CPA Canada PEP Assurance Elective Quick Reference

Last revised: June 25, 2026

Compact CPA Canada PEP Assurance Elective reference for audit planning, risk, materiality, procedures, reporting, reviews, and assurance case writing.

How to Use This Quick Reference

This independent Quick Reference supports candidates preparing for CPA Canada’s CPA Canada PEP Assurance Elective exam, official code CPA Assurance. Use it as a compact case-writing aid: identify the assurance issue, choose the right engagement or standard, analyse risk and materiality, propose procedures, and conclude on reporting implications.

Assurance Case Triage

Case cue	What to do quickly
“Audit planning,” “year-end audit,” “financial statements”	Address acceptance/continuance, independence, users, materiality, RMM, significant risks, audit approach, procedures, reporting.
“Review engagement”	Emphasize limited assurance, inquiry and analytical procedures, plausibility, negative conclusion, and follow-up procedures for unusual items.
“Compilation”	No assurance. Focus on whether information is compiled from management-provided records and whether the basis of accounting is described.
“Special report,” “compliance,” “non-financial information”	Identify subject matter, responsible party, suitable criteria, users, assurance level, and whether direct or attestation engagement fits.
“Internal controls”	State weakness, implication/risk, recommendation, and benefit. Link to assertion or business risk.
“Issue with accounting treatment”	Quantify misstatement if possible, assess materiality/pervasiveness, propose audit procedures, and conclude on report effect.
“Independence/ethics concern”	Identify threat, significance, safeguards, and whether decline/resignation is required if threat cannot be reduced.

Engagement Selection Matrix

Engagement / standard family	Assurance level	Typical use	Main evidence style	Report conclusion style	Common exam trap
Audit of financial statements - CAS	Reasonable	Historical financial statements	Risk assessment, controls if relied on, substantive procedures, confirmations, inspection, recalculation, observation	Positive opinion: whether FS are presented fairly, in all material respects	Writing only generic procedures without assertion, population, source, or purpose.
Review of historical financial statements - CSRE 2400	Limited	Private company FS where audit not required	Inquiry, analytical procedures, targeted follow-up	Negative form: nothing has come to attention causing belief FS are not prepared appropriately	Over-auditing with confirmations/counts as default; review work is narrower unless concerns arise.
Compilation - CSRS 4200	None	Management needs compiled financial information	Compile from management information; no verification unless information appears misleading	No assurance; report describes compiled financial information and basis	Calling it “low assurance.” It is no assurance.
Agreed-upon procedures - CSRS 4400	None	Users specify procedures and receive factual findings	Perform only agreed procedures	Findings only; users draw conclusions	Giving an assurance conclusion.
Attestation engagement - CSAE 3000	Reasonable or limited	Another party measures/evaluates subject matter against criteria	Evidence on subject matter information	Opinion/conclusion on subject matter information	Missing the responsible party’s measurement/evaluation role.
Direct engagement - CSAE 3001	Reasonable or limited	Practitioner evaluates subject matter directly against criteria	Practitioner performs evaluation	Opinion/conclusion on outcome of practitioner’s evaluation	Confusing direct with attestation.
Compliance engagements - CSAE 3530 / 3531	Reasonable or limited	Compliance with agreement, regulation, policy, grant terms	Evidence against compliance criteria	Attestation or direct compliance conclusion	Not defining the exact compliance criteria.
Special purpose FS - CAS 800	Reasonable	Financial statements prepared under special purpose framework	Audit procedures adapted to framework	Audit opinion with special purpose context	Not considering restricted users or framework acceptability.
Single statement/specific element - CAS 805	Reasonable	Audit of one statement, account, or element	Audit evidence for specific subject	Opinion on specific statement/element	Ignoring interrelationship with full FS audit.
Summary financial statements - CAS 810	Reasonable on consistency	Summary FS derived from audited FS	Compare summary to audited FS	Opinion on consistency with audited FS	Treating summary FS as a full audit.

