Thông tư 69/2015/TT-BTC

CIRCULAR

VIETNAM’S FRAMEWORK FOR ASSURANCE SERVICE CONTRACTS

Pursuant to the Law on Independent audit No. 67/2011/QH12 dated March 29, 2011;

Pursuant to the Government's Decree No. 17/2012/ND-CP dated March 13, 2012 on guidelines for some Articles of the Law on Independent audit;

Pursuant to the Government's Decree No. 215/2013/ND-CP dated December 23, 2013 defining the functions, tasks, entitlements and organizational structure of the Ministry of Finance;

At the request of President of Vietnam Auditor Association and Director of the Department of Audit and Accounting,

The Minister of Finance promulgates a Circular on Vietnam’s Framework for assurance service contracts.

Article 1. Vietnam’s Framework for assurance service contracts is promulgated together with this Circular.

Article 2. This Circular applies to audit firms, branches of foreign audit firms in Vietnam, practicing auditors, relevant organizations and individuals during the process of assurance service provision.

Article 3. This Circular comes into force from January 01, 2016.

Article 4. Director of the Department of Audit and Accounting, audit firms, branches of foreign audit firms in Vietnam, practicing auditors, relevant organizations and individuals are responsible for the implementation of this Circular./.

VIETNAM’S FRAMEWORK FOR ASSURANCE SERVICE CONTRACTS

(Promulgated together with Circular No. 69/2015/TT-BTC dated May 08, 2015 of the Ministry of Finance)

Introduction

01. Vietnam’s Framework for assurance service contract contains regulations and instructions on targets and elements of an assurance service, the services that have to comply with Vietnam’s Standards for Audit (VSA), Vietnam’s Standards for Examination (VSRE), and Vietnam’s Standards for Assurance Services (VSAE) (hereinafter referred to as assurance services standards).

02. This Framework is not standardized, which means it does not contain any Regulation and instructions on requirements, principles, or procedures that are compulsory for audit services, examination services, and other assurance services. A report of assurance services must not claim that the services comply with Vietnam’s Legal Framework for assurance service contracts. Instead, it must mention relevant standards for assurance service contracts. Each standard for assurance service contracts contains targets, requirements, instructions, appendices, introduction, and definitions that are consistent with this Framework and are applied to audit services, examination services, and other assurance services. Appendix 01 of this Framework describes the scope and relationship between Standards for ethics of professional accountants, auditors, and relevant standards.

03. This Framework applies to:

(a) Auditors: Auditors are persons who execute assurance service contracts, including members of the Board of Directors in charge of overall execution of the contract, practicing auditors, other members that execute the contract, and, in most cases, audit firms. Whenever this Framework emphasizes necessary qualities or responsibility of members of the Board of Directors in charge of overall execution of the contract or responsibility of the audit firm, the term ”members of the Board of Directors in charge of overall execution of the contract” or “audit firm” must be used instead of “auditor”. The term ”members of the Board of Directors in charge of overall execution of the contract” or “audit firm” are used for the sector of public services where applicable;

(b) Other entities involved in the assurance service contract, including users of the report on assurance services and service buyers;

(c) Drafting Board of Vietnam’s Audit Standard during the process of formulation and promulgation of Vietnam’s Audit Standard, Vietnam’s Standards for examination contracts, Vietnam Standards for assurance service contracts, and instructional documents.

04. Overview of the Framework:

(1) Introduction: This Framework is used for assurance services provided by auditors;

(2) Assurance services: This section deals with assurance services, differences between attestation services and direct assurance services, between reasonable assurance services and limited assurance services;

(3) Scope of the Framework: This section deals with differences between assurance services and other services such as consulting services;

(4) Prerequisite of assurance service contract: This section deals with initial conditions for auditors to agree to execute an assurance service contract;

(5) Elements of an assurance service contract: This section determines and presents 5 elements of an assurance service contract, including: (i) Tripartite relationship; (ii) Subject matter; (iii) Criteria; (iv) Evidence; (v) Report on assurance services. This section presents important differences between reasonable assurance services and limited assurance services. This section also deals with other issues such as subject matters, characteristics of a suitable criterion, risks and materiality of assurance services, method of conclusion for reasonable assurance services and limited assurance services;

(6) Other issues: This section deals with: (i) Responsibility to exchange other information; (ii) Documents about the contract; (iii) Improper use of auditors' names.

Code of ethics and quality control standards

05. The audit firm is responsible for quality control and conformity with code of ethics, including independence, in order to protect the public interest which is an essential part of high quality assurance services. These services must comply with standards for assurance services based on the following prerequisites:

(a) Members of contract execution group and the service contract quality controller (if any) must comply with regulations on assurance services in Part A and Part B of Code of Ethics for professional accountants, auditors, or other professional requirements, or requirements prescribed by law, and relevant regulations that are at least equivalent to the Code of Ethics for professional accountants, auditors;

(b) Auditors who are employees of the audit firms that execute the contract must comply with Standards for quality control No. 1 – Control of quality of audit firms providing audit services, examining financial statements, assurance services, and relevant services (hereinafter referred to as Standards for quality control No. 1), or other professional requirements, or requirements prescribed by law and regulations on responsibility of audit firms to quality control system that are at least equivalent to Standard for quality control No. 1.

Code of ethics for professional accountants and auditors

06. Part A of Code of ethics for professional accountants and auditors provides for basic ethical principles that auditors must abide by, including:

(a) Integrity;

(b) Neutrality;

(c) Proficiency and discretion;

(d) Confidentiality;

(e) Professional qualification.

