You have probably had a client ask for ‘just a basic audit’ when what they actually need is a compilation. Or had a prospect assume that a review and an audit are the same thing, just priced differently.
They are not, and the distinction matters more than most clients realize.
Each engagement carries a different scope, a different level of assurance, and different reporting requirements. When you treat them as interchangeable, engagements get scoped incorrectly, and client expectations go sideways before the work even begins.
If you run an accounting firm in Canada, knowing where these three services diverge directly affects how you price your work, what procedures your team follows, and what you can and cannot represent to a client. This guide breaks down exactly what separates them so you can advise with confidence and structure every engagement the right way.
What Is a Compilation Engagement?
A compilation engagement is the most basic level of financial statement service your firm can provide. Under Canadian Standard on Related Services (CSRS) 4200, which governs compilation engagements in Canada, you take financial information supplied by management and present it in the form of financial statements.
The objective is narrow by design. Your role is to assist management in presenting their financial information in a structured format, nothing more. You are not investigating the numbers, questioning the figures, or drawing any conclusions about the health of the business.
That also means a compilation provides no assurance whatsoever. Unlike a review or an audit, you are not expressing any opinion or conclusion on whether the financial statements are free from material misstatement. The compilation report makes this explicitly clear.
The procedures you perform are limited to organizing the data and checking that the statements are free from obvious errors on their face. There is no independent verification, no testing of balances, and no inquiry into whether the numbers make sense.
Because the scope is narrow, compilations are the fastest and least expensive engagement type your firm can offer. For clients who need financial statements quickly without third-party assurance, they are usually the right fit.
Management carries full responsibility for the accuracy and completeness of the information they provide. If the numbers are wrong, that responsibility sits with them. Your compilation engagement letter should make this distinction explicit before work begins.
Compilations are most commonly used by small private businesses preparing statements for internal decision-making, tax filings, or early-stage financing conversations where lenders are not yet requiring reviewed or audited financials. If you want a deeper look at how to run one from start to finish, this compilation engagement guide walks through everything your firm needs to know.
Resource: Free Compilation Engagement Letter Template
What Is a Review Engagement?
A review engagement sits in the middle of the spectrum. It goes further than a compilation but stops well short of an audit. In Canada, review engagements are governed by CSRS 2400, and the core objective is to provide limited assurance that the financial statements are plausible, meaning nothing has come to your attention to suggest they are materially misstated.
That distinction matters. Limited assurance is not the same as reasonable assurance. You are not confirming the numbers are correct. You are confirming that, based on your procedures, nothing looks significantly off.
Those procedures consist primarily of analytical reviews and inquiry. You compare figures across periods, assess whether relationships between numbers make sense, and ask management pointed questions about anything that appears unusual. You are not independently verifying balances, confirming figures with third parties, or physically inspecting assets. The work is analytical and judgment-based, not evidentiary.
One requirement that separates a review from a compilation is CPA independence. To issue a review report, your firm must be independent of the client. If that independence is compromised in any way, you cannot perform the engagement. This is a non-negotiable standard under CSRS 2400 and something to confirm before the engagement is accepted.
Reviews take more time and cost more than compilations, though they remain significantly less intensive than audits. The additional investment reflects the additional credibility the report carries. Reviewed financial statements are commonly required by lenders evaluating loan applications, investors conducting due diligence on private companies, and shareholders in owner-managed businesses who want a level of external scrutiny without the full cost of an audit.
What Is an Audit Engagement?
An audit is the most rigorous of the three engagements and the only one that provides reasonable assurance. Under Canadian Auditing Standards (CAS), the objective is to obtain sufficient appropriate evidence to conclude whether the financial statements as a whole are free from material misstatement, whether due to error or fraud. That is a significantly higher bar than anything a review or compilation demands.
Reasonable assurance is not a guarantee. But it is as close to one as the profession offers, and the procedures required to reach that conclusion reflect that weight. An audit involves independent verification of account balances, confirmation with third parties such as banks and debtors, physical inspection of assets where relevant, and a thorough evaluation of the client’s internal controls. Weaknesses in those controls directly influence how the audit is planned and where additional testing is focused.
