CPA AUDITING NOTES - Philippine Framework for

Assurance Engagements
Philippine Framework for Assurance Engagements provides the basic principles
and guidance with regards to the conduct of assurance engagements in the
Philippines.   The Framework is divided into six major parts:
(1) Introduction,
(2) Definition and Objective of an Assurance Engagement,
(3) Scope of the Framework
(4) Engagement Acceptance
(5) Elements of an Assurance Engagement
(6) Inappropriate Use of the Practitioner's Name

I.  INTRODUCTION

The framework provides a frame of reference for professional practitioners and

others involved in assurance engagements in the usage of assurance
engagement standards (Philippine Standards on Auditing (PSAs), Philippine
Standards on Review Engagements (PSREs), and Philippine Standards in
Assurance Engagements (PSAEs)) and in determining which standard apply to a
particular engagement. 

The Framework also guides the International Auditing and Assurance Standards
Board (IAASB) in the development of these standards and in clarifications and
interpretations of standards.

The Framework in itself DOES NOT establish standards or provide procedural

requirements for the performance of assurance engagements.   A practitioner
must still refer to relevant PSAs, PSREs or PSAEs in the conduct of assurance
engagements.

In addition to this Framework and relevant practice standards (PSAs, etc),

practitioners performing assurance engagements are governed by the Code of
Ethics for Professional Accountants in the Philippines and Philippine Standards
on Quality Control (PSQCs).

The Code of Ethics sets out the fundamental ethical principles that all

professional accountants are required to observe.  Philippine Standards on
Quality Controlestablish standards and provide guidance on a firm’s system of
quality control (systems to ensure that the firm's performance of each assurance
engagements complies with the minimum requirements set by the standards).

II. DEFINITION AND OBJECTIVE OF AN ASSURANCE ENGAGEMENT

An ASSURANCE ENGAGEMENT means an engagement in which a practitioner

(1) EXPRESSES A CONCLUSION designed to (2) ENHANCE THE DEGREE OF
CONFIDENCE of the intended users (3) OTHER THAN THE RESPONSIBLE PARTY
(4) about the OUTCOME OF EVALUATION OR MEASUREMENT of a subject matter
AGAINST CRITERIA.

An example of an assurance engagement is a financial statements audit in which

the external auditor (the practitioner) reports on whether the company's
financial position, performance and cash flows (the subject matter) as expressed
in its financial statements (the outcome) is free from mistatements due to error
or fraud in all material respects (the expression of the conclusion) in accordance
with PFRS (the criteria upon which the subject matter is being evaluated) which
is addressed to the company's board of directors and/or government agencies
(the intended users of the report other than the responsible party which in this
case is the company's management).

Assertion-based engagements vs Direct reporting engagements

Assertion-based engagements are assurance engagements wherein the
responsible party has performed the measurement or evaluation of subject
matter and the subject matter information is in the form of an assertion by the
responsible party that is made available to the intended users.

Direct reporting engagements are assurance engagements wherein the

practitioner directly performs the evaluation or measurement of the subject
matter or obtains a representation from the responsible party that has
performed the evaluation or measurement that is not available to the intended
users.

Assertion-based engagements differ from direct reporting engagement in terms

of who has performed the evaluation or measurement of a subject matter.

Reasonable assurance engagements vs Limited assurance engagements

The objective of a reasonable assurance engagement is a reduction in

assurance engagement risk to an acceptably low level in the circumstances of
the engagement as the basis for a positive form of expression of the
practitioner’s conclusion. 

The objective of a limited assurance engagement is a reduction in assurance

engagement risk to a level that is acceptable in the circumstances of the
engagement, but where that risk is greater than for a reasonable assurance
engagement, as the basis for a negative form of expression of the practitioner’s
conclusion.

A reasonable assurance engagement differ from limited assurance engagement

in the confidence level being expressed in the practitioner's conclusion and
hence, conclusions of each engagement are different.

A reasonable assurance is less than absolute assurance.  Achieving absolute

assurance is rarely attainable or cost beneficial due to:
1. Use of selective testing
2. Inherent limitations of internal control
3. Evidence available to practitioner is more likely to be persuasive rather than
conclusive
4. Use of judgment in planning, gathering and evaluating evidence and forming
conclusion.

III. SCOPE OF THE FRAMEWORK

Not all engagements performed by practitioners are assurance engagements.

Other frequently performed engagements that do not meet the above definition
(and therefore are not covered by this Framework) include:

• Engagements covered by Philippine Standards for Related Services, such

as agreed-upon procedures engagements and compilations of financial or other
information. 

• The preparation of tax returns where no conclusion conveying assurance is

expressed. 

• Consulting (or advisory) engagements, such as management and tax

consulting. 

When an assurance engagement is part of a larger consultancy

engagement, this Framework is relevant only to the assurance portion of the
engagement.

The following engagements, which may meet the definition of an assurance

engagement, NEED NOT be performed in accordance with this Framework: 
(a) Engagements to testify in legal proceedings regarding accounting, auditing,
taxation or other matters; and 

(b) Engagements that include professional opinions, views or wording from which
a user may derive some assurance, if ALL of the following apply: 
(i) Those opinions, views or wording are merely incidental to the overall
engagement;
(ii) Any written report issued is expressly restricted for use by only the intended
users specified in the report; 
(iii) Under a written understanding with the specified intended users, the
engagement is not intended to be an assurance engagement; and 
(iv) The engagement is not represented as an assurance engagement in the
professional accountant’s report. 