Assurance Levels and Evidence

Concept	Audit	Review	Compilation / AUP
Assurance	Reasonable, high but not absolute	Limited	None
Primary work	Risk-based audit evidence	Inquiry and analytics, follow-up	Compile information or perform specified procedures
Detection objective	Reduce audit risk to acceptably low level	Identify whether information appears plausible	No assurance objective
Procedures	Inspection, observation, confirmation, recalculation, reperformance, analytics, inquiry	Inquiry, analytics, limited additional procedures	Compilation: organize info. AUP: listed procedures only
Conclusion	Positive opinion	Negative assurance conclusion	No conclusion on fairness

Evidence Quality Hierarchy

Stronger evidence	Weaker evidence
External evidence received directly by auditor	Evidence prepared internally by client
Original documents	Copies or screenshots
Written evidence	Oral representations
Auditor recalculation/reperformance	Client explanation only
Evidence from effective controls	Evidence from weak control environment
Year-end evidence for balances	Interim evidence without roll-forward

Inquiry alone is rarely sufficient for an audit conclusion. Written representations support other evidence but do not replace necessary procedures.

Acceptance, Continuance, and Engagement Terms

Area	High-yield checks
Client integrity	Reputation, management honesty, fraud history, aggressive accounting, disputes with predecessor accountant.
Independence	Financial interests, loans, unpaid fees, close relationships, bookkeeping, management decisions, advocacy, contingent fees, gifts, employment ties.
Competence and resources	Industry knowledge, deadline feasibility, specialist needs, engagement team capacity.
Preconditions	Acceptable financial reporting framework, management acknowledges responsibilities, access to information and personnel.
Scope limitation	If management restricts access before acceptance, consider declining.
Engagement letter	Objective, scope, responsibilities, framework, report form, inherent limitations, access, timing, fees.
Predecessor communication	Obtain permission from prospective client; inquire about reasons for change, disagreements, integrity concerns.
Quality management	Ensure appropriate review, consultation, and documentation for significant judgements.

Independence Threats

Threat	Example	Response
Self-interest	Partner owns shares in audit client; significant overdue fees	Remove interest, collect fees, add safeguards, or decline.
Self-review	Firm prepared accounting records then audits them	Use separate team and review safeguards if allowed; avoid management decisions.
Advocacy	Firm promotes client financing or litigation position	Decline advocacy role or assurance engagement if threat too high.
Familiarity	Long association, family relationship with CFO	Rotate personnel, independent review, remove affected person.
Intimidation	Management threatens dismissal over proposed adjustment	Escalate to governance, document, consider withdrawal.

Materiality Reference

Materiality is based on user decisions, not only a calculation. In cases, state the benchmark, justify it using users and circumstances, calculate a preliminary amount if data permits, and apply qualitative factors.

\[ \text{Overall Materiality} = \text{Selected Benchmark} \times \text{Justified Percentage} \]\[ \text{Performance Materiality} < \text{Overall Materiality} \]

Common Benchmark Heuristics

These are practical exam heuristics, not fixed rules. Justify using the case facts.

Entity / user focus	Possible benchmark	Why it may fit
Stable profitable company	Normalized income before tax	Users focus on earnings.
Break-even or volatile earnings	Revenue, gross profit, assets, or equity	Profit is not a stable benchmark.
Lender-focused entity	Assets, EBITDA, debt covenants, income	Bank cares about solvency, coverage, covenant compliance.
Not-for-profit	Expenses, revenue, assets, restricted contributions	Users care about stewardship and use of funds.
Asset-heavy entity	Total assets or net assets	Balance sheet drives decisions.
Owner-managed private company	Income, normalized compensation, cash flow, debt covenants	Users may be owners, lenders, tax authorities, or buyers.

Qualitative Materiality Triggers

Small amount may still be material if it…
Turns profit into loss or affects bonus/compensation.
Causes covenant breach or regulatory non-compliance.
Masks fraud, related-party transactions, or illegal acts.
Affects key ratios, going-concern assessment, or financing.
Changes trend, segment result, or management forecast.
Involves sensitive disclosures, restrictions, or stewardship.

Audit Risk Model and Responses

\[ \text{Audit Risk} = \text{Risk of Material Misstatement} \times \text{Detection Risk} \]\[ \text{Risk of Material Misstatement} = \text{Inherent Risk} \times \text{Control Risk} \]

Risk factor	Effect on audit work
Higher inherent risk	More experienced staff, more persuasive evidence, targeted procedures.
Weak controls	Less reliance on controls, more substantive testing, larger samples, year-end testing.
High fraud risk	Unpredictable procedures, journal entry testing, management override work, professional skepticism.
Complex estimates	Test assumptions, methods, data, bias, sensitivity, and subsequent outcomes.
Related parties	Search for undisclosed relationships, inspect minutes/contracts, confirm terms, assess disclosure.
Going-concern uncertainty	Cash flow analysis, financing, covenants, plans, subsequent events, disclosure adequacy.

