Write a summary report based on the attached file.

Author's personal copy International Journal of Accounting Information Systems 11 (2010) 261-273 Contents lists available at ScienceDirect International Journal of Accounting Information Systems Assurance on XBRL instance document: A conceptual framework of assertions Rajendra P. Srivastava a,, Alexander Kogan b a Ernst & Young Center for Auditing Research and Advanced Technology, School of Business, The University of Kansas, 1300 Sunnyside Avenue, Lawrence, KS 66045, United States b Department of Accounting, Business Ethics, and Information Systems, Rutgers Business School - Newark and New Brunswick, Rutgers University, 1 Washington Park, Newark, NJ 07102, United States a r t i c l e Keywords: Assurance Assertions XBRL Instance document Framework i n f o a b s t r a c t XBRL stands for extensible business reporting language. It is an XML based computer language for reporting business information. In December 2008, the United States Securities and Exchange Commission (US SEC) voted to require public lers to provide a supplemental exhibit of their nancial statements (including footnotes) in XBRL, with the approximately top 500 public companies required to comply with this new requirement starting June 15, 2009, and the phase-in of this requirement for the other lers to be completed on June 15, 2011. The le created using the XRBL language is called an XBRL instance document. Under this requirement, the lers are not required to obtain a third party assurance on the XBRL instance document. The main reason for not requiring a third party independent assurance of XBRL instance documents is to encourage lers to comply with the SEC requirement without incurring much added costs. In addition, to encourage the lers to comply with this requirement, the SEC is not holding lers legally liable of any errors in the led XBRL instance documents so long as they look similar to the standard reports when viewed using the SEC viewer. Even though the SEC is not currently requiring a third party assurance of the XBRL instance documents of the SEC lings, it is in the best interest of the public that these documents be assured. Although there have been efforts by both the practitioners and academics to investigate issues involved in providing assurance on XBRL documents, these efforts have been focused on the specics of the assurance process and the difculties involved in it, and not on developing a framework of assertions. Even the American Institute of Corresponding author. E-mail addresses: rsrivastava@ku.edu (R.P. Srivastava), kogan@rutgers.edu (A. Kogan). 1467-0895/$ - see front matter 2010 Elsevier Inc. All rights reserved. doi:10.1016/j.accinf.2010.07.019 Author's personal copy 262 R.P. Srivastava, A. Kogan / International Journal of Accounting Information Systems 11 (2010) 261-273 Certied Public Accountants recent publication SOP 09-1 provides only an illustrative list of management assertions for handling the XBRL-tagging engagements under the SSAEs as agreed-upon procedures without considering a framework. Without a conceptual framework, the assurance process for XBRL instance document would be ad hoc and inconsistent. This paper develops a set of assertions for providing assurance on XBRL instance documents similar to the management assertions for nancial audits. Further, we discuss how such a framework would assist auditors in planning and evaluating such an engagement by collecting appropriate items of evidence pertaining to specic assertions to form an opinion whether the instance document is a true representation of the standard format (i.e., ASCII or HTML) document. We also discuss how the use of new technology would make the assurance process more effective and efcient. 2010 Elsevier Inc. All rights reserved. 1. Introduction The main purpose of this paper is to develop a conceptual framework of assertions for providing assurance on XBRL instance documents created under the SEC interactive data ling requirements (SEC, 2009). Similar to nancial audits, we develop a comprehensive set of assertions that are essential for providing quality assurance on XBRL instance documents. In addition to developing the basic assertions for a quality assurance, we demonstrate, through examples, the assertion based approach to be the most effective and efcient way to provide assurance services on XBRL instance documents. In December 2008, the United States Securities and Exchange Commission (US SEC) voted to require public lers to provide a supplemental exhibit of their nancial statements (including footnotes) in XBRL, with the approximately top 500 public companies required to comply with this new requirement starting June 15, 2009, and the phase-in of this requirement for the other lers to be completed on June 15, 2011 (SEC, 2009). The SEC nal rules state that \"interactive data must meet investor expectations of reliability and accuracy\" (SEC, 2009, p. 6793). However, the nal rules impose no independent assurance