Module A Flashcards
Attestation
Accounting service resulting in a report on subject matter
or Assertion about subject matter that is responsibility of another
Party
CSR
Corporate social responsibility
6 forms subject matter of an Attestation engagement can take
1 historical/prospective performance/condition 2 physical characteristics 3 historical events 4 analyses 5 systems and processes 6 behavior
Subject matter of Attestation engagement:
Historical or prospective performance or condition example
Backlog data
Subject matter of Attestation engagement:
Physical characteristics 2 examples
1 Narrative descriptions
2 square footage of facilities
Subject matter of Attestation engagement:
Historical events example
Price of market basket of goods on certain date
Subject matter of Attestation engagement:
Analyses. Example
Break-even analyses
Subject matter of Attestation engagement:
Systems and processes example
Internal control
Subject matter of Attestation engagement:
Behavior 3 examples
1 corporate governance
2 compliance with laws and regulations
3 human resources practices
Responsible party, define, example
Person at client who is accountable for information
Ex. Company’s controller for financial information
During Attestation, What should the accountant obtain from a responsible party
Written evidence on party’s responsibility for subject matter
3 types of engagements in Attestation
1 examination
2 review
3 agreed upon procedures
Examination
Similar to audit but limited in terms of focus of engagement,
Procedures performed to represent high level of assurance
Accountants evaluate internal controls and asses risk of material
Misstatement, gather evidence about assertions, render opinion
Review
Provides only limited level of assurance
Procedures performed limited to inquiries and performing Analytical procedures, accountants may decide other procedures necessary
Agreed upon procedures (engagement)
Client delineates exactly what procedures it wants accountant to
Perform
Level of assurance varies depending on procedures requested
Ex. Restaurant manager may ask their accountant to classify and summarize customer comment cards, composer may ask accountant to verify mathematics on royalty report
Professional standards for performing attest engagements are provided by…
Statements on Standards for Attestation Engagements (SSAEs)
In AT section of AICPA’s Professional Standards
Attestation standards do not require evaluation of… (In contrast to auditing standards)
Internal controls
Appropriate financial reporting framework
Financial reporting treatment (GAAP, IFRS) adopted by management and those charged in governance of financial statement preparation (when appropriate)
Is acceptable in view of nature of entity and objective of financial
Statements or required by law
Attestation engagements: 7 related to appropriate financial reporting framework
1 agreed upon procedures 2 financial forecasts/projections 3 pro forma financial information 4 entity's internal control over financial reporting 5 compliance Attestation 6 management's discussion and analysis 7 service organizations
Agreed upon procedures are not audits because they have…
Limited scope,
so reporting principles (assessing risk of material misstatement
or obtaining sufficient appropriate evidence for opinion) don’t apply
What is of the utmost importance in agreed upon procedures?
Clearly worded engagement letters delineating desired procedures
To be performed
Applying agreed upon procedures: reports are to be restricted to…
The specified users who participate in and take responsibility
For defining work of the engagement
Report of agreed upon opinion, how does it differ from standard audit report? 3 things
1 No overall opinion in report just findings from procedures described
2 Report identifies specified users
3 States it’s not an audit
Financial forecast
Prospective financial information based on expected conditions
And courses of action
Financial projection
Prospective financial information based on occurrence of 1 or
More hypothetical events that change entity’s existing business structure
Ex. New distribution center, potential new product line
Pro forma financial information
Shoes the effect of proposed or consummated transaction on
historical financial statements
As if transaction had already occurred by a specific date
Limited use vs. General use
Limited use = single user
General use = large number of users
Prospective financial information should disclose what 4 pieces of information in regards to generating prospective financial statements?
1 Significant accounting policies
2 procedures to generate statements
3 assumptions used (how they might be of limited use)
4 how actual events might not be consistent with assumptions
If the basis in prospective financial information is different from that used in historical financial statements, what needs to be shown?
A reconciliation of 2 bases needs to be shown
To perform an Attestation engagement on either prospective financial information or pro forma information, accountants must accomplish what 3 objectives?
1 evaluate preparation of financial information
2 evaluate support of underlying assumptions
3 evaluate presentation of information
According to Attestation standard 501, for accountant’s examination of entity’s internal controls, what does this standard call for?
