Attestation Engagement

Updated on April 8, 2024
Article byKhalid Ahmed
Reviewed byDheeraj Vaidya, CFA, FRM

What Is An Attestation Engagement?

An Attestation Engagement is the process of hiring a third-party practitioner and securing their subject matter expertise to verify the validity and accuracy of assertions made by a responsible party (management) in a given matter. For this, a service provider interprets and analyzes the information presented to them and submits a report in the prescribed format.

Attestation Engagement

You are free to use this image on your website, templates, etc, Please provide us with an attribution linkHow to Provide Attribution?Article Link to be Hyperlinked
For eg:
Source: Attestation Engagement (

Entities appointed for such work offer their professional opinion and assurance on financial statements, internal controls, compliance levels, etc. It detects and prevents reporting errors and possible fraud while helping clients ensure compliance with regulatory requirements. Private and public entities use this service for compliance audits, interim financial statements preparation, etc. This service, provided by accounting and auditing firms, is delivered in line with defined procedures.

Key Takeaways

  • An attestation engagement in auditing is a professional service provided by accounting and auditing firms where an independent third party examines and reports on a subject matter for a client.
  • The purpose is to offer a professional opinion and confirm the reliability of the assertions made about the matter under scrutiny.
  • Direct engagements are undertaken to present a direct opinion based on independent findings a practitioner reaches through information collected independently.
  • Assurance engagements are a type of attestation where a practitioner offers assurance about the accuracy or validity of information.

Attestation Engagement Explained

The attestation engagement definition, according to the American Institute of Certified Public Accountants (AICPA), states that an attestation engagement means employing an independent practitioner to examine and provide an objective opinion on the subject matter under study. Such matters may include regulatory compliance, financial statements, and internal controls, among other things. It must be noted that practitioners also publish limitations in their reports to ensure a sound judgment.

This process protects stakeholders, creditors, and investors as it helps verify a company’s assertion or information. It enhances the reliability of a firm’s financial information. The American Institute of Certified Public Accountants (AICPA) and Public Company Accounting Oversight Board (PCAOB) have defined procedures for such engagements.

Compliance standards include Statements on Standards for Attestation Engagements (SSAEs) and International Standards on Auditing (ISA). Agreed-upon standards and procedures may also form the basis of such engagements.


The process starts with a relevant third-party entity or firm accepting the engagement. At this stage, the requirements are defined, and a professional outlines the scope of the task assigned. Qualified practitioners like Certified Public Accountants (CPAs) typically lead these engagements and attest to such subject matter. A document is created stating the obligations of the responsible party, which is generally the client or management making the assertion. They are asked to provide all the relevant information and proof to prove the credibility of their claims or assertions.

The practitioner then performs risk assessments, defines procedures or criteria, and collects evidence to evaluate the subject matter. The subject matter is then assessed against the criteria to express an opinion. Based on the findings and conclusions, a report is submitted to publish their professional opinion. The opinion expressed in such a report about the fairness or reliability of the subject matter offers limited or moderate assurance based on the information scrutinized.

Such attestation engagements in auditing enhance the credibility of the business or financial information clients present to stakeholders. Companies operating in varied sectors avail themselves of such services to assure stakeholders of the reliability and accuracy of their internal control systems, projections, and financial statements, among other things.

Companies hire experts in various scenarios, including the verification of pro forma financial information, financial projections, etc. In addition to private and public companies, not-for-profit organizations can also use these services.

Since such activities offer limited or moderate assurance about a company’s financial health, investors can make sound investment decisions. On a macro level, these engagements boost accountability at various stages, control systemic risks, and curb manipulation, strengthening the financial system in an economy.


Let us understand the topic using a few examples.

Example #1

Suppose Acet Attestations, a reputable auditing firm, is hired by Luminary Innovations, a well-known tech business, for a review engagement. A review engagement is a type of attestation engagement where limited assurance is sought through this process.

Dr. Samantha Fox, the CEO of Luminary Innovations, wants confirmation that the financial data that will be presented to prospective investors is accurate. Under the careful direction of auditor Max Carter, Ace Attestations follows SSAE No. 22’s review processes to the letter. SSAE No. 22 aims to offer clarity and present the findings in a transparent manner.

Following a comprehensive investigation, Max gives Luminary Innovations limited confidence about its financial information and publishes a report detailing the methods followed, along with highlighting the limitations of the process. Dr. Fox and her stakeholders are reassured by this open investigation and review procedure, which promotes faith in the company’s financial statements.

Example #2

On December 10, 2020, the American Institute of Certified Public Accountants (AICPA) released Statement on Standards for Attestation Engagements (SSAE) No. 22, which is a replacement for SSAE No. 18. From June 15, 2022, review reports must adhere to this new standard, which attempts to improve the uniformity and openness of review engagements (a type of attestation engagement).

It allows practitioners to report adverse findings as and when required and compels them to indicate in the review report the steps taken to acquire limited certainty. Additionally, SSAE No. 22 accommodates the ideas expressed in AT-C section 210 and AT-C section 205 (auditing and attestation standards by American Institute of Certified Public Accountants). The aim is to enhance transparency in reporting and notify users of any significant misstatements in the content.