requirements on the provided interactive data, and instead express condence that \"market forces will encourage companies to provide interactive data that accurately reects the corresponding traditional format data in the traditional format ling\" (SEC, 2009, p. 6793). Moreover, the nal rules do not dene precisely what \"accurately reects\" means. Public Company Accounting Oversight Board (PCAOB, 2005) through its Staff Questions and Answers provides general guidance as to the nature of assurance without giving any specics of the attributes or assertions to be tested and validated for the assurance services on XBRL instance documents. Similar to PCAOB, Assurance Working Group (AWG, 2006) of XBRL International (2006, see also, e.g., Boritz and No, 2008) provides similar guidance but does not provide any framework of assertions for the assurance process. Recently, the American Institute of Certied Public Accountants published the Statement of Position 09-1: Performing Agreed-Upon Procedures Engagements That Address the Completeness, Accuracy, or Consistency of XBRL-Tagged Data (AICPA, 2009). According to the XBRL Assurance Task Force of the AICPA Assurance Services Executive Committee, the SOP 09-1 is an interpretive publication and recommendation regarding application of Statement on Standards for Attestation Engagements (SSAEs) for engagements in which a practitioner performs and reports on agreed-upon procedures related to the completeness, accuracy, or consistency of XBRL-tagged data. Through the SOP 09-1, the AICPA asserts that: \"In order for XBRL to be a useful tool for investors and other users of business information, the data contained in XBRL les must be accurate and reliable. Preparers of XBRL-tagged data may Author's personal copy R.P. Srivastava, A. Kogan / International Journal of Accounting Information Systems 11 (2010) 261-273 263 be issuers or nonissuers and are responsible for providing accurate information in their XBRL les on which investors and other users of business information may rely\" (item 4, p. 2). The AICPA further contends that: \"Because of factors such as a company's limited experience with XBRL and its desire to ensure the accuracy and reliability of the data, management may express interest in engaging a practitioner to assist them in assessing the completeness, accuracy, or consistency of the XBRLtagged data\" (item 6, p. 2). Since the SOP 09-1 is only providing guidance to practitioners as to how they can handle the XBRL-tagging engagements under the SSAEs as agreed-upon procedures, SOP 09-1 does not provide a comprehensive list of management assertions that need to be tested for the completeness, accuracy, or consistency of the XBRL-tagged data under the SEC requirements (SEC, 2009). However, it provides, as an illustration, a list of management assertions and the corresponding procedures and potential ndings. These management assertions seem to be developed in an ad hoc way without a framework and thus may be incomplete. For example, as discussed in Section 2, the XBRL-tagged data would be inaccurate if it violated the general XML syntax rules (our assertion 2.1 Well-Formedness). In the present paper, we use the risk based approach to argue for a comprehensive list of management assertions for preparing and providing assurance on the XBRL-tagged document. Although PricewaterhouseCoopers (Boritz and No, 2008, see also Boritz and No, 2003) had performed an assurance service on the United Technologies Corporation's (UTC) instance document without a formal set of assertions, in an attempt to indentify issues and difculties involved in the assurance process, Boritz and No (2008) performed a mock audit of the 10Q XBRL instance document of UTC. Their approach consisted primarily of tracing every item in the paper version to the XBRL instance document and every item from the XBRL document to the paper version. It took them about 63 h to complete the task. At the end of the process, their conclusion was that they had high assurance that \"the 10-Q XBRL-Related Documents were a complete and accurate reection of UTC's 10-Q.\" Although based on the detailed work done by Boritz and No (2008), one can say that their audit approach was of high quality, however, there is no reference point or framework to judge whether they did everything that was needed to be done to make sure that the instance document truly represented the paper document. The question again is what constitutes \"true representation\". In a recent paper, Plumlee and Plumlee (2008) discuss the issues involved in providing assurance on XBRL instance documents. They talk about materiality issues, statistical sampling issues, and control related issues. However, they do not talk about or discuss a conceptual framework of assertions for the assurance process as one would need to conduct the service. The general requirements under the SEC nal rules (Section 405 of Regulation S-T, SEC, 2009) concerning the content of the XBRL-tagged exhibit are: \"An Interactive Data File must consist of only a complete set of information for all periods required to be presented in the corresponding data in the Related Ofcial Filing, no more and no less ...