AICPA and the Institute of Internal Auditors (IIA) have positioned the auditing professions to become “assurance professions”

The American Institute of Certified Public Accountants (AICPA) and the IIA have positioned the auditing professions to become “assurance professions”.

What is the difference between auditing services, assurance services, and attestation services?

Attestation services involve providing written conclusions that attest to the reliability of written information used by third parties. Assurance services are often performed by independent professional services with the intention of improving the quality of information for decision makers. Both assurance services and attestation services are two of a much broader range of auditing activities. Auditing is a systematic process that uses logical, structured, and organized procedures to objectively obtain and evaluate evidence that regards assertions made by management about economic actions and events to ascertain the accuracy of the assertions and established criteria, which is then communicated to interested users.

What are some economic issues that can drive an increased demand for assurance services?

The result achieved from attestation is a written conclusion about whether or not a company’s written assertions are reliable. The results achieved from assurance services is to provide better information for decision makers. The objective of attestation is reliable information, the objective of assurance is better decision making.

What is an example of an assurance engagement and an attestation engagement other than the audit of financial statements?

The economic issues that drive the increased demand for assurance services include many traditional demands that first helped the auditing profession to immerge; i.e. growth in all sectors, the will for prosperity, corporate mergers, and business moving from the private sector to the public sector. Perhaps the most current economic issues that lead the demand for assurance services are policies that corporations must follow. An example that comes to mind is the recent policies put in to place for lending institutions.

What's the difference between the two?

An assurance engagement would be a CPA paid by the preparer or user, while an attestation engagement would be a CPA paid for by the preparer.

What are some of the major factors over the past 30 years that have led to increased auditing standards such as the Sarbanes-Oxley Act of 2002?

The collapse of corporate giants such as WorldCom and Enron due to fraudulent accounting practices, are two of the largest eye-opening events over the past 30 years which has led to increased auditing standards such as the Sarbanes-Oxley Act of 2002. These publically traded companies, along with several others including Waste Management, Tyco International, and Adelphia, experienced dramatic declines in their stock value when the word got out that their accounting practices were not in accordance with generally accepted accounting principles (GAAP). The collapse of each of these corporations and their subsidiaries left thousands of stakeholders in a dire predicament. From shareholders who witnessed their stock value fall lower than the value of the paper their shares were printed on, to employees who were left without a job, benefits, retirement funding, etc., the public outcry for more regulation forced lawmakers to tighten accounting practices across the board.

In addition to setting new standards for how all publically traded companies report earnings, SOX contains 11 sections that range from guidelines for corporate board member’s responsibilities to the judicial punishment associated with scandalous reporting. SOX had helped to restore public confidence in investing in publically traded companies prior to the recent banking and credit market failures, but as we all know, public confidence in the NYSE at the moment is grim at best.

8 Factors that Influence Sample Size

Multiple factors can influence a sample size, including:

(i) The nature of control – larger samples imply that the auditor should test manual controls because they are subject to less consistency, smaller sampling implies that the auditor is checking automated controls.

(ii) Frequency of operations – larger samples imply that every transaction should be checked, smaller sampling implies that the operation of control happens less frequently.

(iii) Importance of the control – these tests are more important should they be tested more extensively, smaller sampling implies tests are less important.

(iv) Risk of assessing control risk too low – smaller amounts of sampling can result in larger sample size, larger amounts of sampling risk can result in smaller sample size.

(v) Tolerable deviation rate – larger samples imply that the smaller the rate of deviation from the prescribed control procedure, the larger the sample size, while the larger the rate of deviation, the smaller the sample size.

(vi) Expected population deviation rate – larger samples imply that the closer tolerable deviation rate and expected deviation rate are to one another, the larger the sample size, the greater the amount between tolerable deviation rate and expected deviation rate, the smaller the sample size.

(vii) Population size below 5,000 (direct) – the larger the population, the larger the sample rate, the smaller the population, the smaller the sample rate.

(viii) Population size below 5,000 (no effect) – population size does not affect samples.

Why do auditors find it necessary to use sampling and what are the associated risks?

It is necessary for auditors to use sampling because it is often a difficult task to fully audit all items. By conducting audit sampling the auditor is able to evaluate key characteristics of the entire account balance.

There are two inherent risks associated with audit sampling – (i) control risk, and (ii) test of details risk. There is also a sampling risk and a non-sampling risk associated with audit sampling. Sampling risk often implies that the sample used is not an adequate representation of the population. Non-sampling risks suggest that a portion of audit risk that is not due to examining only a portion of the data, this may include human error, inappropriate application of audit procedures, or misinterpretation of the results of a sample.

If control risk is assessed too low based on the sample, this may support the conclusion that the assessed level of control risk is accurate throughout. If control risk is assessed too high, this will have the adverse affect on assessing risk; where the sample does not support the planned assessed level. Other associated risks include the risk of incorrect acceptance, where the sample supports the conclusion showing the account is not misstated when it actually is.