07. Part A also provides a framework to be applied by professional accountants and auditors and to determine the risks that affect the observance of basic ethical principles, evaluate the seriousness of such risks, and take necessary measures to eliminate or minimize them.

08. Part B of Code of ethics for professional accountants and auditors provides instructions for application of the framework in Part A to some specific situations that accountants and auditors may encounter during their practice, including independence. Code of ethics for professional accountants and auditors defines that independence includes both independence mindset and independence in manners. Independence ensures that auditors give their conclusion without being affected by elements that may influence such conclusion. Independence increases the chance that a person acts with integrity, objectivity, and maintains a professional skepticism.

Standard for quality control No. 1

09. Standard for quality control No. 1 provide regulations and instructions on responsibility of audit firms for developing and maintaining a quality control system for assurance service contracts, which consists of policies and procedures for each element of the quality control system. Such policies and procedures must be provided in writing and disseminate among employees and executives of the audit firm. Elements of quality control system under Standard for quality control No. 1:

(a) Responsibility of the Board of Directors for quality within the firm;

(b) Relevant standards and regulations on professional ethics;

(c) Acceptance and maintenance of customers’ relationship and specific service contracts;

(d) Human resources;

(e) Execution of service contracts;

(f) Supervision.

Assurance service

10. Assurance services are services through which an auditor collects adequate evidence to give a conclusion in order to enhance the degree of confidence of intended users, not only the responsible party, in the result of measurement or evaluation of subject matters by certain criteria.

11. Result of measurement or evaluation of a subject matter is information collected from application of criteria to the subject matter. Example:

(1) A financial statement is the result of measurement of finance, operation, and cash flow of a unit (subject matter) by applying a framework for making and presenting a financial statement (criterion);

(2) A financial statement is the result of measurement of finance, operation, and cash flow of a unit (subject matter) by applying a framework for making and presenting a financial statement (criteria);

(3) A report on specific operation of a unit is the result of measurement of various aspect of such operation (subject matter) by applying relevant measurement methods (criteria);

(4) A report on greenhouse gas is the result of measurement of greenhouse gas of a unit (subject matter) by applying rules for recording, measuring, and presenting (criteria);

(5) A report on conformity is the result of evaluation of conformity of a unit (subject matter) with certain criteria e.g. law and relevant regulations (criteria);

The term “information about subject matter” means the result of measurement or evaluation of a subject matter by certain criteria. Auditors must collect adequate evidence and information about the subject matter to have a solid foundation for giving their conclusions.

Attestation services and direct assurance services

12. When providing authenticated assurance services, a party other than auditors shall evaluate or measure the subject matter by criteria. This party usually presents information about the subject matter in the form of a report. However, in some cases, auditors may present information about the subject matter in the report on assurance services. The conclusion of the auditor who presents information about the subject matter (see paragraph 85 of this Framework) with regard to presence of material misstatements.

13. When providing direct assurance services, auditors shall directly measure or evaluate the subject matter by certain criteria. Besides, auditors shall apply their skills and techniques to collect adequate evidence for giving a conclusion about the measurement of evaluation of the subject matter. Auditors may collect evidence before, after, or in the process of measurement of evaluation of the subject matter. When providing direct assurance services, the auditor’s conclusion is the result of the measurement of evaluation of the subject matter by certain criteria. In some direct assurance services, the auditor’s conclusion is information or part of information about the subject matter (see Appendix 02 of this Framework).

Reasonable assurance services and limited assurance services

14. When providing reasonable assurance services, the auditor shall reduce the service risk to an acceptably low level in a specific situation of the service contract which is the basis for giving the auditor’s conclusion. The auditor’s conclusion shall be given in the form of his/her opinion about the result of measurement of evaluation of the subject matter by certain criteria.

15. When providing limited assurance services, the auditor shall reduce the service risk to an acceptably low level in a specific situation of the service contract and higher than the risk of reasonable assurance services. This is the basis for giving the auditor’s conclusion. The auditor’s conclusion shall be given in the form of his/her opinion about the case, whether or not the auditor finds issues that make he/she believes that information about the subject matter contains material misstatements according to the procedures or collected information. Contents, schedule, scope of procedures for limited assurance services is more limited than those of reasonable assurance services. However, they are planed to reach a level of assurance that is acceptable to the auditor. The acceptable level of assurance is the level of assurance that an auditor reaches which might enhance the degree of confidence of users of information about the subject matter at a remarkable level.

16. Among limited assurance services, the acceptable level of assurance may vary from above the minimum level of assurance (the level that builds up development of users of information about the subject matter at a remarkable level) to below the reasonable level of assurance. Auditors must utilize the professional judgment to determine the acceptable level of assurance within that spectrum depending on the specific situation of the service contract, including necessary information about a group of users, criteria, and subject matter. In some cases, consequences for inappropriate conclusion could be enormous. Therefore, auditors must execute reasonable assurance service contract to reach an acceptable level of assurance in such cases.

Scope of the Framework

17. Not all services provided by auditors are assurance services. Some common services that are not defined in paragraph 10 and not regulated by this Framework:

(1) Services under VSRS such as "Engagements to perform agreed-upon procedures regarding financial information” (VSRS 4400) and “Engagements to compile financial information” (VSRS 4410);

(2) Tax declaration services without conclusion about assurance;

(3) Consulting services such as administration consulting or tax consulting.

(When providing consulting services, auditors will apply their skills, professional knowledge, observation, and experience. The consulting process include survey, evaluation, analysis, usually combined with activities related to establishment of targets, survey, determination of issues or opportunity, evaluation of substitute options, completion and giving solutions including activities, exchange of result, sometimes contract execution and monitoring. Reports (if any) are usually made in writing with figures and descriptions (long reports). Services usually serve the customers’ interest. The nature and scope of services are determined by the contract between the audit firm and its customer. Any service that fits the definition of assurance services is not a consulting service).

