What is the occurrence assertion?

Every auditor has pulled a sample from the sales ledger and traced it back to a delivery note that turned out not to exist. That moment (the missing source document, the phone call to the warehouse, the manager who suddenly cannot recall the transaction, the sinking feeling) is exactly what occurrence testing is designed to trigger. If a transaction was fabricated, occurrence procedures are the ones that surface it.

ISA 315 .A190(a)(i) defines occurrence as the assertion that transactions and events that have been recorded actually occurred and pertain to the entity. It is the auditor's primary tool for detecting overstatement: if a transaction did not happen, it should not appear in the financial statements (FS).

Testing direction always runs from the records back to the source. You select items from the accounting system (the general ledger, the sales journal, the payroll register, the expense sub-ledger) and trace each one to independent supporting documentation such as delivery notes, signed contracts, bank statements, or customer confirmations. If the sample comes from the books, you are testing occurrence. This is ticking and bashing at its most purposeful: matching recorded entries to real-world evidence one line at a time.

ISA 240.32 (a)(i) creates a rebuttable presumption that revenue recognition carries a fraud risk, and in our experience that risk attaches specifically to occurrence. Management intent to overstate revenue typically manifests as fictitious sales (transactions recorded with no underlying delivery of goods or services). This makes occurrence the assertion most directly linked to fraud risk in the revenue cycle.

Key points

  • Occurrence tests whether recorded transactions actually happened and belong to the entity.
  • If management fabricates transactions, occurrence testing is the procedure designed to catch them.
  • You always select from the ledger and trace backward to contracts, delivery notes, bank evidence, or shipping records.
  • Revenue occurrence carries a rebuttable presumption of fraud risk under ISA 240 that the auditor must address or explicitly rebut.

Why it matters in practice

PCAOB inspection findings show that audit teams frequently test occurrence by tracing sales transactions only to internally generated invoices, without obtaining evidence that the goods were actually delivered or the services performed. An invoice proves the entity billed someone. It does not prove occurrence. Delivery documentation, shipping records, customer confirmations, or evidence of subsequent cash receipt provide stronger evidence of occurrence.

We have also seen teams skip occurrence testing for expense line items entirely, reasoning that management has no incentive to overstate costs. But ISA 240 .A1 confirms that fraud can involve overstatement of expenses. Fictitious vendor payments to related parties or inflated costs to justify higher contract prices in cost-plus arrangements are two common patterns. Occurrence testing on purchases and payroll catches ghost vendors and ghost employees that completeness testing would never detect.

This is the area that generates the most review notes on files we see. Teams do the selection, pull the invoices, tick the amounts, and call it done. But if the only evidence is an internal document, you have not actually tested occurrence at all. You have just confirmed that the accounting system agrees with itself, which is SALY with better narratives rather than real assurance.

Key standard references

  • ISA 315 .A190(a)(i) defines occurrence for classes of transactions: transactions and events that have been recorded have occurred and pertain to the entity.
  • ISA 240.32 (a)(i) creates a rebuttable presumption that there is a risk of material misstatement due to fraud relating to revenue recognition.
  • ISA 240 .A50 sets documentation requirements when the auditor rebuts the presumed fraud risk in revenue recognition.
  • ISA 500 .A31 addresses the consistency of audit evidence obtained from different sources.

Related terms

Completeness AssertionCut-off AssertionAccuracy AssertionAudit AssertionsAudit Evidence

Related reading

ISA 315: Risk Assessment Guide
Blog guide
How to Build an Audit Program from Scratch
Blog guide

Frequently asked questions

Why is occurrence the default assertion at risk for revenue?

ISA 240.32(a)(i) creates a rebuttable presumption that revenue recognition contains a fraud risk. In our experience, that fraud risk attaches to occurrence on the vast majority of engagements: management overstating revenue by recording sales that did not happen. The auditor can rebut this presumption but must document the reasons per ISA 240.A50.

How does occurrence testing differ from completeness testing?

Occurrence starts from the recorded population (the ledger) and traces backward to source documents. Completeness starts from source documents and traces forward to the ledger. If your sample comes from the accounting system, you are testing occurrence. If it comes from a non-accounting source, you are testing completeness.

Does occurrence apply only to revenue?

No. ISA 315 A190(a)(i) applies occurrence to all transaction classes. Occurrence testing on payroll catches ghost employees. Occurrence testing on purchases catches fictitious vendor transactions. Teams often skip occurrence testing for expenses, but ISA 240.A1 confirms fraud can involve overstatement of costs too.

Get practical audit insights, weekly.

No exam theory. Just what makes audits run faster.

290+ guides published20 free toolsBuilt by practicing auditors

No spam. We’re auditors, not marketers.

This glossary entry is for educational purposes and does not constitute legal or professional advice. Always consult the applicable standard text for authoritative guidance.

Last reviewed: · Standards version: IAASB 2024 Handbook