Risk assessment sits at the core of every audit. Before any substantive testing begins, your firm identifies where material misstatement is most likely to occur, whether at the financial statement level or at the assertion level for specific transactions and balances. That assessment shapes the entire engagement, determining which areas get the deepest scrutiny and how much evidence is enough to support the opinion.
Evidence gathering is extensive. Unlike a review, where analytical procedures and inquiry carry most of the weight, an audit requires corroboration. Numbers need to be supported by documentation, third-party confirmation, or direct observation. The standard is not whether things look plausible. It is whether you have gathered enough evidence to form an opinion you can stand behind.
All of that comes at a cost. Audits are the most time-intensive and expensive of the three engagement types, often by a significant margin. For the right client, however, that cost is justified. Audits are typically required by publicly listed companies, non-profit organizations above certain revenue thresholds, businesses seeking significant financing, and any entity where regulators, investors, or governing bodies require the highest level of external assurance on the financial statements.
Recommended: Free Financial Audit Checklist Template
Compilations vs Reviews vs Audits: A Side-by-Side Comparison
If you need a quick reference to share with a client or use internally when scoping an engagement, this table captures the key differences at a glance.
| Feature | Compilation | Review | Audit |
| Level of Assurance | None | Limited | Reasonable |
| Testing Performed | No | Analytical & inquiry | Extensive testing |
| Independence Required | Disclosure if impaired | Yes | Yes |
| Governed By | CSRS 4200 | CSRS 2400 | Canadian Auditing Standards (CAS) |
| Cost | Low | Moderate | High |
| Time Required | Short | Moderate | Long |
| Typical Use Case | Internal / Small business | Bank or lender requirement | Regulatory / Investor requirement |
| Report Issued | Compilation report | Review report | Audit opinion |
One thing worth clarifying for clients who ask: independence is not a formal requirement for compilation engagements, the way it is for reviews and audits. However, under CSRS 4200, if a reasonable observer would perceive your firm to be lacking independence, that must be disclosed in the compilation report. It is not a blanket requirement, but it is something your firm needs to be aware of and document before the engagement begins.
How to Explain These Differences to Clients
Most clients do not come to this conversation with any background in assurance standards. Your job is to close that gap before the engagement is scoped, not after. Here is how to approach that conversation:
Use plain language
Drop the technical framing and anchor the conversation in what the client actually cares about. A compilation means you are organizing the numbers they give you, nothing more. A review means you are taking a closer look and checking whether things appear reasonable. An audit means you are independently verifying the numbers and providing the highest level of confidence the profession can offer.
Focus on risk tolerance
Help the client see that the right engagement type is not about preference. It is about what their situation actually requires. A small business preparing statements for internal use has very different needs from a company approaching a bank for significant financing.
Discuss lender and investor requirements early
Many clients do not realize their bank may specifically require reviewed or audited financials as a condition of financing. Walking clients through this upfront prevents the frustration of completing a compilation only to discover it does not satisfy their lender.
Be direct about the cost versus assurance tradeoff
A compilation costs less because it does less. A review costs more because it carries more weight. An audit is the most significant investment because it provides the most defensible conclusion. When clients understand that the price difference reflects a real difference in what your firm is doing, the conversation becomes much easier to have.
How Firms Can Manage These Engagements Efficiently
Knowing the difference between a compilation, review, and audit is one thing. Running all three engagement types smoothly inside the same firm is another. Let’s break down how you can manage them efficiently.
Standardize your workflows
Each engagement type has its own set of required procedures, and those procedures need to be built into how your team works, not left to memory or individual judgment.
When a compilation follows the same documented process every time, and a review has its own distinct workflow separate from it, your team is executing a proven structure rather than reinventing the approach with each new client. Financial Cents lets you build separate workflow templates for each engagement type, like the one below, so the right steps are always assigned to the right person at the right time.
Get the audit checklist template here.
You can grab a compilation checklist here.