18. An assurance service contract may be part of a larger service contract such as contract for consultancy on enterprise acquisition. The contract may contain assurance services for financial information in the past or in the future. In this case, this Framework only applies to the assurance service part.

19. The services below may fit the definition in paragraph 10 of this Framework but are not considered assurance services within the scope of this Framework:

(a) Legal services related to accounting, auditing, tax, or other issues;

(b) Services that offer opinions, viewpoints, or terminologies that their users may receive a certain level of assurance if they satisfy all of the conditions below:

(i) Such opinions, viewpoints, or terminologies are coincidence in the whole process of service provision;

(ii) Every written report is only restricted to specific users mentioned therein;

(iii) The written agreement with service users clearly states that the services are not considered assurance services;

(iv) The services are not mentioned as assurance services in the auditor’s report.

Report on non-assurance services

20. The auditor’s report on provision of services other than assurance services regulated by this Framework (hereinafter referred to as non-assurance services) must be different from the report on assurance services. In order to avoid confusion, the report on non-assurance services must avoid:

(1) implying compliance to this Framework or standards for assurance services;

(2) inappropriately using words like “assurance”, “audit”, or “examination”;

(3) confusingly asserting that a conclusion is given on adequate evidence to enhance the degree of confidence of users of the report on the result of measurement of evaluation of subject matter by certain criteria.

21. Auditors and the responsible party may reach an agreement on applying principles of this Framework to a service contract when the report user is only the responsible party, unless all other requirements of standards for assurance services are satisfied. In this case, the auditor’s report must specify the only the responsible party may use the report.

Prerequisites of assurance service contract

22. Prerequisites of an assurance service contract must be considered before being agreed upon or renewal of contract, including:

(a) Roles and responsibility of relevant parties (including: responsible party, measuring or evaluating party, and service buyer) that suit the situation of the contract;

(b) The assurance service contract must satisfy all of the conditions below:

(i) The subject matter is appropriate;

(ii) The criteria to be applied by auditors to expression of information about the subject matter are suitable for the situation of the service contract, including those having the characteristics mentioned in paragraph 44 of this Framework;

(iii) The criteria to be applied by auditors to expression of information about the subject matter are available to users;

(iv) Auditors anticipate that they can collect necessary evidence for giving their conclusion;

(v) The auditor’s conclusion is made in writing in the form that is suitable for the reasonable assurance services or limited assurance services;

(vi) In case of limited assurance services, the contract must contain appropriate purposes, including requirements for auditors to reach the acceptable level of assurance.

23. Subjects of different assurance services might be remarkably different. Some subject matters might require the use of extraordinary knowledge and skills of auditors. However, auditors must ensure that the persons that provide services have suitable capacity and ability (see paragraph 31 of this Framework0.

24. When a potential service is not accepted as an assurance service, the service buyer may request another form of service that still satisfies their demands. Example:

(a) If the criteria applied by auditors are not appropriate, an assurance service that satisfies the prerequisites in paragraph 22 of this Framework may still be provided when:

(i) The auditor can determine that one or some aspects of the subject matter are appropriate. In this case the auditor may provide the assurance service for the appropriate aspect as if a separate subject matter. The report on assurance services must clearly state that the report is not related to the initial subject matter; or

(ii) Select or establish other criteria that are appropriate for the subject matter.

(b) The service buy may request another service other than assurance services such as consulting services or engagements to perform agreed-upon procedures regarding financial information.

25. When the assurance service contract is accepted, the auditor must not convert an assurance service contract to a non-assurance service contract, or from a reasonable assurance service contract to a limited assurance service without justifiable reasons. Justifiable reasons for converting a service contract may be the change of the situation that affects the report user’s demands, or the service nature is misunderstood. If there are changes, the auditor must not overlook the evidence collected before services are changed. If adequate evidence cannot be collected to give a reasonable assurance conclusion, the auditor must not convert a reasonable assurance service contract into a limited assurance service contract.

Elements of assurance service contract

26. An assurance service contract has the following elements:

(a) A tripartite relationship, including: the auditor (practitioner), the responsible party, and the user of assurance service report;

(b) An appropriate subject matter;

(c) Appropriate criteria;

(d) Adequate and appropriate evidence;

(e) A written report on assurance services in a format that is suitable for reasonable assurance services or limited assurance services.

Tripartite relationship

27. Every assurance service contract must involve at least 03 parties: the auditor, the responsible party, and the user of assurance service report. In some cases, the service contract may be participated by the measuring or evaluating party or the service buyer (see Appendix 03 of this Framework).

28. The responsible party and user of assurance service report may be from different units or the same unit. Example: If an entity has an Executive Board and a Board of Directors, the Executive Board may request assurance of information provided by the Board of Directors. The relationship between the responsible party and user of assurance service report must be considered on a case-by-case basis. This may be different from the common responsible parties. Example: The Board of Directors of an entity (user) may hire auditors to provide assurance services regarding a specific aspect of operation of a branch/department that is under the management of the branch/department manager (the responsible party). However, the Board of Directors is still has the ultimate responsibility.

