Key differences between audits and reviews

When it comes to obtaining assurance over a financial report there are two main types of engagements which can be performed by audit practitioners or audit firms (“auditor”). 

1. Audit engagements; or
2. Review engagements. 

Both are essential for maintaining reliable financial reporting although the engagement type provides varying levels of assurance to users of the financial information. 

Understanding the distinctions between the two types of engagements is critical for users of the financial information as this information enables shareholders and other stakeholders to make assessments and decisions, such as investing, divesting, lending or contracting with an entity. 

What is assurance? 

An assurance engagement is where an independent auditor expresses a conclusion designed to enhance the confidence of the users that the entity’s reported information is accurate, complete, and free from material error or misstatement.

Types of assurance

Reasonable Assurance: 

This is the highest level of assurance and is typically performed in an audit engagement and is commonly referred to as positive assurance.

The auditor assesses what risks of material misstatement are present and then undertakes detailed testing of an entity’s data.  The auditor also obtains an understanding of the internal control environment, and considers the appropriateness of significant estimates and judgements, to gather sufficient appropriate evidence to reduce the risk of material misstatement of the financial report, or other subject matter, to an acceptably low level.

The risk of material misstatement is never reduced to nil because the auditor can rarely test 100 per cent of transactions and as a result there can never be absolute assurance.

Limited Assurance: 

This is a lower level of assurance and is typically performed in a review engagement and is commonly referred to as negative assurance. 

With limited assurance the auditor typically performs analytical procedures and make inquiries of management and/or those charged with governance. 

Impact of assurance levels

Nature of work performed

Audit

Typical procedures include (but not limited to):

• obtaining a detailed understanding of the entity, its environment, its core systems and key controls;
• assessing what risks of material misstatement may be present in the financial report
• conducting an assessment of the financial reporting framework adopted by management and its appropriateness;
• conducting an assessment of IT systems as they relate to the preparation of the financial report;
• calculate materiality;
• conducting an assessment of the susceptibility of the financial report to material misstatement, whether due to fraud or error;
• performing specific procedures to address the risk of material misstatement due to fraud
• conduct an assessment of entities compliance with applicable laws and regulations;
• an assessment of the significant transaction cycles and evaluation of management controls of those cycles;
• obtaining an understanding of the accounting estimates used in the preparation of the financial report, and testing the basis on which those estimates are made.
• testing of transactions and balances, through a combination of tests of controls, analytical procedures or substantive testing;
• review of managements assessment of the ability of the entity to continue as a going concern; and
• critical review of the financial report to ensure compliance with Australian Accounting Standards.

Review

Typical procedures include (but not limited to):

• obtaining an understanding of the entity, its environment, its core systems and key controls;
• conducting an assessment of the financial reporting framework adopted by management and its appropriateness;
• calculate materiality;
• make inquiries of management to understand significant movements in transactions and balances; and
• undertake analytical procedures to understand key relationships.

Do you have an option to undertake a review?

The ability to be able to elect a review is dependent on a couple of key considerations including:

• does your Constitution or governing document make explicit reference to having an audit undertaken? If so, the option for a review is not available.
• If you are not-for-profit registered with the ACNC and your turnover is less than $3m you may elect to have a review.
• If you are not-for-profit and not registered with the ACNC, you need to refer to your State or Territory legislation to confirm the revenue turnover thresholds.
• If you are a for-profit business and registered with ASIC, you need to refer to the large proprietary company thresholds to determine if you need an audit.  For-profit companies do not have an option to have a review instead of an audit.  However, listed entities are required to have a review of their half-year financial report.

Even if you do not need an audit or review under legislation or your constitution, there may be other instances such as bank agreements, investor/shareholder instructions, grant agreements, or a planned future stock exchange listing, which may require an audit or review to be undertaken.

Cost and time considerations

Audits typically require more time and resources due to the extensive testing and verification processes involved. In contrast, reviews are less detailed, generally making them more cost-effective and quicker to complete. The duration of either engagement depends largely on the size and complexity of an entity’s operations.

In conclusion 

Choosing an audit or a review is mainly a question of your entity’s needs and legal obligations, and the needs of the users of your financial report. While cost should definitely be considered, it should not be the only factor. Proper planning and discussions with your board of directors, those charged with governance and stakeholders will determine that the engagement selected fulfills your assurance needs in the most cost-effective manner.

FOR MORE INFORMATION

To learn more about audit and assurance, or any other RSM services to support your business journey, please contact your local RSM office.