\" (SEC, 2009, p. 6815) As far as the format of the XBRL-tagged exhibit is concerned, the rules impose compliance with the following requirements: \"(1)Data elements and labels. (i) Element accuracy. Each data element (i.e., all text, line item names, monetary values, percentages, numbers, dates and other labels) contained in the Interactive Data File reects the same information in the corresponding data in the Related Ofcial Filing; (ii) Element specicity. No data element contained in the corresponding data in the Related Ofcial Filing is changed, deleted, or summarized in the Interactive Data File; (iii) Standard and special labels and elements. Each data element contained in the Interactive Data File is matched with an appropriate tag from the most recent version of the standard list of tags specied by the EDGAR Filer Manual. A tag is appropriate only when its standard denition, Author's personal copy 264 R.P. Srivastava, A. Kogan / International Journal of Accounting Information Systems 11 (2010) 261-273 standard label and other attributes as and to the extent identied in the list of tags match the information to be tagged, except that: (A) Labels. An electronic ler must create and use a new special label to modify a tag's existing standard label when that tag is an appropriate tag in all other respects (i.e., in order to use a tag from the standard list of tags only its label needs to be changed); and (B) Elements. An electronic ler must create and use a new special element if and only if an appropriate tag does not exist in the standard list of tags for reasons other than or in addition to an inappropriate standard label; and (2) Additional mark-up related content. The Interactive Data File contains any additional mark-up related content (e.g., the eXtensible Business Reporting Language tags themselves, identication of the core XML documents used and other technology related content) not found in the corresponding data in the Related Ofcial Filing that is necessary to comply with the EDGAR Filer Manual requirements.\" (SEC, 2009, p. 6815) To assure the accuracy of the interactive data exhibit, the nal rules state that the SEC will do the following: \"... we plan to use validation software to check interactive data for compliance with many of the applicable technical requirements and to help the Commission identify data that may be problematic. For example, we expect the Commission's technology to: Check if required conventions (such as the use of angle brackets to separate data) are applied properly for standard and, in particular, non-standard special labels and tags; Identify, count, and provide the staff with easy access to non-standard special labels and tags; Identify the use of practices, including some the XBRL U.S. Preparers Guide contains, that enhance usability; Facilitate comparison of interactive data with disclosure in the corresponding traditional format ling; Check for mathematical errors; and Analyze the way that companies explain how particular nancial facts relate to one another.\" (SEC, 2009, p. 6793). \"The Commission will seek to ensure that linkbases not only comply with technical requirements but also are not used to evade accounting standards.\" (SEC, 2009, p. 6793, footnote 229) After a closer look at the SEC nal rules and its position on the accuracy and completeness of XBRL-tagged documents, and also at the other efforts on either providing assurance (PWC, and Boritz and No, 2008) on XBRL instance documents or the guidance provided by AICPA (2008) and PCAOB (2005), we come to a conclusion that there seems to be a general lack of conceptual framework of assertions that would make the assurance process effective and efcient. These current approaches seem to be similar to what the audit process used to be some 60 years ago before the publication of \"Philosophy of Auditing\" by Mautz and Sharaf (1963); a bunch of procedures to be performed specic to each balance sheet account. In the present paper, we logically argue for a set of assertions that determine the quality of the XBRL document created from the traditional nancial statements that have been audited in accordance with the current requirements and led with the SEC. These assertions then lead to identifying appropriate audit evidence for providing assurance on these documents. While the SEC (2009) mandated companies to add an exhibit of their nancial statements in XBRL-tagged format, \"Rule 406T ... deems interactive data les not led for purposes of various provisions under the federal securities laws\" (SEC, 2009, p. 6794). Additionally, the rules state that: \"There is no additional basis for auditor liability based on data tagging. Also, an auditor will not be required to apply AU Sections 550, 711 or 722 to interactive data provided in an exhibit or to the related viewable interactive data. In this regard, we also note that we are not requiring Author's personal copy R.P. Srivastava, A. Kogan / International Journal of Accounting Information Systems 11 (2010) 261-273 265 that lers involve third parties, such as auditors or consultants, in the creation of their interactive data lings. \" (SEC, 2009, p. 6796) In addition, the SEC asserts: \"We are adopting amendments that exclude interactive data from the ofcer certication requirements of Rules 13a-14 and 15d-14. We believe that adopting these amendments is part of striking an appropriate balance between avoiding unnecessary cost and expense and encouraging accuracy in regard to interactive data.