Top down, risk based approach (similar to control testing covered
In ch. 5)
What 4 conditions must be met before accountants can conduct an examination on entity’s internal control?
1 management accepts responsibility for effectiveness of its internal
Control
2 management’s evaluation of control based on suitable criteria
(Ex. COSO report)
3 management’s evaluation of control supported by sufficient
evidence
4 management presents its assertion on effectiveness of its internal control in written report that accompanies accountants’ report
1) what do accountants report on?
2) example key question addressed?
Financial Forecast engagement
1) prospective info based upon future expected conditions
2) what will things look like if we continue along our expected
Path?
1) what do accountants report on?
2) example key question addressed?
Financial projection engagement
1 prospective information based upon hypothetical (what if) events
2 what will things look like if we choose a different path(s)?
1) what do accountants report on?
2) example key question addressed?
Pro forma engagement
1 Financial information based on historical info “as if” the event
Had previously occurred
2 what would things look like if actual events (ex. Merger) occurred
December 31 instead of January 15?
2 common types of compliance Attestation engagements accountants may accept?
1 entity’s compliance with requirements of laws and regulations
2 effectiveness of entity’s internal controls that ensure compliance
With requirements
Reviews of compliances are not…
Appropriate engagements
For compliance Attestation, what 3 conditions must be met?
1 management accepts responsibility for compliance
2 compliance or controls over compliance are capable of evaluation
And measurement against reasonable criteria
3 sufficient evidence available to support management’s evaluation
Attestation standards require accountants to consider what 3 types of risks in connection with examination engagements for compliance?
1 inherent risk
2 control risk
3 detection risk
Risk and materiality are as important in compliance Attestation as they are in…
Financial statement audits
2 prerequisites for compliance examination
1 due care
2 professional skepticism about noncompliance
Major steps in compliance examination:
Understand the specific compliance requirements and assess…
Planning materiality
Major steps in compliance examination:
Plan the engagement and assess…
Inherent risk
Major steps in compliance examination:
Understand relevant controls over…3
Compliance, assess control risk, design tests of compliance
With detection risk
Major steps in compliance examination:
Obtain sufficient evidence of compliance with specific requirements including…
A written letter of management representations
Major steps in compliance examination:
Consider subsequent events: subsequent information that bears on…
The management assertion and subsequent events of
noncompliance after the assertion date
Major steps in compliance examination:
Form an…
Opinion and prepare a report
Standard of compliance examination directly parallel those of…
Financial statement audits
The standard unmodified report in a compliance examination engagement express the accountants opinion as to…
Compliance
4 types of opinion reports accounts can issue for compliance examination?
1 unmodified report
2 report modified to disclosed noncompliance event
3 qualified report stating material noncompliance
4 adverse report stating that entity is not in compliance
What can accountants examine or review that usually accompanies audited financial statements in corporate annual reports?
Management’s discussion and analysis (MD&A)
What must auditors check in the MD&A?
Ensure info accompanying audited financial statements is
Consistent with them
Service organization
Provides services to user entities processes clients’ transactions
That are likely relevant to user entities’ internal control over financial
Reporting
Ex. Payroll processing companies, computerized information processing service centers, trust departments of banks, insurers that maintain accounting records for reinforce transactions, mortgage bankers, savings and loan associations, etc.
The fact that management is outsourcing some of its noncore functions does not absolve management for…
Internal control over those functions
Special purpose report on internal control SSAES 16 (formerly referred to as SAS 70 report)
Service organization’s auditors report on effectiveness of service organization’s internal control (on outsourced functions) to user
entities’ auditors
2 types of service organization reports
Type 1 report
Type 2 report
Service organization report: Type 1 report
Describes service organization’s internal controls placed in
operation at specific point in time
But does not report effectiveness of controls
Service organization reports: type 2 report
Includes description of controls
Reports on service organization’s auditors’ testing of controls
Over minimum of 6 month period
Are service auditors’ reports usually public reports?
No, only for user entities’ auditors to asses internal controls
At service organization
As a condition of the engagement, management of the service organization is required to provide the auditor with a written assertion about what 3 things?