Significant Risk Indicators

Indicator	Why it matters	Typical response
Revenue pressure	Fraud risk in revenue recognition	Cutoff testing, contract review, analytics, confirmations, journal entry testing.
Management bonus tied to EBITDA	Bias in estimates/accruals	Test accruals, estimates, classification, unusual entries.
New system implementation	Completeness/accuracy risk	IT controls, reconciliations, conversion testing, parallel runs.
Rapid growth	Cutoff, collectability, inventory, controls may lag	Expand substantive work, test controls before reliance.
Debt covenant pressure	Classification and measurement bias	Recalculate covenants, inspect waivers, assess going concern.
First-year audit	Opening balances and understanding entity	Extra planning, predecessor review if permitted, opening balance procedures.

Assertions and Procedure Design

A strong procedure states: action + population/source + assertion + criterion + follow-up.

Assertion	Meaning	Strong procedure examples
Existence / occurrence	Recorded asset, liability, or transaction exists/occurred	Confirm receivables directly with customers; inspect subsequent cash receipts; observe inventory count.
Completeness	All items that should be recorded are recorded	Trace receiving reports to payables; search subsequent disbursements for unrecorded liabilities.
Accuracy / valuation	Amounts are recorded correctly	Recalculate depreciation; test inventory NRV; evaluate allowance assumptions.
Rights and obligations	Entity owns asset or owes liability	Inspect title, lease, debt, consignment, or security agreements.
Cutoff	Transactions recorded in correct period	Test shipping/receiving documents around year-end to invoices and GL.
Classification	Recorded in proper account/current vs non-current	Inspect agreements; assess debt covenant breaches and waiver timing.
Presentation / disclosure	Disclosures are complete and understandable	Compare FS disclosure to framework requirements and underlying agreements.

Weak vs Strong Procedure Wording

Weak wording	Stronger exam-ready wording
“Review revenue.”	Select a sample of sales recorded five business days before and after year end; agree invoice date, shipping document, contract terms, and GL posting to assess revenue cutoff.
“Check receivables.”	Send positive confirmations to a sample of material and overdue customers; for non-replies, inspect subsequent cash receipts and supporting invoices.
“Look at inventory.”	Attend the year-end inventory count, perform test counts from floor to count sheet and count sheet to floor, and investigate variances.
“Discuss with management.”	Inquire of management about obsolete inventory indicators and corroborate by inspecting aged inventory reports, post-year-end sales, and markdowns.

Account Area Procedure Reference

Area	Main risks	High-yield procedures
Revenue	Occurrence, cutoff, completeness, fraud	Review contracts; test cutoff around year-end; agree invoices to shipping/service evidence; perform trend/margin analytics; test credit notes after year-end; inspect unusual manual journal entries.
Receivables	Existence, valuation, collectability	Confirm balances; inspect subsequent receipts; review aging; test allowance assumptions; evaluate disputed/related-party balances.
Inventory	Existence, completeness, valuation, cutoff	Observe count; test count controls; perform floor-to-sheet and sheet-to-floor counts; test costing; compare cost to NRV; review obsolete/slow-moving items; test purchases/sales cutoff.
Purchases and payables	Completeness, cutoff	Search subsequent disbursements; trace receiving reports to AP; inspect unmatched receiving reports; review supplier statements; test accruals.
Payroll	Occurrence, accuracy, authorization	Reconcile payroll register to GL; test new hires/terminations; agree pay rates to approved HR records; test time approval; review unusual bonuses.
Cash	Existence, completeness, restriction	Obtain bank confirmations; reconcile bank statements; test outstanding cheques/deposits; inspect debt restrictions or compensating balances.
PPE	Existence, rights, valuation, depreciation	Inspect additions; agree to invoices/approvals; verify title; recalculate depreciation; review impairment indicators; test disposals.
Debt	Completeness, classification, disclosure	Confirm with lenders; inspect agreements; recalculate interest; test covenant compliance; assess current/non-current classification and waivers.
Estimates	Valuation, bias	Evaluate method, assumptions, data reliability, management bias, sensitivity, and subsequent events.
Provisions/contingencies	Completeness, valuation, disclosure	Send legal letters; inspect minutes; inquire of management/legal counsel; review post-year-end payments; assess recognition vs disclosure.
Related parties	Completeness, measurement, disclosure	Inspect minutes, shareholder records, contracts, unusual transactions; confirm terms; evaluate business purpose and disclosure.
Going concern	Valuation, classification, disclosure	Evaluate cash flow forecasts, financing, covenants, management plans, subsequent results, and disclosure adequacy.

