Tag: Audit Quality

31 March 2023

In assisting a range of Audit firms with their Quality Control I get to see quite a few files for review, mostly Tier 3 charities. There are a number of common areas where improvements could be made. We explore some of these below:

Identification of Key Personnel

There is a question early in the workflow that asks the user to identify key personnel (directors/trustees and management people and anyone else with significant influence over the entity) – to be referred to when assessing independence, in related parties’ work and for identifying key contacts. It is common to just see the name of one key contact person here.

In order to be familiar with the client and be alert to potentially related parties or conflicts of interest all people involved in management and governance should be listed here, along with their roles. The names may be added to contacts in the sidebar.

Enquiries directed at a limited range of people

Some questionnaires are designed to be answered by someone from management, and some from governance. The fraud questionnaires are a good example. However, in small entities, I commonly see all enquiries directed to one person.

While this reflects something of the reality of small entities, it is an important control that governance is aware of and oversees what is happening at a managerial level. Gaining perspective from different people – as well as being requirements of the standards – helps build a wider ‘3D’ view of the entity.

Verbal enquiries neglecting to identify the entity contact

Sometimes instead of having an entity contact complete a checklist or answer a question online, it is more convenient to interview them and record their responses.

In these cases, it is essential to record the name of the person and the date of the interview.

Budget testing as an analytical review tool

It is common to have a client respond to the questionnaire that they do indeed prepare budgets. But it is uncommon to see these budget figures used in an Analytical Review test. Many times I see the Analytical Review option for budgets marked “no Budget.”

Comparing budgets to actual results can be a powerful analytical and risk identification tool in SME audits, where budgets define the expectation of governance. Even if budgets are not prepared for all the figures reflected in the TB, the budget column for key figures can be manually completed on the TB page, to flow through to the analysis pages.

Lack of follow-up on issues identified in the planning phase

Often I see key items or risks that are mentioned at the staff planning meeting, in information gathered from the client, or when discussing rebuttable presumptions around fraud, understatement of income, or risks associated with journals, that are not flagged and addressed specifically later in the file.

In the current iteration of Audit Assistant, the risk flag tool should be used in these cases, as all comments may be flagged as risks. This will ensure that the issue is not dropped, but is appropriately brought to the foreground in the audit work. There is also the “Key Issue” option which may be used to flag very important items intended for partner attention.

Lack of identification of risks

Risk identification is a bit of a moving target as we all adapt to ISA 315 (revised 2019), however, even under the old standard there was a requirement to identify risks of material misstatement and form the focus of our testing primarily around the most significant risks. I see many good examples of risk assessment, but also many where material items in the financial statements are not assessed as risk, presumably because the auditor has looked at the item and assessed it as low risk – but not documented that decision.

In Tier 3 entities, where there are a limited number of categories in the Statement of Performance and Statement of Financial Position, I would expect to see each category subtotalled in the TB, and a risk assessment for each subtotal, unless it is clearly immaterial or has no prospect of being material.

Lack of identification of significant risks

Many audit files have all their identified risks assessed as very much the same risk profile. I recently heard a reviewer describe a good audit file as one that resembled the Andes rather than rolling green hills.

In other words, we are trying to find which risks are significant to the entity and highlight those rather than just saying all risks are on the same level. Even in a very low-risk job, there will be some inherent risks that the entity faces that will stand out as the main threats to the entity – and these are where we need to focus our work. This will produce not only better audit work but more efficient work because we are putting our resources into the right areas. If we view “Significant” as a relative term rather than absolute, we will start to identify risks that are significant in the context of the job. This is especially important in complying with ISA 315 (revised 2019).

Materiality assessments for service performance

I often see files where the materiality assessment in the Service Performance area is regarded as “not applicable.” NZ AS1 requires us to assess Service Performance materiality, which in terms of ISA 320 is described as: “Misstatements, including omissions, if they, individually or in the aggregate, could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements.”

In the context of service performance, small misstatements or omissions will probably not influence the decision of the users, but a larger discrepancy may well do. It is up to us to identify where this level lies in terms of what is being measured by the service performance output we are considering. This might be in terms of say a 5% variance in a reported result.

Qualification for cash income

It is still common for audit reports for charities and clubs to qualify for cash income. However, with the reduction in the use of cash, this may not be given. In many jobs I see this unquestioningly adopted, without an attempt to quantify just how much of the income of donations say is actually represented by cash so subject to that risk. The audit report then may lead a reader to the conclusion that the potential understatement is much larger than it actually is.