Auditors

29. “Auditors” are persons who, with their skills and techniques, execute guarantee contracts, including members of the Board of Directors in charge of overall execution of the contract, practicing auditors, other members of contract execution group, and, in most cases, the audit firm in order to reach a level of reasonable assurance or limited assurance about whether or not information about the subject matter has material misstatements. Whenever this Framework emphasizes necessary qualities or responsibility of members of the Board of Directors in charge of overall execution of the contract or responsibility of the audit firm, the term ”members of the Board of Directors in charge of overall execution of the contract” or “audit firm” must be used instead of “auditor”. The term ”members of the Board of Directors in charge of overall execution of the contract” or “audit firm” are used for the sector of public services where applicable. In a direct assurance service contract, the auditor shall both perform measurement or evaluation of the subject matter by established criteria and apply skills, techniques to reach reasonable assurance or limited assurance about whether the measurement of evaluation has material misstatements.

30. If a qualified practitioner other than an auditor applies standards for assurance services, he/she must well know that such standards include the requirements meant to reflect the prerequisites in paragraph 5 of this Framework related to Code of ethics of professional accountants and auditors No. 1 or other professional requirements or requirements prescribed by law that are at least equivalent to Code of ethics of professional accountants and auditors No. 1.

31. The auditor must not accept an assurance service contract if initial information about the situation of the service contract shows that the auditor does not requirements of professional ethics in terms of qualification. In some cases, these requirements might be satisfied when the auditor hires an expert.

32. The auditor must ensure that the expert or another auditor participates in the work to an extent that they are responsible for the assurance conclusion and collect necessary evidence to conclude that the participation of that expert or another auditor is essential.

33. The auditor is the only person responsible for the assurance conclusion given. This responsibility is not diminished because of the participation of another expert of auditor. However, if the auditor who hires the expert satisfies relevant assurance standards and concludes that the expert’s participation is essential, the auditor may consider the expert’s discovery or conclusion within the expert’s competence as appropriate evidence.

Responsible party

34. The responsible party is the party responsible for the subject matter. In an attestation service contract, the responsible party is usually the measuring or evaluating party. The responsible party might or might not be the party that hires the auditor to provide the assurance services (the service buyer).

Users of assurance service report

35. The user of assurance service report might be an individual, organization, or a group that is assumed by the auditor to be the user of the assurance service report. The responsible party might also be one of the users of assurance services, but is not the only.

36. In some cases, users of assurance service report are not only the targets of the assurance service report. The auditor might not be able to determine all users of assurance service report, especially when it is accessible to many people. If the user has various concerns about the subject matter, users of assurance service report might be restricted to the entities that share the same concerns. Users of assurance service report might be determined in many ways e.g. through an agreement between the auditor and the responsible party or the service buyer, by law, or according to relevant regulations.

37. Users of assurance service report or their representatives may directly join the auditor and the responsible party (and the service buyer if the service buyer is different from the responsible party) in determining requirements of the service contract. However, even with the participation of other entities:

(a) The auditor has the responsibility to determine the contents, schedule and scope of procedures;

(b) The auditor might need to perform additional procedures if he/she collects information that is considerably different from the initial information collected in the planning process.

38. In some cases, users of assurance service report (e.g. banks, regulatory agencies) may put forwards requirements or request other parties to provide an assurance service for a special purpose. When using criteria established for the special purpose, the assurance service report must inform the reader. In addition, the auditor may states that the assurance service report is only meant to serve special users. Depending on the situation of the service contract, the auditor may restrict the provision or use of the assurance service report to fulfill this purpose. When the assurance service report is restricted to certain users or a special purpose, the auditor is not legally responsible for the users or purposes that are restricted. The fact that whether the auditor has the legal responsibility depends on the specific situation, law, and relevant regulations.

Subject matter

39. Subject matter of an assurance service contract may exist in many forms, for instance:

(1) The result or financial status in the past (e.g. information about financial status in the past, business outcomes and cash flow). In this case, information about the subject matter may be that recorded, measured, presented, and explained in the financial statement.

(2) The result or financial status in the future (e.g. information about financial status in the future, business outcomes and cash flow). In this case, information about the subject matter may be that recorded, measured, presented, and explained in the estimate.

(3) Result of non-financial activities (e.g. getting new customers). In this case, information about the subject matter might be indicators serving evaluation of effectiveness and productivity;

(4) Physical properties (e.g. capacity of a factory). In this case, information about the subject matter might be technical documents;

(5) System and procedures (e.g. internal control system or IT system). In this case, information about the subject matter might be the efficiency report;

(6) Behaviors (e.g. business administration, conformity with HR management rules and regulations). In this case, information about the subject matter might be conformity report or efficiency report.

Guidance on classification of subject matters is provided in Appendix 04 of this Framework.

40. Different subject matters have different qualitative or quantitative characteristics, objectivity, subjectivity, past or future, and related to a point of time or period of time. Such characteristics affect:

(a) The accuracy of measurement or evaluation by established criteria;

(b) Persuasiveness of existing evidence.

Assurance service report may specify specific characteristics related to the users of assurance service report.

41. The appropriateness of a subject matter is not affected by the level of assurance, which means if a subject matter is not appropriate for reasonable assurance services, it is also not appropriate for limited assurance services and vice versa. An appropriate subject matter is an identifiable subject and can be consistently measured or evaluated by certain criteria. Therefore, the auditor may perform procedures to collect appropriate evidence about the subject matter which is the basis for giving an appropriate conclusion for the reasonable assurance services or limited assurance services.

Criteria

42. Criteria are standards used for measuring or evaluating the subject matter. Criteria may be official e.g. when making a financial statement, criteria may be Vietnam’s Accounting Standard; when making a report on internal control effectiveness, criteria may be based on an existing framework for internal control or separate targets; when making a report on conformity, criteria may be laws, regulations, or terms and conditions of a contract. Criteria may be less official e.g. internal rules and regulations or agreed-upon levels of effectiveness of works (such as number of meetings of the Board of Directors in a year).