Internal Control Reference

Control Objective Matrix

Objective	Control examples	Evidence to test
Authorization	Credit approval, purchase approval, payroll change approval	Approved forms, system logs, sign-offs.
Completeness	Sequential invoices, receiving report matching, bank reconciliations	Sequence checks, reconciliation review evidence.
Accuracy	Price master controls, recalculation, automated edit checks	Exception reports, recalculation, IT control logs.
Segregation of duties	Separate custody, recording, authorization, reconciliation	Role listings, access rights, observed process.
Safeguarding assets	Locked inventory, restricted cash access, dual signing	Access logs, physical inspection, policy compliance.
Review and monitoring	Variance analysis, management review, board oversight	Dated review notes, investigation evidence.

Common Weaknesses and Recommendations

Cycle	Weakness	Risk / implication	Better recommendation
Revenue	Same person approves credit, records sale, and handles cash	Fictitious sales or stolen receipts	Separate cash handling from recording; require independent monthly AR reconciliation review.
Purchases	Vendor master changes not reviewed	Fictitious vendors or unauthorized payments	Restrict vendor setup access and require independent approval of new/changed vendors.
Payroll	HR changes entered without approval	Ghost employees or incorrect pay	Require approved HR forms and independent review of payroll change reports.
Inventory	No independent count supervision	Theft or inaccurate inventory	Assign independent count teams, use pre-numbered count sheets, investigate variances.
IT	Shared admin passwords	No accountability and unauthorized changes	Unique user IDs, least privilege access, periodic access review.
Financial close	Manual journals posted without review	Management override or errors	Require independent review of manual journals, especially unusual or late entries.

Control Testing Rules

If the case asks…	Answer focus
“Can we rely on controls?”	Test design and implementation first; then operating effectiveness.
“Walkthrough”	Follow one transaction through the system to understand process and confirm design/implementation.
“Test of control”	Inspect evidence that control operated, who performed it, when, and whether exceptions were resolved.
“Control deficiency”	Explain weakness, audit risk, recommendation, and effect on substantive work.
“Management letter”	Communicate control deficiencies and recommendations; do not confuse with audit opinion modification unless FS are materially misstated or scope-limited.

Fraud, Laws, and Professional Skepticism

Area	What to remember
Fraud triangle	Pressure, opportunity, rationalization. Use case facts to identify risk.
Revenue recognition	Presumed high-risk area unless rebutted with strong rationale.
Management override	Test journal entries, accounting estimates for bias, and significant unusual transactions.
Non-compliance	Consider effect on FS, disclosure, audit evidence, and communication with governance.
Skepticism	Corroborate management explanations; challenge inconsistent evidence.
Communication	Escalate significant fraud risks, suspected fraud, and material control deficiencies to appropriate governance level.

Sampling and Misstatement Evaluation

Sampling Factors

Desired outcome	Sample size effect
Higher assurance	Increase sample size.
Lower tolerable misstatement/deviation	Increase sample size.
Higher expected misstatement/deviation	Increase sample size.
Stronger controls / lower assessed risk	May reduce sample size if reliance is justified.
More variable population	Increase sample size.
Larger population	Usually limited effect after population is large; risk and variability matter more.

Misstatement Types

Type	Meaning	Example
Factual	No judgement involved	Invoice recorded twice.
Judgemental	Difference in estimate or accounting policy judgement	Allowance too low.
Projected	Auditor projects sample error to population	Sample error rate applied to full population.

Evaluation Steps

Accumulate identified misstatements, including projected and judgemental differences.
Ask management to correct them.
Reassess materiality if circumstances changed.
Consider qualitative factors, not only dollar amount.
Evaluate whether uncorrected misstatements are material individually or in aggregate.
Conclude on report modification if material misstatement remains.