When considering the risk of understatement of cash income and subsequent qualification, I suggest that work be documented to quantify the total amount represented by cash, and the potential understatement. this may not be material, in which case a qualification will not be necessary. Or it may be material and subject to qualification, but the audit report identifies the particular items where there may be an understatement instead of just a blanket statement.

Fixed asset valuation methods

When a Tier 3 entity opts to revalue their land and buildings – as many do – leaving behind the safe harbour of the Tier 3 standards and ventures into the deep waters of PBE IPSAS 17 there are many potential snares, as I discovered recently.

Don’t assume that the CA who prepared the financial statements got it right, and read the standard well. I would assume that any revaluation of this sort is a significant risk as it will likely be highly material. Also, remember to check the disclosures in the Performance Report – that they reference the standard – and include a mention of the use of PBE IPSAS 17 in the preparation of the financial statements in your audit report just to be safe.

Do you agree? Any comments or suggestions? Contact me here.

18 August 2021

Why there is a need for yet another quality standard? PES 4 supports PES 3 in that it specifically addresses the Engagement Quality Reviewer; their appointment, eligibility, responsibilities, and documentation.

PES 4 (the NZ version of ISQM 2) aims to strengthen the requirements for engagements that should be subject to an engagement quality review by extending the requirement for an Engagement Quality Review (EQR) to engagements other than audits of listed entities.

The concept of scalability has been included within the standard, allowing the firm to adjust certain requirements for their size and nature, especially the significant judgements made.

We saw how PES 3 describes the firm’s responsibility for establishing quality management, including the new quality management approach. An engagement quality review is a response, among others, designed and implemented by a firm to address its assessed quality risks. The performance of an EQR is undertaken at the engagement level. However, the reviewer’s response is implemented on behalf of the firm.

PES 4 is applicable only through requirements in PES 3 and ISA 220 for a firm’s quality management system. Therefore, PES 4 is closely interrelated to the other quality management standards.

There are some requirements related to EQR within PES 3 and the new ISA 220 but these are mainly to do with the engagement team supporting the reviewer and a process to trigger an EQR.

Appointment and Eligibility of Engagement Quality Reviewers

When the firm’s quality management system assesses the need for an engagement quality review, PES 4 states the minimum requirements for eligibility and appointment of reviewers around competencies, capabilities, ethics required, and other relevant considerations. A firm may choose to select further requirements for selecting reviewers.

The standard also lays out the selection of the reviewer, including the qualifications, experience, and objectivity of the individual selected to perform the EQR. It also addresses the reviewer’s requirements of independence, integrity, and objectivity and their ability to challenge the engagement team’s judgements and authority.

Appointment and eligibility requirements for engagement quality reviewers are more selective (whether internal to the firm or external) than those in the old standard including:

• The eligibility of the individual(s) within the firm responsible for the appointment of engagement quality reviewers.

• The eligibility of individuals to assist the engagement quality reviewer in performing the engagement quality review.

• The engagement quality reviewer’s responsibility for the performance of the engagement quality review, including assessing the appropriateness of the work of individuals assisting in the review.

• Limitations on an individual’s eligibility to be appointed as an engagement quality reviewer for an engagement for which the individual previously served as the engagement partner.

Competence and Capabilities, Including Sufficient Time

Requirements regarding the criteria for eligibility of engagement quality reviewers and have been maintained in PES 4 and improved through expanding the eligibility requirements. The standard describes the competence and capabilities of the engagement quality reviewer.

The IAASB believes that the achievement of an effective engagement quality review requires the involvement of the reviewer at appropriate points in the engagement, consistent with when the engagement team is making significant judgements because doing so facilitates the resolution of issues promptly. Accordingly, PES 4 includes a new requirement addressing the reviewer’s responsibility to perform the procedures at the appropriate time during the engagement.

The timing of the performance of the EQR is essential. Not only concerning when the reviewer becomes involved but the time allocated for the performance of the review. The firm’s policies or procedures must give the reviewer sufficient time to perform the review.

Relevant Ethical Requirements – objectivity

To improve the reviewer’s objectivity, PES 4 requires a reviewer to comply with relevant ethical requirements and explicitly highlight the threats to objectivity in its application material about the engagement or engagement team. The standard includes a new requirement for the firm to establish policies or procedures that limit an individual’s eligibility to be appointed as a reviewer for an engagement on which the individual previously served as the engagement partner.