\" (SEC, 2009, p. 6797). While waiving the assurance requirements and providing liability protection for XBRL lings is a very signicant relief to the SEC lers, and will moderate their resistance to this new ling requirement, this is a short-time band-aid that has to be eliminated sooner rather than later, as more and more nancial statement users will start tying their systems to the \"interactive data\" in XBRL provided online by the SEC. Since \"interactive data\" is designed to be automatically utilized by computers without human intervention and for various purposes, it will completely replace the standard format data in most applications, and thus, has to be assured to be relied on. The development of a conceptual framework for this assurance is the topic of this paper. We limit our attention to the current mode of providing an XBRL version of nancial statements in addition to the traditional format. Therefore, we assume that the traditional format statements have been audited in accordance with the current requirements, and can be relied on as a benchmark for comparison. When the traditional format nancial statements are phased out, and the XBRL version becomes the main (and only) format of the SEC lings, this framework will have to be revisited to be merged into the statutory audit methodology. We assume that the reader is familiar with the fundamental concepts of XBRL (including taxonomy extensions) to the extent that they are described in XBRLUS (2008b). The paper is divided into ve sections. Section 2 develops the main assertions for XBRL assurance services. Section 3 describes relevant technology that would be important for providing assurance on XBRL instance documents. Section 4 describes other related issues pertinent to XBRL instance documents. Finally Section 5 provides a summary and conclusion of the study. 2. Assertions for XBRL assurance In this section we propose a set of assertions that can serve as the criteria to provide assurance on the XBRL instance document created under the SEC interactive data ling requirements (SEC, 2009). Violation of these assertions will constitute errors in the XBRL instance documents. These assertions are conceptualized based on the set of assertions proposed by AICPA (2006a) and the set of assertions for information quality proposed by Bovee et al. (2003). To derive the appropriate assertions, we follow the methodology of information assurance (Lamm and Haimes, 2002) as well as the general audit standards guidance (in particular, SAS 107 / AU 312 \"Audit Risk and Materiality in Conducting an Audit,\" AICPA, 2006b), and start by analyzing the risk scenarios on the basis of enumerating adverse events that can result in material deciencies of the XBRL formatted statements given that the traditional nancial statements being led with the SEC are audited. As stated earlier, the main assertion is \"The XBRL instance document is a true representation of the electronic document (ASCII or HTML) led with the SEC\". One can nd more specic guidance in the Q&A provided by the PCAOB Staff (PCAOB, 2005) and in the white paper by the Assurance Working Group (AWG) of XBRL International (2006). The structure of XBRL instance documents makes it natural to decompose the risk of deciencies analysis into the data deciency and meta-data deciency parts. The former refers to the possible deciencies of the facts that are marked up in the XBRL instance document, while the latter refers to the possible deciencies of the mark-up itself, including both the deciencies of the mark-up in the instance document and deciencies of the XBRL taxonomies. While this decomposition is useful for structuring the assertions that assurance attests to, the two parts are closely interlinked and will Author's personal copy 266 R.P. Srivastava, A. Kogan / International Journal of Accounting Information Systems 11 (2010) 261-273 often be tested together. The risks of deciencies identied below incorporate and systematize all the problems covered by management review objectives described in XBRLUS (2008b, Section 8). Possible data deciencies in the XBRL instance document1 include: Failure to include in the instance document all relevant business facts from the traditional format document led with the SEC. In the case of a 10K ling the omission may pertain to a line item on