Forum on Consultation on Quality

Management for Firms and Engagements

Presented by:
Prof. Arnold Schilder, IAASB Chairman
Len Jui, IAASB Member
Brett James, IAASB Deputy Director

Hong Kong Special Administrative Region (SAR)

May 24, 2019

Page 1
Quality Management
Projects

Page 2
Proposed ISQM 1

Page 3
Proposed ISQM 1: The Most Significant Change

The firm’s risk

The new risk-based approach assessment
process

Scalable to the
nature and
circumstances of
Proactive
the firm and the
engagements it
performs

A more robust system of quality

management tailored for the firm
Page 4
Proposed ISQM 1: The Components

A system of quality management is a continual and iterative

process and is responsive to changes in the nature and
circumstances of the firm and its engagements. It also does not
operate in a linear manner. (Para 8 of ED-ISQM 1)
Page 5
Proposed ISQM 1: Key Proposals

• Governance and leadership – more robust requirements and increased responsibilities and
accountability of firm leadership
• Engagement performance – increased focus on professional judgment and professional
skepticism at the engagement level
– Also includes enhancements to selection of engagements for engagement quality review
• Resources – enhanced requirements for human resources, and new requirements for
technological and intellectual resources
– Also includes new requirements addressing the accountability of personnel and their commitment to
quality
• Information and communication – now addresses information needed to operate the system
(including information system) and also encourages appropriate communication
– Communication includes two-way communication internally, and a new requirement to communicate
appropriately externally – may be through a transparency report

Page 6
Proposed ISQM 1: Key Proposals (Cont.)

• Monitoring and remediation – more robust requirements for monitoring the system of quality
management and remediating deficiencies – includes:
– More emphasis on tailoring monitoring activities to firm circumstances and monitoring the whole system
– New requirements for investigating root cause(s) of deficiencies
– New requirement for firm leadership to evaluate whether the system provides reasonable assurance
that objectives are achieved
• Networks – new requirements for firms in circumstances when a firm implements or uses
network requirements or network services in its system of quality management
• Service providers – new requirements for firms when using an external service provider in its
system of quality management, including service providers used in performing engagements

Page 7
Proposed ISQM 2

Page 8
Relationship Between ISQM 1 and ISQM 2
ISQM 1:
Requirements for the selection of
engagements for engagement
quality review

Engagement quality review

required?

Yes No

ISQM 2:
• Appointment and eligibility of engagement quality reviewer
ISQM 2
does not
• Performance of engagement quality review apply
• Documentation of engagement quality review

Page 9
Proposed ISQM 2: Key Proposals

• Enhanced eligibility requirements for engagement quality reviewers

– Use of qualified external engagement quality reviewers and assistants permitted
– Limitations on engagement partners appointed as engagement quality reviewers, including guidance
on cooling-off period for engagement partners involved in audit of listed entity
– Actions when eligibility is impaired
• More robust requirements for performance of engagement quality reviews
– Enhanced focus on significant matters and significant judgments
o Audits of financial statements – linked to ED-ISA 220 (Revised)
o Other engagements – linked to nature and circumstances of engagement
– Other enhancements
o Involvement of engagement quality reviewer throughout engagement
o Engagement report cannot be dated until engagement quality review is complete (and notification of this is
made)
o New stand back requirement − whether the performance requirements of ED-ISQM 2 were fulfilled

Page 10
Proposed ISA 220 (Revised)

Page 11
Proposed ISA 220 (Revised): Key Proposals

• Stronger emphasis on public interest, professional judgment and professional skepticism

• Enhancements to address the engagement partner’s responsibilities
– Clarification that engagement partner is responsible for managing and achieving quality through
engagement partner’s sufficient and appropriate involvement
– Engagement partner needs to create an environment that emphasizes firm’s culture and expected
behavior of engagement team members
– New stand back requirement for engagement partner to determine that engagement partner has taken
overall responsibility
• Enhancements to address human, technological and intellectual resources
• New requirements for the engagement partner to determine sufficiency and appropriateness
of resources for the engagement and to take appropriate action if they are insufficient or
inappropriate

Page 12
Proposed ISA 220 (Revised): Key Proposals (Cont.)