Furthermore, the application material suggests objectivity may be accomplished by establishing a two-year cooling-off period and notes that determining a suitable cooling-off period depends on the facts and circumstances of the engagement and applicable law or regulation provisions or regulation and relevant ethical requirements.

The standard implies that if the individual is appointed as the reviewer immediately after serving as the engagement partner, there are no safeguards or other actions that would eliminate the threats to the individual’s objectivity or reduce them to an acceptable level.

Outside firm Engagement Quality Reviewers

The standard considers that small to medium firms may not have sufficient experience within and might require external reviewers. The standard has been expressly set up not to be onerous that the availability of suitable engagement quality reviewers is limited or non-existent for small to medium firms.

PES 4 clarifies that the exact eligibility requirements apply to any individual appointed as a reviewer, whether within the firm or external (as may be the case when there is no partner or other individual within the firm who is eligible to perform the engagement quality review).

Significant Judgements and Significant Matters

EQR discussions with the engagement partner (or other engagement team members, if applicable), along with the information obtained from the engagement team about the nature and circumstances of the entity, will enable the reviewer to be aware of significant judgements made within the engagement.

Based on that information, the reviewer looks at selected engagement documentation in support of those significant judgements. The standard clarifies that the engagement quality reviewer discusses with the engagement partner and, if applicable, other engagement team members significant matters and significant judgements made in planning, performing, and reporting on the engagement.

Documentation

The engagement quality reviewer evaluates the basis for the engagement team’s significant judgements, including, when applicable to the type of engagement. The reviewer evaluates the professional scepticism of the engagement team based on the review of selected engagement documentation. By doing this, the reviewer acknowledges their role in evaluating the engagement team’s exercise of professional scepticism in making significant judgements and reaching conclusions, and, where appropriate, challenging them.

PES 4 includes a specific requirement for the reviewer to take responsibility for documentation of the EQR. The documentation is to be filed with the engagement documentation. The documentation is sufficient to enable an experienced practitioner, having no previous connection to the engagement, to understand the nature, timing, and extent of the engagement quality review procedures performed.

In summary, the implementation of PES 4 will make it easier for firms and for reviewers to understand their responsibilities when an EQR is required – all in one place.

<<previous article

4 June 2021

ISA 220 (revised) deals primarily with the engagement partners’ responsibilities in overseeing the quality of the assurance work.

It forms part of the suite of Quality Management Standards, dovetailing with PES 3 Quality Management for Firms that Perform Audits or Reviews of Financial Statements or Other Assurance or Related Services Engagements (aka ISQM 1) and PES 4 Engagement Quality Reviews (aka ISQM 2).

ISA 220 (revised) will be effective from December 2022. Its emphasis may be summarised as:

  • Proactive management of quality at the engagement level by emphasising the importance of professional scepticism.
  • Enhancing the auditor’s documentation judgments.
  • Reinforcing the need for robust communications between the engagement team and partner.

A criticism of the prior standard was that firm quality control manuals were simply to satisfy standard requirements and were not used in the actual engagement. This standard clarifies the role and responsibilities of the engagement partner; notably, their required involvement throughout the engagement and their responsibility for managing and achieving quality at the engagement level.

The objective of the standard is as follows:

The auditor is to manage quality at the engagement level to obtain reasonable assurance that quality is achieved such that:

(a) The auditor has fulfilled the auditor’s responsibilities, and has conducted the audit under professional standards and applicable legal and regulatory requirements; and

(b) The auditor’s report issued is appropriate in the circumstances.

What are the Engagement Partner’s main responsibilities in the engagement?

The new standard makes the engagement partner’s responsibilities around leadership and project management (including assessing the engagement team’s competence and objectivity) more explicit.

The engagement partner needs to be adequately involved throughout the engagement to provide the engagement leadership required to achieve high-quality audits.

The diagram below illustrates how the engagement partner’s overall engagement is responsible for managing and achieving quality through sufficient and appropriate involvement. Their significant judgments made and the conclusions reached are appropriate given the nature and circumstances of the audit. This overall responsibility includes:

Fulfilling leadership responsibilities

This includes taking actions to create an environment for the engagement that emphasises the firm’s culture and the expected behaviour of engagement team members and assigning procedures, tasks or actions to other members of the engagement team.

Leadership must assign responsibilities to other engagement team members. The standard recognises that the engagement partner may assign procedures, tasks, or actions to other engagement team members to assist the engagement partner in complying with the requirements but must take overall responsibility for the engagement quality.

Supporting engagement performance

This includes taking responsibility for the nature, timing and extent of direction, supervision and review of the work performed.