Reporting Decision Reference

    graph TD
	    A[Issue identified] --> B{Misstatement or scope limitation?}
	    B -->|Misstatement| C{Material?}
	    C -->|No| D[Unmodified opinion; communicate if needed]
	    C -->|Yes| E{Pervasive?}
	    E -->|No| F[Qualified opinion: except for]
	    E -->|Yes| G[Adverse opinion]
	    B -->|Scope limitation| H{Material possible effects?}
	    H -->|No| D
	    H -->|Yes| I{Pervasive?}
	    I -->|No| J[Qualified opinion: except for possible effects]
	    I -->|Yes| K[Disclaimer of opinion]
	    B -->|Emphasis or context| L{FS appropriately presented?}
	    L -->|Yes| M[Unmodified plus EOM/Other Matter if appropriate]
	    L -->|No| C

Opinion Modification Table

Condition	Material but not pervasive	Material and pervasive
Material misstatement	Qualified opinion	Adverse opinion
Inability to obtain sufficient appropriate evidence	Qualified opinion	Disclaimer of opinion

Emphasis and Other Matter

Paragraph	Use when	Key distinction
Emphasis of Matter	Matter is appropriately presented/disclosed in FS and is fundamental to users’ understanding	Does not modify opinion.
Other Matter	Matter outside FS is relevant to users’ understanding of audit, responsibilities, or report	Does not modify opinion.
Material Uncertainty Related to Going Concern	Adequate disclosure of material uncertainty exists	Separate communication; not an adverse opinion if disclosure is adequate.

Going Concern Reporting

Situation	Reporting implication
No material uncertainty and going-concern basis appropriate	Unmodified, no special going-concern section required solely for routine risk.
Material uncertainty exists and disclosure is adequate	Unmodified opinion with Material Uncertainty Related to Going Concern section when required.
Material uncertainty exists and disclosure inadequate	Modified opinion due to material misstatement.
Going-concern basis inappropriate	Adverse opinion if FS prepared on going-concern basis.
Insufficient evidence due to management limitations	Qualified opinion or disclaimer depending on materiality/pervasiveness.

Review, Compilation, and AUP Traps

Topic	Correct treatment
Review procedures	Primarily inquiry and analytical procedures; perform additional procedures when information appears inconsistent, incomplete, or implausible.
Review materiality	Still applies; limited assurance does not mean no materiality.
Review evidence	Less persuasive than audit evidence, but must support limited assurance conclusion.
Compilation	Practitioner compiles information; no verification and no assurance conclusion.
Compilation basis of accounting	Must be understandable to users; watch for misleading information.
AUP engagement	Procedures are agreed with engaging party; report factual findings only.
Users drawing conclusions	AUP users evaluate findings themselves; practitioner does not conclude.

Special Assurance Engagements

Subject Matter and Criteria

Element	Case questions to answer
Subject matter	What is being measured or evaluated? Financial data, compliance, controls, GHG emissions, performance metrics?
Criteria	Are criteria relevant, complete, reliable, neutral, and understandable? Are they available to users?
Responsible party	Who is responsible for subject matter or subject matter information?
Users	Who will rely on the report and for what decision?
Assurance level	Reasonable or limited? Is the requested level feasible?
Evidence	Can sufficient appropriate evidence be obtained?
Report restriction	Are criteria or users specialized enough to restrict distribution or use?

Direct vs Attestation

Feature	Direct engagement	Attestation engagement
Who measures/evaluates subject matter?	Practitioner	Responsible party or evaluator
Practitioner reports on	Outcome of practitioner’s evaluation	Subject matter information prepared by another party
Canadian standard family	CSAE 3001	CSAE 3000
Example	Practitioner evaluates whether controls meet criteria	Management asserts controls meet criteria; practitioner reports on assertion

High-Yield CAS Area Map

Area	What candidates should be ready to apply
CAS 200 / 230	Overall objectives, professional skepticism, documentation sufficient for experienced auditor.
CAS 210	Engagement terms and preconditions.
CAS 240	Fraud, revenue recognition, management override.
CAS 250	Laws and regulations affecting FS.
CAS 260 / 265	Communication with governance and control deficiencies.
CAS 300 / 315 / 330	Planning, risk assessment, responses to assessed risks.
CAS 320 / 450	Materiality and evaluation of misstatements.
CAS 500 / 505 / 520 / 530	Evidence, confirmations, analytics, sampling.
CAS 540	Accounting estimates and bias.
CAS 550	Related parties.
CAS 560	Subsequent events.
CAS 570	Going concern.
CAS 580	Written representations.
CAS 600 / 610 / 620	Group audits, internal audit work, auditor’s expert.
CAS 700 / 705 / 706	Opinion formation, modifications, emphasis/other matter.
CAS 720	Other information and inconsistencies.

