Session 5

Quality Control

FOCUS
This session covers the following content from the ACCA Study Guide.

C. Practice Management
1. Quality Control
a) Explain the principles and purpose of quality control of audit and other
assurance engagements.
b) Describe the elements of a system of quality control relevant to a given firm.
c) Select and justify quality control procedures that are applicable to a given
audit engagement.
d) Assess whether an engagement has been planned and performed in
accordance with professional standards and whether reports issued are
appropriate in the circumstances.

Session 5 Guidance
Understand how the quality control structures work: SMO 1 at the controlling body level (s.2), ISQC 1
at the member firm level (s.4) and ISA 220 at the individual audit level (s.5).
Understand the purpose and scope of a quality assurance review programme (s.2.2) and learn the
different approaches to the review cycle (s.2.3).
Learn the objectives of quality control (s.3.1) and the purpose of quality control procedures in an audit
firm (s.4.2). Learn the required elements of a system of quality control (s.4.2).

(continued on next page)

P7 Advanced Audit and Assurance (INT) Becker Professional Education | ACCA Study System

Ali Niaz - ali.niaz298@gmail.com

VISUAL OVERVIEW
Objective: To outline quality control procedures including review procedures which assure
the quality of professional services.

ASSURING QUALITY

SMO 1 QUALITY CONTROLS

• General • Importance
• Quality Assurance • Policies and
Review Programme Procedures
• Review Cycle

AUDIT FIRM— INDIVIDUAL AUDIT QUALITY

ISQC 1 AUDIT FRAMEWORK
• Organisations • ISA 220 • Overview
of Practices • Engagement • Elements
• Policies and Teams
Procedures • Direction
• Elements • Supervision
• Example • Review
Control
• Review
Procedures
Procedures

Session 5 Guidance
Appreciate how ISA 220 applies the requirements of ISQC 1 to the individual audit and
understand the difference between direction, supervision and review (s.5).
Learn the different types of review procedures (s.5.4).
Understand the rationale for the publication of the document A Framework for Audit Quality (s.6).

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-1

Ali Niaz - ali.niaz298@gmail.com

Session 5 • Quality Control P7 Advanced Audit and Assurance

1 Assuring Quality—Statements
of Membership Obligations
< IFAC believes that, in the interests of maintaining the
reputation of the profession, its member bodies should
demonstrate that self-regulatory programmes provide
reasonable assurance that professional accountants adhere to
the highest standards.
< In March 2004, IFAC issued seven Statements of Membership
Obligations (SMOs) to enhance the performance of
accountants worldwide.
< SMOs provide clear benchmarks to current and potential IFAC
member organisations to assist them in ensuring high- quality
performance by professional accountants.
< SMO 1 Quality Assurance requires member organisations and
firms to implement a system of quality control at the member
body level and in accordance with the International Standard
on Quality Control (ISQC 1).

2 SMO 1—Quality Assurance

Implemented by Member Bodies
Although SMOs are
not examinable
documents it
is important to
understand the
Quality control must be addressed at three levels: overall structure of
< the member body level (e.g. SMO 1); quality assurance and
< the firm level (e.g. ISQC 1); and how it is implemented
in the profession.
< the engagement level (e.g. ISA 220).

2.1 General
< SMO 1 requires that each member body has a mandatory
quality assurance review programme (i.e. a programme to be
used by the ACCA in monitoring partners and/or firms) that is
followed and meets, as a minimum, the requirements of SMO 1.
< If any part of the quality assurance review programme is
undertaken by external regulators, the scope of such reviews
must be established.

5-2 © 2014 DeVry/Becker Educational Development Corp. All rights reserved.

Ali Niaz - ali.niaz298@gmail.com

P7 Advanced Audit and Assurance (INT) Session 5 • Quality Control

Illustration 1 Quality Assurance Review

Programme in the UK

In the UK, all auditors of listed and major public interest entities (e.g. national
charities) are subject to independent review by the Audit Quality Review (AQR)
team of the Financial Reporting Council (FRC), the UK's independent regulator
for corporate reporting and governance.
See www.frc.org.uk for AQR reports of the major audit firms in the UK.
All professional audit firms in the UK are also subject to quality control reviews
by the various IFAC member bodies who concentrate on the audits of non-public
interest entities.
In both cases the aim is:
< to monitor firms' compliance with audit (and investment business)
regulations (assignment and firm-wide procedures); and
< to assist in the raising of standards in the profession.