New requirements require the engagement partner to review the financial statements and the auditor’s report before dating the auditor’s report and, prior to their issuance, to review formal written communications to management, those charged with governance, or regulatory authorities.

The engagement partner must review audit documentation relating to significant matters and other areas involving significant judgments. The partner should focus on complex or contentious matters identified during the engagement and the conclusions reached.

Standing back

The engagement partner must take overall responsibility for managing and achieving quality, including whether their involvement has been sufficient and appropriate throughout the engagement. The nature and circumstances of the engagement are taken into account, especially with significant judgements and conclusions reached.

Relevant Ethical Requirements

The standard has strengthened relevant ethical requirements and the engagement partner’s role in dealing with relevant ethical requirements. Accordingly, in addition to enhancing the extant requirements, ISA 220 (revised) includes requirements regarding:

• Understanding of the relevant ethical requirements and whether other members of the engagement team are aware of those requirements and the firm’s related policies or procedures;

• Threats to compliance with relevant ethical requirements; and

• Determining whether relevant ethical requirements, including those related to independence, have been fulfilled.

Engagement Resources

The engagement partner is responsible for determining sufficient and appropriate resources assigned or made available on a timely basis. They are responsible for taking appropriate action when the firm provides insufficient or inappropriate resources in the engagement team’s audit engagement.

The standard includes new application material detailing:

  • How human, technological, and intellectual resources may be used to support the performance of audit engagements.
  • How project management skills can help manage the quality of the audit engagement and the appropriate actions if the engagement partner determines that the resources are insufficient or inappropriate.

Examples of engagement resources the engagement partner can use to determine whether to depend on the firm’s related policies or procedures include:

• Information systems that monitor independence;

• Information systems that deal with acceptance and continuance of client relationships and audit engagements; and

• Audit methodologies and related implementation tools and guidance.

Firm-level responses

Some firm-level responses to quality risks are not performed at the engagement level but are nevertheless relevant when complying with ISA’s requirements. For example, determining whether the engagement team members collectively have the appropriate competence and capabilities to perform the audit engagement. The engagement partner should look at the firm’s policies or procedures dealing with personnel recruitment and professional training.

When determining whether they may depend on the firm’s policies or procedures in complying with the requirements, the engagement partner should take into account:

• Their knowledge or understanding of or practical experience with the firm’s policies or procedures.

• Information provided by the firm’s monitoring and remediation processes indicates what firm policies or procedures operate effectively. For example, the engagement partner may depend on the firm’s technological development and maintenance programs when using firm-approved technology to perform audit procedures based on the firm’s information.

Project Management

Project management is a crucial part of the engagement, and the engagement partner should be actively involved or have a documented process outlining how it is delegated.

Some examples of how a firm may project manage:

• Increasing the engagement team’s ability to exercise professional scepticism through alleviating budget or time constraints that may otherwise impede the exercise of professional scepticism;

• Facilitating timely performance of audit work to more effectively manage time constraints at the end of the audit process when more complex or contentious matters may arise;

• Monitoring the progress of the audit against the audit plan,  including the achievement of key milestones, which may assist the engagement team in being proactive in identifying the need for making timely adjustments to the audit plan and the assigned resources;

• Assisting the engagement partner in taking responsibility for the direction and supervision of engagement team members and the review of their work; or

• Coordinating arrangements with component auditors and auditor’s experts.

The relationship between ISA 220 (revised), PES 3 and PES 4

ISA 220 operates as part of the broader system of quality management established by PES 3. Under PES 3, the firm establishes quality objectives, identifies and assesses quality risks, and designs responses to address the quality risks concerning the components of the firm’s system of quality management. This can be achieved at the firm level or the engagement level, depending on its nature, circumstances, and engagement.

Accordingly,  PES 3 requires the firm to communicate information to the engagement team about their responsibilities regarding the firm’s responses that require implementation at the engagement level.

ISA 220 and PES 3 align concerning monitoring and remediation. The engagement partner is responsible for dealing with the relevant aspects of the monitoring and remediation process. Communication by the firm includes the results of the monitoring and remediation process.

Furthermore, the engagement partner and team requirement to fully cooperate with the engagement quality reviewer is the linkage between ISA 220 and PES 4.

In summary

ISA 220 (revised) aims to implement a firm’s quality management system at the engagement level. In particular, the standard aims to ensure that the engagement partner is adequately involved throughout the engagement. To ensure that the team has adequate supervision (project management), expertise (in-house or external) and resources to satisfy the level of quality developed by the firm in their quality control manual.