43. When making a profession judgment about a subject matter, it is necessary to have appropriate criteria measuring or evaluating in a consistent and reasonable way. If there are not appropriate criteria, the conclusion may be biased and confusing. Appropriate criteria must be related to specific situations of the service contract. The same subject matter may have different criteria which will bring different result of measurement or evaluation. Example: To measure or evaluate customers’ satisfaction, one of the criteria chosen by the measuring or evaluating party may be the number of customers who lodged complaints that are satisfactorily settled, or the number of repeated purchases within 03 months after the first purchase. In addition, a criterion may be appropriate in a situation and not so appropriate in another e.g. when making a report to a regulatory agency, it is necessary to use a set of criteria that is not appropriate for a larger group of users.

44. An appropriate criterion has 05 characteristics below:

(a) Relevance: A criterion is relevant when information about the subject matter assists decision-making by intended users;

(b) Completeness: A criterion is complete when information about the subject matter provided according to such criterion does not overlook elements that may affect the decision-making by the information users. An adequate criterion shall contain standards for presentation and explanation (where appropriate);

(c) Reliability: A criterion is reliable when it allows consistent and reasonable measurement or evaluation of subject matter, including presentation and explanation (where appropriate) by different auditors and audit firms in similar cases;

(d) Neutrality: A criterion is neutral when it helps providing unbiased information about the subject matter in the specific situation of the service contract;

(e) Understandability: A criterion is understandable when the user can understand information about the subject matter.

45. Vague presentation based on expectation, judgment, or personal experience is not considered appropriate criterion.

46. The auditor has to utilize his/her professional judgment to determine the importance of each characteristic when evaluating the appropriateness of criteria of each particular service contract. Appropriateness of criteria are not affected by the level of assurance, which means if a criterion is not appropriate for a reasonable assurance service contract, it is also not appropriate for the limited assurance service contract and vice versa. Criteria may be prescribed by law and relevant regulations, or established by reputable organizations under a standardized process (each criterion is established separately). In some cases, other criteria may be established for providing information about the subject matter. The criteria established separately will affect the evaluation of their appropriateness for a specific service contract e.g. if the existing criteria do not contravene the separately established criteria, the former are assumed to be appropriate if they are related to the demand for information of users.

47. The criteria must be notified to the users for them to understand the method of measuring or evaluating the subject matter. The criteria shall be notified to users in one or some of the following manners:

(a) Announced publicly;

(b) Specified when presenting information about subject matter;

(c) Specified in the assurance service report;

(d) Criteria are common knowledge e.g. time is expressed as hours or minutes.

48. Some criteria might only be notified to a restricted number of users e.g. terms and conditions of a contract, criteria of a trade association shall only be notified to relevant entities because they are related to a specific purpose (see paragraph 38 of this Framework).

49. According to the requirements of the service contract, the auditor must evaluate the appropriateness of criteria.

Evidence

50. An assurance service contract shall be planned and executed with professional skepticism to collect adequate evidence as the basis for reporting result of measurement or evaluation of the subject matter by established criteria. The auditor must utilize his/her professional judgment when considering the materiality, risk of the service, quantity and quality of existing evidence when planning and providing services, specifically when determining the contents, schedule, scope of the procedures.

Professional skepticism

51. Professional skepticism is the vigilance against issues such as:

(a) Inconsistency of pieces of evidence;

(b) Information that leads to doubt about reliability of documents and interview results that are used as evidence;

(c) Situations that need additional procedures in addition to those required by Vietnam’s Standards for assurance services;

(d) Elements that are likely to cause errors.

52. The auditor must maintain his/her professional skepticism throughout the process of service provision to reduce risks such as:

(1) Overlooking unusual events and situations;

(2) Giving conclusion in haste that is based only on observation;

(3) Use of inappropriate assumptions when determining contents, schedule, scope of assurance service procedures and evaluation of results thereof.

53. The auditor must have professional skepticism to seriously evaluate collected evidence. This includes suspicion of conflicting evidence and evaluation of reliability of documents, interview result, and other information collected. Professional skepticism also includes the evaluation of adequacy and appropriateness of evidence collected in each specific situation.

54. If the service contract is not related to the assurance of authenticity of documents, the documents may be considered authentic if the auditor does not have any reason to believe that they are not. However, the auditor must examine the reliability of documents used as evidence.

55. The auditor may use his/her knowledge in the past about the honesty and integrity of evidence providers. However, the auditor must maintain his/her professional skepticism even if he/she believes in the honesty and integrity of evidence providers.

Professional judgment

56. The auditor must utilize his professional judgment when providing assurance services because the professional ethics, standards for assurance services, and requirements that arise during the process of service provision will not be practicable if there are not training, knowledge, and experience that are suitable for the situation. Professional judgment is very necessary for making decisions on:

(1) Materiality and risk of the assurance services;

(2) Contents, schedule, scope of procedures for satisfying assurance services standards and collecting evidence;

(3) Whether collected evidence is adequate; whether additional procedures are necessary for satisfying assurance services standards. Especially for limited assurance services, the auditor must utilize his/her professional judgment to decide judge whether the acceptable level of assurance is achieved or not;

(4) Selection, application of appropriate criteria or establishment of criteria (if necessary) for the subject matter in case of direct assurance services. Evaluation of judgments of other entities in case of attestation service;

(5) Giving conclusion based on collected evidence.

57. Because auditors are professionally trained, have relevant knowledge and experience, they are able to develop abilities necessary for making reasonable judgments.

