Chapter 15

Other types of services:

1) review and compilation services for non-public companies
2) review of interim financial information for public companies
3) attestation engagements
4) reports on internal controls at service organization
5) prospective financial statements
6) agreed-up

Review and compilation services for non-public companies

A company's management may believe that an audit is unnecessary because of the active involvement of owners, and the company may not have significant amounts of debt or other regulatory requirements

What does a review provide compared to a compilation?

A review provides limited assurance on the financial statements, whereas a compilation provides no expressed assurance. The assurance provided by compilations and reviews is considerably below that of audits. Thus, less evidence is required for these serv

What are the standards for compilations and reviews of financial statements for nonpublic companies:

Statements on Standards for Accounting and Review Services (SSARS)

The evidence for a review engagement consists primarily of inquiries of management and analytical procedures. The following procedures are recommended for a review:

1) Obtain knowledge of the accounting principles and practices of the client's industry
2) Obtain knowledge of the client
3) Make inquiries of management
4) Perform analytical procedures
5) Read the financial statements
6) Obtain a letter of representatio

What is included in a review of nonpublic company

Paragraph 1: a) what financial statements I reviewed
b) what is involved in review
c) We do not express positive assurance
Paragraph 2: management is responsible for financial
statements and internal control
Paragraph 3: Standards used for review (SSARS)

Compilation services

When CPAs submit financial statements and expect them to be used by a third party, they are required to, at least, issue a compilation report that accompanies the financial statements. CPAs do not have to issue a compilation report if they do not expect t

Does CPA need to search for fraud in review?

No but if fraud his you in head-you need to do something (cant ignore)

When are compilation reports issued?

when CPAs submit financial statements and expect them to be used by a third party

In a compilation, the accountant must do the following:

(these are minimum requirements but you usually do more)
1) Establish an understanding with the client in a written engagement letter about the nature and limitations of the services. (engagement letter)
2) Possess knowledge of the accounting principles a

What should a CPA do if they become aware that the financial statements are not fairly stated during compilation services

If a CPA becomes aware that the financial statements are not fairly stated, they should obtain additional information. If client refuses to provide information, the
CPA should withdraw from the compilation engagement.

What is included in compilation for nonpublic company

paragraph 1: What financial statements we compiled and we express no opinion (neither positive or negative assurance)
Paragraph 2: management is responsible for financial statements and internal control
Paragraph 3: what standards are used (SSARS) and pro

Review of interim financial information for public companies

(they have 10K-audited financial statements and 10Q-reviewed) (under PCAOB standards)
1) The SEC requires that quarterly financial statements be reviewed by the company's external auditor prior to the company's filing of the Form 10-Q with the SEC.
2) The

The requirements for the review of quarterly information for public companies are closely related to review engagements for non-public companies. The two types of
reviews differ in the following ways:

(if i do a review for a public company, I do all procedures of a nonpublic company + 4 more:
1) Need to obtain sufficient information about the client's internal control for both annual and interim financial information.
2) The auditor's knowledge of the

A public company interim review is performed......

A public company interim review is performed following standards of the PCAOB and the review report makes no reference to SSARS.

Review report for public company

Paragraph 1: Financial statements you reviewed and they are managements responsibility
Paragraph 2: Review in accordance with PCAOB standards, what review is and whats involved (applying analytival procedures and making inquires of persons responsible for

Attestation services

1) assurance services differ from attestation services in that a CPA who performs an attestation engagement is required to issue a written report and the assurance must be about the reliability of another party's assertion about
compliance with specified

Is audit of historical FS a attestation engagement?

Audit has its own standards

The most notable differences in the attestation and generally accepted auditing standards are in general attestation standards 2 and 3.

US GAAS is very similar to attestation standards. It has its own standards except 2 differences:
1) Standard 2 requires the practitioner to have adequate knowledge of the subject matter over which there is attestation. (have knowledge of that matter)
2) S

Types of attestation services

(CPAs can develop any attestation services that they want)
1) The Auditing Standards Board has consciously made the decision to not attempt to define the potential boundaries of attestation engagements except in conceptual terms because new services are l


(IT system)
Expresses opinion on whats available to the public
(can express opinion on 1 principle, more than 1, or all 5)


(IT system)
Expresses opinion on whats available internally
(can express opinion on 1 principle, more than 1, or all 5)

In addition, the AICPA has developed specific attestation standards in the following areas:

