Introduction

Learning outcomes
The concept, process and need for assurance
Students will be able to explain the concept of assurance, why assurance is required and the reasons
for assurance engagements being carried out by appropriately qualified professionals.
In the assessment, students may be required to:
• State why users desire assurance reports and provide examples of the benefits gained from them
such as to assure the quality of an entity’s published corporate responsibility or sustainability
report
• Identify the issues which can lead to gaps between the outcomes delivered by the assurance
engagement and the expectations of users of the assurance reports, and suggest how these can
be overcome
• Identify how the assurance provider reports to the engaging party
Specific syllabus references for this chapter: 1b, 1d, 1h
4

Syllabus links
The issue of drawing conclusions and reporting will be looked at in more detail in Audit and
Assurance. Clearly the basic evidence collection that you learn at this level will feed into the drawing
of conclusions at the Professional level.
4

Examination context
Evidence is a very important topic for the exam, and half of this Workbook is dedicated to the
collection of evidence. Gathering evidence on an assurance engagement represents 35% of the
syllabus. In contrast, reporting is a minor area of the syllabus, so you should expect no more than one
or two questions in this area.
4

Chapter study guidance

Use this schedule and your study timetable to plan the dates on which you will complete your study
of Chapter 4 Process of assurance: evidence and reporting.

Topic Practical Study approach Exam approach Self-test questions

significance

1 Evidence This section is Evidence is a very 1, 2

Obtaining evidence important as it important topic for
is the biggest part of introduces some of the exam, and half
any assurance the basic definitions of this Workbook is
engagement, as the and principles of dedicated to the
practitioner needs audit evidence collection of
to be able to justify which are evidence. Gathering
the conclusion developed in later evidence on an
which they publish. chapters. Read assurance
Therefore, through this section engagement
understanding the carefully and represents 35% of
basics of evidence attempt Interactive the syllabus. It is
collection is question 1. therefore crucial that
extremely important. The material on data you are comfortable
analytics (in section with the material in
While training, it is this section, as it is
more likely that you 1.4.1) is important,
as this is a the basis of the
will be involved in subsequent

90 Assurance ICAEW 2023

 Topic Practical Study approach Exam approach Self-test questions
significance

evidence collection developing area of chapters that are

than in preparing practice and one devoted to evidence
reports, but the that may form part in specific areas.
conclusions being of your exam.
drawn from the work
you do in evidence
collection will be
feeding through into
the ultimate report.

2 Reporting You must be aware 3, 4

The report is the of the basic content
published product of an unmodified
of the assurance audit report, and in
engagement and particular the
therefore is also very opinion given. Also
important in practice note section 2.4 on
for both assurance other reports.
providers and users
of information.

Once you have worked through this guidance, you will be ready to attempt the further question
practice included at the end of this chapter.

ICAEW 2023 4: Process of assurance: evidence and reporting 91

 1 Evidence
Section overview
kiem toan tuan thu là toc
• Auditors must obtain sufficient, appropriate audit evidence. kiem toan co ban substantive
control
• Evidence can be in the form of tests of controls or substantive procedures.
• The reliability of audit evidence is influenced by its source and by its nature.
• Audit tests are designed to obtain evidence about the financial statement assertions.

1.1 Evidence
The objective of an assurance engagement is to enable practitioners to express an opinion on
whether the subject of the assurance engagement is in accordance with the identified criteria. There
is an ISA on audit evidence (ISA 500), which we shall look at here.
Remember that audit requires a reasonable level of assurance to be given, and correspondingly
detailed audit evidence needs to be obtained. In a lower level assurance engagement, less evidence
will be required to support the conclusion. We shall look at the sufficiency of evidence obtained in
more detail in a later chapter.
In this section, we shall introduce the audit evidence auditors gather, to enable them to express an
opinion of reasonable assurance on financial statements. We shall look at the process of gathering
evidence in more detail later in this Workbook, particularly in Chapters 5 to 8 and 11 to 13.

Definition
Audit evidence: Information used by the auditor in arriving at the conclusions on which the auditor’s
opinion is based.

