Launch offer — 25% off with code LAUNCH-25 See plans →
Try now → N
📚 Learn/ / SA 505 - External Confirmations
Microlesson · 5-min read

External Confirmation Procedures — 4 Steps

## External Confirmation Procedures — Step-by-Step

### Step 1: Determine Information to be Confirmed

Decide what needs to be confirmed — typically account balances and their elements. May also include:

  • Terms of agreements, contracts, or transactions
  • Absence of certain conditions (e.g., absence of a "side agreement")

---

### Step 2: Select the Appropriate Confirming Party

Responses are more reliable and relevant when the confirming party is knowledgeable about the information.

> Example: A financial institution official who knows the specific transaction is more appropriate than a general contact at the same institution.

---

### Step 3: Design the Confirmation Requests

Design affects response rate, reliability, and nature of evidence obtained.

Factors to consider:

1. Assertions being addressed

2. Specific identified risks of material misstatement (including fraud risks)

3. Layout and presentation of the request

4. Prior experience on the audit or similar engagements

5. Method of communication (paper, electronic, etc.)

6. Management's authorisation/encouragement to confirming parties to respond

7. Ability of confirming party to confirm the specific information (e.g., individual invoice vs. total balance)

---

### Step 4: Send Requests Including Follow-Up

If no reply received within a reasonable time, auditor may send an additional confirmation request after re-verifying the accuracy of the original address.

---

### Management Refuses to Allow Confirmation — Decision Tree

```

Management refuses to send confirmation

|

v

[1] Inquire management's reasons → evaluate validity & reasonableness

|

v

[2] Evaluate implications on ROMM assessment

|

v

[3] Perform alternative audit procedures

|

+-----+------+

| |

Refusal is Refusal is

Reasonable NOT Reasonable

| |

v v

Alternative SA 260 (TCWG)

procedures + + SA 705

if possible (modified opinion)

|

v

If alternative procedures

cannot obtain sufficient

appropriate evidence:

SA 260 + SA 705

```

Worked example

### Example 1

Step 3 — Blank vs. Filled Confirmation Design: Auditor is auditing trade receivables and is concerned about overstatement. To address the risk of the confirming party rubber-stamping a pre-printed balance, the auditor uses a blank confirmation (no balance stated) asking the debtor to state the balance per their records. This addresses the fraud risk more effectively, though response rates may be lower.

### Example 2

Step 4 — Follow-up: Auditor sends confirmation to XYZ Bank on 5th April. By 20th April no response is received. Auditor re-verifies the bank's address and sends a follow-up request on 25th April. This is proper procedure under SA 505.

### Example 3

Management Refusal — Reasonable: Management explains that the confirming party (a key customer) is currently in litigation with the entity and any correspondence could be used against the entity. The auditor evaluates this reason as valid and performs alternative procedures such as reviewing post-balance-sheet receipts from the customer.

### Example 4

Management Refusal — Not Reasonable: Management refuses without any credible explanation. Auditor determines the refusal is unreasonable, communicates with TCWG under SA 260, and considers the impact on the audit opinion under SA 705.

⚠️ Common exam mistakes

  • Skipping Step 2 (selecting appropriate confirming party) — sending confirmation to someone with no knowledge of the specific transaction produces unreliable evidence.
  • Not considering management's authorisation in the confirmation design — some confirming parties will only respond if management has authorised the request.
  • Accepting management's refusal without performing the three mandatory steps: inquire, evaluate implications, perform alternative procedures.
  • Treating 'refusal is reasonable' as the end of the matter — even when refusal is reasonable, the auditor must still attempt alternative procedures; it is only if those also fail that SA 260/SA 705 is triggered.
Bare-Act text Management's Refusal to Allow the Auditor to Send a Confirmation Request · SA 505 — External Confirmations · click to expand
If management refuses to allow the auditor to send a confirmation request, the auditor shall: (a) inquire as to management's reasons for the refusal, and seek audit evidence as to their validity and reasonableness; (b) evaluate the implications of management's refusal on the auditor's assessment of the relevant risks of material misstatement, including the risk of fraud, and on the nature, timing and extent of other audit procedures; and (c) perform alternative audit procedures designed to obtain relevant and reliable audit evidence.
← Previous
Definition, Types, and Uses of
Next →
Results of Confirmation Proced
Now that you've read this — what's next?
Move from understanding → mastery in 3 clicks. Each option below picks up from this lesson's topic.
🔥 Drill 5 Qs on this → ✍️ Adaptive practice →
Start 15-min diagnostic