1.1Business risk is the collective risk faced by a company that engages in business. It encompasses all threats to and organization’s goals and objectives. It includes the chance that customers will buy from competitors, that product lines will become obsolete, that taxes will increase, that government contracts will be lost, or that employees will go on strike.
1.2The conditions of complexity, remoteness, time-sensitivity, and consequences increase demands by outside users for relevant, reliable (useful) information. They cannot produce the information for themselves because of these conditions. Company managers and accountants produce the information.
1.3Information risk, in contrast to business risk, is the risk (probability) that the information (mainly financial) disseminated by a company will be materially false or misleading. This risk creates the demand for objective outsiders to provide assurance to decision makers.
1.4Students can refer to the AAA and AICPA definitions in Chapter 1. Some instructors may want to extend the consideration of definitions to include the internal and governmental definitions (located in Module D).
In response to “What do auditors do?,” students can refer to Exhibit 1.2 and respond in terms of: (1) obtaining and evaluating evidence about assertions management makes about economic actions and events, (2) ascertaining the degree of correspondence between the assertions and the appropriate reporting framework, and (3) providing an audit report (opinion). Students can also respond more generally in terms of “lending credibility” to financial statements presented by management (attestation).
1.5An attest engagement is: “An engagement in which a practitioner is engaged to issue or does issue a written communication that expresses a conclusion about the reliability of a written assertion that is the responsibility of another party.” To attest means to lend credibility or to vouch for the truth or accuracy of the statements that one party makes to another. The attest function is a term often applied to the activities of independent CPAs when acting as auditors of financial statements.
1.6Assurance engagements are independent professional services that improve the quality of information, or its context, for decision makers. Since information (financial statements) are prepared by managers of an entity who have authority and responsibility for financial success or failure, an outsider may be skeptical that the information is objective, free from bias, fully informative, and free from material error, intentional or inadvertent. The services of an independent-CPA auditor helps resolve those doubts because the auditor’s success depends upon his independent, objective, and competent assessment of the information (e.g., the conformity of the financial statements with the appropriate reporting framework). The CPA’s role is to lend credibility to the information; hence the outsider will likely seek his independent opinion.
1.7CPAs serve as independent intermediaries who lend credibility to information. Hence, assurance services are natural extensions of the well-regarded audit and attest services.
CPAs can use their expertise in internal control and measurement methods.
Assurance services are natural extensions of attestation services, which earlier evolved from financial statement audit services.
Attestation and audit services are highly structured and intended to be useful for large groups of decision makers (e.g., investors, lenders). On the other hand, assurance services are more customized and intended to be useful to smaller, targeted groups of decision makers. In this sense, assurance services bear resemblance to consulting services.
1.8There are four major elements of the broad definition of assurance services:
Independence. CPAs want to preserve their attestation and audit...