1 fairness of presentation of description of service organization’s
System
2 suitability of design controls to achieve related control objectives
3 operating effectiveness of those controls
In a type 2 report, what does the service auditor express an opinion on? 2
1 fairness of description
2 suitability of design and operations of controls throughout
Period covered by report
The service auditor should modify his report in what 2 conditions exist?
1 design deficiencies exist
2 user organizations would not be expected to have controls in
Place to mitigate design deficiencies
SOCs
Service organization control reports
SOC 1
Attestation report for controls over financial reporting
SOC 2, 6 things
Report on controls of service organization relevant to security,
Availability, processing integrity, confidentiality or privacy
May be requested by user but doesn’t apply directly to user’s
Financial statements
SOC 2 contents are the same as…
SOC 1 contents
SOC 3
Trust services report
Used in marketing organizations’ control effectiveness
An SOC 3 report basically covers the same subject matter as…
SOC 2, but in less detail
and in format that lends itself to general use report
Management’s discussion and analysis description
Compared to rules and regulations by SEC
Agreed upon procedures and type 1 and type 2 service reports, report distribution
Limited to participants in engagement
Accounting and review services, define
Who requests this?
Lower level assurance than provided by an audit
May be requested by banks and other users
Accounting and Review Service Committee (ARSC)
Has continuing responsibility for developing and issuing pronouncements of standards
concerning services and reports accountants may render in
Connection with unaudited financial statements
What do the Accounting Review Services Commitee’s issued Statements on Standards for Accounting and Review Services (SSARS) apply to?
Apply to accountants’ services on unaudited financial statements
Of nonissuers
Non issuers (according to SSARS)
All entities except those whose securities are registered under
The Securities Exchange Act of 1934
Or are required to file reports under the Securities Act of 1933
Aside from SSARS, what also governs accountants’ services on unaudited financial statements of non Issuers?
AICPA’s Code of Professional Conduct and Statements on Quality Control Standards
Review
Service performed by accountants to obtain limited assurance that
No material modifications should be made to financial statements
In order for statements to conform to applicable framework (GAAP)
Review evidence is evidence required to provide limited assurance of 5 things?
1 inquiring of management
2 conducting analytical procedures
3 obtaining written representations from management
4 understanding of business
5 understanding of entity’s accounting system
Professional standards require accountants to provide, what for a review engagement?
Adequate documentation
Describe procedures performed and results obtained
For engagements that are less than an audit, how do accountant’s provide negative assurance?
“We are not aware of any material modifications” that are necessary
For financial statements to be in conformity with GAAP
Positive assurance
Forthright and factual statement of auditors’ opinion based on
Audit
When accountants perform review engagement, each page should be marked…
What does this indicate to users?
“See independent accountants’ review report.”
Indicates to users audit wasn’t performed
Compilation 3 things
A write up
Accounting service where practitioner assists in assembling
information that is the representation of management in form
Of financial statements
but provides no assurance on accuracy or completeness of info
When performing a compilation engagement, the accountant has no responsibility to…
Assess the conformity of entity’s financial statements with GAAP
What 5 tasks must accountants do during a compilation?
1 obtain an engagement letter
2 understand the business
3 understand applicable accounting principles
4 read financial statements for errors
5 follow up with info that is incomplete or unsatisfactory
What 2 procedures do accountants not need to perform during a compilation?
1 assess control risk
2 perform evidence gathering procedures
In a compilation engagement, given the very limited procedures performed, accountants explicitly state that…
2) what does this signify? 2
No opinion and no assurance are expressed
1 Take no responsibility for report on fair presentation of financial
Statements in conformity with GAAP,
2 accountants don’t need to be independent to perform compilation
3 types of reports on compiled financial statements can be issued
1 management/owners may not wish to present all footnote
Disclosures required by GAAP, account’s report notifies users
Of this
2 accounts state the reason for their lack of independence
3 management/owners choose to present complete with
disclosures required by GAAP
If financial statements are not expected to be used by third party, accountants can perform compilation engagement in which…
2) What does this cause accountants to do?
