Following on from last week’s blog on cold file reviews and ISQM 1, this week we look at the various factors that can cause changes to the monitoring and remediation elements of ISQM 1.

The following variables are usually areas that need updated:

  • The quality objectives set out in the system of quality management (SoQM);
  • The quality risks of their assessments; and
  • The responses to those risks.

Changes in these areas are mainly a result of:

  • Changes in the nature and circumstances of the firm and its engagements; and
  • Remedial actions to address deficiencies in the system of quality management.

These changes can arise in a variety of ways, such as:

  • Changes to quality objectives;
  • A need for new additional quality objectives g. if the firm opens a new office, merges with another firm or starts providing a new service;
  • Additional quality objectives established by the firm may no longer be needed, or may need to be modified; and
  • Root cause analysis (RCA) may identify that previous attempts at fixing issues from past cold file reviews are no longer be needed, need to be modified, or require a new solution.

Remember that the Specified Responses prescribed by the standard (detailed here in paragraph 34) must not be modified or removed, unless one or more of them is no longer relevant to the firm. The firm may decide that it’s appropriate to modify how these Specified Responses are designed and implemented.

The types of changes that can be triggered by the cold file review process broadly fall into two categories:

  1. Changes to quality risks such as:
  • New quality risks are identified;
  • Existing quality risks no longer qualify as quality risks;
  • Existing quality risks need to be modified; and
  • Existing quality risks need to be reassessed.


  1. Changes to responses to quality risks such as:
  • New responses may be designed and put into action;
  • Existing responses may be discontinued and deemed no longer appropriate; and
  • Existing responses may need to be adjusted for changes in circumstances such as a new audit programme.

For more on the whole ISQM process please see our ISQM 1 Toolkit on our website here.

Please go to our website to see our:

  • Anti-Money Laundering Policies Controls and Procedures Manual (March 2022) — View the table of contents
  • AML Webinar (December 2023) available here, which accompanies the AML Manual. It explains the latest legal AML reporting position for accountancy firms and includes a quiz. Upon completion you receive a CPD certificate for attendance in your inbox.
  • Letters of engagement and similar templates—Please visit our website here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items bought together.
  • ISQM TOOLKIT, or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please contact John McCarthy FCA by email at
  • We typically tailor ISQM training and brainstorming sessions to suit your firm’s unique requirements. The ISQM TOOLKIT 2022 is available to purchase here.