Audit evidence includes both the information contained within the accounting records underlying
the financial statements, and other information gathered by the auditors, such as confirmations from
third parties. Auditors are not expected to look at all the information that might exist. They will often
perform their testing on a sample basis, as we shall see in Chapter 11.
In order to reach a position in which they can express a professional opinion, the auditors need to
gather evidence from various sources. There are potentially two types of test which they will carry
out: tests of controls and substantive procedures.

Definitions
Tests of controls: Audit procedures designed to evaluate the operating effectiveness of controls in
preventing, or detecting and correcting material misstatements at the assertion level.
Substantive procedures: Audit procedures designed to detect material misstatements at the
assertion level. Substantive procedures comprise:
• tests of detail (of classes of transactions, account balances and disclosures)
• substantive analytical procedures

We shall look in detail at financial statement assertions later in this chapter.

When the auditors carry out tests of controls, they are seeking to rely on the good operation of the
control system that the company has in place to draw a conclusion that the financial statements give
a true and fair view. The logic is as follows.
• The directors set up systems of internal controls to ensure they report correctly to the
shareholders (we shall look at internal controls in more detail in the next chapter).
• The auditors are required to conclude whether the financial statements give a true and fair view.
• The auditors evaluate the control system put in place to assess whether it is capable of producing
financial statements which give a true and fair view.

92 Assurance ICAEW 2023

 • The auditors test the control system to assess whether it has operated as it was intended to,
therefore giving assurance that the financial statements give a true and fair view.
When the auditors carry out substantive procedures, they are testing whether specific items within
balances or transactions in the financial statements are stated correctly.
ISA Standards require that auditors must always carry out some substantive procedures, because the
limitations in systems of internal control (which we will look at in the next chapter) mean that the
system of controls can never be fully relied on. However, there may also be instances of cases where
it is more appropriate to test controls than to test specific balances or transactions (this will be
discussed more later).

Professional skills focus: Applying judgement

In addition to considering the quality of audit evidence obtained, the auditor should also consider
the relative efficiency of each approach. In an audit area in which there are lots of transactions, for
example, it is likely to be more efficient to test controls than to test substantively; conversely, in some
areas substantive procedures may be more efficient, for instance when testing a small number of
highly material assets.

1.2 Sufficient appropriate audit evidence

ISA (UK) 500, Audit Evidence requires auditors to “obtain sufficient appropriate audit evidence to be
able to draw reasonable conclusions on which to base the auditor’s opinion”. ‘Sufficiency’ and
‘appropriateness’ are interrelated and apply to both tests of controls and substantive procedures.
(ISA (UK) 500: para. 5)
• Sufficiency is the measure of the quantity of audit evidence.
• Appropriateness is the measure of the quality or relevance and reliability of the audit evidence.
How much evidence is required will depend on the level of assurance being offered in an
engagement.
The quantity of audit evidence required is affected by the level of risk in the area being audited. It is
also affected by the quality of evidence obtained. If the evidence is high quality, the auditor may
need less than if it were poor quality. However, obtaining a high quantity of poor quality evidence
will not cancel out its poor quality. The following generalisations may help in assessing the reliability
of audit evidence.

Quality of evidence

External Audit evidence from external sources is more reliable than that obtained
from the entity’s records

Auditor Evidence obtained directly by auditors is more reliable than that obtained
indirectly or by inference

Entity Evidence obtained from the entity’s records is more reliable when related
control systems operate effectively

Written Evidence in the form of documents (paper or electronic) or written

representations are more reliable than oral representations

Originals Original documents are more reliable than photocopies, or facsimiles

Auditors will often use information produced by the entity when obtaining audit evidence, although
this will not always be a strong form of audit evidence. When doing so, the ISA requires that the
auditor ensures it is sufficiently reliable, including “obtaining audit evidence about the accuracy and
completeness of the information and evaluating whether the information is sufficiently precise and
detailed for the auditor’s purposes”. This may be achieved by testing controls in the related area. (ISA
(UK) 315: para. 3)

ICAEW 2023 4: Process of assurance: evidence and reporting 93