58. The utilization of professional judgment must be based on the auditor’s understanding of the specific situation. Discussion among the service provision group, consultation with relevant parties inside and outside the audit firm at various levels in terms of complicated or disputable issues throughout the process of service provision will assist the auditor in making reasonable judgments.

59. A professional judgment may be evaluated by considering whether the judgment reflects the reasonable application of assurance principles, whether the measurement or evaluation principles are appropriate and consistent regarding the auditor’s awareness of the situation of the service contract up to the date of issue of the assurance service report.

60. Professional judgment must be utilized throughout the process of providing assurance services. The auditor must not use his/her professional judgment to justify decisions that cannot be proven by the actuality, specific situation of the service contract, or adequate and appropriate evidence.

Appropriateness and adequacy of evidence

61. Appropriateness and adequacy of evidence are related. Adequacy is the standard for evaluating the quantity of evidence. Quantity of evidence to be collected is affected by the risk that information about the subject matter might have material misstatements (the higher the risk, the higher the quantity of evidence needed) and by the quality of collected evidence (the higher the quality of evidence, the lower the quantity needed). However, abundant quantity of evidence does not guarantee quality of evidence (see more in paragraph 81 and 82 of this Framework.

62. Appropriateness is the standards for evaluating the quality of evidence, specifically the suitability and reliability in assisting the auditor giving conclusion.

63. Reliability of evidence is affected by the origins, contents, and depends on the situation in which the evidence is collected. The auditor may generalize the reliability of various types of evidence. However, some exceptions must be taken into account. Example: Evidence collected from independent sources outside the unit may still be unreliable if its origin is not clear or not objective. Regardless of some exceptions, reliability of evidence can be evaluated according to the following principles:

(1) The evidence is more reliable if it is collected from independent sources outside the unit;

(2) Evidence produced within the unit is more reliable when control is effective;

(3) Evidence collected by the auditor (such as observing application of a type of control) is more reliable than evidence collected indirectly or from through reasoning (such as interview about application of a type of control);

(4) Evidence in the form of written documents, electronic media, or other forms is more reliable than oral evidence (such as minutes of meeting written in the process of the meeting is more reliable than oral presentation of issues discussed in the meeting).

64. The consideration of consistent pieces of evidence from various sources or evidence having different contents usually provides more assurance than consideration of separate pieces of evidence. The collection of evidence from various sources or evidence having different contents may help support other pieces of evidence or prove that a specific piece of evidence is not reliable. If pieces of evidence collected from various sources are conflicting, the auditor must determine procedures for collecting additional evidence to eliminate such conflict.

65. The collection of adequate evidence to achieve assurance of information about the subject matter within a period of time is usually more difficult than collecting adequate and appropriate evidence to achieve assurance of information about the subject matter at a point of time. In addition, auditors usually give conclusions about the processes that are restricted within the duration of the service contract instead of giving conclusion about whether or not such processes keep working in the same manner in the future.

66. The auditor must make profession judgment to consider whether or not collected evidence is adequate for giving conclusion with due account taken of the relationship between evidence-collecting cost and usefulness of collected evidence. The auditor shall utilize his/her professional judgment and professional skepticism to evaluate the quantity, quality, adequacy, and appropriateness of evidence which is the basis for giving the conclusion in the assurance service report.

Materiality

67. The materiality is considered while planning and providing the assurance services, including determination of contents, schedule, scope of the procedures, and when considering whether information about the subject matter is correct. Professional judgment about a level of competence is made according to the situation but is not affected by the level of assurance, which means for the same user and purpose, the materiality of the reasonable assurance services is the same as that of limited assurance services because the materiality is determined according to demand for information of users.

68. Errors, including omissions, are considered material if they, when being considered at a reasonable extent, whether separately or as a whole, could affect the decision of the user of information about the subject matter. The auditor must make a professional judgment when evaluating the materiality. The auditor's understanding about the users’ demand for information will affect the evaluation of materiality. If the assurance service is not meant to satisfy the demand for information of certain users, the impact of errors on them is usually disregarded.

69. The materiality is considered in the relationship between quantitative and qualitative elements. When considering the level of competence in a specific service contract, the importance of quantitative and qualitative elements will need professional judgment.

70. The materiality is related to information that need conclusion in the assurance service report. Therefore, when an assurance service contract only covers some certain aspects of information about the subject matter, the materiality shall only be considered based on the part of information within the scope of the assurance service contract.

Risks to assurance service contract

71. Information about the subject matter might not be adequately reflected in the relationship between the subject matter and the criteria. Thus, errors or material misstatements are potential. This happens when information about the subject matter does not fully respect the application of measurement or evaluation criteria to the subject matter.

72. Risks to the assurance service contract are the risks that are considered inappropriate when information about the subject matter still has material misstatements. Risks to the assurance service contract is not related to or does not include the risks taken by the auditor such as losing the case, revelation of information, or other events that occur in the relationship with information about the specific subject matter.

73. It is hard or impossible for the auditor to completely eliminate the risks to an assurance service contract in terms of costs. Therefore, “reasonable assurance” is the assurance at a lower level than absolute assurance and is the result of the following elements:

(1) Use of selected inspection procedures;

(2) Potential weaknesses of the internal controls;

(3) The existing evidence is more convincing than asserting

(4) The use of professional judgment in collecting, evaluating evidence, and giving conclusion accordingly.

(5) In some cases, the characteristics of the subject matter are measured or evaluated by certain criteria.