the nancial statements, or a footnote. An example of such an omission in a 10K ling would be if the audited nancial statement provides the amount of accounts receivable for the current quarter but the XBRL instance document omits this datum. This will constitute a material deciency making the XBRL instance document of 10K inconsistent with the traditional format ling. The audit assertion aimed at this risk will be called Completeness. Insertions of a business fact or facts not present in the traditional format document. For a 10K document, an example of such an insertion would be if the XBRL instance document of the 10K contains an element describing the amount of accounts receivable for the current quarter, while the audited nancial statement does not provide it. This will constitute a material deciency making the XBRL instance document inconsistent with the traditional format ling. The audit assertion aimed at this risk will be called Existence. Erroneous element values associated with the business fact being tagged in the traditional format document and/or attribute values associated with the business fact being tagged. An example of an erroneous element value, in the case of a 10K document, would be the XBRL instance document describing the amount of accounts receivable for the current quarter as $90,000.00 while the audited nancial statement showing this amount to be $100,000.00. An example of an erroneous attribute value, in the case of a 10K ling, would be a wrong contextRef value that misidenties $90,000.00 as the amount of accounts receivable for the current quarter, while the traditional format document states that it is actually for the previous quarter. The audit assertion aimed at this risk will be called Accuracy. This assertion would have two components; one would deal with the accuracy of the value of the element (Element Accuracy) and the other would deal with the accuracy of the attributes' values (Attribute Accuracy). Possible deciencies of the mark-up in the XBRL instance document include: Erroneous tagging of a business fact that violates XML syntax rules. For example, in the case of a 10K ling, a missing closing tag such as b/AccounsReceivableN would make the XBRL instance document of a 10K ling severely decient and likely make it unusable for computer applications. The audit assertion aimed at this risk will be called Well-formedness. Erroneous tagging of a business fact that violates XML Schema. This includes non-compliance with either the standard XBRL taxonomies or taxonomy extensions used by the ler. An example of such deciency for a 10K document would be an element with a missing required attribute such as unitRef. Such document would cause processing problems for XBRL software because of lack of crucial substantive information. The audit assertion aimed at this risk will be called Validity. Inappropriate choice of an XBRL element to tag a business fact present in the traditional format document. For example, for a 10K ling, if the audited nancial statement provides the amount of accounts receivable for the current quarter but the XBRL instance document tags this datum using the element bCurrentAssetsN, this will constitute a material deciency making the XBRL instance document inconsistent with the traditional format ling. The audit assertion aimed at this risk will be called Proper Representation. Possible deciencies in meta-data external to XBRL instance document: Improper choice of general and industry-specic XBRL taxonomies by the ler. An example of such deciency, in the case of a 10K ling, will happen if an insurance company does not utilize the approved US GAAP Insurance XBRL taxonomy and relies instead only on the US GAAP Commercial and Industrial XBRL taxonomy. The audit assertion aimed at this risk will be called Proper Taxonomies. Violations of XML or XBRL language rules in XBRL taxonomy extensions by the ler. An example of such 1 The term \"document\" is used in this article for any document that is led with the SEC under the Interactive Data to Improve Financial Reporting; Final Rule (SEC, 2009). For example, document could mean 10Q, 10K, 8K, or any other document led with the SEC in the XBRL format. A business fact to be tagged may be present in any of the documents led with the SEC. For example, it may be contained in the nancial statements of 10K or 10Q, or in the footnotes of 10K, and 10Q. Author's personal copy R.P. Srivastava, A. Kogan / International Journal of Accounting Information Systems 11 (2010) 261-273 267 deciency will happen if a taxonomy extension includes a denition of new element which does not have the required xbrli:periodType attribute. The audit assertion aimed at this risk will be called Valid Taxonomy Extensions. Inappropriate introduction of new elements in XBRL taxonomy extensions. This type of deciency can range from introducing unnecessary new elements to replacing ones in standard taxonomies to improper attribute values. For example, in the case of a 10K ling, an insurance