No compilation report is necessary (referred to as plain paper engagements)
2) document understanding of entity on engagement letter
During performance of compilation or review procedures, SSARS require accountants to establish an understanding with the entity in an engagement letter that the accountants will inform the appropriate level of management if any evidence of…
Fraud or illegal acts comes to accountants’ attention
Accountants need not report inconsequential illegal acts
When successor accountant are performing the current year service, they can’t update the predecessors report. In this case what can successors request?
That predecessors reissue the prior report
And distribute it in the current report
Other alternative for successor accountants who can’t update predecessors report. Successors can indicate the current report in a paragraph describing the predecessors report on the prior period.
What 4 items does this paragraph describe?
1 states prior year financials compiled/reviewed by other
accountants
2 gives date of previous report
3 describes compilation disclaimer or review report with negative
Assurance rendered last year
4 describes modifications written in prior year report
Prescribed forms
If standard preprinted forms used by industry trade associations,
Banks, government agencies, etc. result in info
not be presented In conformity with financial reporting framework
Additional paragraph can be added to accountant’s compilation
Report
Compilation and review engagements: communication with predecessor auditors
Not required for compilation and review engagements
Additional paragraphs
Accountants can include additional paragraphs in their reports
To indicate protection going concern uncertainties or other matters
Personal financial plans
Big source of business for CPA’s
Help client’s plan to reach their financial goals
Objective of compilation
To present in the firm of financial statements information that
Is the representation of the management and owners
Interim financial information
Financial info or statements covering period less than full year
Or for 12 month oversold ending on date other than entity’s
Fiscal year end
Objective of Review of interim financial information
Provide accountants a basis for communicating whether material
Modifications should be made to conform with GAAP
similar to review of unaudited financial statements
What does an interim review not require? 2
1 complete assessment of control risk each quarter
Nor
2 gather sufficient evidential matter to base opinion on
The objective of an interim review of internal controls for public companies is to provide…
A basis for determining whether material modifications should
Be made
to determine management’s quarterly certifications about changes
In internal control
Review procedures for interim financial information 6
1 analytical procedures
2 reading minutes
3 inquiring of management and obtaining written representation
About accounting issues
4 changes in internal controls
5 entity’s ability to continue as a going concern
6 reconciling accounting statements
When is a written report required for interim financial statement reviews?
2) If a report is prepared, how should it be marked?
When entity refers to accountant’s review in writing
2) marked “unaudited”
In form 10-Ks, companies provide summary of interim information for the entire year and what else?
Interim information for their fourth quarter
Report on interim financial statements need not refer to reviewed information, unless…4
1 has not been marked unaudited
2 not in conformity with GAAP
3 is required and has been omitted
4 has not been reviewed by the accountant
What opinion should auditor give on interim financial statements when they have not been marked “unaudited”?
Disclaim an opinion
What opinion should auditor give when interim financial statements aren’t in conformity with GAAP?
Opinion not modified but departure discussed in separate
Paragraph
3 special reports auditors may issue?
1 conducting engagements to report on specified elements,
Accounts or items of a financial statement
2 reporting on accounting using special purpose framework
3 reporting on requirements of appropriate financial reporting
Framework
Specified elements, accounts or items report
User request audit on single account, element or financial statement
Ex. Auditors may be requested by creditors to render special
reports on Balance sheet only
How is a special elements engagement different from an Attestation engagement?
Accountant follows fundamental auditing principles (instead of
Attestation standards) and express opinion if fairly stated in
accordance with GAAP
Auditor should consider any disclosures related to element
Auditors cannot express an unmodified opinion on a single financial statement if they…
Expressed a disclaimer or adverse opinion on the complete
Set financial statements
Special purpose frameworks AKA other comprehensive bases of accounting (OCBOA)
Small companies choose to report on framework other than
US GAAP or IFRS
refers to coherent accounting treatment
4 kinds of special purpose frameworks
1 statements conforming to regulatory accounting rules
2 tax basis accounting
3 cash basis framework/modified cash basis framework
4 other method required for contractual purposes
Cash basis framework accounting
No accruals
Modified cash basis framework accounting
Limited accruals such as long term assets and liabilities or
Inventory
Private Companies Practice Section (PCPS) of the AICPA Division for Firms has promoted special purpose reporting frameworks to its members to accomplish…
Simplified reporting
Less expensive to produce and easier to interpret
Special purpose reporting framework, naming financial statements
Financial statements should not have same names as those under GAAP
EX. balance sheet should be called statement of assets and liabilities
Special purpose frameworks do not reduce…
Disclosure requirements
When special purpose frameworks are audited, the auditor’s report is modified in 4 ways?