74. Not all of the elements below are existing or important to every assurance service contract. However, in general, the risks to an assurance service contract include:

(a) Risks that cannot be intervened by the auditor and audit firm, including:

(i) The risk that information about the subject matter is likely to have material misstatements before considering the internal controls of relevant responsible parties (potential risks);

(ii) The risk that a material misstatement may exist in information about the subject matter was not prevented, found, or corrected by internal controls of relevant responsible parties (control risks);

(b) Risks that can be intervened by the auditor and audit firm, including:

(i) The risk that material misstatements are not found through the procedures performed by the auditor (detection risk);

(ii) Risk that there are errors when the auditor measures or evaluates subject matters by applied criteria (measurement or evaluation risks) in case of direct assurance services.

75. The appropriateness of each of the risks to the assurance service contract mentioned in paragraph 74 of this Framework depends on the situation of the service contract. To be specific:

(1) The nature of the subject matter and information about the subject matter. Example: The term “control risk” may be considered more useful when the subject matter is related to the production of information about operation of a unit than when the subject matter is related to information about the effectiveness of internal controls or existence of a physical condition;

(2) Whether the service being provided is reasonable assurance services or limited assurance services. Example: In a limited assurance service contract, the auditor usually collects evidence by methods other than control experiment. In this case, the consideration of control risk may be not as appropriate as when the auditor provides the reasonable assurance services with the same information about the subject matter;

(3) Whether the service being provided is direct assurance services or attestation services. While the term “control risk” might be more appropriate for attestation service, the term “measurement risk” or “evaluation risk” is more appropriate for direct assurance services.

The consideration of risks is an issue related to professional judgment which cannot be accurately measured.

Contents, schedule, scope of procedures

76. Procedures are usually combined to achieve reasonable assurance or limited assurance, including:

(1) Inspection;

(2) Observation;

(3) External confirmation;

(4) Recalculation;

(5) Re-implementation;

(6) Analysis procedures;

(7) Interview.

Each service contract will have different contents, schedule, and scope of procedures. Theoretically, assurance services are more likely to differ in terms of procedures. In fact, the difference is unclear and hard to determine.

77. In reasonable assurance service contract and limited assurance services contract, the auditor must apply suitable skills and techniques to collect adequate evidence. These tasks are part of the systematic service provision process, including finding information about the subject matter and other situations of the service contract.

78. A reasonable assurance service contract consists of the following tasks:

(a) Determine and evaluate the risk of material misstatements in information about the subject matter according to information about the subject matter and other situations of the service contract;

(b) Design and perform procedures to deal with evaluated risks to achieve a reasonable assurance for the auditor’s conclusion;

(c) Evaluate the adequacy and appropriateness of collected evidence in specific situations of the service contract and collect more evidence (if necessary).

79. Requirements of contents, schedule, scope of procedures for the purpose of collecting adequate evidence in limited assurance services are usually more limited than reasonable assurance services. Vietnam’s standards for assurance service contract applied to a specific subject matter might require that, for instance, adequate and appropriate evidence for a type of limited assurance service contract must be collected mainly through analysis and interview. However, if there are not Vietnam’s standards for assurance services applied to a specific subject matter of other types of limited assurance service contracts, the procedures for collecting adequate and appropriate evidence are not necessarily analysis and interview. Instead, they will vary according to the situation of the service contract, especially the subject matter and demand for information of the user of assurance service report and the services buyer, including limitation of time and budget. Professional judgment is necessary for determination of contents, schedule, scope of assurance service procedures and will vary according to each assurance service contract.

80. A limited assurance service contract consists of the following tasks:

(a) Determine the areas in which information about the subject matter is likely to have material misstatements based on understanding about the subject matter and other situations of the service contract;

(b) Design and perform procedures in such areas to achieve a limited assurance which assists the auditor in giving a conclusion;

(c) Design and perform additional procedures to collect more evidence if the auditor finds issues information about the subject matter is likely to have material misstatements.

Quantity and quality of existing evidence

81. Quantity and quality of existing evidence are affected by:

(a) The nature of the subject matter and information about the subject matter. For instance, evidence is less objective when information about the subject matter is future information instead of past information (see paragraph 40 of this Framework);

(b) In other situations, for instance, the auditor believes in the existence of evidence but such evidence does not exist, the time of designation of auditor, policies on document retention, information system is not sufficient or limited by the responsible party.

Usually, existing evidence is more convincing than asserting.

82. An unqualified opinion is not appropriate for reasonable assurance services and limited assurance services when:

(a) The situation of the service contract renders the auditor unable to collect adequate evidence necessary for reducing the risks to assurance services to an appropriate level; or

(b) Either party to the service contract impose a limitation that renders the auditor unable to collect adequate evidence necessary for reducing the risks to the contract to an appropriate level.

Assurance service report

83. The auditor shall reaches the conclusion based on collected evidence and make a written report to clearly present the conclusion about assurance of information about the subject matter. Basic components of an assurance service report are specified by Vietnam’s standards for assurance service contracts.

84. In case of reasonable assurance services, the auditor’s conclusion is presented as an assertion which presents the auditor’s opinions about the result of measurement of evaluation of the subject matter.

The reasonable assurance service report must bear signatures of 02 practicing auditors. The first signature on the report is appended by the auditor in charge of service contract; the second signature is appended by the legal representative of the audit firm or a person authorized in writing by the legal representative. There must be full name and number of the Certificate of audit practice registration below each signature. The legal representative of the audit firm or a person authorized in writing by the legal representative permitted to sign the reasonable assurance service report must be a member of the Board of Directors in charge of overall execution of the service contract. The seal of the audit firm (or its branch) which is responsible for the report shall be appended on the signature of the legal representative of the audit firm or the authorized person. Members of the Board of Directors in charge of overall execution of the service contract are responsible for directing, executing, supervising, examining the work of the group in charge of execution of the service contract. The audit firm must specify the duties and responsibility of members of the Board of Directors.

