Types of Review Engagements

By /

Review engagements are a type of assurance service where an independent practitioner performs limited procedures to provide moderate assurance that financial or non-financial information is free from material misstatements. Unlike audits, which involve extensive testing and provide reasonable assurance, review engagements rely primarily on inquiries and analytical procedures, resulting in limited assurance. Review engagements are valuable for organizations that require a level of credibility in their reports without undergoing a full audit. They are commonly used for interim financial reporting, compliance checks, and non-financial disclosures.

1. Financial Statement Reviews

Financial statement reviews are the most common type of review engagement. They involve an independent practitioner reviewing an organization’s financial statements to provide limited assurance that they are free from material misstatement.

A. Key Characteristics

  • Objective: To provide moderate assurance that the financial statements are presented fairly, in accordance with applicable accounting standards.
  • Level of Assurance: Limited assurance, based on analytical procedures and inquiries rather than detailed testing.
  • Applicable Standards: Conducted in accordance with International Standard on Review Engagements (ISRE 2400) or national equivalents.

B. Examples of Financial Statement Reviews

  • Interim Financial Reviews: Reviewing financial statements for quarterly or half-yearly periods to provide stakeholders with timely insights.
  • Small and Medium-Sized Enterprises (SMEs): Offering a cost-effective alternative to full audits for SMEs that do not require statutory audits.
  • Private Company Financial Reviews: Providing assurance for privately held companies seeking financing or investor confidence.

2. Interim Financial Reviews

Interim financial reviews focus on financial statements prepared for periods shorter than a full fiscal year. These reviews are essential for organizations that report financial performance on a quarterly or half-yearly basis.

A. Key Characteristics

  • Objective: To provide limited assurance on interim financial information, ensuring stakeholders that the results are accurate and reliable.
  • Level of Assurance: Limited assurance through analytical procedures and management inquiries.
  • Applicable Standards: Conducted in accordance with International Standard on Review Engagements (ISRE 2410), specifically designed for interim financial information.

B. Benefits of Interim Financial Reviews

  • Timely Reporting: Provides stakeholders with timely information for decision-making.
  • Cost-Effective: Less time-consuming and costly than full audits while still offering assurance.
  • Enhanced Investor Confidence: Assures investors and creditors of the company’s ongoing financial health.

3. Compliance Reviews

Compliance reviews assess whether an organization is adhering to specific regulatory, legal, or contractual requirements. These reviews are crucial in industries subject to strict regulations, such as finance, healthcare, and environmental management.

A. Key Characteristics

  • Objective: To provide limited assurance that the organization complies with applicable laws, regulations, or contractual obligations.
  • Level of Assurance: Limited assurance, focusing on specific compliance areas rather than a full audit of operations.
  • Applicable Standards: May be guided by regulatory frameworks or industry-specific standards.

B. Examples of Compliance Reviews

  • Tax Compliance Reviews: Assessing whether an organization is in compliance with tax regulations and properly reporting taxable income.
  • Regulatory Compliance: Ensuring adherence to financial regulations such as anti-money laundering (AML) laws or healthcare regulations like HIPAA.
  • Contract Compliance Reviews: Verifying that an organization meets the terms and conditions of specific contracts or agreements.

4. Internal Control Reviews

Internal control reviews evaluate the design and effectiveness of an organization’s internal control systems. These reviews provide limited assurance that internal controls are operating effectively to prevent errors, fraud, and inefficiencies.

A. Key Characteristics

  • Objective: To assess whether internal controls are properly designed and implemented to mitigate risks and ensure accurate reporting.
  • Level of Assurance: Limited assurance, often focusing on specific areas like financial reporting, procurement, or IT systems.
  • Applicable Standards: May follow frameworks such as COSO (Committee of Sponsoring Organizations) for internal control evaluation.

B. Examples of Internal Control Reviews

  • Sarbanes-Oxley (SOX) Section 404 Reviews: Evaluating the effectiveness of internal controls over financial reporting for public companies.
  • Operational Control Reviews: Assessing controls over procurement, payroll, or inventory management processes.
  • IT Control Reviews: Evaluating the security and effectiveness of information technology systems and data management practices.

5. Sustainability and ESG Reviews

Sustainability and ESG (Environmental, Social, and Governance) reviews provide limited assurance on non-financial disclosures related to an organization’s sustainability practices and social responsibility initiatives.

A. Key Characteristics

  • Objective: To provide stakeholders with confidence that sustainability and ESG reports accurately reflect the organization’s performance and commitments.
  • Level of Assurance: Limited assurance, focusing on the accuracy and completeness of non-financial data.
  • Applicable Standards: Conducted in accordance with frameworks such as the Global Reporting Initiative (GRI) or the Sustainability Accounting Standards Board (SASB).