• Engagement performance
– Emphasis on tailoring the nature, timing and extent of direction, supervision and review to the
nature and circumstances of the engagement
– Enhancements to focus on how the engagement team works with the engagement quality reviewer
• New guidance on how performance of the audit may be documented

Page 13
Expected Timelines

July 1, March June 18 months December

2019 2020 2020 2021

Comment IAASB PIOB Anticipated

period approval approval effective
for EDs of of due date
closes standards process

Assumptions: Approval in March 2020; 18 months to effective date (if agreed to)

Page 14
How to Comment

www.iaasb.org/quality-management
Other useful resources:
• Draft Examples: How the Nature and Circumstances of the Firm and the Engagements It
Performs Affect the Implementation of Proposed ISQM 1
• Draft Frequently Asked Questions Regarding Proposed ISQM 1
• Quality Management Webcast Series
• Proposed Quality Management Standards video
• Quality Management Standards and Small- and Medium-sized Practices video

New resources will be available throughout the consultation period –

keep checking back.
Comments due by July 1, 2019

Page 15
Audits of Less Complex
Entities (LCEs)

Page 16
Audits of LCEs: An Overview
• Ongoing concerns about scalability and proportionality, and
complexity, of the ISAs
‒ Need for a global solution; many jurisdictional developments (not in the public
interest)
‒ Need to keep standards fit-for-purpose; maintain balance of robustness of
standards
‒ Board has recognized that more is needed than current efforts
• Less complex entity (LCE) versus small- and medium-sized entity (SME)
‒ Focus is on LCEs not size – need to further consider qualitative
characteristics to describe LCEs
• Discussion Paper developed to advance IAASB’s thinking — published
April 29, 2019
‒ Comments back by September 12, 2019
• Targeted outreach, including roundtables
• Feedback will help IAASB determine an appropriate way forward
Page 17
Audits of LCEs: Discussion Paper

Audits of Less Complex Entities: Exploring Possible Options to

Address the Challenges in Applying the ISAs

Published on April 29, 2019

Comments due by September 12, 2019

The IAASB has not yet decided on a future course of action and
remains open minded.

Page 18
Audits of LCEs: The IAASB’s Journey…
IAASB issued Revised IAPS 1005, The Special Considerations in the
Clarity Project. Audit of Small Entities, which was withdrawn when the clarified ISAs
became effective (these became the basis of the “considerations
2002 –2009 specific to smaller entities” within the ISAs).
2004
IAASB completed the Clarity Project
2009 and the clarified ISAs became
effective.
IAASB undertook a post-
implementation review of the clarified 2013
IAASB discussed a proposal to develop a
ISAs in 2011‒2013.
Discussion Paper to obtain input on matters
IAASB and others convened a related to audits of LCEs.
2017
conference in Paris focused on March
SME and SMP public interest 2018 Sept. April
2018 2019
issues.

Feedback from the Paris Conference and other

outreach discussed by IAASB in Executive
Session. IAASB agrees to formal information Approval of Discussion Paper. Second
gathering activities on audits of LCEs. Paris Conference in May 2019.

Page 19
Discussion Paper: Challenges Related to Applying ISAs in Audits of LCEs
• Challenges not within the IAASB’s control or within the scope of the IAASB’s work on
audits of LCEs include:

‒ Not within the control of the IAASB: legal and other requirements for an audit (e.g., audit thresholds);
commercial considerations; technology / methodology; and education and people.

‒ Scoped out: engagements other than audit; enhanced accessibility to the ISAs (e.g., electronic
handbook); value of an audit; and public expectations.

• Challenges within the scope of the IAASB’s work on audits of LCEs include:

‒ Language and basic approach to the standards; length of the standards; documentation; lack of
clarity as to what needs to be done or why; not enough guidance within / outside of the ISAs; and
ISAs noted as particularly problematic.

