Establishing Quality Objectives for the ISQM

Establishing Quality Objectives for the ISQM

by | Oct 3, 2022 | Blog, News

Six of the eight components have mandatory quality objectives established in the International Standard on Quality Management (ISQM) 1 (see paragraphs 25-34 of ISQM 1). For assistance with implementing the ISQM see our ISQM TOOLKIT available for immediate download here. There is 20% off for simultaneous purchases of five items or more.

There are no mandatory objectives for the two remaining areas:

  • risk assessment or
  • monitoring and remediation.

Smaller firms may find that the quality objectives already included in ISQM 1 are sufficient for their needs, but some firms may need to establish other objectives or sub-objectives. Every firm must consider (and evidence they considered) whether they need additional objectives – it’s not safe just to assume you don’t need them.

Note that if a quality objective included in ISQM 1 is not relevant to your firm then you can ignore it.

The next step is to identify quality risks that threaten the achievement of those quality objectives:

  • Consider
    • the nature and circumstances;
    • the conditions and events;
    • the actions and inactions; and
    • the type and nature of the client engagements.
  • Much of a firm’s nature and circumstances is dictated by:
    • the people working there;
    • the environment within which it operates; and
    • the types of client it serves.

All of the above variables may have an impact on the quality risks that are most relevant to the firm, and each firm will need to assess the significance/likelihood of those risks crystallising.

The emphasis will need to be on identifying quality risks rather than focusing on the consequences of a risk crystallising – e.g.

  • not understanding the requirements of the Ethical Standard is a quality risk;
  • rather than a breach of the Ethical Standard which would be a consequence of that quality risk

Watch out that where you identify a quality risk that doesn’t result from a quality objective in ISQM 1 then you will need to establish a new quality objective.

Next week we will look at assessing risks.

It’s impossible to cover everything in this brief blog. For more assistance please see our new ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please call or e-mail John McCarthy FCA or e-mail him at john@jmcc.ie

Publications and AML webinar

  • The ISQM TOOLKIT 2022 is available to purchase here.
  • See our latest Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • Also we have an updated AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
  • To ensure your letters of engagement and similar templates are up to date visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
Governance and Leadership Risks to Identify for ISQM

Governance and Leadership Risks to Identify for ISQM

by | Sep 27, 2022 | Blog, News

The International Standard on Quality Management (ISQM) 1 requires firms to record quality objectives in six key areas. these are:

  1. Governance and leadership;
  2. Relevant ethical requirements;
  3. Acceptance and continuance of client relationships and specific engagements;
  4. Engagement performance;
  5. Resources; and
  6. Information and communication.

This week and in subsequent weeks, we will look at each of these primary objectives and explore some of their main requirements. Meantime our ISQM TOOLKIT has been published to guide you on the way.

The first of these areas is Governance and leadership. This is of paramount importance to quality management because it drives how the firm is perceived by its leadership, staff, audit clients and ultimately the public.  Governance and leadership principles serve as the framework for how the firm’s decisions are made.

The standard has new and enhanced requirements regarding the firm’s commitment to quality through its culture.

The requirements now also focus on:

  • The firm’s public interest role;
  • The importance of professional ethics, values and attitudes;
  • The responsibility of all personnel for quality relating to the performance of engagements or activities within the Statement of Quality Management (SOQM), and their expected behaviour; and
  • Quality in the context of the firm’s strategic decisions and actions (e.g. will we expand the Tax Department and offer tax planning services to our private company audit clients), including the firm’s financial and operational priorities.

There are new requirements that:

  • Address leadership’s behaviour and commitment to quality, and their accountability for quality;
  • Address the organizational structure of the firm and the firm’s assignment of roles, responsibilities and authority; and
  • address resource needs, and resource planning, allocation and assignment, which also include financial resources for matters like up to date software and training.

It’s impossible to cover everything in this brief blog. For more assistance please see our new ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please call or e-mail John McCarthy FCA or e-mail him at john@jmcc.ie

Publications and AML webinar

  • The ISQM TOOLKIT 2022 is available to purchase here.
  • See our latest Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • Also we have an updated AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
  • To ensure your letters of engagement and similar templates are up to date visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.