1 introduction paragraph includes sentence that identifies special
Purpose framework basis of accounting
2 scope paragraph: “auditing standards generally accepted in
United States of America” not PCAOB standards
3 opinion sentence refers to special purpose framework instead
Of GAAP
4 emphasis of matter paragraph stating framework (unless prepared
Under regulatory basis)
Special purpose framework: if financial statements prepared for regulatory basis for general use… 2
1 emphasis of matter paragraph isn’t required
2 auditors should provide 2 opinion paragraphs, 1 about financial
Statements prepared in accordance with GAAP and the other
In accordance with special purpose framework
Disclosures in financial statements for special purpose framework 2
1 contain explanation of special purpose framework
2 describe how framework in general differs from GAAP
Opinion shopping
Client looks for auditing firm that agrees with their accounting
treatment
Ex. Agrees with early revenue recognition, unwarranted expense or loss deferral
Purpose of Reports on Application of Requirements of Appropriate Financial Framework (AU 915)
Create a barrier on opinion shopping
AICPA’s Assurance Services Executive Committee (ASEC) identified what 5 megatrends that can affect CPA’s business?
1 shift from Industrial Age to knowledge age
2 information technology
3 globalization
4 demands for transparency and new focus on corporate
governance
5 new social structures
Shift form the Industrial Age to the knowledge age
Current knowledge based economy emphasizes management
Of intangible assets
Decreases focus on physical assets (measured largely at historical
Cost), market values may differ from book values hindering
Optimal capital allocation
Assurance services
Independent professional services that improve quality of
Information or its context for decision makers
Assurance services are targeted towards…
Smaller groups of decision makers (instead of large group of
Investors and creditors as with the audit)
eXtensible Business Reporting Language (XBRL)
SEC mandated, computer readable identifying tag for each
Individual item of data
What does XBRL data allow computers to do? 7 things
1 Treat data intelligently 2 Recognize info in XBRL document 3 Select it 4 Analyze it 5 Store it 6 Exchange it with other computers 7 Present it automatically in variety of ways for users
What improvements does XBRL make with financial data? 5
1 greatly increases the speed of handling financial data
2 reduces chance of error
3 permits automatic checking of information
4 handle data in different languages
5 in different accounting standards
Trust services
Set of professional Attestation and advisory functions based
On core set of principles and criteria
Addresses the risks and opportunities of IT-enabled systems
And privacy programs
ASEC Trust Information Integrity Task Force primary focus’s 2?
1 Updating and maintaining Trust Services Principles and Criteria
(TSPC)
2 creating framework of principles and criteria to provide assurance
For integrity of information
Practitioners use the following 5 principles and related criteria in the performance of trust services engagements
1 security 2 availability 3 processing integrity 4 confidentiality 5 Privacy
Principles and criteria for performance of trust service engagements:
Security
System is protected against unauthorized access (both physical
And logical)
Principles and criteria for performance of trust service engagements:
Availability
System is available for operation and use as committed or
Agreed
Principles and criteria for performance of trust service engagements:
Processing integrity
System processing is complete, accurate, timely and authorized
Principles and criteria for performance of trust service engagements:
Confidentiality
Information designated as confidential is protected as committed
Or agreed
Principles and criteria for performance of trust service engagements:
Privacy
Personal information is collected, used, retained, disclosed
And destroyed in conformity with entity’s privacy notice
And with criteria set forth in generally accepted privacy principles
Issued by the AICPA and CICA
SysTrust Services
Assurance function that reviews an entity’s computer system to
Provide confidence to business partners and customers
Concerning security, privacy, confidentiality of info
And to system availability + processing integrity
WebTrust Services
Assurance function designed to reduce the concerns of Internet
Users regarding the existence of company
And reliability if key business info placed on its website
Sustainability AKA Corporate social responsibility
1 economic viability, 2) social responsibility and 3 environmental
Responsibility
