ICAEW.com works better with JavaScript enabled.
Owners and managers are engaged in business activities to fulfil the objectives of the organisation. Management has a responsibility for appropriate processes, while the board has responsibility for the governance of the organisation. Within this environment assurance can play a key role in enhancing stakeholder confidence over operations within the scope of the engagement.

Management responsibility [1]

Management, who may also be owners, are responsible for running the business. Accordingly, they are responsible for the subject matter on which an assurance conclusion is sought.

Before entering into an assurance engagement, owners and management need to be confident in positively asserting that the business is meeting the relevant objectives, is compliant with relevant contractual and other legal and regulatory obligations, its operational and/or reporting processes are designed appropriately and operated effectively, and its data being complete and accurate.

If management themselves are unsure of whether the subject matter is meeting its objectives or unable to support it with evidence, there is little point in engaging to provide a formal assurance opinion.

There may instead be an opportunity to provide internal assurance, advice and recommendations to management. In an assurance engagement, it is usual for the responsible party, normally management, to measure the subject matter and report on the outcome of the measurement in the form of subject matter information. This is known as an attestation engagement.

In other cases, ie where management does not measure the subject matter and prepare the subject matter information themselves, the practitioner gives a conclusion directly on the subject; this is known as a direct engagement.

[1] "Management" may refer to senior management, executive management, the board of directors, or in certain cases, those charged with governance, depending on the context. Here the term is used to refer to those with responsibility for the subject matter.

Four stages of management responsibilities [2]

Practitioners need to identify a series of basic concepts for how owners or management together with those charged with governance operate and control the business or organisation. The concepts set out below may be more formalised and better documented within larger organisations.

Within small or medium sized businesses and other organisations these concepts may be established as an integral part of the intentions and actions of the owners and managers but may not be systematically documented.

[2] Here "management" will normally refer to the executive management and/or the board of directors as appropriate.

These concepts are:

  1. Leading and establishing the tone at the top.
  2. Establishing strategy and aligning objectives.
  3. Implementing processes, policies and procedures.
  4. Utilising information flows to monitor the performance of the business or operations.

The way that owners and management run the business affects the nature of the assurance engagement, as different owners and management may have different ideas to what aspect of their business should be looked at by a practitioner, what should be used as criteria, to whom the report should be addressed, and what evidence may be available.

The degree of monitoring management as evidenced through documentation also affects the nature and scope of assurance engagement. The relationship between the four management concepts/activities and the focus of different assurance engagements is summarised in the table below.

 

Aspect of subject matter

Management activity

Fair description

Suitability of design

Operating effectiveness

Data and/or outcome

Comprehensive report

Tone at the top

 

 

 

Establishing strategy and objectives

 

 

Process and control implementation

 

Monitoring the process and control effectiveness

This table seeks to demonstrate characteristics of assurance engagements that focus on different management activities.

Leadership and tone at the top of the organisation, or key elements of this may best be approached through the practitioner providing an opinion on the fairness of a description of what the management has set out to do thus far. This is because, in the early days, the design suitability and the operating effectiveness of the arrangements may not withstand external scrutiny due to its pervasive and wide ranging ramifications within the organisation.

As strategy and relevant objectives are better developed, the arrangement may become sufficiently formalised and enable assurance reporting over the design suitability of the arrangements in place.

Process implementation and monitoring lends itself to assurance over operating effectiveness. An assurance engagement may then focus on either the operating effectiveness of the processes or the data and outcomes measured against criteria as part of monitoring by management. At this stage, the entire arrangement enables management to report comprehensively on its activities for the benefit of the intended users, which may be the subject matter information for the assurance engagement.

The different management activities and related focuses of assurance engagements can be regarded as a potential progression such that more comprehensive assurance is provided as the management and governance of the entity increases in sophistication over time.

From the practitioner’s point of view, the main factors affecting the practitioner’s approach to an assurance engagement will be further defined by a number of factors, in particular the needs of the users:

  • Who will benefit from or use the information?
  • Why do they require assurance?
  • What is their underlying need?

ICAEW's assurance resource

This page is part of ICAEW’s online assurance resource, which replaces the Assurance Sourcebook.

Find out more
lamp

Join the Audit & Assurance Faculty

Stay ahead of the rest with our comprehensive package of essential guidance and technical advice.

ICAEW's Audit and Assurance Faculty can help you stay ahead of the curve with its essential guidance and technical advice.
Buyer's guide to assurance on non-financial information

Find out more about the 'Buyer's guide to assurance on non-financial information' from WBCSD.

Find out more
Open AddCPD icon

Add Verified CPD Activity

Introducing AddCPD, a new way to record your CPD activities!

Log in to start using the AddCPD tool. Available only to ICAEW members.

Add this page to your CPD activity

Step 1 of 3
Download recorded
Download not recorded

Please download the related document if you wish to add this activity to your record

What time are you claiming for this activity?
Mandatory fields

Add this page to your CPD activity

Step 2 of 3
Mandatory field

Add activity to my record

Step 3 of 3
Mandatory field

Activity added

An error has occurred
Please try again

If the problem persists please contact our helpline on +44 (0)1908 248 250