Advance Auditing & Assurance

Quick Revision Notes for CAP III

Chapter 15: Standards on Assurance Engagements

Coverage: NSAE 3000, 3400,3402, NSA 402

CA Sunil Joshi

Copyrights with CA Sunil Joshi

 NSAE 3000:
ASSURANCE ENGAGEMENTS OTHER THAN AUDITS OR REVIEWS OF
HISTORICAL FINANCIAL INFORMATION

NSAE 3400
THE EXAMINATION OF PROSPECTIVE FINANCIAL INFORMATION

NSAE 3402
ASSURANCE REPORTS ON CONTROLS AT A SERVICE
ORGANIZATION

NSA 402
AUDIT CONSIDERATIONS RELATING TO AN ENTITY USING A
SERVICE ORGANIZATION

Copyrights with CA Sunil Joshi

Assurance Skills & Techniques
 Application of professional skepticism and professional judgment;
 Planning and performing an assurance engagement, including obtaining
and evaluating evidence;
 Understanding information systems and the role and limitations of
internal control;
 Linking the consideration of materiality and engagement risks to the
nature, timing and extent of procedures;
 Applying procedures as appropriate to the engagement (which may
include inquiry, inspection, recalculation, re-performance, observation,
confirmation, and analytical procedures); and
 Systematic documentation practices and assurance report writing skills.

Copyrights with CA Sunil Joshi

 NSAE 3000: ASSURANCE ENGAGEMENTS OTHER THAN AUDITS
OR REVIEWS OF HISTORICAL FINANCIAL INFORMATION

 This Nepal Standard on Assurance Engagements (NSAE) deals with

assurance engagements other than audits or reviews of historical financial
information, which are dealt with in Nepal Standards on Auditing (NSAs) and
Nepal Standards on Review Engagements (NSREs), respectively
 Assurance engagements include both attestation engagements, in which a
party other than the practitioner measures or evaluates the underlying
subject matter against the criteria, and direct engagements, in which the
practitioner measures or evaluates the underlying subject matter against the
criteria.

Copyrights with CA Sunil Joshi

Attestation engagement―It is an assurance engagement in
which a party other than the practitioner measures or
evaluates the underlying subject matter against the criteria.

 Sustainability – An engagement on sustainability involves

obtaining assurance on a report prepared by management or
management’s expert (the measurer or evaluator) on the
sustainability performance of the entity
 Compliance with law or regulation – An engagement on
compliance with law or regulation involves obtaining
assurance on a statement by another party (the measurer or
evaluator) of compliance with the relevant law or regulation.
 Value for money – An engagement on value for money
involves obtaining assurance on a measurement or
evaluation of value for money by another party (the measurer
or evaluator).

Copyrights with CA Sunil Joshi

 Direct Engagements- It is an assurance engagement in which the
practitioner measures or evaluates the underlying subject matter against the
applicable criteria and the practitioner presents the resulting subject matter
information as part of, or accompanying, the assurance report.
 A value-for-money (performance) audit of a public sector entity when the
entity has made no public statement or assertion regarding such
performance.
 An audit or review of an entity’s compliance with an agreement, statute or
regulation when the entity has made no statement or assertion to an external
party regarding such compliance
 Propriety Audits

Copyrights with CA Sunil Joshi

What if Practitioner is Unable to
Obtain Assurance?
 In all cases when reasonable assurance or limited assurance, as
appropriate, cannot be obtained and a qualified conclusion in the
practitioner’s assurance report is insufficient in the circumstances for
purposes of reporting to the intended users, this NSAE requires that the
practitioner disclaim a conclusion or withdraw (or resign) from the
engagement, where withdrawal is possible under applicable law or
regulation.

Copyrights with CA Sunil Joshi

Work Performed by a Practitioner’s Expert/
Another Practitioner/ Internal Auditor
 When the work of a practitioner’s expert is to be used, the
practitioner should consider the competence, capability etc of
the expert. (Similar provisions of NSA 620, NSA 610, NSA
500 to be complied with)

Copyrights with CA Sunil Joshi

Other Procedures
 Fulfillment of Responsibilities
 Planning
 Evidence
 Documentations
 Written Representations
 Subsequent Events

Copyrights with CA Sunil Joshi

Forming the Assurance Conclusion

 The practitioner shall evaluate the sufficiency and appropriateness

of the evidence obtained in the context of the engagement and, if
necessary in the circumstances, attempt to obtain further evidence
 If the practitioner is unable to obtain sufficient appropriate
evidence, a scope limitation exists and the practitioner shall
express a qualified conclusion, disclaim a conclusion, or
withdraw from the engagement, where withdrawal is possible
under applicable law or regulation, as appropriate.

EOM Para can be considered

Copyrights with CA Sunil Joshi

NSAE 3400 : THE EXAMINATION OF PROSPECTIVE FINANCIAL
INFORMATION

 Meaning of Prospective Financial Information

 Financial information based on assumptions about events that may
occur in the future and possible actions by an entity. It is highly
subjective in nature and its preparation requires the exercise of
considerable judgment.
 Prospective financial information can be in the form of a forecast, a
projection or a combination of both, for example, a one year forecast
plus a five year projection.