company may decide to introduce an extension element called bInsuranceReceivableN which is functionally equivalent to the standard element bPremiumsReceivableN in the US GAAP Insurance XBRL taxonomy. Another example of such deciency would be an airline company introducing a new element bFlightEquipmentN with the balance attribute value set to \"credit\". The audit assertion aimed at this risk will be called Proper Extension Elements. Inappropriate/erroneous linkbases in XBRL taxonomy extensions (including the choice of inappropriate/ misleading labels). An example of such a deciency related to a 10K ling (in the Calculation Linkbase) would be an airline company that introduced a new element bFlightEquipmentN and created an erroneous bcalculationArcN going from bCurrentAssetsN to bFlightEquipmentN (instead of the correct one going from bPropertyPlantAndEquipmentN to bFlightEquipmentN). The audit assertion aimed at this risk will be called Proper Linkbases. The content of an audit assertion is the claim that a specied set of deciencies affecting the audit subject matter is not present. Therefore, XBRL assurance process should be driven by assertions stating that the possible deciencies identied above are not present in the XBRL report under examination. If the above list of deciencies is sufciently comprehensive, then satisfying the set of assertions based on them will thus assure that the audited instance document faithfully represents the led document. Based on the risks of deciencies identied above, we present below a set of assertions that we propose for assuring that the XBRL instance document \"is a true representation of the electronic document (ASCII or HTML) led with the SEC\". Fig. 1 provides a schematic representation of the proposed assertions and subassertions. The main assertion is true if the following assertions are true: Assertions about business facts in XBRL instance document Completeness: all relevant business facts including footnotes and other non-nancial information that are required to be reported in the traditional format document are tagged in the XBRL instance document. Fig. 1. A conceptual framework of assertions for XBRL instance document. Author's personal copy 268 R.P. Srivastava, A. Kogan / International Journal of Accounting Information Systems 11 (2010) 261-273 Existence: there is no tagged business fact in the XBRL instance document that is not present in the traditional format document. Accuracy: the values of all business concepts tagged in the XBRL instance document and/or the corresponding attribute values (such as context, unit, etc.) accurately represent the facts in the traditional format document. Thus, this assertion has two sub-assertions: Element Accuracy, and Attribute Accuracy. Assertions about meta-data in XBRL instance document Well-formedness: the XBRL instance document is well-formed, i.e., it complies with all XML syntax rules. Validity: the XBRL instance document is valid, i.e., it complies will all rules of XBRL and referenced XBRL taxonomies. Proper representation: the tagged business fact in the XBRL instance document properly represents the facts in the traditional format document. Assertions about meta-data external to XBRL instance document Proper taxonomies: the business facts tagged in the XBRL instance document uses appropriate general and industry-specic XBRL taxonomies. Valid taxonomy extensions: the XBRL taxonomy extensions referenced by the XBRL instance document are valid, i.e., they comply with all rules of XML and XBRL. Proper extension elements: the new elements in the XBRL taxonomy extensions referenced by the XBRL instance document are introduced appropriately, i.e., the extension tag along with its appropriate attributes is created only when there is no standard tag available. Proper linkbases: the linkbases in the XBRL taxonomy extensions referenced by the XBRL instance document are appropriate. The \"proper linkbases\" assertion includes the respective sub-assertions for each type of linkbases in the XBRL taxonomies. In particular, the verication of the \"proper label linkbase\" assertion will require ascertaining that the labels assigned to new elements or re-assigned to the standard elements in the extension taxonomies are chosen appropriately. The verication of the \"proper presentation linkbase\" assertion will require ascertaining that the hierarchical structure described by the introduced arcs is appropriate for the ler. Similarly, the verication of the \"proper calculation linkbase\" assertion will require ascertaining that the aggregation rules described by the arcs are appropriate for the elements. The verication of the \"proper denition linkbase\" assertion will require ascertaining that the introduced dimension relationships are appropriate. Finally, the verication of the \"proper reference linkbase\" assertion will require ascertaining that the arcs refer to appropriate external regulations or standards. While some of the assertions above (\"well-formedness\