Audit assertions explained: Risks and best practices

Audit assertions are essential to the auditing process. From verifying the existence of assets to confirming that transactions are presented in the correct period, assertions help shape how auditors assess risk and design procedures to support their conclusions.

The challenge: assertions can be misunderstood or overshadowed by the urge to “cover everything.” As firms navigate evolving standards, increasingly complex transactions, and technological advancements, a clear understanding of audit assertions is necessary.

Jump to ↓

What are the main assertions in auditing?

Common audit assertion errors and myths

High-risk audit assertions

The impact of technology on how auditors test assertions

What are the main assertions in auditing?

Audit assertions are statements that management explicitly or implicitly makes about the information in financial statements. When auditors test these assertions, they ensure that certain aspects of management’s statements about the contents of the financials are presented fairly, in all material respects.

Under U.S. Generally Accepted Auditing Standards (GAAS) from the American Institute of Certified Public Accountants (AICPA), auditors evaluate several key assertions:

Existence or occurrence: Balances and transactions actually exist and have really occurred.
Completeness: Financial statements are comprehensive, meaning balances, transactions, and other relevant material information presented is complete.
Rights and obligations: The entity owns the rights to the assets and is responsible for settling the liabilities shown.
Valuation or allocation: The amounts presented are measured, recorded, and described accurately.
Accuracy: The information provided is correct.
Cutoff: The information is provided in the appropriate fiscal period.
Classification: Amounts and transactions are organized into appropriate categories, such as current versus noncurrent liabilities on the balance sheet or financing versus operating activities on the statement of cash flows.
Presentation: Information in the financial statements is clear and understandable; it is not misleading or obscured.

Alison (Parker) Stephens, Executive Editor of PPC products for Thomson Reuters, said that while “these are simplified definitions and examples,” these assertions are generally “what we as auditors are looking at when we assess risk and design our audit procedures.”

Approaches to assertions

It is important to note that the AICPA, Public Company Accounting Oversight Board (PCAOB), and International Standards on Auditing (ISA) use fundamentally similar approaches to assertions, with minor differences in terminology and grouping, said Stephens. AICPA and ISA assertions are identical, while the PCAOB groups them slightly differently and excludes accuracy and cutoff.

However, these elements are essentially included in other assertions, such as valuation, completeness, and presentation. In short, the objectives are the same across all three standards, and auditors can adapt these assertion frameworks as long as they adequately address the risk of material misstatement.

Common audit assertion errors and myths

Even experienced auditors can face challenges when assessing assertions. Some issues might arise from incomplete documentation or complex accounting estimates, while others could be due to misunderstandings about how assertions should be applied. Recognizing common pitfalls can help auditors improve their risk assessment and prevent misdirected efforts.

Stephens outlined common assertion issues to watch out for:

Existence or occurrence: Overstating assets or revenues (e.g., fictitious inventory or sales).
Completeness: Understating liabilities or expenses (e.g., omitting accrued liabilities).
Rights and obligations: Presenting an asset that isn’t legally theirs, such as claiming a receivable for damages from an unresolved lawsuit.
Valuation or allocation misstatements: Making estimates that are highly subjective or difficult to calculate, such as improperly valuing a complex equity instrument in accordance with relevant accounting standards.
Presentation and disclosure errors: Failing to include part or all of a required disclosure, making disclosures unclear with confusing language, or including excessive immaterial details that obscure the overall financial picture.
Cutoff: Reporting revenue in the incorrect period based on sales terms (i.e., “stuffing the channel”) to inflate the numbers for the year.

Meanwhile, common misconceptions can lead to inefficiencies and drain resources. One of the most common myths, said Stephens, is the need to “cover all of the assertions just to be safe.” The reality is that not every assertion in every audit area requires your focus.

“Specifically, I see this with the revenue fraud risk. While there is a presumptive requirement to assess improper revenue recognition due to fraud in all of the standards, the auditing standards do not state which assertions that has to cover. So be thoughtful about the facts and circumstances of the engagement, refine that risk to relevant revenue streams and assertions, and design your response accordingly,” said Stephens.

Stephens continued, “Be precise at the assertion level, tailor the timing, nature, and extent of audit procedures accordingly, and then you can focus your time and resources on the areas that present the most risk.”

High-risk audit assertions

All audits require careful evaluation of assertions; however, some areas are commonly more susceptible to material misstatements. These higher-risk assertions typically involve complex estimates, incentives that increase the likelihood of manipulation, or areas that require significant professional judgment.

Revenue recognition

Across GAAS, ISA, and PCAOB standards, auditors must presumptively consider the risk of fraud related to improper revenue recognition. Depending on the nature of the client’s revenue streams and the facts and circumstances of the engagement, several assertions may be particularly vulnerable:

Occurrence of transactions (i.e., risk of fictitious sales).
Cutoff (i.e., the risk of recognizing revenue in the wrong period to artificially inflate results).
Valuation (i.e., highly complex contract terms — such as variable compensation — make amounts vulnerable to manipulation).

Estimates

Estimates like fair market value and allowance estimates often carry higher inherent risk. When working with complex or subjective estimates, valuation, accuracy, and presentation are especially important. These may involve multiple inputs, detailed rules, and equations. This can make them more vulnerable to error or manipulation.

These areas also typically have detailed disclosure requirements, raising the risk of inaccuracies, incompleteness, or misrepresentation.

The impact of technology on how auditors test assertions

Technology is transforming how auditors evaluate and address assertion-level risks. However, it also brings new responsibilities.

“We should plan our audits to be responsive to risk of material misstatement at the relevant assertion level. That word ‘relevant’ is key. AU-C 315.12 defines a relevant assertion as one for which there is reasonable possibility of material misstatement. So, the more we refine our risk assessment process, the more concentrated our audit efforts will be, and that improves efficiency and effectiveness of the audit. Technology and data analytics help auditors to do this,” Stephens said.

Instead of relying on sampling and manual methods, auditors can leverage technology to analyze entire data sets, automate repetitive tasks, and identify risks and anomalies. This improved visibility allows auditors to enhance audit quality and effectiveness while focusing on higher-risk assertions.

However, Stephens cautioned that “auditors need to take measures to ensure quality of the data they are using in these tools, to understand tool limitations, and to develop new skills in data interpretation and visualization to effectively use these techniques.”

As financial reporting becomes more complex and technology continues to reshape the profession, auditors need tools that enable them to precisely apply assertion-level concepts. Thomson Reuters Guided Assurance addresses this need by integrating trusted PPC audit methodology directly into modern platforms, helping auditors convert assertion-based concepts into practical, actionable procedures.

Explore the cloud-based solution today and see how Guided Assurance can strengthen your firm’s audit approach.