Reasonable assurance:
is defined
by the audit community as an “acknowledgment
that it is not possible to assert absolutely and certainly that an event will
(or will not) occur.” Reasonable
assurance, in my opinion, means that a reasonable person would consider that
the testing conducted would lead them to believe that an event would be
discovered. Why is it not possible to
assert absolutely? Because, no
organization is going to pay an auditor to test every transaction. It is not cost effective and it is not
efficient. To get to reasonable assurance, an auditor develops tests and sample
sizes such that the potential that any event will be likely detected. It is how that testing should best be
conducted to give the auditor reasonable assurance is where things go
awry. The problem is that not all auditors
are conducting rigorous testing. Then there is sampling. Sampling is the key to reasonable
assurance. At the end of the day, if the
samples are not appropriately picked and of the right size, then reasonable
assurance cannot be achieved. Is
reasonable assurance perfect? No. Is there a better way to conduct audits?
Probably not if you want a cost effective and efficient process. Auditors need to step up and implement proper
testing and sampling processes to better ensure that any gaps are going to be
found. Are all gaps going to be found? No. Auditors
are human and are fallible. However, I
would like to think that the number of gaps that remain open will be few and
small enough that they will not cause a huge damage.
Comments