Financial Statement Audits

Financial Statement Assurance Services

• Financial statement audits – A financial statement audit is an independent examination of a company’s financial statements conducted by an external auditor. The purpose of the audit is to provide assurance that the financial statements present a ‘true and fair’ view of the company’s financial performance and position in accordance with relevant accounting standards (such as GAAP). During the audit, the auditor evaluates the accuracy and completeness of the financial records, assesses the internal controls, and examines related disclosures to form an opinion on whether the financial statements are free from material misstatements. This audit enhances the credibility of the financial statements, providing stakeholders, such as investors and creditors, with confidence in the reported financial information.
• Reviews: A financial statement review is a service where an accountant provides limited assurance that a company’s financial statements require no material modifications to comply with the relevant accounting standards (such as GAAP or IFRS). Unlike an audit, a review does not involve assessing internal controls, fraud risk, or other detailed audit procedures, so it offers a lower level of assurance. The accountant must have sufficient knowledge of the entity and its industry to perform the review, while management remains responsible for preparing the financial statements.
• Compilations: A financial statement compilation is a service where an accountant helps a company’s management present its financial statements without providing any assurance that the statements are free from material misstatements or conform to accounting standards like GAAP or IFRS. Unlike audits or reviews, compilations do not involve inquiries, analytical procedures, or an understanding of internal controls.
• SSAE 16 internal service and process audits of IT and data security – SSAE 16 is an attestation standard established by the American Institute of Certified Public Accountants (AICPA) to report on the controls and services provided to customers by service organizations. The report resulting from compliance with these standards is referred to as the Service Organization Controls report or a SOC report. Service organizations can obtain two types of SOC reports: Type I and Type II.
  • Type I Report: This report focuses on the service organization’s description of its controls and the suitability of its design as of a specific date. It provides a snapshot of the controls in place at a given point in time.
  • Type II Report: More comprehensive than the Type I report, the Type II report includes an assessment of the operational effectiveness of the controls over a specified period, usually six to twelve months. This report is considered more valuable as it evaluates the design and implementation of the controls.

• Agreed-upon procedures – An agreed-upon procedure engagement is like an audit on a limited scale. It can be used to identify specific problems that require immediate action. The CPA does not issue a formal opinion; they will only act as a fact finder and issue a report with the procedures performed and the findings.