B. Examples of Sustainability and ESG Reviews

  • Carbon Emissions Reporting: Reviewing the accuracy of greenhouse gas emissions disclosures.
  • Social Impact Assessments: Verifying the organization’s social initiatives, such as community engagement or diversity programs.
  • Governance Reviews: Assessing governance practices, board structure, and compliance with ethical standards.

6. Agreed-Upon Procedures (AUP) Reviews

Agreed-upon procedures (AUP) reviews involve the practitioner performing specific procedures as agreed with the client, focusing on particular aspects of financial or non-financial information. While not technically assurance engagements, they share similarities with review services.

A. Key Characteristics

  • Objective: To carry out specific procedures related to financial data, compliance, or operational processes and report factual findings without providing an overall opinion.
  • Level of Assurance: No assurance is provided; the practitioner reports findings based on the agreed procedures.
  • Applicable Standards: Conducted in accordance with International Standard on Related Services (ISRS 4400).

B. Examples of Agreed-Upon Procedures Reviews

  • Verification of Sales Transactions: Confirming the accuracy of sales data for a specific period.
  • Inventory Count Verification: Performing physical counts to verify inventory levels.
  • Compliance with Contractual Terms: Ensuring that specific contract requirements have been met.

7. Due Diligence Reviews

Due diligence reviews are conducted during mergers, acquisitions, or investment decisions to assess the financial, operational, and legal standing of a target company. These reviews provide limited assurance to buyers or investors about the risks and opportunities associated with a transaction.

A. Key Characteristics

  • Objective: To evaluate the financial health, operational efficiency, and potential risks of an organization involved in a business transaction.
  • Level of Assurance: Limited assurance, focusing on specific areas such as financial performance, legal compliance, or operational risks.
  • Applicable Standards: May follow industry best practices or specific client requirements rather than standardized assurance frameworks.

B. Examples of Due Diligence Reviews

  • Financial Due Diligence: Reviewing financial statements, tax records, and cash flow to assess the financial stability of a target company.
  • Operational Due Diligence: Evaluating the efficiency of business operations, supply chain management, and human resources.
  • Legal Due Diligence: Assessing compliance with legal and regulatory requirements, including reviewing contracts and intellectual property rights.

8. Performance Reviews

Performance reviews focus on evaluating an organization’s efficiency, effectiveness, and economy in using resources. These reviews are commonly conducted in the public sector but are also relevant in private organizations seeking to improve operational performance.

A. Key Characteristics

  • Objective: To provide limited assurance on the effectiveness and efficiency of an organization’s operations, resource utilization, and service delivery.
  • Level of Assurance: Limited assurance, based on analytical procedures and performance metrics.
  • Applicable Standards: May follow public sector auditing standards or internal performance evaluation guidelines.

B. Examples of Performance Reviews

  • Government Program Evaluations: Assessing the effectiveness of public programs in achieving policy objectives.
  • Operational Efficiency Reviews: Evaluating business processes to identify inefficiencies and recommend improvements.
  • Cost-Benefit Analyses: Analyzing the cost-effectiveness of specific projects or initiatives.

9. IT and Cybersecurity Reviews

IT and cybersecurity reviews evaluate the security, reliability, and performance of an organization’s information systems. These reviews provide limited assurance on the effectiveness of IT controls, data protection measures, and cybersecurity frameworks.

A. Key Characteristics

  • Objective: To provide limited assurance that IT systems are secure, reliable, and aligned with organizational goals.
  • Level of Assurance: Limited assurance, based on evaluating system controls and cybersecurity practices.
  • Applicable Standards: May follow frameworks like ISO 27001 for information security management or COBIT for IT governance.

B. Examples of IT and Cybersecurity Reviews

  • Data Privacy Reviews: Assessing compliance with data protection regulations such as GDPR (General Data Protection Regulation).
  • Network Security Assessments: Evaluating the effectiveness of cybersecurity measures and protocols.
  • System Reliability Reviews: Reviewing the performance and reliability of IT infrastructure and software applications.

10. The Diverse Landscape of Review Engagements

The types of review engagements available today extend far beyond traditional financial statement reviews, encompassing a wide range of financial, operational, and compliance-focused services. Whether it’s interim financial reviews, compliance assessments, internal control evaluations, or sustainability reports, review engagements provide organizations and stakeholders with valuable insights and moderate assurance on the reliability of information. By offering cost-effective, timely, and flexible assurance services, review engagements play a critical role in enhancing transparency, accountability, and informed decision-making in an increasingly complex business environment.

Scroll to Top