quality management Flashcards
new team
no kick off meeting
partner 9 yrs same client
significant govt contract
revenue high risk
revenue procedures performed by associate
partner reviewed on last day
no significant review points
no further reviews
no kick off meeting + new team, they will not be aware of issues and risks, tests performed may not have been accurate
associate may not be experienced enough to do a high risk area - misstatements may be overlooked
only 1 day is not enough, lack of professional competence and due care-
no further review:
9 yrs partner - familarity threat - safeguard lacking - independent partner review
cold review must be done to improve audit quality
what are ISQM 1 and 2
quality standards issued by IAASB to support firms to achieve the aim of effective audits that maintain public trust
key principles of quality standards ISQMs
-public interest (addressing past audit failures)
-professional skepticism is emphasized (critical evaluation of client judgement and estimates)
-competent and supported auditors so they can perform effectively without fear of repercussions
-proactive rather than tick box approach (scalable)
-adaptable to technological and business advancements for continuous improvement.
-enhanced monitoring and communication with stakeholders like reg bodies and govt
ISQM 1 name and what it says
it tells firms to establish a tailored SOQM
principles driven
scalable so firms can address their unique circumstancesand risks effectively
purpose of quality management
-reliability and accuracy of audit info
-compliance with standards
-stakeholder trust
-risk management, helps reduce errors
-continuous improvement for firms
SOQM full form
System of quality management
Elements of a SOQM
1- risk assessment process
2- governance and leadership
3- relevant ethical requirements
4- acceptance and continuance of client relationships
5- engagement performance
6- resources
7- information and communication
8- monitoring and remediation
risk assessment process
firm must establish a risk assessment process - considering the firm size, client types, technology, network, external service providers, etc.
-ongoing monitoring process
-this ensures the right engagement and audit report decisions (cuz competent ppl, audit partner more empowered to iissue modified report)
governance and leadership
-establish a firmwide culture of commitment to quality and ethics
-managing partner shud be resp for SOQM
-tone at the top
-recognition of responsibility of serving public interest
-this ensures leadership accountability for SoQM and prioritizing quality over client retention and profit
-audit partners can challenge client judgements without fear of losing revenue
relevant ethical requirements for
firms should make policies to ensure compliance with ethical standards
tailor to firm size and client portfolio
train staff plus ensure component auditors are also compliant
go beyond minimum requirements to mitigate ethical risks effectively.
there may be legal requirements other than the code
acceptance and continuance of client relationships
-do we have necessary technical competence
-sufficient resources?
-any ethical or independence issues
-new client risks, money laundering, PEPs,etc
-client integrity and ethical values
-reference for entity’s directors?
-clearance from outgoing auditors
-terms of engagements agreed?
engagement performance
-quality audit
-supervise newbies
-involve partner sufficiently and apptly
-skepticism
-disagreements in team and points raised by eqcr must be addressed
resources
ensure appt resources are available
employees with required competence, training, experience
-independent experts consideration
information and communicatin
ensure effective communication of policies and audit information within the firm and externally with stakeholders like TCWG and regulators, integral to SoQM operation.
monitoring and remediation
-establish process to ensure SOQM effectiveness, ensure deficiencies r identifeid timely
what is ISQM 2
engagement quality reviews
-eqr is integral to audit process of many audits
-always specify which engagement
-avoid hot review /partner review etc. say EQR.
ISQM aims to ensure right person is appointed for review. it also clarifies the responsibilities
who requires EQRs?
ISQM requires:
-listed companies
-if required by law
or if firm thinks there is a quality risk
for eg:
-high level of complexity or judgement eg. banks, oil exploration
-audits where significant issues have been encountered eg. last yr’s FS are found to be materially misstated
-unusual circumstances like disagreement with last year’s auditor
-high degree of judgement for regulatory finding
-new client, no prior experience
-use of EQCR to mitigate ethical threats
who should be appointed as a Engagement quality reviewer
-not a member of audit team so they r objective
-2 yr cooling off period if reviewer was audit partner before
-reviewer must be competent
-understand the policies of firm of EQR
-experience of performing and documenting EQR
-appropriate authority to challenge audit partner - culture of respect- no pressure from audit partner
-may be internal or external from firm
-ethical requirements must be fulfilled, no intimidation from client or partner
responsibilities of the engagement control reviewer
-perform procedures at diff times during engagement so reviewer is present in planning stage as well
-review and understand significant judgements. assess documents to see if the assumptions are appropriate, confirm that team has used professional skepticism
also evaluate:
-engagement partner’s independence requirement has been fulfilled
-has appropriate consultation take place
-is partner sufficiently involved
also a stand back requirement
- requires the reviewer to step back and ensure all EQR requirements are met and the review is finished. The audit report can only be dated after confirming the review process is complete.
documentation of EQR
-reviewer is responsible to document EQR
-It must be sufficient to allow an experienced practitioner to understand the EQR procedures
-firms may have their own EQR policies
importance of EQR
-firm level responsibility
-improve audit quality
-assess skepticism
-assess whether audit evidence confirms conclusions
difference between ISQM and ISA220
-ISA has limited scope, ISQM is firm wide
-engagement team and partner r responsible to follow ISA
ISA 220 says audit team is responsible for:
-implementing firm’s policies in response to quality risks
-determine whether additional policies should be applied
-communicate to firm any info that is required by firm policies eg. timesheets, independence confirmation
what does ISA220 say about engagement resources?
-Partner is responsible for ensuring sufficient and appropriate resources are available to the engagement team in a timely manner and in line with the firms policies and procedures.
-This includes changes to resources required as circumstances change during the audit.
-The partner is also responsible for ensuring the engagement team and any external expert and internal auditors providing direct assistance to the team have appropriate COMPETENCE to perform their assigned roles.
Situation: audit supervisor was off work for health reasons and the audit engagement manager was too busy to help out the team performing the audit fieldwork. As a result, the audit juniors have been left to perform all the audit procedures on their own including the impairment of properties which were identified as high-risk during planning.
-high level of judgement required when assessing management estimates
-subjective
-junior may not have technical knowledge
-too scared to challenge management
-junior wont be able to consult on difficulties
-lack of supervision means problems may not be identified in a timely manner
-risk that insufficient or inappropriate evidence is obtained
