Procurement Audit as an Assurance /Compliance Engagement
An assurance engagement is an engagement in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the outcome of the evaluation or measurement of a subject matter against criteria.’ Assurance engagements are generally voluntary but may be a requirement imposed on the entity by another party.
Examples of assurance engagements include:
- Annual external audit of procurement records (‘statutory’ assurance)
- Half-year review of results
- Going concern review
- Review of effectiveness of an entity’s procurement IT system
- Review of compliance with corporate governance requirements
An assurance report provides the following benefits to the users of procurement information:
- Independent opinion from an external source that enhances the credibility of the information
- Management bias is reduced
- Modified opinion draws attention to risk
- The relevance of the information may be improved by the expertise and knowledge of the assurance
Elements of an Assurance Engagement
An assurance engagement performed by a practitioner will consist of the following five elements:
- A three party relationship:
- Practitioner – the individual providing professional services that will review the subject matter and provide the E.g. the audit firm in a statutory audit
- Responsible party – the person(s) responsible for the subject E.g. the procurement officers are responsible for preparing the procurement records to be audited
- Intended users – the person(s) or class of persons for whom the practitioner prepares the assurance report. E.g. the shareholders in a statutory audit
- Subject matter: This is the data in the procurement records that have been prepared by the responsible party for the procurement auditor to evaluate.
- Suitable criteria: This can be thought of as ‘the rules’ against which the subject matter is evaluated in order to reach an opinion. In a statutory audit this would be the applicable reporting framework (e.g. IFRS. Procurement law and Company law).
- Evidence: Information used by the practitioner in arriving at the conclusion on which their opinion is based. This must be sufficient (enough) and appropriate (relevant).
- Assurance Report: The report (normally written) containing the practitioner’s opinion. This is issued to the intended user following the collection of evidence.