The communication between the team members and the firm’s management and governance will help ensure that a firm’s quality management is fit for purpose and applicable to actual engagements.

We hope this, our new Quality Control Tools and earlier articles will help you to hit the ground running when the new standards become active.

1 April 2021

PES 3 is the King of the Assurance Quality Standards. It is the NZ equivalent to International Standard on Quality Management 1 (ISQM 1).

Its full royal title is ‘Quality Management for Firms that Perform Audits or Reviews of Financial Statements, or Other Assurance or Related Services Engagements’. PES 3 and its lesser nobility of other quality management standards become effective on 15 Dec 2022 (early adoption permitted).

One of PES 3’s primary aims is to foster a culture of quality within assurance practices and to help firms to think critically about the service they are providing and how can it be improved.

The quality management standards dovetail with concepts from the ISAs so that internal controls, policies, procedures, resources, and systems are of sufficient quality to ensure that the firm audit and assurance engagements are free of material misstatement.

The standard is designed to be scaled for small and medium auditing and assurance practices. Requirements and application material emphasises professional judgement and professional scepticism when fulfilling the standard’s needs.

While the old standard required firms to establish and maintain a quality control system that specifies the policies and procedures that firms must follow (a checklist approach), the new standard has been designed to instead make the firm develop a comprehensive quality management system.

Assuring audit quality is achieved by regular monitoring of the system and regularly ensuring that the practice has sufficient knowledge and expertise. 

If the firm detects a quality deficiency, it investigates the root cause and creates new quality objectives, policies, and procedures to manage them. Furthermore, it emphasises having a good firm structure that allows easy communication of findings to the relevant staff level.

PES 3 addresses:

  • The competence and capabilities of the engagement team, recruitment and training, and changes in the firm’s resource models (e.g., use of shared service centres).
  • Internal monitoring reviews, including the scope and extent of such reviews.
  • Governance structures of firms and networks.
  • The need to address remediation and acknowledge the importance of root cause analysis.
  • How to apply proportionately to small- and medium-sized practitioners, including clarifying the application to audit, assurance, and related services engagements (e.g., a sole practitioner would not create the same system as a large entity with multiple partners, managers and employees).
  • Addressing multiple issues related to engagement quality control reviews (e.g., selecting the engagement quality control reviewer and their independence from the engagement team, the professional scepticism exercised by the reviewer and the objective, extent, timing, and documentation of the review).

This new approach focuses the firms’ attention on risks that may impact engagement quality, requiring the firm to transition from policies and procedures that address standalone elements to an integrated approach that reflects upon the system as a whole. 

The audit firm must proactively identify and respond to quality risks and adjust or create new quality objectives to address any deficiencies.

PES 3 benefits the firms’ systems of quality management that support the consistent performance of quality engagements, by providing:

  • A system that is tailored for the firm’s nature and circumstances and the engagements it performs (scalable), thereby improving the robustness and effectiveness of activities undertaken by the firm to address engagement quality, resulting in improved utilisation of firm resources.
  • The facilitation of a firm risk-based proactive response to changing circumstances, proactively managing or mitigating risks, and promoting continual improvement and responsiveness to a changing environment.
  • Increased emphasis on monitoring the system as a whole and timely and effective remediation promotes ongoing improvement and consideration of the system’s appropriateness, including whether it effectively supports engagement quality.
  • Integration of the system’s components promotes an ongoing process of improvement and consideration of the effect of decisions across the system.
  • Scope to design, implement and operate a quality management system based on the nature and circumstances of the firm and the engagements it performs.

Let’s hope the new king enables our assurance engagements to be performed with great confidence and order.

To commemorate the coronation we are releasing a new suite of tools under our ‘Business Management’ label. These include:

  • Audit Quality Management Tool – designed to meet the requirements of creating a dynamic QMM (Quality Management Manual) including customisable templates for all aspects of the manual, annual independence confirmations for staff, staff training and development records, annual evaluation, client complaint procedure, root cause analysis records, and much more. The manual is designed to be rolled over and reviewed annually.
  • Staff recruitments, Orientation and Review Tools – to ensure that policies are followed for staffing resources.
  • New Assurance Client Tool – for screening and working through client induction including ethical letter to prior auditor, welcome letter etc.
  • Client Exit Tool – to ensure that procedures are followed and documented when a client leaves.

All these tools provide a starting point and may be fully customisable. We have adapted and added to the CAANZ suggested templates in producing these tools. Contact us to sign up or to find out more.

