Guidance for AA1000AS (2008) Assurance Providers - AccountAbility

More documents

Recommendations

Info

A.4 Conducting an AA1000AS (2008) Engagement4.1 Planning the engagementA best practice assurance plan would contain details of:• the objectives of the engagement including:• scope,• level of assurance,• standards to be used, and• criteria to be used;• the assurance strategy, including risk assessment;• the tasks and activities, including• evidence gathering methods,• resources requirements (human, financial, technological), and• schedule (dates and duration);• the evidence requirements (depth, breadth, type, sources of evidence,sampling protocols);• the resource requirements;• the roles and relationships;• identification of key reporting organisation and assurance provider contacts;and• reference documents, protocols, checklists and other working documents to beused.4.1.1 Engagement riskThe practitioner should reduce assurance engagement risk to an acceptably lowlevel in the circumstances of the engagement. In general, assurance engagementrisk comprises inherent risk, control risk and detection risk. The degree to whichthe assurance provider considers each of these components is affected by theengagement circumstances.The assurance provider needs to obtain an understanding of the subject matter andother engagement circumstances; sufficient to identify and assess the risks of the16 September, 2009
subject matter information being materially misstated; and sufficient to design andperform further evidence-gathering procedures.4.2 Performing the engagementPerforming the engagement involves collecting and evaluating evidence about thesubject matter against suitable criteria to arrive at a set of findings andconclusions. It is therefore important to have a clear understanding of the subjectmatter, criteria, and evidence required.The scope of the engagement establishes the subject matter. For an AA1000AS(2008) assurance engagement this is either a Type 1 or a Type 2 engagement. Sothe subject matter relates to the principles in AA1000APS (2008) and, for Type 2,the specified disclosures (information) on sustainability performance.The criteria for the principles are found in the AA1000APS (2008). The criteria forsustainability performance information are found in a range of other sources,including other standards and guidelines. These need to be identified and agreedbefore the engagement begins.The evidence is all the things an assurance provider evaluates: documentation,systems and processes, internal controls, the data, the interview records and so on.The assurance provider needs to have a clear plan for the breadth, depth and timeperiod of the evidence required. Assurance providers can use, where relevant,accepted sampling protocols and have in place internal procedures for determiningwhat evidence they need and for evaluating when evidence is acceptable(sufficient).When evaluating the nature and extent of adherence to the AA1000 AccountAbilityPrinciples (2008) the assurance provider will focus on the profile of the organisationand the management approach. In other words: who are they, what do they do andhow do they understand and manage their sustainability issues. In evaluating theprinciples the assurance provider will also look for evidence of the consistency andcredibility of the sustainability performance information. Since the evaluation ofadherence to the principles does not have to be assertion based (that is, the17 September, 2009
Page 1 and 2: Guidance for AA1000AS (2008)Assuran
Page 3 and 4: Purpose of this guidanceThis guidan
Page 5 and 6: A.2 Using the AA1000AS (2008)2.1 Ty
Page 7 and 8: Given that this is an overarching s
Page 9 and 10: of stakeholders (or refers to the o
Page 11 and 12: information e.g. greenhouse gas emi
Page 13 and 14: • Knowledge of current environmen
Page 15: • requirements for evidence• su
Page 19 and 20: Balance• Are behaviour and inform
Page 21 and 22: A material misrepresentation or omi
Page 23 and 24: Issues that pass neither of these t
Page 25 and 26: 4.2.3 Obtaining evidenceThe assuran
Page 27 and 28: • note on roles and responsibilit
Page 29 and 30: B. Informative AnnexesB.1 The AA100
Page 31 and 32: B.3 Keeping Standards up-to-dateSta
Page 33 and 34: • KPMG (2005) KPMG International
Page 35 and 36: B.5 Certification of sustainability
Page 37 and 38: B.6 AccountAbility assurance provid
Page 39: B.8 About AccountAbilityAccountAbil

Guidance for AA1000AS (2008) Assurance Providers - AccountAbility

Create successful ePaper yourself

Delete template?

Save as template?