THE BACKGROUND OF AUDIT QUALITY ASSURANCE (AQA) Presentation by: CPA Anne Muraya Audit & Assurance Leader, Deloitte East Africa Tuesday, 1 August

Transcription

1 THE BACKGROUND OF AUDIT QUALITY ASSURANCE (AQA) Presentation by: CPA Anne Muraya Audit & Assurance Leader, Deloitte East Africa Tuesday, 1 August 2017

2 Contents Why quality assurance Objective Key definitions Elements & scope of ISQC 1 Applying, and complying with, relevant requirements Importance of documenting procedures Questions & answers

3 Introduction Audit quality is not defined in law or through regulations, nor do auditing standards provide a simple definition. Ensuring quality and instilling trust is the core mandate of audit, but it s also what stretches auditors to go further. Each day, we push, we question, and we redefine what audit can and should do. Quality isn t just about consistently conducting the audit to the highest standards, but about questioning what gets audited and why. Why quality assurance? The full measure of quality lies in bringing ever-deeper assurance to an everbroader range of questions. It s how we raise the value of Audit and create more meaningful impacts to all our stakeholders. Quality control procedures should be adopted at the firm level and on an individual audit.

4 Objective Each Quality stakeholder control at in a firm the audit level will give a different meaning to audit quality, at its heart it is about delivering an appropriate professional opinion supported by necessary evidence and objective judgements. Principles of audit quality are below: Good leadership Technical competence Experienced judgement Principles of audit quality Ethical values and appropriate client relationships Experienced judgement Proper working practices The objective set by ISQC 1 is for the firm is to establish a system of quality control designed to provide it with reasonable assurance that the firm and its personnel comply with professional standards and regulatory and legal requirements; and that reports issued by the firm or engagement partners are appropriate in the circumstances.

5 Elements & Scope of ISCQC ISCQ 1 identifies six elements of the firm s system of quality control. Acceptance and continuance of client relationships and specific engagements Human resources Ethical requirements Engagement performance Leadership responsibilities for quality within the firm Monitoring

6 i) Leadership responsibilities for quality within the firm The firm shall implement policies such that the internal culture of the firm is one where quality is considered essential. Such culture must be inspired by leaders of the firm who must sell this culture in their actions and messages. The entire business strategy of the audit firm should be driven by the need for quality in its operations. The firm s managing partners are required to assume ultimate responsibility for the firm s system of quality control. They may appoint an individual or group of individuals to oversee quality in the firm. Such individuals must have: Sufficient and appropriate experience and ability to carry out the job; and The necessary authority to carry out the job. Commercial considerations should never override quality.

7 ii) Ethical requirements Policies and procedures should be designed to provide the firm with reasonable assurance that the firm and its personnel comply with relevant ethical requirements including training, monitoring and discipline. The policies and procedures should be in line with the fundamental principles, which should be reinforced by: The leadership of the firm; Education and training; Monitoring; and A process to deal with non-compliance. At least annually, the firm should obtain written confirmation of compliance with its ethical policies and procedures on independence from all firm personnel required to be independent.

8 iii) Acceptance and continuance of client relationships and specific engagements A firm should only accept, or continue with a client where: It has considered the integrity of the client; Firm has the capabilities and resources to perform the engagement; and Can comply with ethical requirements.

9 iv) Human resources Policies and procedures to ensure that the firm employs and retains staff with the capabilities, competence and commitment to ethical principles necessary to perform the engagements. The ISQC lists the following: Recruitment; Performance evaluation & appraisals; Capabilities and competence; Career development & promotion; and Compensation.

10 v) Engagement performance The firm should take steps to ensure that engagements are performed correctly, that is, in accordance with standards and audit plan. Firms often produce a manual of standard engagement procedures to give to all staff so that they know the standards they are working towards. These may be electronic. Ensuring good engagement performance involves a number of issues:» Direction;» Supervision;» Review;» Consultation; and» Resolution of disputes.

11 v) Engagement performance The firm should have policies and procedures to determine when a quality control reviewer will be necessary for an engagement. When required, such a review must be completed before the audit report is signed. Issues to be addressed for engagements that require quality control;» Discussion of significant matters with the engagement partner;» Review of the financial statements or other subject matter information and the proposed report;» Review of selected engagement documentation relating to significant judgments the engagement team made and the conclusions it reached; and» Evaluation of the conclusions reached in formulating the report and consideration of whether the proposed report is appropriate.