Page 20
Discussion Paper: Possible Actions to be Explored
• Revising the ISAs
‒ Revising all of the ISAs as part of one substantial project
‒ Revising the ISAs on a rolling or phased basis
‒ Making targeted changes when an ISA is being revised
• Developing a separate auditing standard
‒ Separate auditing standard based on the existing ISAs
‒ Separate auditing standard developed based on a different framework

• Developing guidance or other related actions

‒ Comprehensive guide for all ISAs when auditing LCEs

‒ International Auditing Practice Note (IAPN) for audits of LCEs
‒ Guidance for application of specific areas, or particular ISAs, targeted at challenges related to audits
of LCEs
‒ Focused “implementation packs” for new and revised ISAs specifically for audits of LCEs

Page 21
Other IAASB Standard-
Setting Activities and
Ongoing Initiatives

Page 22
IAASB’s Activities: Standard-Setting
Project / Initiative
ISA 540 (Revised)
ISA 315 (Revised)
Quality Management (ISQM 1, ISQM 2, ISA
220 (Revised))
Group Audits (ISA 600)
Agreed-Upon Procedures (ISRS 4400)
Extended External Reporting (EER)
Assurance
Audits of Less Complex Entities (LCEs)
Audit Evidence (including Professional
Skepticism and Data Analytics)
Auditor Reporting
Status
Final standard published in Oct. 2018; Implementation activities underway
Final standard targeted for approval by Sept. 2019
Exposure Draft approved in Dec. 2018 – Published in early Feb. 2019
Currently open for comment – Comment period closes on July 1, 2019
Priority project in 2019 (Exposure Draft targeted early 2020)
Final standard expected by Q4 of 2019
Proposed Draft Guidance Phase 1 published in Feb. 2019
Currently open for comment – Comment period closes on June 21, 2019
Discussion Paper published in Apr. 2019
Currently open for comment – Comment period closes on Sept. 12, 2019
Exploration and scoping activities underway in 2019
Post implementation review activities to commence in 2019
Page 23
Proposed Strategy
and Work Plan

Page 24
 Proposed Strategy 2020–2023:
• Completion of Quality Management and Group Audits

• Implementation support for ISA 540 (Revised), ISA 315

(Revised), Quality Management and Group Audits, as
needed • Complete guidance for EER initiative
• Identify and prioritize future

• E.g., CAG, IESBA, NSS, actions (e.g., audit evidence,

IFAC implications of technology,

changing corporate reporting
needs)

• Focus on professional
• New proposed framework for activities skepticism

• Robust information-gathering and • Complete information gathering

research activities activities relating to Audits of
Less Complex Entities
• Mechanisms for addressing issues
and challenges on a more timely • Enhance the accessibility and
basis ease of use of our standards

Page 25
ISA 315
(Revised)

Page 26
 ISA 315 (Revised): The Journey so Far and the Journey Ahead

June
2018
Nov. 2,
2018
Comments closed
Nov. 2018–
Development of final
Sept. 2019 standard
[Planned effective date of
standard] – Audits of
IAASB financial statements for
approved periods beginning on or after
ED–315 18 to 24 months after
approval
Sept. 18-24
2019
months

Further
consideration by
Targeted approval IAASB about
of final standard implementation
guidance
Page 27
Responses to ED-315 (Revised) and Way Forward ‒ Overall

Overarching Concerns
• Broad concerns about the complexity and length of the proposed standard; as well as
scalability / proportionality. Concerns included:
− Standard too prescriptive / detailed and over-engineered in some aspects (flow not clear)
− Iterative nature of the standard not clear, some areas noted as being circular
− Introduction of many new definitions and concepts; more clarity needed
Way Forward
• Revised approach to requirements:
− Focus on “what” is required – without reducing the requirements
− Definitional material (or criteria) relocated to definitions – required to be complied with
− The “how” and the “why” to be relocated as appropriate (e.g., to application material)
− Other changes to enhance the flow and understandability of the standard, with further consideration of
‘simpler’ language

Page 28
Responses to ED-315 (Revised) and Way Forward ‒ Internal Control

Understanding the Entity’s System of Internal Control

• Support for the clarification of ‘indirect’ and ‘direct’ controls
• Further clarification still on some aspects (controls relevant to the audit; ‘understanding’ versus
‘identifying’)
• Information System component still not clear, also how it interacts with Control Activities
component
• Various comments around controls required to be identified in Controls Activities component
• Aspects of D&I, and other evaluations required, still not clear
• Purpose of obtaining the understanding still not clear when planning to take a fully substantive
approach
Way Forward
• Revisions to address above issues discussed with Board in March 2019:
‒ Remove term ‘controls relevant to the audit’ (but mixed views from Board)
‒ Clarified aspects of D&I and other evaluations
‒ Further changes to address clarifying what needs to be understood in information system, and controls
required to be identified in Controls Activities component
Page 29
Group Audits

