To develop candidates’ practical knowledge and understanding of the process of performing an audit and other assurance services in the context of the professional and legal framework (s) both globally and locally.




Upon completing this paper, candidates should be able to

  • Explain the objectives of an audit within the concept of assurance
  • Understand regulatory framework within which the accountancy profession operates, the audit and other assurance services are provided and the need for the services to be carried out by appropriately qualified professionals.
  • Understand and discuss the structure of an audit process and the fundamental concepts guiding the process.
  • Understand and discuss the impact of computers and electronic processing and information management systems of a client on the auditor’s work.
  • Prepare draft reports from a given assignment, and
  • Explain the purpose and scope of internal audit, another form of assurance services.



The paper will consist of seven questions each carrying 20 marks one of which will be compulsory and it will be on the application of audit procedures in a computer environment and use of computers in the audit process in the audit process. Candidates will be required to answer the compulsory question and any 4 questions.



This grid shows the relative weightings of sections within this course. Marks available in the examination assessment will roughly equate to the weightings below, although slight variations may occur in individual sessions assessments to enable suitably rigorous questions to be set.


Syllabus Area                                                                                                        Weightings %

Nature and purpose of audit and other assurance engagements 30 Legal and professional requirements of the auditor      25

Gathering Evidence: planning, internal controls and substantive tests.      35

Review and reporting      10

Total       100



Learning Outcomes

The course syllabus endeavor to achieve the following learning outcomes from the syllabus.

  1. Nature and purpose of audit and other assurance engagements

Candidates will be able to explain the concept of assurance, its purpose and where an audit and other assurance services fit within the concept.

In the assessment, candidates may be required to:

  • Define the concept of assurance amongst many other services a professional may be engaged in.
  • State the purpose of assurance reports and provide examples of the benefits gained from them such as to assure the entity’s report quality with respect to a subject matter reported on.
  • Compare the functions and responsibilities of the different parties involved in an assurance engagement.
  • Identify and compare the purposes and characteristics of, and levels of assurance obtained from, different assurance engagements and define the concepts of reasonable assurance.
  • Define an audit as one of the assurance engagement relating to its present form.
  • Review an audit historical origins and its development over time to its present form.
  • Identify principles of corporate governance and the role of internal audit within the corporate governance structure.
  • Describe the roles of the audit guidelines and the structure of the audit process which includes: (obtaining engagement, determination of score of work, planning and risk assessment of the client, determination of scope of work, obtaining evidence and evaluation of the results and reporting to the engagement party).


2. Legal and professional requirements of the auditor

Candidates will be required to identify the legal and other regulatory issues which have a direct impact on the professional work in general and audit and other assurance engagements in particular. The legal aspects are mainly contained in the company’s Act and the Public Accountants and Auditor’s Act, while professionally, candidates  will be  able to understand the importance of ethical  behavior, and identify issues relating to: integrity , objectivity, competence, confidentiality and courtesy behavior amongst other.


In the assessment they may be required to:

  1. Outline the process of obtaining an audit engagement.
  2. State the contractual requirements between the auditor and other parties in the engagement.
  3. State the qualifications requirement under the Companies Act and the Public Accountants and Auditors Act for a person or a firm to be engaged to carry out a statutory audit.
  4. State the auditor’s and entity directors or management respective duties and rights during the engagement as provided for by the Companies Act.
  5. Explain the auditors’ contractual performance expectations and resulting liability for negligence.
  6. Explain the auditors’ responsibility and liability with respect to money laundering and other illegal acts or non-compliance with other relevant laws and regulations.
  7. State the role of ethical code and identify features of the professional ethics adopted by the IFAC, and how they work in public interest.
  8. Suggest courses of actions that may be taken to resolve ethical conflict of interests relating to the ethical fundamental principles identified.
  9. State the importance of confidentiality, identifying the risk of accidental disclosure of client’s information, and stating exceptional cases when this may not apply.
  10. Define objectivity and independence and recognize why those undertaking assurance engagements are required to be independent of their clients.
  11. Identify threats to fundamental ethical principles and independence of auditors as identified by the IFAC, and possible safeguard to eliminate or reduce such threats.
  12. Audit planning, internal controls and substantive tests

Candidates will be able to plan and select methods of obtaining sufficient and appropriate evidence from which conclusions can be drawn, or reference to senior colleagues where necessary.  In the assessment, candidates will be able to do the following:



  1. Describe appropriate tasks and procedures to understand the client’s entity’s business and its environment before any ground work can be carried out.
  2. Identify audit risk associated with the client and set appropriate materiality levels, including determination of whether or where there is need to gather evidence on sampling basis.
  3. Develop an audit strategy and draw an audit program including determination of the nature, extent and timing of specific audit tests and procedures.