Example #3

Suppose Sungold Pvt. Ltd. is a manufacturer of solar panels in Texas. The company requires a loan of $ 1,00,000 to expand its operations to other parts of the region. For this, they meet with institutional lenders who require reports on compliance and internal controls as part of due diligence.

Sungold Pvt. Ltd. hires a third-party audit firm, Kingly Accounting & Auditing, to deliver reports on compliance and internal controls. Evelyn, an accountant from Kingly Accounting & Auditing, analyzes the compliance levels of the company, keeping relevant statutory requirements and tax regulations in view. She also studies the company’s contracts to check their suitability. Furthermore, she focuses on environmental regulations, certifications, and permits that Sungold Pvt. Ltd. must have to assure lenders of their business practices and acquire the loan.

As part of internal control testing, Evelyn evaluates the strengths and weaknesses seen across all departments, including inventory management, payroll, cash management, working capital, etc. She covers every aspect per the requirements stated in the attestation engagement letter.

Based on the report submitted by Kingly Accounting & Auditing, Stargold Pvt. Ltd. was able to acquire the loan. Since the auditors did not express any concerns in their reports, lenders felt it was safe to provide the loan as the lending risk seemed low.  

Attestation Engagement vs Direct Engagement 

The table below summarizes the differences between these two types of engagement:

BasisAttestation Engagement  Direct Engagement
  Definition  A third-party firm is hired to form and present opinions on assertions made by a company (the responsible party).  It is a type of assurance engagement where the appointed expert studies a subject matter in light of standard practices, procedures, and techniques and presents their conclusions.  
  ScopeThis offers limited or moderate assurance on the subject matter presented by a client.This method offers direct assurance on the subject matter through an independent investigation.  
  Information providerThe appointed expert or practitioner delivers their conclusions based on the information provided by the responsible party (company, management).  The appointed expert or practitioner gathers the information needed to carry out the engagement and presents their conclusions based on their independent evaluation.  
  AccountabilityThe responsible party is accountable for the information they provide to a practitioner.The practitioner gathers the information independently.  
  Basis of reportThe report submitted in this case communicates findings based on the information a practitioner receives for analysis from the responsible party.The report submitted in this case communicates findings based on the information a practitioner manages to collect about the subject matter under study.  
  ExamplesReview engagements, engagements related to performing agreed-upon procedures, internal controls attestation, etc., are some examples in this category.  Financial audits, fraud investigations, etc., are examples in this category.

Attestation Engagement vs Assurance Engagement  

The table below highlights the differences between attestation and assurance engagements.

BasisAttestation  EngagementAssurance Engagement
DefinitionA third-party firm is appointed to present conclusions and opinions on a subject matter and confirm the assertions made by a responsible party.  This is a type of attestation engagement where the focus is on providing assurance on the subject matter under study.
ScopeIt offers limited or moderate assurance.  It offers different levels of assurance, which might be limited, reasonable, etc. The level of assurance depends on the engagement, relevant standards, procedures, etc.  
Examples  Review engagements, engagements related to performing agreed-upon procedures, compliance attestation, etc., are a few examples of this type.  Auditing a company’s financials, due diligence reporting, and financial statement reviews are a few examples of this type. 

Attestation Engagement vs Audit 

The table below illustrates the differences between these review types.

BasisAttestation EngagementAudit
  Definition  A third party, typically an accounting or auditing firm, studies the assertions made by an entity and confirms their validity.  An audit is an investigation qualified auditors perform to arrive at conclusions about the accuracy and reliability of a company’s financial information.  
Scope  It involves providing limited or moderate assurance about the subject matter in question.  It is a comprehensive process of investigation and analysis of the financial information of an entity.
ReportingAn expert or practitioner will issue a report to present their findings and opinions.  An auditor presents a report in line with the relevant financial reporting standards and publishes their opinion on whether the information is fair and true.  
ExamplesEvaluating financial forecasts and projections, reviewing pro forma financial information, etc., are some examples of such engagements.  Internal, external, tax, public, forensic, etc., are the varied types of audit engagements.

Frequently Asked Questions (FAQs)

1. What is the key difference between an attestation engagement and a performance audit?

A performance audit refers to auditors evaluating the effectiveness of a program, project, or activity in terms of financial and operational success and submitting recommendations for improvement. An attestation engagement in auditing revolves around analyzing and verifying a specific matter on which the responsible party requires reporting.

2. What are the types of attestation engagements?

The various types of engagements include:
Audits of financial statements: This is the most commonly known attestation, which involves examining the fairness of financial statements.
Compliance audits: They assess the level of compliance with laws, regulations, rules, legal stipulations, etc.
Operational audits: The performance and efficacy of internal processes, procedures, and controls are verified under this audit.
Agreed-upon procedures: It means an auditor carries out certain procedures to verify a given matter and summarizes the observations.

3. Is a compilation an attestation engagement?

In a compilation engagement, a hired practitioner (accountant) works on financial information to compile financial statements without taking responsibility for the accuracy of such information. Hence, compilation assignments do not involve attestation.

This article has been a guide to what is an Attestation Engagement. We explain its examples and compare it with direct and assurance engagements, and audit. You may also find some useful articles here –

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *