What is the difference between assurance and attestation service?

Attest is an engagement that requires independence. This includes audits, reviews, compilations, attestation and assurance services.

Table of Contents Show

Audits: Investigating Aspects of Your Organization
Attestation: Checking the Validity of Data and Internal Controls
Assurance: Building Confidence by Examining the Credibility of Information
Getting Reliable Auditing, Attestation and Assurance Services

Attestation is an engagement where a written report is issued on something other than historical financial statements. Examples are: agreed upon procedures, attest to the MD&A, reporting on internal controls for nonissuers, prospective F/S, and Pro Forma F/S.

Finally, assurance services is defined as independent professional services that improve the quiality of information for decision makers. Examples include: risk assessment, performance measurement, ElderCare (or PrimePlus), WebTrust, SysTrust, e-commerce.

I had to laugh when I read the title of your post because I really struggled with this one too. And I just took AUD on Monday. So, I may not be laughing when I get my scores, we'll see…

I disagree a bit with the previous poster. My understanding is that:

*Assurance services are a broad category of services designed to improve the quality of decision making by improving confidence in the information on which decisions are made.

*Attestation services are a subcategory of assurance services. They require independence and result in a report. They include examinations, reviews, and agreed upon procedures. Compilations are NOT included because they don't require independence.

*Audits are are subcategory of attestation services. They are examinations of historical financial statements.

Historical financial reporting = auditing (SAS – private – PCAOB – public)/

review/compilation (SSARS – private – PCAOB – public)

Interim financial reporting (SAS – private/PCAOB – Public)

Non-historical financial reporting – other services = attestation (SSAE – private and PCAOB – public)

cah2c, effective July 1 of this year, compilations require independence; however, the accountant may do a compilation if there is a lack of independence if they state this fact in the compilation report, or if no report, in the engagement letter. This came straight from my AUD review materials.

Thanks!!!!! You guys made my day 🙂

@cah2c i think you are right. I'm guessing Compilations are a subcategory of Assurance services?

Another74CPA- Yes, I believe they are a type.

Compilations are just the accountant taking the accounting data provided by management and creating financial statements. In other words, you're compiling financial statements. In the report, accountant says this is responsibility of management, no assurance is done, no opinions.

There is no assurance or any kind of opinion stated.

One possible exception to the above is if one of the numbers really jumps out and slaps you in the face. “$50,000 for petty cash for a small firm?????” Then I think you have to put something in the report that the number appears to be out of line.

Here is a Break Down for the different Reports and their Authoritative Standards (previuosly answered, it's just an easier breakdown for better understanding)

Public Companies – ISSUERS:

Auditing of Historical Financial Statements – PCAOB Review of Interim Financial Statements – PCAOB Review & Compilation of Historical Financial Statements – PCAOB

Attestation Services on non-historical financial information – PCAOB

Listen to: "Learn What Attestation, Assurance and Auditing Means in the CPA Industry"

When working as certified public accountants, we try to help our clients understand the importance of our services that can assist them in making vital business decisions for their companies. In this manner, we build trust and reliability in regards to the information and reports we create for our clients. Yet often, the terms used in the accounting industry can leave people scratching their heads.

One of the most common questions we are asked about involves trying to understand what the words “attestation, assurance and auditing” means. There are many similarities with these terms — they even sound somewhat the same — as people wonder if they simply need to get an assurance service done or whether an audit provides attestation services.

To help provide further clarity, we’ve developed this simple guide so you can understand the differences between attestation, assurance and auditing in the accounting, IT and compliance business environments.

Audits: Investigating Aspects of Your Organization

Audits are evaluations and investigations regarding a specific aspect of your organization. During the course of an audit, information and data is gathered that can help spot a weakness in operational controls in your financial department, potential workplace dangers, or certain IT risks that can affect the security of your company. Audits can come in many forms:

Accounting audits
Compliance audits
Human resource or safety policy audits
Operational audits
IT procedures audits

So, in essence, an audit can be performed of financial transactions for your organization or can review non-financial aspects of your operations. They are designed to allow an auditor to provide an unbiased evaluation of the gathered information and to discover any gaps in internal controls or systems that are currently in place.

Then a report can be made and given to the business owner or manager so they can evaluate the issues that need to be addressed. An audit can be performed internally by a manager or supervisor, or you can be obtained as an external audit from a third-party firm.

Attestation: Checking the Validity of Data and Internal Controls

Certified public accountants also can perform attestations for organizations in addition to audit reporting, or provide it as a separate service. An attestation basically takes all the data and information that has been gathered and checks its validity based upon agreed-upon procedure engagements. An organization can also request attestation to be performed regarding compliance procedures, reviews on internal control functions, and reporting on financial forecasts, projections or pro forma data.

More often than not, attestation and auditing services can sometimes be confused with each other. One of the things to keep in mind to differentiate each of these services is that audits are performed to discover data, risks, or compliance issues that may not have been known before the audit took place, and attestation is to evaluate and review how true the data or information is when compared to a stated purpose, internal control or system.

For example: an organization may want to discover whether their operations are in compliance with a certain set of government regulations for their industry. An audit may be performed to look for gaps in their compliance procedures as an issue may be discovered. Then the organization can seek an attestation to the reported information.

The attestation engagement examines the issue to check if it truly falls outside the parameters of the compliance standard as an opinion is given about the compliance issue. Then the business can take the necessary steps to bring their operations back into compliance as well as set risk management policies in place to prevent the issue from reoccurring.

Assurance: Building Confidence by Examining the Credibility of Information

When companies do business with other organizations, trying to raise money from outside investors, or are even engaging in merger deals, they need to be reassured that the data and information presented is accurate and credible. This instance is when assurance services come into play. Assurance work provided by a certified public accountant aims to substantiate the data that is presented. The accountant will give their opinion regarding the information that can be used by the company to make a decision.

So an investor may ask for assurance work to check the financial information in regards to a company that has asked for funding. The certified public account would review the gathered information and put it through given procedures before providing a report so that the investor can trust the given data before agreeing to the financial transaction.

An assurance service basically provides three main goals for an organization:

Helps the company’s reputation that it is presenting truthful information regarding their data, internal controls and systems
Assists companies to make the best decisions for their operations to promote financial growth
Increase credibility in the provided information that can lead to lower transaction costs and better resource allocations

Assurance services can be used toward a wide range of purposes. A company may want to check to ensure all financial information is accurate. They may also desire assurance services to see if a company abides by all established regulations and compliance standards.

Getting Reliable Auditing, Attestation and Assurance Services

Using an independent third-party to perform auditing, attestation and assurance services can ensure that you receive unbiased reports and informative opinions in regards to the procedures, protocols, internal systems and accounting data used throughout your organization. I.S. Partners, LLC is a certified public accountant firm who offers these services to a range of organizations so they can better manage operational risks and stay in compliance with regulations so the business can increase their profits.

We can provide SOC 1 services, IT assurance and compliance services to meet the demanding needs of your business. Contact our firm today by sending us a message or calling us at 215-675-1400 to learn more about our work.