Mastering Independent Reviews under ISRE 2400

Posted 07 May 2026 Written by Acts Online
Category Independent Reviews

Brought to you by SA Accounting Academy: This article clarifies the regulatory distinctions between audits and independent reviews, focusing on the correct application of ISRE 2400 (Revised).

In terms of the Companies Act, No. 71 of 2008, the independent review serves as a limited assurance engagement designed to alleviate the financial reporting burden on smaller entities. Unlike a full audit, which is governed by the International Standards on Auditing (ISAs) to provide reasonable assurance, an independent review is governed exclusively by ISRE 2400 (Revised). The objective is to conclude whether anything has come to the practitioner’s attention that suggests the financial statements are not prepared, in all material respects, in accordance with the applicable financial reporting framework.

Methodological Distinctions and Regulatory Compliance

Practitioners must distinguish between the exhaustive procedures required for an audit and the risk-based approach of a review. Under ISRE 2400 (Revised), there is no regulatory requirement to evaluate the design or test the operational effectiveness of internal controls, nor is there a requirement to calculate performance materiality for detailed sampling. Instead, the standard relies primarily on:

  • Inquiry: Comprehensive interviews with management to identify areas where material misstatements are likely to arise.
  • Analytical Procedures: Comparing financial data against prior periods and industry averages to identify variances.

The Companies Act regulations dictate eligibility for an independent review based on the entity’s Public Interest Score (PI Score). However, ISRE 2400 also requires practitioners to perform a pre-engagement assessment to determine if a review is appropriate. If a client exhibits significant internal control failures or incomplete records, the practitioner has a professional duty to advise that a full audit is necessary, regardless of the PI Score.

Failure to correctly calculate the PI Score, document inquiries, or issuing a review report when an audit is legally mandated may result in disciplinary action from the Independent Regulatory Board for Auditors (IRBA), SAICA, or regulatory intervention by the Companies and Intellectual Property Commission (CIPC).

What this means for you, your business, or your clients

  • For yourself: You must ensure that your engagement methodology for independent reviews is strictly aligned with ISRE 2400 (Revised) rather than ISAs to avoid professional negligence and ensure the correct negative assurance conclusion is reached.
  • For your business: Your firm should update its engagement acceptance procedures to include a rigorous Public Interest Score verification and a qualitative assessment of the client’s internal controls before accepting a review engagement.
  • For your clients: Clients must be informed that an independent review provides limited assurance and that if their financial records are insufficient for inquiry-based procedures, they may be required to undergo a full audit to meet regulatory standards.

Originally published at https://accountingacademy.co.za/news/read/mastering-independent-reviews

The views expressed herein are those of the author and do not necessarily reflect those of Acts Online. Acts Online accepts no responsibility for the accuracy, completeness or fairness of the article, nor does the information contained herein constitute advice, legal or otherwise.