Internal Controls

  1. Define internal controls and state the reasons for organizations having effective systems of control.
  2. State why the auditor needs to identify the entity’s main areas of a business and test the effectiveness of its control systems.
  3. Identify the components of internal control in both manual and IT environments including: the overall control environment, preventive and detective controls and internal audit.
  4. Define and classify different types of internal control, with particular emphasis on those which impact upon the quality of financial information.
  5. Show how specified internal controls mitigate risk and state their limitations.
  6. Explain internal control challenges in a small entity
  7. Identify internal controls for an organization in a given scenario and explain the testing of controls in various aspects.
  8. Identify and explain internal controls in a computerized environment
  9. Identify internal control weaknesses in a given scenario, state the possible eventualities of such weaknesses and suggest possible improvements.
  10. Identify the process through which the auditor can communicate to those charged with governance of a specified organization.

Substantive Testing

State the nature and attributes of good audit evidence

Explain financial statements assertions and state techniques that may be employed to gather audit evidence.

Carry out detailed tests of elements of financial statements, including collection and evaluation of samples thereof.

Design and carryout appropriate tests in clients’ computerized systems, including use of computer assisted audit techniques (CAATs).

Explain the advantages and disadvantages of using CAATs

  1. Review and Reporting

Candidates will be able to carry out overall reviews of financial and other information related to the financial statements under audit to form an overall conclusion on financial statements to report on them.

In the assessment, candidates may be required to:


Overall Reviews

  1. Perform appropriate analytical reviews and consistency reviews to see whether information as a whole make sense.
  2. Assess whether opening balances for the current period financial statements were properly brought forward from previous periods and whether all the comparative information from previous periods has been properly disclosed, and they seem to be consistent with current period.
  3. Review any event occurring after the reporting date and whether they have any effect on financial statements under review.
  4. Seek any other additional information and explanations through management representations.


  1. Identify key parties to the audit engagements and demonstrate awareness of other immediate stakeholders to the report and the auditors’ responsibility towards them.
  2. Identify key parts and appropriate wording in the audit report. (new reporting format effective 15 December 2016)
  3. Identify and explain all forms of modification to the reports and circumstances under which such modifications are appropriate.
  4. Identify and state the purpose and contents of the management (weaknesses) letter issued to those charged with governance of an entity in addition to the main report.




Nature and purpose of assurance engagement and corporate governance principles  






Topic list


  1. The objective and nature of assurance engagement
  2. Types of assurance engagements


Learning outcomes


By the end of this chapter students should be able to:  Define the concept of assurance

  • Identify five elements of an assurance engagement
  • Know the professional framework which regulates accountancy profession.
  • Explain the meaning of limited and reasonable assurance reports
  • Give example of assurance and non assurance services




This chapter looks at the concept of assurance as it relates to auditing and other engagements performed by professional accountants. It starts with outlining the objective and nature of assurance engagement and ends with explaining different types of assurance engagements.


1           The objective and nature of assurance engagement


An assurance engagement is one in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the outcome of the evaluation or measurement of a subject matter against criteria.


The above definition displays the following elements:


  • A three party relationship involving: a practitioner, a responsible party, and intended users.
  • Subject matter: for example data – business projections, system or processes
  • Suitable criteria: for example accounting standards, quantity surveying standards
  • Sufficient appropriate evidence: for example information is required to support the conclusion.
  • Written assurance report in appropriate form.


Objective and nature of assurance engagements


Traditionally, the ‘assurance’ role of the professional accountant has mainly been concerned with provision of audit services within a statutory framework – the audit of published annual financial statements. An audit provides a high level (but not absolute level) of assurance. The requirement for an audit of the annual financial statements therefore has the objective of adding ‘assurance’ (or ‘credibility’) to the financial statements under audit.