< In establishing the quality control procedures required at the

overall firm level, member bodies must require the application
of ISQC 1 by member firms.
< Firms are expected to follow ISA 220 (as a minimum) in AQR reports could
quality control procedures at the assignment level. provide the basis
for examination
2.2 Quality Assurance Review Programme questions on quality
control. They will
< Designed to obtain reasonable assurance that: also highlight current
= the partner/firm being reviewed has an adequate system of issues relating to
quality control for the practice (e.g. based on ISQA 1) and audit quality control.
individual assignments (e.g. based on ISA 220);
= the partner/firm complies with that system; and
= the partner, firm and engagement teams have adhered to
professional standards (e.g. ISAs) and regulatory and legal
requirements in performing audits of financial statements
selected for review.
< The scope and design of the programme to ensure, for example:
= Review team members are professionally qualified,
independent, ethical and appropriately trained in review
methodology.
= Review team members have the authority and presence to
perform quality assurance reviews (i.e. they can robustly
challenge assignment partner's decisions and actions).
= Assessing compliance with IFRS and ISA by the firm reviewed.
= Reviews are documented and conclusions reported to
appropriate individuals (e.g. engagement partners,
compliance partners and technical partners).
= Firms apply corrective, educational, or monitoring
procedures as necessary from the findings of the review
and evaluate corrective actions.
= Disciplinary measures are imposed on those who refuse
to cooperate in the conduct of the review, fail to take
necessary corrective action, or are found to have serious
deficiencies in performance that cannot be dealt with by
meaningful remedial or educational measures.

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-3

Ali Niaz - ali.niaz298@gmail.com

Session 5 • Quality Control P7 Advanced Audit and Assurance

2.3 Review Cycle

< Can be cycle- or risk-based for selecting firms to review.
< All firms must be covered in the process.
2.3.1 Cycle Approach
< All firms must be reviewed at least once every three years.
< Firms with strong internal review systems (i.e. under ISQC 1)
may be reviewed once in the three-year cycle.
< Firms with less than strong review systems should be
reviewed more often (e.g. every year).
< Firms where difficulties were encountered may be reviewed
again the following year or at the end of a shorter time frame
(e.g. having been given six months to correct a fault).

2.3.2 Risk-Based Approach

< Risk factors include:
= Number of listed entity clients.
= Number of entities considered to be of public interest.
= Past results of quality assurance reviews, including:
— failure to meet Continuing Professional Development
(CPD) requirements;
— independence violations; or
— deficiencies in the design of, or compliance with, the
firm's system of quality control.
< Firms (or partners) not selected on risk-based factors must be
reviewed on the cycle basis.
< Entities that have a low number of listed entities may be
considered higher risk than those that have significant
numbers of listed entities on the basis of lower experience of
auditing such entities.
< It is not uncommon for a member body to review annually all
firms that audit listed entities and once every three years for
other firms.

5-4 © 2014 DeVry/Becker Educational Development Corp. All rights reserved.

Ali Niaz - ali.niaz298@gmail.com

P7 Advanced Audit and Assurance (INT) Session 5 • Quality Control

3 Quality Controls

Quality controls—the policies and procedures adopted by a firm

to provide reasonable assurance that all audits done by the firm are
being carried out in accordance with ISQC 1 Quality Control for Firms
that Perform Audits and Reviews of Historical Financial Information
and Other Assurance and Related Services Engagements and ISA 220
Quality Control for Audits of Historical Financial Information.

3.1 Importance of High-Quality Audit Work

< To achieve audit objectives.
< To operate effectively, efficiently and economically (e.g. by
identifying unnecessary procedures or alternative strategies).
< To avoid disputes with clients and minimise risk of litigation.
< To provide a professional service to clients.
< To ensure regulatory body visits proceed smoothly.
< To ensure staff are monitored and controlled (by reviewing the
performance of individual offices and personnel).
< To help identify training needs at all levels.
< To ensure staff appraisal systems operate effectively at all levels.
< To provide assurance of the audit process to stakeholders.

3.2 Scope of Policies and Procedures

3.2.1 Level of the Audit Firm (ISQC 1)
< Designed to provide with reasonable assurance that the firm
and its personnel comply with professional standards and
regulatory and legal requirements.
< Audit reports issued by the firm or engagement partners are
appropriate in the circumstances.

3.2.2 On Individual Audits (ISA 220)

< Designed to provide standards and guidance on specific
responsibilities of employees regarding quality control
procedures on individual audits.

