ASSURANCE
MODULE AIM
To ensure that students understand the assurance process and fundamental principles of ethics, and are able to contribute to the assessment of internal controls and gathering of evidence on an assurance engagement.
On completion of this module, students will be able to:
- explain the concept of assurance, why assurance is required and the reasons for assurance engagements being carried out
by appropriately qualified professionals with an attitude of professional scepticism and the exercise of professional judgement; - explain the nature of internal controls and why they are important, document an organisation’s internal controls and identify
deficiencies in internal control systems; - select sufficient and appropriate methods of obtaining assurance evidence and recognise when conclusions can be drawn from evidence obtained or where issues need to be referred to a senior colleague; and
- understand the importance of regulation of the profession and ethical behaviour to a professional and identify issues relating to integrity, objectivity, professional competence and due care, confidentiality, professional behaviour and independence.
- METHOD OF ASSESSMENT
The Assurance exam is 1.5 hours long. The exam consists of 50 questions worth two marks each, covering the areas of the syllabus in accordance with the weightings set out in the specification grid. The questions are presented in the form of multiple choice, multi-part multiple choice, or multiple response.
- ETHICS AND PROFESSIONAL SCEPTICISM
The importance of ethics both as a knowledge area and as a behaviour to be demonstrated is reflected in the syllabus area below ‘Professional ethics’. The learning outcomes cover a range of threats and dilemmas to be identified as well as safeguards and solutions to be resolved. Professional scepticism is included in the requirement for the syllabus area ‘The concept, process and need for assurance’ where students are also required to recognise the need for the exercise of professional judgement.
- SPECIFICATION GRID
This grid shows the relative weightings of subjects within this module and should guide the relative study time spent on each. Over time the marks available in the assessment will equate to the weightings below, while slight variations may occur in individual assessments to enable suitably rigorous questions to be set.
SYLLABUS AREA
The concept, process and need for assurance
Internal controls
Gathering evidence on an assurance engagement
Professional ethics and regulatory issues
Internal controls
Gathering evidence on an assurance engagement
Professional ethics and regulatory issues
The following learning outcomes should be read in conjunction with the relevant sections of the technical knowledge grids at the end of this document.
ASSURANCE
LESSON 1 LESSON 2 LESSON 3 Lesson 4
- THE CONCEPT, PROCESS AND NEED FOR ASSURANCE
- Students will be able to explain the concept of assurance, why assurance is required and the reasons for assurance engagements being carried out by appropriately qualified professionals. In the assessment, students may be required to:
- define the concept of assurance and compare the purposes and characteristics of reasonable and limited levels of assurance obtained from different assurance engagements;
- state why users desire assurance reports and provide examples of the benefits gained from them such as to assure the quality of an entity’s published corporate responsibility or sustainability report;
- compare the functions and responsibilities of the different parties involved in an assurance engagement;
- identify the issues which can lead to gaps between the outcomes delivered by the assurance engagement and the expectations of users of the assurance reports, and suggest how these can be overcome;
- identify the steps involved in obtaining, accepting and agreeing the terms of an assurance engagement;
- identify the process of planning an assurance engagement, including risk assessment and the implications of climate change for an entity’s financial statements;
- define materiality and identify its role in the assurance engagement;
- identify how the assurance provider reports to the engaging party;
- recognise the need to plan and perform assurance engagements with an attitude of professional scepticism and the exercise of professional judgement; and
- recognise the characteristics of fraud and distinguish between fraud and error.
- INTERNAL CONTROLS
- Students will be able to explain the nature of internal controls and why they are important, document an organisation’s internal controls and identify weaknesses in internal control systems. In the assessment, students may be required to:
- state the reasons for organisations having effective systems of control;
- identify the fundamental principles of effective control systems and the risk of overdependence on IT;
- identify the main business processes of an entity and data flows between areas of the business that need effective control systems;
- identify the components of internal control in both manual and IT environments;
- define and classify different types of internal control, with particular emphasis on general IT and information processing controls and identify the difference between preventative and detective controls;
- show how specified internal controls mitigate risk, including cyber risks, and state their limitations;
- identify internal controls or internal control deficiencies for an organisation in a given scenario;
- identify the role of an internal audit function in an organisation; and
- identify, for a specified organisation, the sources of information which will enable a sufficient record to be made of accounting or other systems and internal controls.
- recognise when the quantity (including factors affecting sample design) and quality (including analysis of data) of evidence gathered is of a sufficient and appropriate level, after taking account of sampling risk, to draw conclusions on which to base a report;
- identify the circumstances in which written confirmation of representations from management should be sought and the reliability of such confirmation as a form of assurance evidence; and
- recognise issues arising while gathering assurance evidence that should be referred to a senior colleague.
- PROFESSIONAL ETHICS AND REGULATORY ISSUES
- Students will be able to understand the importance of ethical behaviour to a professional and identify issues relating to integrity, objectivity, professional competence and due care, confidentiality, professional behaviour and independence. In the assessment, students may be required to:
- state the reasons for preparing and keeping documentation relating to an assurance engagement;
- identify the different methods of obtaining evidence, including remote auditing techniques, from the use of tests of control, substantive procedures, including analytical procedures and data analytics software;
- recognise the strengths and weaknesses of the different methods of obtaining evidence;
- identify the fundamental principles underlying the ICAEW Code of Ethics;
- identify the situations within which the different methods of obtaining evidence should and should not be used;
- recognise the importance of integrity, objectivity and independence to professional accountants, identifying situations that may impair or threaten integrity, objectivity and independence;
- suggest courses of action to resolve ethical conflicts relating to integrity, objectivity and independence;
- respond appropriately to the request of an employer to undertake work outside the confines of an individual’s expertise or experience;
- recognise when the quantity (including factors affecting sample design) and quality (including analysis of data) of evidence gathered is of a sufficient and appropriate level, after taking account of sampling risk, to draw conclusions on which to base a report;
- identify the circumstances in which written confirmation of representations from management should be sought and the reliability of such confirmation as a form of assurance evidence; and
- recognise issues arising while gathering assurance evidence that should be referred to a senior colleague.
- PROFESSIONAL ETHICS AND REGULATORY ISSUES
- Students will be able to understand the importance of ethical behaviour to a professional and identify issues relating to integrity, objectivity, professional competence and due care, confidentiality, professional behaviour and independence. In the assessment, students may be required to:
- state the role of regulatory bodies and ethical codes and their importance to the profession and identify the key features of the system of professional ethics adopted by IESBA and ICAEW;
- recognise the differences between a rulesbased ethical code and one based upon a set of principles;
- recognise how the principles of professional behaviour protect the public and fellow professionals;
- identify the fundamental principles underlying the ICAEW Code of Ethics;
- suggest courses of action to resolve ethical conflicts relating to integrity, objectivity and independence;
- recognise the importance of confidentiality, including compliance with GDPR, and identify the sources of risks of accidental disclosure of information;
- identify steps to comply with GDPR and prevent the disclosure of information;
- identify situations in which confidential information may be disclosed, including where reporting suspicions of money laundering;
- identify the following threats to the fundamental ethical principles and the independence of assurance providers:
self-interest threat • self-review threat • management threat • advocacy threat • familiarity threat • intimidation threat;
- identify safeguards to eliminate or reduce threats to the fundamental ethical principles and the independence of assurance providers; and