Subsequent Events Quick Reference

Timing	Auditor responsibility	Typical procedures
Between year-end and auditor’s report date	Perform procedures to identify events requiring adjustment or disclosure	Read minutes, inquire, review interim FS, inspect subsequent transactions, obtain legal updates.
After report date but before FS issued	No active search obligation, but respond to facts that become known	Discuss with management, determine amendment need, perform necessary procedures, update report if appropriate.
After FS issued	Respond if facts existed at report date and would have affected report	Discuss with management/governance, consider revised FS/report, legal/professional advice if management refuses.

Adjusting vs Non-Adjusting

Event	Treatment
Provides evidence of conditions existing at year-end	Adjust FS.
Indicates conditions arose after year-end	Disclose if material; do not adjust amounts.
Affects going concern	May require adjustment to basis of accounting or expanded disclosure.

Case-Writing Templates

Audit Planning Memo Skeleton

Section	What to include
Users and objectives	Who relies on the report and what decisions they make.
Engagement acceptance	Independence, competence, management integrity, preconditions, scope.
Materiality	Benchmark, calculation if possible, qualitative factors, performance materiality.
Risk assessment	Inherent/control risks, fraud risks, significant risks, affected assertions.
Audit approach	Controls reliance vs substantive approach; timing; staffing; specialists.
Procedures	Specific, assertion-linked procedures for high-risk areas.
Reporting	Potential modifications, EOM/Other Matter, going concern, restrictions.

Assurance Procedure Formula

Use this structure in case answers:

To address the risk/assertion.
Select the population and sample basis.
Perform a clear audit action.
Agree/compare/recalculate/confirm to a named source or criterion.
Investigate exceptions and quantify misstatements.

Example: “To test revenue cutoff, select sales recorded in the last five business days before year-end and first five business days after year-end, agree each invoice to shipping documentation and contract terms, verify the date goods were transferred, and investigate items recorded in the wrong period.”

Control Recommendation Formula

Component	Example
Weakness	Sales staff can create customers and approve credit limits.
Implication	Fictitious customers or sales to poor-credit customers may result in bad debts or fraudulent revenue.
Recommendation	Limit customer setup to accounting and require credit manager approval for credit limits.
Benefit	Reduces unauthorized customers and improves collectability of receivables.

Reporting Analysis Formula

Identify the unresolved issue.
Quantify misstatement or possible misstatement.
Compare to materiality and qualitative factors.
Decide if pervasive.
State report effect and wording direction.

Common CPA Assurance Exam Traps

Trap	Better approach
Listing standards without applying facts	Tie each point to users, risks, materiality, assertions, and case constraints.
Vague procedures	Write procedures specific enough that an audit junior could perform them.
Ignoring accounting impact	Assurance conclusions often depend on whether the accounting treatment is materially misstated.
Confusing review with audit	Reviews use inquiry/analytics and limited assurance; audits require sufficient appropriate evidence for reasonable assurance.
Calling compilation assurance	Compilation provides no assurance.
Forgetting qualitative materiality	Fraud, covenants, compliance, trends, and related parties can make small amounts material.
Modifying opinion too quickly	First determine misstatement vs scope limitation, materiality, pervasiveness, and disclosure adequacy.
Treating control deficiencies as automatic report modifications	Control deficiencies affect audit approach and may be communicated; opinion changes only if FS issue or scope issue remains.
Omitting conclusion	Every issue needs a recommendation or conclusion, even if brief.

Final Practice Step

Next, practise with timed CPA Assurance cases: for each issue, force yourself to write the standard/engagement choice, risk, materiality impact, specific procedures, and reporting conclusion in a concise case format.

Scenario Guide

Financial Reporting