Compilation and review engagements are similar to audit engagements in a few ways. In all three types of engagements, the CPA performs certain procedures in accordance with professional standards before issuing a report on a set of client financial statements. The major difference between those engagements is the level of assurance the CPA provides in the report.
An audit provides the highest level of assurance. In an audit engagement the CPA will carry out procedures to obtain an understanding of internal controls, and perform substantive tests of transactions. They will also use analytical procedures on financial data and perform tests of details on account balances. In order to get this understanding of internal controls, the auditor will examine the organization’s operations. That would include documenting control procedures (e.g. cash receipts, cash disbursements, payroll), the approval process, accounting procedures and governance. An audit extends the work beyond the numbers on the financial statements. You can consider an audit as half financial and half operational. Most audits would require onsite visits and inspections, interviews with staff and governance, and confirmations with outside parties. These intense procedures are what makes the Audit Report on the financial statements such a higher level of assurance. Additionally, the auditor is required to report certain types of deficiencies in the organization’s internal controls in letter format (to management and the board). This letter, known as a management letter or internal control letter, is not part of the Audit Report attached to the financial statements , but is often requested by funders and other interested parties. Some states (currently not New York) require any written communications from the auditor to be submitted annually, this would include the management letter. All the audit procedures , including those mentioned above, have to be documented in detail. Auditors are also audited in a process called “Peer Review”. During a Peer Review, the Auditor’s workpapers are examined to make sure all procedures are done and documented correctly. The high assurance stakeholders get from an audit comes at a high cost. The service is time intensive and requires specialized skills which adds up to ever increasing fees for the organization needing such a service. Being in a specialized industry, such as Nonprofit, only adds to the cost.
A Review Report expresses limited assurance that there are no material modifications that should be made to a set of financial statements in order for them to be in conformity with a particular basis of accounting. A Review Report provides less assurance than an Audit Report, but also requires less work by the CPA, which results in a lower fee. In a review engagement, the CPA will use analytical and other procedures on the financial data.
A Compilation Report does not express an opinion or provide any assurance about the fairness of a set of financial statements. In this type of engagement, the CPA merely submits client information in the form of financial statements, and is not required to perform any verification procedures.
Not For Profit Organizations are often required to have a CPA Audit or Review because of state requirement or at the request of funders.
We have useful guide to understanding the different levels of service the Certified Public Accountant performs.