i) Evaluation of Attestation and Direct Reporting Engagements

Attestation Engagement:

• The responsible party measures the subject matter against specific criteria and presents the subject matter information to the auditor.
• The auditor gathers sufficient and appropriate audit evidence to form a conclusion on whether the subject matter complies with the applicable criteria.
• The engagement may provide reasonable assurance (expressing an opinion) or limited assurance (stating that nothing has come to attention to suggest non-compliance).

Direct Reporting Engagement:

• The auditor is responsible for evaluating the subject matter directly against the criteria.
• The auditor, instead of merely verifying management’s work, takes an active role in assessing compliance.
• The conclusion is expressed in the form of findings, recommendations, or an audit opinion.

ii) Common Areas Covered in Reports for Both Engagements

1. Title – Clearly states the nature of the compliance audit.
2. Description of the Subject Matter – Defines the specific area under audit (e.g., government expenditures, procurement process, tax collections).
3. Audit Criteria – Outlines the legal framework, standards, or policies that were tested for compliance.
4. Identification of Auditing Standards – References auditing frameworks used, such as ISSAI (International Standards for Supreme Audit Institutions).
5. Conclusions – Summarizes whether the entity complied with the given regulations and highlights non-compliance issues.
6. Responses from the Audited Entity – Includes management’s explanations for any deviations or non-compliance findings.
7. Extent and Nature of Work Performed – Details procedures followed and scope of the audit.