Use the right engagement letter for each engagement type
A compilation engagement letter looks different from a review engagement letter, which looks different again from an audit engagement. Each one should clearly define the scope, the level of assurance being provided, management’s responsibilities, and your firm’s limitations under that specific engagement type. Within Financial Cents, for instance, you can send and manage engagement letters directly, keeping everything tied to the client record from the moment the engagement begins.
Follow each engagement’s compliance and regulatory framework: CSRS 4200, CSRS 2400, and Canadian Auditing Standards each carry specific requirements that govern how the work is performed and reported. Your workflows and documentation practices need to reflect those requirements from the start, not be retrofitted after the fact.
Build documentation discipline into the process: Every engagement should have a clear, organized record of the procedures performed, the information received from the client, and the conclusions reached. That discipline cannot depend on individual team members being thorough. It needs to be built into the process itself.
Define staff roles clearly
Knowing who is responsible for which steps, who reviews the work, and who signs off on the final report should never be ambiguous. When roles are defined and visible, accountability follows naturally, and work does not stall waiting for someone to figure out who owns the next step.
The Role of Workflow & Practice Management Systems
Running compilation, review, and audit engagements under one roof means managing three distinct sets of requirements simultaneously. The more engagements your firm takes on, the harder it becomes to track procedures, maintain compliance, and keep work moving without something slipping through the cracks. That is where a practice management system for accounting firms stops being a convenience and starts being a necessity.
Here is what the right system helps your firm do:
Maintain compliance across engagement types
When workflows are built around the specific requirements of CSRS 4200, CSRS 2400, or Canadian Auditing Standards, your team is not relying on memory to stay compliant. The process itself keeps them on track.
Track engagement-specific procedures
Rather than managing a compilation and a review engagement the same way and hoping team members remember the differences, each engagement type has its own workflow with its own sequence of required steps.
Standardize documentation
Standardized templates and centralized file storage mean that every engagement produces a consistent, organized record regardless of who performs the work. When a reviewer or signing partner needs to assess what was done and why, everything is where it should be.
Manage review and sign-off processes
Assigning review tasks, flagging items for partner sign-off, and tracking approvals in one system removes the back-and-forth that slows firms down and creates gaps in the audit trail.
Meet deadlines without last-minute scrambling
Managing multiple clients across all three engagement types means a lot of due dates in motion at once. When deadlines are tied directly to projects and visible across the team in real time, the work that needs attention surfaces before it becomes urgent, not after it is already late.
Conclusion
Compilations, reviews, and audits are not interchangeable services. What separates them is not complexity for its own sake. It is the level of confidence each engagement is designed to provide, and that shapes everything from the procedures your team follows to what your report can and cannot say.
Getting this right matters on both ends. Clients need to understand what they are buying before work begins. Your team needs to execute each engagement type with the structure its standards demand. The right engagement letter, clear scoping conversations, and documented workflows are not optional. They are what keep your firm out of trouble and your clients properly served.
Financial Cents helps you put that structure in place. From standardized workflows and deadline tracking to client communication and billing, everything your firm needs to manage compilations, reviews, and audits lives in one platform.
Ready to see how it works for your firm?
Frequently Asked Questions
What is the main difference between a compilation, review, and audit? Assurance level. A compilation provides none, a review provides limited assurance, and an audit provides reasonable assurance. Each step up brings broader procedures, greater cost, and more time.
Does a compilation engagement provide any assurance?
No. You are organizing information management into a financial statement format, not verifying it.
Is a review engagement the same as a “light audit”?
No. A review uses analytical procedures and inquiry. An audit involves independent verification, third-party confirmation, and extensive evidence gathering. They are fundamentally different engagements.
When is an audit required?
In Canada, publicly listed companies, registered charities above certain revenue thresholds, and entities governed by specific regulatory bodies typically require audited financials. Lenders and investors may also require them as a condition of financing.
Do audits guarantee that fraud will be detected?
No. An audit provides reasonable assurance, not absolute assurance. A well-concealed fraud can still go undetected.
Are engagement letters required for all three services?
Yes, and each letter should be tailored to the specific engagement being performed.