12 v) Engagement performance For listed companies in particular the review should include: The engagement team s evaluation of the firm s independence in relation to the specific engagement; Whether appropriate consultation has taken place on matters involving differences of opinion or other difficult or contentious matters, and the conclusions arising from those consultations; Significant risks identified during the engagement and the responses to those risks; Judgements made, particularly with respect to materiality and significant risks; The significance and disposition of corrected and uncorrected misstatements identified during the engagement; The matters to be communicated to management and those charged with governance and, where applicable, other parties such as regulatory bodies; and Whether documentation selected for review reflects the work performed in relation to the significant judgements and supports the conclusions reached.

13 vi) Monitoring The standard states that firms must have policies in place to ensure that their quality control procedures are: Relevant Adequate Operating effectively Firms must monitor their system of quality control and report to the management on an annual basis. There are two types of monitoring activities: Ongoing evaluation of the system of quality control which might include such questions as has it kept up to date with regulatory requirements? Cyclical inspections are usually conducted by a nominated quality control partner in the firm reviewing the completed files of the other partners to ensure the audit was carried out appropriately. Identified failures should be communicated and training/professional development given to correct the problem, and if appropriate disciplinary action for repeated audit failures.

14 Quality control on an individual audit Objective of the auditor is to implement quality control procedures at the individual engagement level. Engagement partner is ultimately responsible for quality control on an individual engagement. Policies and procedures for quality control on individual audits parallel those for the firm. Additional policies and procedures for individual audits are: Direction Supervision Review

15 Direction At the planning stage, but also during the engagement, the engagement partner ensures that the members of the engagement team are informed of: Their responsibilities; Objective of the work to be performed; Nature of the entity s business; Risk issues; Problems that may arise; and Detailed approach to the audit engagement.

16 Supervision The audit is supervised overall by the engagement partner, but more practical supervision is given within the audit team by senior staff to more junior staff. It includes: Tracking the progress of the audit engagement; Considering the capabilities and competence of individual members of the team, and whether they have sufficient time and understanding to carry out their work; Addressing significant issues arising during the audit engagement and modifying the planned approach appropriately; and Identifying matters for consultation or for consideration by those more experienced.

17 Review This concerns the inspection of work by engagement members by more senior members of the same engagement. Review includes consideration of whether: The work has been performed in accordance with professional standards; Significant matters have been raised for further consideration; Appropriate consultations have taken place and the resulting conclusions have been documented and implemented; There is a need to revise the nature, timing and extent of work performed; The work performed supports the conclusions reached; Work is appropriately documented; The evidence obtained is sufficient and appropriate to support the auditor's report; and The objectives of the engagement procedures have been achieved.

18 Applying, and complying with, relevant requirements Personnel within the firm responsible for establishing and maintaining the firm s system of quality control must have an understanding of the entire text of the ISQC 1, including its application and other explanatory material, to understand its objective and to apply its requirements properly. The firm shall comply with each requirement of the ISQC 1 unless, in the circumstances of the firm, the requirement is not relevant to the services provided in respect of audits and reviews of financial statements, and other assurance and related services engagements. The requirements are designed to enable the firm to achieve the objective stated in the ISQC 1. The proper application of the requirements is therefore expected to provide a sufficient basis for the achievement of the objective. However, because circumstances vary widely and all such circumstances cannot be anticipated, the firm must consider whether there are particular matters or circumstances that require the firm to establish policies and procedures in addition to those required by the ISQC 1 to meet the stated objective.

19 Importance of documenting procedures All quality control policies and procedures should be documented and communicated to the firm s personnel. This seeks to: Monitor and seek continuous improvement of firm s system of quality control; and Deliver quality audits consulting when needed and meeting requirements for engagement quality control.

20 Questions & answers

21 Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see or a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Deloitte provides audit, tax, consulting, and financial advisory services to public and private clients spanning multiple industries. With a globally connected network of member firms in more than 150 countries, Deloitte brings world-class capabilities and deep local expertise to help clients succeed wherever they operate. Deloitte's approximately 224,400 professionals are committed to becoming the standard of excellence Deloitte & Touche