1) prospective financial statements
2) reports on internal controls at service organizations
3) pro forma financial information
4) report on internal control over financial reporting for private companies
5) compliance with laws and regulations
6) agreed-

Three levels of engagements for attestation services

The attestation standards define the following three levels of engagements and related forms of conclusions:
1) Examination
2) Review
3) Agreed upon Procedures


1) The practitioner makes a direct statement as to whether the presentation of the assertion, taken as a whole, conforms with the applicable standards (i.e., a positive assurance).
2) A report on an examination is unrestricted as to distribution by the cl


1) The practitioner's report states whether any information came to the practitioner's attention to indicate that the assertions are not presented in all material respects in conformity with the applicable criteria (i.e., a negative assurance).
2) A revie

Agreed-upon procedures

1) The procedures to be performed are agreed upon by the practitioner, the responsible party making the assertions, and the specific persons who are the intended users of the practitioner's report.
2) The degree of assurance being conveyed in such a repor

WebTrust services

1) In a WebTrust assurance engagement, a client engages a CPA to provide reasonable assurance that a company's Web site complies with certain Trust Service principles and criteria for one or more aspects of e-commerce activities.
2) A site that meets the

How long does the webtrust seal last?

(they get a webtrust seal that lasts 12 months)
(after that-must update)
At least once every 12 months, the CPA firm updates its testing of the ecommerce aspects to ensure that the site continues to comply with the Trust Service principles and criteria.

5 principles of trust service:

1) security
2) availability
3) processing integrity
4) privacy
5) confidentiality
A company must conform with these criteria to obtain and
maintain its WebTrust seal.
CPAs can issue a WebTrust opinion on an individual principle or on combinations of princ

SysTrust services

As more organizations become dependent on information technology, thesecurity, availability, and accuracy of computer systems are critical.
-In a SysTrust engagement, the SysTrust licensed accountant evaluates a
company's computer system using the five Tr

Reports on internal controls at service organization (ADP)

1) When an audit client outsources some or all of its IT needs to an independent computer service organization, the auditor faces difficulty when obtaining an understanding of the client's internal control because many of the controls reside at the servic

Auditors engaged by a service organization can issue one of two types of reports:

1) Report on a description of a service organization's system and the sustainability of the design of controls (Type 1 report). (on design of controls only)
2) Report on a description of a service organization's system and the sustainability of the design

Prospective financial statements

(they are in the future)
Prospective financial statements refer to predicted financial statements in some future period or at some future date.
(financial statements that reflect future events)

Types of prospective financial statements

1) Forecast
2) Projections


prospective financial statements that present an entitys expected financial statements to the best of the responsible party=s knowledge and belief.
(takes historical results and updates them)
Forecasts can be for both general and limited use,


prospective financial statements that present an entity=s expected financial statements to the best of the responsible partys knowledge and belief, given one or more hypothetical assumptions.
(forecast+hypothetical situation)
EX: 2017-thinkin about buying

The following types of engagements are permissible for prospective financial statements:

1) Examination (positive assurance) -The AICPA has made it clear that the practitioner is not attesting to the accuracy of the prospective financial statements. Instead, the focus is on examining the underlying assumptions and the preparation and presenta

Agreed-upon procedures ,,,,

(do whatever you agree on)
1) When the CPA and management or a third party user agree that the engagement will be limited to certain specific audit procedures, it is referred to as an agreed-upon procedures engagement.
2) The primary appeal to practitione

Audits of financial statements prepared on an other comprehensive basis of accounting (OCBOA)

(others that dont use GAAP)
For the most part, these audits are done in the same way as those in which GAAP is followed. Naturally, the auditor must fully understand the accounting basis that the client is required to follow
OCBOA financial statements can

OCBOA: An auditor can perform an audit on financial statements issued according to the following basis of accounting:

1) Cash or modified cash basis
2) Basis used to comply with the requirements of a regulatory agency
3) Income tax basis
4) A definite set of criteria having substantial support

Can auditor audit OCBOA financial statements?


Auditors are often asked to issue reports on their audit of specific aspects of financial statements. The main difference between these audits and audits of complete financial statements are:

1) Materiality is defined in terms of the elements, accounts, or items being audited rather than for the overall statements.
2) The first standard of reporting under GAAS does not apply because the presentation is not a financial statement prepared in acc

CAn auditor audit specific accounts?

-can issue report on it