A CPA is often approached by organizations about performing an audit or an examination of the financial statements. An audit may be required due to various circumstances ranging from obtaining bank financing; construction bonding; complying with grants; or it may be Board initiated.
Before an entity goes shopping for an audit, management should take the time to assess: the objective for obtaining the audit; external and internal costs of an audit; the organization’s readiness for an audit; other possible engagement options CPAs can perform different levels of attestation engagements.
Audits are probably the single most attestation service most people think of first. However, depending on needs and circumstances, a financial statement review engagement or specifically designed agreed-upon-procedures (AUP) engagement may be a more cost-effective engagement for a business to undertake.
A common misconception is that audits include testing transactions of an entity with the purpose of identifying fraud. While an audit does address fraud risks, its purpose is for the CPA to express an opinion as to whether the financial statements are in accordance with Generally Accepted Accounting Principles (GAAP) or other basis of accounting. Fraud may be detected during an audit, but detection of fraud is not the primary objective. Audits also vary in scope and complexity. Organizations accepting grants and/or federal awards may be subject to additional audit requirements.
The costs of attest engagement will vary depending on the level of service and the complexity of the organization. Audits are generally the most extensive with AUP engagements being less complex with limited testing. While the deliverable of a review engagement is similar to an audit, a review provides only limited assurance with GAAP conformity and is a less extensive process. It’s important for management and boards to understand the objective or requirement for obtaining an audit or attest service, the external and internal costs of the attest service desired, and the organization’s readiness for the attest services sought prior to communicating with us.