However, the management of companies and other organisations are required or expected to report to stakeholders on a wide range of information, both financial and non-financial, that is not subject to statutory audit. This might include such matters as:


  • corporate governance issues, including risk assessment and internal control systems
  • e-commerce and the operation of e-commerce activities
  • systems reliability
  • performance measurement (both financial and non-financial)  value for money (VFM).


Although information about these matters may not be subject to a statutory audit, it is often considered important that the information should have credibility. Credibility may be obtained from an assurance report provided by a professionally qualified accountant.


To appreciate the concept of assurance it is important to know the professional framework under which such services are regulated. The table below outlines the professional structure and the roles of each body within it to appreciate the context and concept of assurance engagements from the IFAC perspective.


The International Framework for the accountancy profession


IASB IAASB IPSASB IAESB IAESB Other Boards and  Committees  























Other professional pronouncements


The International Federation of Accountants (IFAC) is a representative body of the accountancy profession worldwide whose aim is to develop and enhance the profession to enable it to provide services of consistently high quality in the public interest. Its membership comprises over a hundred world national and regional professional regulators and other accountancy bodies such as SOCAM, the East, Central and Southern African Federation of Accounts (ECSAFA), Institute of Chartered Accountants in England and Wales (ICAEW), Chartered Institute of Management Accountants (CIMA), association of Certified Chartered Accountants (ACCA) amongst many. It works in close cooperation with top world economic bodies such as World Bank, IMF and the OECD. IFAC operates through several boards under it, each being responsible for specialized issues.


The International Accounting Standards Board (IASB) issues International Financial Reporting Standards (IFRS), formerly, International Accounting Standards (IAS) to guide preparers and users of financial statements.


The International Audit and Assurance Standards Board (IAASB) issues International Standards on Audit (ISA) and International Audit Practice Statements (IAPS) used to guide the audit process and procedures on historical financial statements. It also issues International Standards on Assurance Engagements (ISAE), for other forms of assurance services, International standards Review Engagements (ISRE) and International Standards on Related Services (ISRS) to guide services which are non-assurance in nature.


Other notable boards include; the International Public Sector Accounting Standards Board (IPSASB) which issues International Public Sector Accounting Standards (IPSAS) used by governments and government related institutions, the International Accounting Education Standards Board (IAESB) which issues professional accountants’ International Education Standards (IAES) used by professional accountancy examining bodies as a guide for minimum expected accountancy competence for their members. The International Ethical Standards Board (IESB) has issued the Code of Ethics for Professional Accountants (CEPA), referred to in short as the Code of Ethics, and other such relevant bodies which have issued other relevant pronouncements.


Students who have already attempted the accounting course are likely to have encountered some relevant IAS/IFRS or their national equivalents. Other relevant standards or pronouncements with the profession are referred to in the relevant areas where they are suitably covered.


The International Framework for Assurance Engagements is a series of pronouncements that came into effect on 1 January 2005.

The Framework makes a distinction between:

  • audits and reviews of historical financial information (regulated by ISAs and ISREs), and
  • assurance engagements other than audits and reviews of historical financial information. These engagements are regulated by International Standards on Assurance Engagements (ISAEs).


Guidance on the conduct of assurance engagements is provided by:

  • the International Framework for Assurance Engagements, and
  • International Standard on Assurance Engagements (ISAE) 3000


A statutory audit, which is the main focus of the manual, is therefore an assurance engagement regulated by the ISAs. It is also governed by the relevant national laws, such as the Companies Act. The conduct of those involved in provision of the accountancy services, including assurance ones is regulated by the Code of Ethics. Details of the afro mentioned regulations are outlined in the relevant progressive text materials.


  • Types of assurance engagements


There are two general types of assurance engagements identified by the standards.

  • An assertion based engagement where the accountant declares that a given premise (assertion) is either correct or not.
  • A direct reporting engagement, where the accountant reports on issues that have come to his attention during his evaluation.


There are also two identified levels of assurance:

  • Reasonable levels of assurance, such as that of an audit, where the practitioner concludes that the subject matter materially conforms with the criteria.
  • Limited level of assurance, ie. the practitioner has no reason to believe that that a subject matter does not conform with the criteria


An absolute assurance cannot be issued in the above engagements due to the inherent limitation in the process as a result of:

  • the lack of precision often associated with the subject matter  the nature of the evidence available  the timescale involved.