Page 30
Areas of Focus for Standard-Setting

• Clarifying and reinforcing linkages with other standards (e.g., proposed ISQM 1, ISA 220
(Revised) and ISA 315 (Revised))
– Clarify that ISA 600 builds on other ISAs
• Scoping a group audit
– The Board supported a risk-based approach to scoping a group audit
o Focus on identifying and assessing risks at the group level
o Determine the planned scope of work to adequately respond to those risks
• Definitions (component, group engagement team (GET))
• Component materiality
• Responding to assessed risks of material misstatement
– Large number of non-sign components and consideration of “residual balances”
• Documentation

Page 31
Way Forward

• Working towards an exposure draft in March 2020

– June 2019 Board meeting: Focus on scoping a group audit engagement and the outline of the standard
– September 2019 Board meeting: Remaining issues
– December 2019 Board meeting: First draft of ED-ISA 600 (Revised)
– Targeted approval of ED-ISA 600 in March 2020

• Outreach with key stakeholders

– Regulators
– Practitioners
– National Auditing Standards Setters (NSS)
– IESBA

Page 32
Other Ongoing
Initiatives

Page 33
ISA 540 (Revised) Implementation

• Standard effective for financial reporting periods beginning on or after December 15, 2019, with
early adoption permitted and encouraged
• Objectives of the ISA 540 Implementation Working Group
– Promoting awareness
– Informing and educating users
– Opening a dialogue to learn about the experiences of those responsible for adopting and
implementing the standard
– Preparing for post-implementation review efforts
• Available now: Basis for Conclusions, ‘At a Glance’ publication (in English and French), slide decks,
video presentation, flowcharts and diagram
• Coming in 2019: Webcast, answers to FAQs, comparison with PCAOB standard, implementation
toolkit, illustrative examples on how the requirements are scalable, measurement bases of accounting
estimates (former Appendix 1)
• Webpage: http://www.iaasb.org/projects/isa-540-revised-implementation

Page 34
Technology and Data Analytics
• Data Analytics Working Group established in 2015, as well as new project
advisory panel
• Consultation Paper issued in 2016
• Initial work focused on data analytics, but topic is broader:
‒ The automation of audit / assurance tasks
‒ Management’s or the practitioner’s use of Blockchain, AI
‒ Technology-enabled remote audit / assurance work
• Terms of Reference to be agreed for Technology Working Group
‒ Communiqués to be issued to provide update on how technology is being
incorporated into the IAASB’s current projects
‒ ISA 315 (Revised) – use of automated tools and techniques
‒ ISQM 1 / ISA 220 (Revised) – use of technological resources
‒ ISA 500 – implications of technology in obtaining and assessing audit evidence
• Check in for more updates at https://www.iaasb.org/
Page 35
Professional Skepticism

• The IAASB continues to look for opportunities to enhance

and strengthen the concept of professional skepticism in its
International Standards

• Communiqué issued October 2018 outlining recent steps on

professional skepticism, including how the IAASB is working
with IESBA and IAESB

• Communiqué issued February 2019 focusing on how

professional skepticism has been incorporated into the
quality management standards

Page 36
Agreed-Upon Procedures – ED-4400

• Majority of respondents agreed that ED-4400

‒ Responds to the needs of stakeholders
‒ Addresses public interest issues

• Many key aspects of ED-4400 were supported by either a majority or a significant majority of
respondents

• Several areas identified for further consideration

• Way Forward
‒ IAASB June 2019 meeting – Considering views of respondents to ED-4400
‒ IAASB September / December 2019 meeting – 1st read of draft ISRS-4400 (Revised)
‒ IAASB December 2019 / March 2020 meeting – Approval of final standard

Page 37
QUESTIONS

Page 38
 www.iaasb.org

For copyright, trademark, and permissions information, please go to permissions or contact permissions@ifac.org.

Page 39