3 minute read
ISQM 1 Quality Assurance Management as an essential element of modern practice
Have you ever wondered how audit firms are organised or what kind of policies and procedures they have in place to ensure quality deliverables through the reports they issue?
Audit firms play a critical role in assisting Companies gain the trust of the economic world, thus it is important they themselves ensure quality is perceived throughout the organisation. The increasing complexities of structures, evolving regulatory requirements, advancement of technologies have led to the adoption of the International Standards of Quality Management 1 ("ISQM 1").
The ISQM1 is designed to provide a robust and consistent approach to quality management within firms that perform audits and other assurance services. The new standard emphasises the importance of a "risk-based" approach to quality management, which means that firms should identify, assess, and manage risks throughout the audit or assurance engagement process. Each audit firm owns unique policies and procedures which need to cover the below eight elements, as required by the Standard. These can be drafted internally or externally through outsourcing and their application needs to be monitored continuously.
RISK ASSESSMENT PROCESS:
It is required that a detailed assessment of the risks associated with an individual engagement, and the risks inherent in the overall business and environment, is performed. This will form the foundations for understanding the critical business process and ensure that the design of policies and procedures is done in a way to mitigate any risks that may damage quality.
LEADERSHIP AND GOVERNANCE:
The overall goals and objectives of the organisation in respect of quality need to be explained and transparent to the stakeholders. Policies need to describe how high-quality service is provided, how client expectations are met, and how ethics and independence are perceived. Clear roles and responsibilities exist for departmental employees, while effective communication channels for sharing information and feedback need to be present. Top management should be involved in the operations and actively oversee the processes while living the cultural values of the firm.
ETHICS AND INDEPENDENCE:
All staff must understand and adhere to the relevant ethical and professional standards. The need to avoid any actions that could compromise independence is emphasised. Only independent auditors are involved in the audits who are well-educated and informed, act with integrity and deliver only permissible services.
Acceptance And Continuance Of Client Relationships And Specific Engagements
The process of accepting a client relationship and reviewing it at regular intervals based on the risk profile of each client or engagement is described. Audit firms need to adhere to the Anti Money Laundering laws and regulations. The firm must evaluate the engagement risks and take appropriate actions to mitigate them. In cases where an assessment is not successful, the relationship needs to be immediately terminated.
ENGAGEMENT PERFORMANCE:
Engagements should involve planning, execution, completion and consultations. Firms must ensure that teams are adequately planned and allocated to projects. They are qualified, experienced, and sufficiently equipped to carry out the work. Each audit or assurance engagement must start by the team acquiring a thorough understanding of the client's business activities, risks, and internal controls. Specific policies and guidance over consultation requests are mandatory for judgmental or complex situations. At the end of each project, the audit firm should evaluate the results and take appropriate action if necessary.
RESOURCES:
An audit firm's resources include human capital, technologies, and infrastructure. All staff members must be adequately trained to own skills and knowledge to perform their duties and responsibilities. This is achieved through coaching, refresher physical or web-based training, or specific technical libraries. Systems must be safeguarded from security threats, and access controls exist while the latest updates of content and technical specifications need to be processed.
MONITORING AND REMEDIATION PROCESS:
The System of Quality Management of firms must be monitored. Technology and tools must be used for the implementation and documentation of monitoring procedures. Monitoring could concentrate on key performance indicators, such as engagement completion rates, staff turnover, and client satisfaction. Audit firms must adhere to high ethical and independence standards to maintain the trust of their clients and the investing public. They should adopt robust policies and procedures that promote trust and confidence that the deliverables are of a high and consistent quality standard.
INFORMATION AND COMMUNICATION:
Focus is placed on effectively exchanging information within teams and between the firm and its clients. This includes establishing clear lines of communication, encouraging ongoing, real-time and effective exchange of feedback between the engagement team itself and the clients' management.
Effective and appropriate documentation is essential to be maintained throughout the engagement, including the audit plan, work papers and audit reports. This ensures that all audit work is easily identifiable and easier to review and evaluate the quality of the audit work performed.