Tags: ISQM TOOLKIT, IAASA, International Standard on Quality Management (ISQM) 1, Root Cause Analysis, Anti Money Laundering Policies Controls & Procedures Manual, AML Training webinar.

Tailoring your ISQM

Tailoring your ISQM

by | Sep 20, 2022 | Blog, News

Audit firms of all sizes, with differing levels of complexity will expect their service providers to publish an off the shelf manual to help implement ISQM 1, just like they did with its predecessor ISQC1. Our new ISQM TOOLKIT is here to help you with documenting your ISQM compliant audit quality risks and responses.

The new ISQM standard requires each audit firm to tailor the ISQM TOOLKIT in such a manner that the risks and responses are unique to each firm. In this regard the new ISQM TOOLKIT is very different to, its off the shelf predecessor, the ISQC1.

Each audit firm must document its:

  • audit objectives (which will be unique, depending on the size of each firm and the nature, size and complexity of its client base),
  • audit risks; and
  • responses to those audit risks

because ISQM 1 requires that these responses are tailored to each firm’s particular circumstances. Each audit firm will need to consider the firm’s particular risks and ensure the responses are tailored appropriately, and document these with an annual review and updates in subsequent years. The process is iterative by its very nature.

The good news is that our new ISQM TOOLKIT has just been published to help audit firms implement the Action Plan below.

Action Plan

Here’s how to start.

  1. Write down key information about the firm and its audit engagements (e.g. do we audit any groups);
  2. Think about the quality objectives in the standard and
  3. The risks arising if those quality objectives are not met.

Then take a look at the firm’s current audit policies and procedures to identify gaps e.g. do we have  up to date letters of engagement, representation, Financial Statement Disclosure Checklists or the latest audit manual for charities, insurance brokers etc.

If you find that you currently have an ISQC 1 policy or procedure that doesn’t fit any of the risks you have identified, either it isn’t needed or you have missed a risk. The answer will be unique to your firm and you will, need to decide which is the correct response. You can’t copy/past the answer from your friend down the road. It goes without saying that these blogs cannot be a substitute for reading the ISQM 1 itself.

More on documenting these risks in one of our upcoming blogs.

If you would like a bespoke consultation remotely or on-site to discuss the new ISQM 1 in more detail please send an e-mail to john@jmcc.ie

Future blogs

Over the coming weeks we will publish a series of blogs, alongside the publication of our new Audit Quality Control Manual called the ISQM TOOLKIT, to help auditors implement the new process.

Publications and AML webinar

  • The ISQM TOOLKIT 2022 is available to purchase here.
  • See our latest Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • Also we have an updated AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
  • To ensure your letters of engagement and similar templates are up to date visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.

Tags: ISQM TOOLKIT, IAASA, International Standard on Quality Management (ISQM) 1, Root Cause Analysis, Anti Money Laundering Policies Controls & Procedures Manual, AML Training webinar.

10 Tips for Audit Firms to prepare for ISQM 1

10 Tips for Audit Firms to prepare for ISQM 1

by | Sep 19, 2022 | Blog, News

Around the globe, auditors are preparing for the imminent ISQM 1 regime, and it’s now just under three months to the deadline – 15 December 2022. On or before this date every Irish audit firm will need an ISQM-compliant System of Quality Management (‘SOQM’).

While larger firms have been working for many months to prepare for ISQM 1, we’re aware that many smaller firms are only just beginning the journey towards compliance and the last thing they might welcome is a reminder that time is running out!

Our new ISQM TOOLKIT is the answer to your needs and is available to purchase now for immediate download to help get you started. Click here for more details.

If you’re tempted to conclude that you’ve left it too late to meet the deadline, our message is: don’t despair. There is still opportunity to get ready, although it’ll mean setting aside dedicated partner time to achieve this, and regulators will be looking for clear evidence of progress by the end of the year and certainly by this time in 2023.