<<previous article next article >>

31 March 2021

What are the main components of PES 3 (aka ISQM 1), and how are they organised and integrated?

PES 3 uses a new approach to managing quality that is scalable to deal with differences in firms’ size and nature of their services. As discussed previously, the new quality management approach drives firms to think about the firm’s nature and circumstances and its engagements when designing, implementing, and operating their quality management system.

The approach focuses on achieving outcome-based quality objectives. One of the most important benefits is a tailored system of quality management that is suitable for its nature and circumstances and the engagements it performs.

The IAASB agreed that retaining the elements of extant ISQC 1 is important as they reflect topics that continue to be relevant to a firm’s quality management system and provide a necessary link to quality management at the engagement level.

The eight components of the proposed system of quality management are as follows:

  • Governance and leadership (adapted from “leadership responsibilities for quality within the firm” in extant ISQC 1).
  • The firm’s risk assessment process (new).
  • Relevant ethical requirements.
  • Acceptance and continuance of client relationships and specific engagements.
  • Engagement performance.
  • Resources (adapted from “human resources” in extant ISQC 1).
  • Information and communication (new); and
  • Monitoring and remediation process (adapted from “monitoring” in extant ISQC 1).

The eight components are designed to be highly integrated. For example, resources and information and communication are essential aspects that enable each of the other components of quality management. The integration of the elements means that the quality management system does not operate in a tick-box manner. As a result, the aspects of PES 3 are designed, implemented, and used by the firm holistically through the audit and assurance process.

While PES 3 is organised according to the eight components. Firms are not required to arrange their systems according to these eight components, provided that the firm adheres to the standard’s overall objective. A firm may have different names for the components, combine the components, or have additional components if the firm wishes to have a more rigorous system than the standard.

Interrelationship of the Components

  • The firm’s risk assessment process sets out how it implements the risk-based approach to quality management. In doing so, the firm must include the quality objectives and responses set out in each of the components of the standard.
  • The governance and leadership component is important to the design, implementation, and operation of the other components quality management system. It provides the basis for the quality management system and creates the environment in which the other quality management components operate.
  • Other components such as information and communication and resources have quality objectives that enable the design, implementation, and operation of quality management. Therefore, such components may include responses that affect or relate to the other components of quality management
  • There may be interrelationships within the components as well; for example, human resources are needed to develop intellectual resources.
  • There are also relationships between components because there are matters related to each other (e.g. aspects of the relevant ethical requirements component may be relevant when accepting and continuing client relationships and specific engagements).
  • The monitoring and remediation process monitors the entire system of quality management, and therefore the monitoring activities are undertaken over all of the components of the system of quality management.

<< Previous article

28 February 2021

Audit Quality Management

The current environment is challenging for assurance practitioners. With staff shortages that may not go away any time soon, lean is the key word when going forward. We need to pay as much attention to the systems, processes and controls within our practice as we do when we are auditing clients. The new quality management standards can help provide us with a framework.

The final pronouncements on PES 3, PES 4 and ISA 220 were published in December 2020. From December 2022 all auditors and assurance practitioners must adhere to the new standards.

Implementing the requirements at a firm and engagement level will take considerable time and effort. At Audit Assistant, we are developing ways to reduce the burden of the changeover and integrate the requirements of the new standards into our systems.

To help firms achieve their quality management objectives:

  • We are developing a customisable quality control manual for our clients to help develop policies and identify risks.
  • This sets out the steps to manage audit and assurance quality in a scalable manner – acknowledging that many of our firms are sole practitioners.
  • We are also making a supporting tool for client screening and induction that fits with the quality management manual.
  • In addition, we have a supporting tool in development for staff recruitment, induction and tracking training.
  • As we create these tools and update the templates, we will ensure that there will be a clear connection between the work files and the quality control manual and other tools.
  • We will continue to develop a structured training system that teaches users how to use Audit Assistant correctly, including resources that teach quality control.
  • Through file reviews, we monitor our clients’ work to ensure that our audit quality policies, procedures, and systems adequately address any quality risks. (These processes could be incorporated into your quality management system.)

To finish the race, staying competitive and profitable, firms must develop strategies and processes to cover the basics of good quality management well.

For further information on the new quality management requirements see our further articles:

New Quality Standards: Outline of PES 3

New Quality Standards: Main components of PES 3

New Quality Standards: An Outline of the new ISA (NZ) 220

New Quality Standards: PES 4 Explained