Reasonable level of assurance


In order for an assurance service to be provided on a subject matter, it must have several characteristics such as:

o Must be identifiable o Must be capable of consist evaluation and measurement o It must also be capable of being subject to procedures and evidence gathering.


Where a reasonable level of assurance is given, the risk attached to the assignment is at a sufficiently low level to enable the practitioner to give positive assurance.

Reasonable assurance can only be given in the following circumstances:

  • the subject matter of the assurance service engagement is the responsibility of another party, and
  • the subject matter is identifiable and can be subjected to evidence-gathering techniques.


In other words, a reasonable level of assurance can be given only if the accountant is carrying out an assignment that looks at information that has not been prepared by the accountant (or relates to some other subject matter that is not the responsibility of the accountant). In addition, the accountant must be able to obtain sufficient evidence for giving a positive opinion.


Limited level of assurance


Where only a limited level of assurance is given:

  • the risk is higher than that for an engagement where the accountant is able to give a reasonable assurance, but
  • the risk is sufficiently low to allow for a ‘negative’ expression of the accountant’s conclusions (a negative opinion, as in a review report).


2.1         Examples of typical assurance and non assurance engagements


Statutory audits


The statutory audit is an assertion based engagement. This is because the auditor’s opinion is given in relation to the assertions made by the directors in the financial statements, analyzed as follow:

Three party relationship

  • Practitioner  Auditor
  • Responsible parties Management/directors o Intended users  shareholders o Subject matter  financial statements
  • Criteria accounting standards and relevant national law o Conclusion  truth and fairness
  • Level of assurance high (rendered as reasonable assurance)


In this type of engagement the auditor issues a positive assurance by stating in his report whether financial statements show a true and fair view or not of the entity’s performance and state of affairs for a given period.


Review of prospective financial information (PFI)


This engagement has all the elements as in the audit on historical financial statements above. It involves reviewing and reporting on the reasonableness of the assumptions a responsible party used in preparation of PFI such as profits forecasts.


By their nature, forecasts are only intentions whose actual results are likely to be different from the forecasts results. This is a typical example of a limited level of assurance where the practitioner will issue a negative expression of his conclusion, i.e. that the practitioner has no reason to believe that that a subject matter does not conform with the criteria. Specifically, the practitioner will state in his report that; based on our examination of the evidence supporting the assumptions, nothing has come to our attention that causes us to believe that these assumptions do not provide a reasonable basis for the forecast.


Attestation Engagements

An attestation engagement is an engagement in which a practitioner, by virtue of issuing a report, provides some level of assurance on information that is the responsibility of another party.

Non-assurance engagements

Audit/Accounting firms may also provide other non audit services to their clients such as;

  • To perform agreed-upon procedures regarding financial information
  • To compile financial information
  • Liquidation and receivership work
  • Compilation of tax returns, tax planning and advice to clients. Etc
  • Forensic investigations and audits

A forensic investigation is a forensic audit carried out in response to a suspicion of wrong-doing, usually to prove or disprove certain assumptions, for example,

  • A person or group are carrying out a fraud
  • A person was negligent in carrying out his work
  • To substantiate an insurance claim or to provide evidence to a court of law, etc


The objective of a forensic investigation is to obtain evidence that might be used in legal proceedings to resolve a dispute or prove innocence/guilt in a criminal case, such as providing evidence of money laundering. Often forensic investigations are usually reactive, meaning that they seek to prove or disprove suspicions of wrongdoing and provide evidence for legal proceedings. Reporting on forensic audits should be suitably framed to reflect the type of assurance required in the engagement.

End of chapter question

Question 1


Auditors are frequently required to provide assurance for a range of non-audit engagements.



  • State five elements of an assurance engagement                                10 Marks
  • Give reasons why it is not appropriate to give an absolute assurance 4 Marks
  • Give three examples of assurance and non assurance services a professional accountant may be engaged to carry out.   6 Marks

End of chapter question


Question 1

Auditors are frequently required to provide assurance for a range of non-audit engagements.


(Visited 1,019 times, 1 visits today)