Here are our top ten tips to helping you get your SOQM across the finish line:

  1. Read the ISQMThere’s really no way around this! We’d recommend you also get hold of the IAASM Implementation Guide, which is genuinely helpful – although be warned; this is for the international version of the ISQM and doesn’t include the additional quality responses added to the Irish standard by the Irish Audit & Accounting Supervisory Authority (IAASA).
  2. Assess your current approach to audit quality. Firms aren’t (usually!) starting from scratch on audit quality and will have various policies and procedures already in place. While we want to stress that you shouldn’t simply ‘bolt on’ ISQM to your existing approach, it’s helpful to get a clear insight into what’s happening now (e.g., by taking a look with a critical eye at your existing ISQC 1 but being careful not to copy and paste the answers, but what’s in the ISQC1 may be helpful).This may mean gathering various documents (like staff appraisals, CPD plans and IES 8), clarifying existing arrangements with the rest of the team and organising your thoughts.
  3. Find out what your team thinks about your current approach. Chances are, you and your team already have sound insights into what’s working well and what isn’t, and some honest feedback may be painful but is essential to making progress.John McCarthy Consulting Ltd. (working in conjunction with our colleagues in Apex Professional Consulting Ltd.) has produced the ISQM TOOLKIT for the Republic of Ireland. It comes with a team questionnaire that can help you to gather anonymous feedback including suggestions for tackling problem areas.
  4. Start with leadership and governance issues. For most if not all small firms, a critical success factor for ISQM compliance is the degree of support from partners, especially managing partners within firms.Whether your firm is a sole practitioner or a larger firm, ISQM 1 challenges senior leadership to demonstrate genuine commitment to audit quality, recognising that this may not always align with a firm’s commercial strategy or its leaders’ priorities. You need to identify and deal with those conflicts, if present. You’ll also need to consider how much of the SOQM can be delegated to others and how the firm’s leadership will demonstrate that they bear ultimate responsibility for its success.
  5. Don’t dismiss the appointment stage. Many firms assign consideration of (re)appointment to junior audit staff who lack the judgement to assess ethical threats and to apply the right safeguards. Accepting a client relationship or engagement inappropriately removes any chance to achieve a quality audit.
  6. Be honest about priorities. Many firms say that they’re committed to audit quality, but a cursory scrutiny about how much of the firm’s time and money is spent in supporting and developing high quality audit may suggest otherwise.ISQM 1 demands that firms allocate enough resource to recruit and develop audit teams, supply them with appropriate tools (including hardware and software) and allow them the time to conduct audits thoroughly. You’ll also need to assess the quality risks of over-relying on external training providers, file reviewers or providers of methodology or IT tools.
  7. Refocus on prevention rather than cure. In the past, many audit firms have relied on regular cold file reviews to ensure their quality is up to scratch. Whilst such reviews will still play a key role, firms need to consider how to avoid audit defects altogether.For many audit partners, this may mean reducing the amount of time spent in review, and increasing the time spent in directing and supervising audits whilst in progress. Better prepared and managed teams should produce better audit files that need less review and remediation.
  8. Plan your monitoring as you go. As you set out your SOQM, make sure that every element is trackable and assign responsibility for monitoring to specific individuals, with clear instructions about how they should check progress and how they must record this. This should make the ‘monitoring and remediation’ part of the process much less burdensome.Don’t leave it all until the end!
  9. Get familiar with Root Cause Analysis (‘RCA’). This is a tool that has increased in profile of late, and while RCA can be sophisticated, it needn’t always be so. The aim is to identify systemic defects that, if corrected, will prevent problems from recurring. Don’t be afraid of asking ‘why did X happen’ multiple times when a quality problem is spotted, until the roots are uncovered.
  10. Consider external support. Whilst it’s possible to implement ISQM 1 without any other support, especially if you use a good transition tool (did we mention that John McCarthy Consulting Limited has designed the ISQM TOOLKIT with the smaller firm in mind?), you may find that getting the assistance of a specialist can be hugely valuable, even if just as a sounding board.

Many file reviewers are offering ISQM implementation help at the moment – why not ask your existing reviewer if they can help in this way?

If you need assistance with implementation, or have any questions please call John at 086 839 8360 or e-mail john@jmcc.ie.

The ISQM TOOLKIT is available here to purchase now for immediate download.

