature of the risks and procedures (even for financial due diligence)
might be different to those required for a statutory audit.
Step 1 – Due diligence risks:
You need to identify due diligence risks from the information provided.

Step 2 – Due diligence procedures:
You need to describe specific procedures that link to the risk identified.
Aim to perform a specific action on a specific source (making use of the
information in the scenario wherever possible).

Question 3

Assurance Due diligence Generic DD risk areas

Answer 3

Overstatement of earnings and assets (or understatement of liabilities)
Draft, unaudited, financial statements are being used increasing the risk of error
Analytical review identifies unusual relationships, suggesting earnings or assets
are overstated

Accounting estimates that could be manipulated to overstate earnings or assets
(e.g. excessive useful economic lives)

Highly complex or subjective areas which are more likely to be misstated
(e.g. pension asset or liability)

Post-acquisition markets may not support the level of growth forecasted

Bid values may be over optimistic, resulting in over payment for an acquisition

Costs of integration may be greater than expected

Question 4

Assurance Due diligence Generic DD procedures

Answer 4

Inspect borrowing agreements to ensure there are no restrictive covenants of
which the bidder was not aware

Validate underlying assumptions to ascertain whether they are consistent with
historical data

Review the planned redundancies to estimate the redundancy costs

Review valuation reports to attest to the fair value of assets

Compare the discount rate to market interest rates to review appropriateness

Review regional growth, changes in local competition and other market data to
gain assurance over the predicted growth levels

Validate any potential cost savings

Legal due diligence will establish rights over a brand

Review future orders for assurance over the future sales

Asses compatibility of IT systems between combining companies, to see if it can
be integrated or if additional costs will be required

Question 5

Assurance Assurance on business plans and
forecasts 2.1 Exam technique

Answer 5

Historically, the advanced stage questions on assurance engagements have
focussed on the form of the report (particularly the level of assurance given) and the
relevant procedures.
For example:
We require an assurance report on the forecasts. Please explain the level of
assurance that could be provided and explain the key assurance procedures
that would be required.
Note: ‘ISAE 3400: Review of forecasts’ is a very useful resource for answering this
type of question.
Step 1 – Level of assurance/content of report
Limited assurance is given in the form of a negatively worded opinion (more detail
paragraphs 27 and 28 of ISAE 3400)
Step 2 – Procedures (paragraphs 18 – 25)
 Review evidence provided to support management’s underlying assumptions to
ensure that they are reasonable
 Review management’s assumptions to assess whether they are consistent with
similar historic information
 Check that the forecasts are properly prepared based on the assumptions
provided
 Check the forecasts for mathematical accuracy
 Perform sensitivity analysis on the forecasts to identify the critical estimates
within the forecast, and consider the need for gathering additional evidence
over these critical estimates
 If any of the period covered by the forecast has already elapsed, compare to
historic information
 Ensure the forecasts are properly presented and all material assumptions are
adequately disclosed
Confirm that the forecasts are prepared on a consistent basis with historical
financial statements
 Obtain a written representation from management confirming the intended use
of the prospective financial information
 Obtain a written representation from management confirming the completeness
of significant management assumptions
 Obtain a written representation from management confirming their responsibility
for the preparation of the prospective financial information

Question 6

Assurance Other assurance engagements 3.1 Assurance of service providers

Answer 6

ISAE 3402 gives guidance on assurance reports on controls at a service
organisation.
These assurance reports can then be used by the user organisations and their
auditors.
For example:
A Ltd outsources its payroll function to a payroll bureau, PB Ltd.
PB Ltd obtains an assurance report over its internal controls which can be used
by A Ltd, and the auditors of A Ltd when trying to obtain evidence over the
payroll costs in A’s financial statements.

Key procedures
 Assess the description of the service organisation’s system provided to user
organisations
 Evaluate whether the controls related to control objectives stated in the
description were suitably designed
 Test controls to assess whether they were operating effectively throughout the
period (only relevant for type 2 reports)

Question 7

Assurance Other assurance engagements 3.1 Assurance of service providers Types of report

Answer 7

Type 1 report:
Report on description and design of controls only.

Type 2 report:
Report on description, design and operating effectiveness of controls.

Note: Both types of report provide reasonable assurance and thus the conclusions
are positively worded.
ISAE 3402 Appendix 2 provides examples of both types of report

Question 8

Assurance Other assurance engagements 3.2 Agreed upon procedures

Answer 8

In an agreed-upon procedures (AUP) engagement a factual findings report is
provided of the specific procedures carried out. In this report, no assurance is
expressed and the recipients must form their own conclusion.

As a minimum, practitioners are required to comply with International Standards on
Related Services (ISRS) 4400, Engagements to Perform Agreed-upon Procedures
Regarding Financial Information.

The value of an AUP comes from the practitioners objectively carrying out
procedures and tests with relevant expertise.
Approach
1 Identify the purpose and nature of the engagement, so that priority can be
applied to the procedures
2 Suggest specific procedures, as per due diligence, with specific actions and
reasons why the procedure addresses the purpose of the engagement.

Question 9

Assurance Other assurance engagements 3.3 Environmental Auditing

Answer 9

An environmental audit is an evaluation of how well an entity is performing, with the
aim of helping to safeguard the environment. It is also used for auditing the truth and
fairness of an environmental report.
The audit could be a general review of the organisation’s environmental policy or
specific aspects of environmental performance. This could be linked to ESG
reporting (see section 3.4 and Chapter 9)

There are three main stages in most environmental audits:
1 Establishing the metrics to assess the environment, such as % of waste
recycled
2 Measuring planned performance with actual performance
3 Reporting the results

Potential audit concerns
 Board and management’s understanding of the environmental impact and
related legislation
 Adoption and communication of policies to ensure compliance
 Adoptions of appropriate environmental information systems
 Quantifiable targets are used for review
 Assessment of whether the progress is made economically and efficiently
 Implementation of previous recommendations
 True, fair and complete reporting of environmental activities

Question 10

Assurance Other assurance engagements 3.4 Assurance for ESG content

Answer 10

Quoted companies and large unquoted companies are required to disclose
information about ESG issues as part of the Director’s Report.
This does not require an auditor’s opinion; however, the external auditor is
responsible for reviewing all of the information disclosed in the document containing
the audited financial statements.
This will limit the risk of misleading disclosures being made; as the auditor should
confirm that there are no material inconsistencies between the disclosures and the
financial statements.