Copyrights with CA Sunil Joshi

 Financial forecast assumptions are based on things that
have happened in the past that can reasonably be expected
to happen again in the future. (Best Estimate of Future Results)
 Projection assumptions, meanwhile, are based more on
what you hope will happen in the future, rather than what
is most likely to happen. (What if …situation….more hypothetical in
nature)

Source: cfoedge.com

Copyrights with CA Sunil Joshi

Inclusion in Prospective Financial Information

 Prospective financial information can include financial statements or

one or more elements of financial statements and may be prepared:
 As an internal management tool, for example, to assist in evaluating a
possible capital investment; or
 For distribution to third parties in, for example:
◦ A prospectus to provide potential investors with information about future
expectations.
◦ An annual report to provide information to shareholders, regulatory bodies and
other interested parties.
◦ A document for the information of lenders which may include, for example,
cash flow forecasts.

Copyrights with CA Sunil Joshi

Responsibilities
 Managements Responsibility for PFI
 Auditors Responsibility- As per NSAE 3400
auditor provides only a moderate level of
assurance
 Auditor to obtain appropriate knowledge of
business.

Copyrights with CA Sunil Joshi

Opinion & Reporting

Copyrights with CA Sunil Joshi

 Inclusion in Report
 Express an opinion as to whether the prospective financial information is
properly prepared on the basis of the assumptions and is presented in
accordance with the relevant financial reporting framework.
 State that:
◦ Actual results are likely to be different from the prospective financial
information since anticipated events frequently do not occur as expected and
the variation could be material.
◦ Likewise, when the prospective financial information is expressed as a
range, it would be stated that there can be no assurance that actual results
will fall within the range; and
◦ In the case of a projection, the prospective financial information has been
prepared for (state purpose), using a set of assumptions that include
hypothetical assumptions about future events and management’s actions
that are not necessarily expected to occur.

Copyrights with CA Sunil Joshi

NSAE 3402: ASSURANCE REPORTS ON CONTROLS AT A
SERVICE ORGANIZATION
 This NSAE deals with assurance engagements undertaken by a practitioner to
provide a report for use by user entities and their auditors on the controls at a
service organization that provides a service to user entities that is likely to be
relevant to user entities’ internal control as it relates to financial reporting.
 It complements NSA 402.

Copyrights with CA Sunil Joshi

Reports of Auditor

Copyrights with CA Sunil Joshi

Type I Report

Copyrights with CA Sunil Joshi

Type II Report

Copyrights with CA Sunil Joshi

Other Procedures
 Acceptance & Continuance
 Planning
 Evidence  Description / Design of
ICS
 Materiality
 Evaluation of Internal Audit Function
 Subsequent Events
Copyrights with CA Sunil Joshi
NSA 402: AUDIT CONSIDERATIONS RELATING TO
AN ENTITY USING A SERVICE ORGANIZATION
 This NSA deals with the user auditor’s responsibility to obtain
sufficient appropriate audit evidence when a user entity uses the
services of one or more service organizations i.e when the
auditee entity outsources its certain functions to the other
organization. (those outsourced functions must be relevant to
financial reporting).

Copyrights with CA Sunil Joshi

Obtaining an Understanding of the Services
Provided by a Service Organization, Including
Internal Control
 When obtaining an understanding of the user entity in accordance with
NSA 315 (Revised), the user auditor shall obtain an understanding of
how a user entity uses the services of a service organization in the user
entity’s operations, including:
◦ The nature of the services provided by the service organization and the
significance of those services to the user entity, including the effect thereof on the
user entity’s internal control;
◦ The nature and materiality of the transactions processed or accounts or financial
reporting processes affected by the service organization;
◦ The degree of interaction between the activities of the service organization and
those of the user entity; and
◦ The nature of the relationship between the user entity and the service
organization, including the relevant contractual terms for the activities
undertaken by the service organization.

Copyrights with CA Sunil Joshi

What if the auditor is unable to obtain sufficient
understanding from the user entity?

 Obtaining a type 1 or type 2 report, if available;

 Contacting the service organization, through the user entity, to obtain
specific information;
 Visiting the service organization and performing procedures that
will provide the necessary information about the relevant controls at
the service organization; or
 Using another auditor to perform procedures that will provide the
necessary information about the relevant controls at the service
organization.

Copyrights with CA Sunil Joshi

Modified Opinion by User Auditor

 The user auditor shall modify the opinion in the user auditor’s
report in accordance with NSA 705 (Revised) if the user auditor
is unable to obtain sufficient appropriate audit evidence
regarding the services provided by the service organization
relevant to the audit of the user entity’s financial statements.

Copyrights with CA Sunil Joshi

--------END OF CHAPTER--------

Pc: Edu advisor

Copyrights with CA Sunil Joshi