Whilst there are a range of ways in which a confirmation may be performed, regardless of the method, the auditor remains responsible for meeting the requirements of the ASAs. In particular, the auditor is responsible for maintaining control of the confirmation process.^[10]

Maintaining control over the confirmation process mitigates (but does not eliminate) the risk of interception, alteration or fraud. Where the auditor has maintained control of the confirmation process the reliability of the results of the confirmation are increased.

The auditor’s approach to supporting that they have maintained control over the confirmation process depends on whether they have used an electronic or paper-based confirmation process. This guidance statement provides guidance on the auditor’s responsibilities where the auditor has used:

1. An electronic confirmation process (paragraphs 22-38); or
2. A paper-based confirmation process (paragraphs 39-42).