85. Examples about auditor’s conclusion in reasonable assurance services:

(1) Regarding the subject matter and applied criteria: “According to us, unit ABC complies with regulations XYZ in all material respects”

(2) Regarding information about subject matter and applied criteria: “According to us; the financial statement truthfully and reasonable, in all material respects, reflects the financial status of unit ABC on .... as well as its business operation and cash flow of the fiscal year which ends on the same day within framework XY1”; or

(3) Regarding the report made by the responsible party: “According to us, the report of [the responsible party] on unit ABC’s conformity with regulations XYZ is truthful and reasonable in all material respects”; or “According to us, the report of [the responsible party] on indicators for evaluation of conformity with criteria XY2 is truthful and reasonable in all material respects”. In the direct assurance service contract, the auditor’s conclusion is about the subject matter and criteria.

86. In a limited assurance service contract, the auditor’s conclusion is about existence of issues that make the auditor believes information about the subject matter still has material misstatements. For instance: “Based on performed procedures and collected evidence, we finds that there are not reasons that make us believe unit ABC does not comply with regulations XYZ in all material respects”.

The limited assurance service report must bear the signature of the legal representative of the audit firm or a person authorized in writing by the legal representative. There must be full name and number of the Certificate of audit practice registration below the signature. The legal representative of the audit firm or a person authorized in writing by the legal representative permitted to sign the limited assurance service report must be a member of the Board of Directors in charge of overall execution of the service contract. The seal of the audit firm (or its branch) which is responsible for the report shall be appended on the signature of the legal representative of the audit firm or the authorized person.

87. The auditor may make a “short” or “long” report as long as it is convenient for the user. A short report is usually contains basic elements. A long report also contains other pieces of information and descriptions that do not affect the auditor’s conclusion. Apart from basic elements, a long report may present detailed terms and conditions of the service contract, applied criteria, findings related to some specific aspect of the assurance services, capacity and experience of the auditor and other parties to the assurance services, the level of materiality and recommendations in some cases. The inclusion of such information in the report depends on its importance to the user.

88. The auditor’s conclusion must be presented separately from other pieces of information or explanation that do not affect the auditor’s conclusion such as “Important issues” or “Other issues”, findings related to some specific aspect of the assurance service contract, recommendations, and additional information in the assurance service report. The auditor must emphasize that “important issues” or “other issues”, findings, recommendations, and additional information are not meant to affect the auditor’s conclusion.

89. The auditor will express an unqualified opinion in the following cases:

(a) According to the auditor's professional judgment, there is limitation to the scope of the service contract which might have material impact. In this case, the auditor will express a qualified opinion or disclaimer of opinion. In some cases, the auditor needs to consider withdrawing from the service contract.

(b) According to the auditor’s professional judgment, information about the subject matter has material misstatements. In this case, the auditor will express a qualified opinion or adverse opinion. In case of direct assurance services, when the auditor has to give a conclusion that some or all of the subject matters are not conformable with the criteria in all material respects, the auditor shall consider expressing a qualified opinion (or adverse opinion if appropriate).

90. The auditor shall express a qualified opinion when the impact or possible impact of an issue is not so material and not pervasive as to require an adverse opinion or disclaimer of opinion.

91. After an assurance service contract is accepted, if the auditor finds that one or some prerequisites are not satisfied, he/she must discuss this with responsible parties and consider:

(a) Whether the issue can be satisfactorily settled;

(b) Whether it is appropriate to keep providing the service;

(c) Whether the issue is mentioned in the assurance service report and how to mention it.

92. After accepting the contract, if the auditor finds that some or all criteria are not satisfied or the subject matter are not appropriate for an assurance service, the auditor needs to consider withdrawing from the service contract if the withdrawal is lawful. If the auditor keeps executing the service contract, he/she must give:

(a) A qualified opinion or adverse opinion depending on the materiality and pervasion of the issue when the auditor finds that the criteria are not satisfied or the subject matter is not appropriate that may cause confusion for the users; or

(b) A qualified opinion or disclaimer of opinion depending on the materiality and pervasion of the issue based on his/her professional judgment in other cases.

Other issues

Responsibility to exchange other information

93. According to terms and conditions of the service contract and other situations of the service contract, the auditor must check to see whether there are issues that the auditor needs to discuss with the responsible party, measuring or evaluating party, services buyer, executive board, or other parties.

Documents about service contract

94. Documents about an assurance service contract include writings that are the basis for making the assurance service report when documents are created promptly, adequately, and appropriately that an experienced auditor who does not participate in the service contract can understand.

(a) Contents, schedule, scope of procedures must be conformable with standards for assurance services, law, and relevant regulations;

(b) Results of procedures and collected information:

(c) Important issues that arise in the process of execution of the service contract, conclusions given, and professional judgments made to reach such conclusions.

95. Documents about assurance service contract must record the method by which the auditor eliminates the inconsistencies between collected information and the final conclusion of the auditor about an important issue.

Inappropriate use of auditor’s name

96. If an auditor’s name is associated with a subject matter or information about a relevant subject matter when the auditor makes a report on such subject matter or agrees with the use of his/her name for the subject matter or information about the relevant subject matter. If an auditor’s name is not so associated, third parties may admit that such auditor is not involved. If an auditor finds that his/her name is not appropriately attached to a subject matter or information about a relevant subject matter, he/she must request that party to stop doing so. The auditor must consider other necessary steps such as notifying the user being a third party of the inappropriate use of his/her name, or consult with a legal expert.