Reports on Non-assurance Engagements

A practitioner reporting on a non-assurance engagement (within the scope of

this Framework), clearly distinguishes that report from an assurance report.

This can be achieved by avoiding, for example: 

• Implying compliance with this Framework, PSAs, PSREs or PSAEs. 
• Inappropriately using the words “assurance,” “audit” or “review.” 
• Including a statement that could reasonably be mistaken for a conclusion
designed to enhance the degree of confidence of intended users about the
outcome of the evaluation or measurement of a subject matter against criteria. 

When the practitioner and the responsible party agree to apply this Framework
to an engagement when the responsible party are the only intended users, the
practitioner’s report includes a statement restricting the use of the report to the
responsible party.

IV. ENGAGEMENT ACCEPTANCE

A practitioner accepts an assurance engagement ONLY where his/her

preliminary knowledge of the circumstances indicates that:
1. Relevant ethical requirements are met
2. Engagement exhibits ALL:
a. Subject matter is appropriate.
b. Criteria is suitable and available to intended users.
c. Practitioner has access to suffficient evidence to support his/her conclusion.
d. Conclusion is in the form appropriate to the engagement and is in a written
report.
e. There is rational purpose for the engagement.  Engagements with scope
limitations or negotiated in inappropriate manner is unlikely to have a rational
purpose.

PSAs, PSREs and PSAEs include additional requirements which need to be

satisfied before accepting an assurance engagement.

When a potential engagement cannot be accepted as an assurance engagement,

the practitioner may still accept such as a consulting or agreed upon procedures
engagement.

The practitioner cannot change an assurance engagement to non-assurance or a

reasonable assurance to a limited assurance without reasonable justification.  If
such change is made, evidence gathered is not disregarded.

V. ELEMENTS OF AN ASSURANCE ENGAGEMENT

1. Three-party relationship
An assurance engagement involves 3 separate parties - practitioner, responsible
party and intended users.  The responsible party and intended users may be
from same or different entities.  The responsible party in a direct reporting
engagement is responsible for the subject matter or in an assertion-based
engagement is responsible for the assertions. 

Intended users are the persons to whom the report is being addressed.
Practitioner is responsible for determining the nature, timing and extent of
procedures and is required to pursue any matter in question whether material
modification should be made to the subject matter information. 

When engagements are designed for specified intended users or a specific

purpose, the practitioner shall consider including a restriction in the report that
limits its use to those users or purpose.

2. Appropriate subject matter

An appropriate subject matter identifiable and capable of consistent evaluation

or measurement against the criteria and can be subjected to procedures for
gather sufficient and appropriate evidence to support conclusion.

3. Suitable criteria

A criteria is suitable if it is relevant (can assists users in decision

making), complete(relevant factors that can affect a conclusion are not
omitted), reliable (allows for evaluation or verification), neutral (free from bias)
and understable (comprehensive, clear and not subject to different
interpretations). 

Criteria need to available to intended users, either publicly, inclusion in

presentation of subject matter information, inclusion in the assurance report or
by general understanding, to allow them to understand how subject matter was
measured or evaluated.

4. Sufficient appropriate evidence

Practitioner plans and performs the engagement with professional skepticism to

obtain sufficient appropriate evidence about whether subject matter information
is free from mistatement.  Practitioner considers materiality, assurance
engagement risk and the quality and quantity of available evidence when
determining nature, timing and extent of evidence-gathering procedures.  

Professional skepticism means practitioner makes critical assessment, with a

questioning mind, of the validity of evidence obtained and is alert to anything
that might contradict or bring into question the reliability of the evidence.   

Sufficiency of evidence is affected by the risk of the subject matter (i.e., more
risk = more number of evidence) or quality of the evidence (i.e., higher evidence
quality = lesser number of evidence).   

Appropriateness of evidence is influenced by its reliability and relevance.  In

general, evidence is more reliable if obtained from independent sources as
compared to internally-generated evidence, evidence obtained from internal
process where contols are effective are more reliable that those obtained from
processes where controls are not effective, evidence obtained directly by
practitioner is more reliable than evidence obtained indirectly or by inference,
evidence in documentary form is more reliable than those in oral
representations, and evidence in original form are more reliable than evidence
provided by photocopies or facsimiles.

5.  Written assurance report in appropriate form

PSAs, PSREs and PSAEs establish basic elements for reports in a particular
assurance engagement.  In addition, practitioner considers other reporting
responsbilities when appropriate.  A practitioner does not express unqualified
(clean) conclusion when these circumstances exist and impact to the conclusion
is material:
a.  Scope limitation - practitioner expresses either qualified or disclaimer
depending on materiality of the limitation. In some cases, practitioner considers
withdrawing from the engagement.
b. Subject matter information or assertion is not fairly stated as against criteria -
practitioner expresses either qualified or adverse opinion.
c.  When it is discovered after accepting the engagement that the criteria is
unsuitable or subject matter is inappropriate, the practitioner expresses
qualified, adverse or disclaimer of opinion depending on the pervasiveness of the
issue.  In some cases, the practitioner considers withdrawing from the
engagement.

VI. INAPPROPRIATE USE OF PRACTITIONER'S NAME

If the practitioner learns that a party is inappropriately using the practitioner's

name in a subject matter, he/she should requires the party to cease doing so.
Practitioner also considers other steps needed such as informing third party
users of the inappropriate use or seeking legal advice.

Source: AASC's Philippine Framework for Assurance Engagements

No copyright infringement intended.  Please don't share or copy without my

acknowledgement.  Please contact me for any issues or errors encountered in
this blog post.