What is the purpose of Quality Management?
To reduce the audit risk (the risk of giving the wrong opinion) within the firm not for individual audits.
What is the ISQM1 - Quality management at an audit firm level?
The objective set by ISQM 1 is for the firm to establish a system of quality control designed to provide it with reasonable assurance that
- The firm and its personnel comply with professional legal and regulatory standards.
- Engagement reports are appropriate in the circumstances.
What are the 8 recommendations under the ISQM1?
- Risk assessment
- Governance and leadership
- Ethical requirements
- Continuance and acceptance
- Engagement Performance
- Resources
- Information and communication
- Monitoring and remediation process
Risk Assessment
The firm should assess risks to quality and establish objectives and procedures to meet those objectives.
Governance and leadership
- Implement policies to promote an internal culture where quality is considered essential
- Commercial considerations should never override quality
Ethical requirements
- Policies and procedures should be designed to provide the firm with reasonable assurance that the firm and its personnel comply with relevant ethical requirements (training)
- At least annually, the firm should obtain written confirmation of compliance with its ethical polices.
Continuance and acceptance
A firm should only continue with or accept a client where:
- It has considered the integrity of the client
- Firm has the capabilities and resources
- Can comply with ethical requirements
Engagement Performance
The firm should take steps to ensure that engagements are performed correctly, that is, in accordance with standards and audit plan.
Resources
The firm should establish objectives and procedures to meet those objectives in relation to human, technological and intellectual resources contributing to quality.
Information and communication
The firm should ensure the culture of the firm encourages communication about quality internally and externally.
Monitoring and remediation process
Cyclical inspections are usually conducted by a nominated quality control partner in the firm reviewing the completed files of the other partners to ensure the audit was carried out appropriately.
Identified failures should be communicated and training given to correct the problem and if appropriate disciplinary actions.
ISA 220 - Quality management for audits of historical financial information individual audit level
Ensuring good engagement performance involves a number of issues including:
- Direction
- Supervision
- Review
- Consultation
- Monitoring
- Hot file reviews - must if listed
ISA 220 - Direction
The partner directs the audit, is required to hold a meeting to discuss. ISA 220 suggests that direction includes informing members of the engagement team of:
- Their responsibilities
- Responsibilities of respective partners
- The objective of the work
- The nature of the entity’s business
- Risk-related issues
- Problems that may arise
- The detailed approach
ISA 220 - Supervision
The audit is supervised overall by the engagement partner. Supervision includes:
- Tracking the progress
- Considering the capabilities and competence
- Addressing significant issues
- Identifying matters for consulation
ISA 220 - Review
Review includes consideration of whether:
- The work has been performed in the accordance of professional standards
- Significant matters have been raised
- Appropriate consultation has taken place
- There is a need to revise the nature, timing and extent of work
- Work performed supports conclusion
- Work is appropriately documented
- The evidence obtained is sufficient and appropriate
Audit Documentation ISA 320
Would be considered sufficient if an experienced auditor with no previous connections could complete the same work and would reach the same conclusion.
Steps to reduce exposure to liability of negligence
- Following ISAs and ISQMs and do a good quality audit
- Professional liability insurance - pays the damages
- Limited liability cap - puts a maximum on amount of claim, must be fair and reasonable and agreed.
- Incorporation as Ltd or LLP
- Disclaimer paragraphs - identifying who can rely on the auditor’s report and who the auditor will be liable to