Are You Ready For The ISQM?

Are You Ready For The ISQM?

by | Sep 11, 2022 | Blog, News

There are several new acronyms for auditors in Ireland to grapple with before Christmas. From 15 December 2022 the International Standard on Quality Management (ISQM) 1, issued by the Irish Audit & Accounting Supervisory Authority, comes into force. The ISQM TOOLKIT is available here to purchase now for immediate download.

It is and deals with the quality management of audits with special emphasis on:

  • designing, 
  • implementing and 
  • operating 

a system of quality management (SOQM) for audits or reviews of financial statements or other assurance or related services engagements.

It will have a deep and lasting impact on all audits carried out in Ireland, whether they are of public or private companies. Early preparation, well before 15 December 2022, is highly recommended.

The new standard requires audit firms to be much more proactive than the predecessor document the International Standard on Quality (ISQC) 1, which was more reactive in nature.

Among the changes in terminology and acronyms, the main ones are:

  • IUR = Individual assigned with ultimate responsibility for implementation assigned ultimate responsibility and accountability for the system of quality management, on behalf of the firm, evaluates the system of quality management and concludes whether the system of quality management provides the firm with reasonable assurance that the objectives of the system are being achieved.
  • IOR = Individual assigned with overall responsibility for the audit engagement – usually the engagement partner.
  • SOQM = Systems of Quality Management is the overall description for the eight main areas prescribed by the standard.
  • RCA = Root Cause Analysis – identification of the root causes of audit deficiencies which is an iterative and non-linear evaluation. It is part of the monitoring and remediation process – see below.
  • EP = engagement partner.
  • KAP = for an audit of financial statements, the engagement partner is the key audit partner.

The standard is broken into eight main areas:

  1. The firm’s risk assessment process;
  2. Governance and leadership;
  3. Relevant ethical requirements;
  4. Acceptance and continuance of client relationships and specific engagements;
  5. Engagement performance; 
  6. Resources;
  7. Information and communication; and
  8. The monitoring and remediation process.

The IAASB in New York (from where the standard emanates) have issued a very useful Factsheet that explains the background to the changes.

Over the coming weeks we will publish a series of blogs, in advance of the publication of our new Audit Quality Control Manual called the ISQM Toolkit, to help auditors implement the new process. The Manual will be published soon. Watch this space!

Publications and AML webinar

  • The ISQM TOOLKIT is available here to purchase now for immediate download.
  • See our latest Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • Also we have an updated AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
  • To ensure your letters of engagement and similar templates are up to date visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.
The Latest CRO Annual Report

The Latest CRO Annual Report

by | Sep 4, 2022 | Blog, News

The 2021 Annual Report of the Companies Registration Office (CRO) was published at the end of July 2022.

Here we summarise some of the more interesting statistics contained in the report. In the three statistics that we focus on here, 2017 was the record year out of the last five years for notices filed with the CRO for:

  • Resignation of auditor, of which there were 3,216 resignations filed;
  • Report that proper books not kept, of which there were 10 filed; and
  • Removal of Auditor, of which there were 73 filed.

It shows that in the last five years, the numbers of:

  • Resignations of auditors fell by 0.87% overall;
  • Reports about companies not maintaining proper books of account/adequate accounting records fell from 10 reports per annum to zero in 2021; and
  • Removals of auditors fell by almost 85% to a five year low of only 11 removals in the 2021 calendar year.

 

The full table is presented here:

  2017 2018 2019 2020 2021
Resignation of auditor 3,216 3,711 3,058 2,317 3,188
Report that proper books not kept  

10

  

3

  

5

  

7

  

0
Removal of Auditor 73 33 31 13 11

The 2021 Annual Report of the CRO is available in pdf format here.

Are your AML Policies Controls & Procedures up to date?

We have just released our latest Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.

We have also just released an updated AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms.

To ensure your letters of engagement and similar templates are up to date visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.

For our latest Audit Quality Control Manual (October 2021) (implementing the latest Irish Audit & Accounting Supervisory Authority standards including ISQC1 on audit quality control) click here. View the Table of Contents here.