3.2.3 Audit Quality Framework (IAASB)

< Describes the factors that contribute to audit quality in the
audit of financial statements.
< Explains the importance of appropriate interactions between
stakeholders and the various contextual (environmental)
factors.

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-5

Ali Niaz - ali.niaz298@gmail.com

Session 5 • Quality Control P7 Advanced Audit and Assurance

4 Audit Firm—ISQC 1

4.1 Organisation of International

Accountancy Practices
< Organisational forms (constitutions) include:
= sole practitioner;
= partnership; and
= limited liability partnership (LLP).
< The organisational hierarchy in a typical firm includes:

SENIOR
PARTNERS
PARTNERS

MANAGERS

ASSISTANT MANAGERS
& SUPERVISORS

AUDIT SENIORS &

ACCOUNTANTS-IN-CHARGE

AUDIT "JUNIORS" &

ACCOUNTING TRAINEES

< This hierarchy is particularly relevant to the quality control

review process (see later).

4.2 Purpose of Quality Control Policies

and Procedures
< Quality control policies and procedures ensure that ALL audits
are conducted in accordance with:
= ISAs;
= relevant national standards or practices; and
= applicable regulatory and legal requirements (e.g.
European Directives).
< Factors to be considered in determining the nature, timing and
extent of policies and procedures include:
= size and nature of practice;
= geographical dispersion;
= organisation; and
= appropriate cost/benefit considerations.
< Policies and procedures appropriate to small firms need not
be complex or time-consuming to be effective (e.g. a single
practitioner/external consultant may be responsible for
implementing/monitoring quality control policy and procedures).

5-6 © 2014 DeVry/Becker Educational Development Corp. All rights reserved.

Ali Niaz - ali.niaz298@gmail.com

P7 Advanced Audit and Assurance (INT) Session 5 • Quality Control

4.3 Elements
< A firm's system of quality control should include policies and
procedures addressing each of the following elements:
= Leadership responsibilities for quality in the firm;
= Ethical requirements;
= Acceptance and continuance of client relationships and
specific engagements;
= Human resources;
= Engagement performance; and
= Monitoring.

4.4 Example Control Procedures

4.4.1 Leadership Responsibilities
< To ensure "the buck stops here"; that the chief executive
officer, managing partner or managing board (or equivalent)
accept full responsibility for quality control:
= Need for quality orientated internal culture.
= Clear, consistent and frequent actions from senior
management emphasising quality control policies
and procedures.
= Recognition that the firm's business strategy requires quality
in all engagements.
= Commercial considerations must not override quality of work
done.
= Sufficient resources are provided to develop and support
quality control policies.
= Those with operational responsibility for quality control must
have sufficient experience, ability and authority.
4.4.2 Ethical Requirements
< To adhere to principles of the "Code of Ethics":
= Establish procedures to provide assurance that firm and
personnel comply with relevant ethical requirements—in
particular independence.
= Emphasise through leadership, education/training,
monitoring and dealing with non-compliance.
= Establish procedures to identify and deal with threats to
independence, including prompt notification by employees.
= Establish procedures to ensure that the firm is notified
of breaches of ethical and independence requirements—
prompt action to be taken.
= Communicate policies and procedures to personnel at all
levels, including details of new clients, so employees can
assess ethical and independence requirements.
= Maintain a client list and services provided and periodically
review associations with clients.
= Assign a relevant individual (e.g. engagement partner) to
resolve matters. Such matters are then considered by the
firm as a whole.
= Obtain staff declaration (e.g. prohibited investments not
held) at least annually.
= Establish policy for rotation of senior audit staff on listed
entities in accordance with IFAC ethical requirements.

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-7

Ali Niaz - ali.niaz298@gmail.com

Session 5 • Quality Control P7 Advanced Audit and Assurance

4.4.3 Acceptance and Retention of Clients

< To evaluate prospective and existing clients:*
= Consider integrity of potential and current clients
(e.g. business reputation, owners, managers, related *Consider
parties, governance, nature of operations, attitude to IFRS independence, ability
and internal controls, indications of money laundering). to serve and client
= Is competent to conduct/continue with the work, has the integrity.
time and resources to do so and can/does comply with all
ethical requirements.
= Re-evaluate existing clients when necessary (e.g. on
change of management/ownership/scope of engagement).
4.4.4 Human Resources
< To maintain technical standards, professional competence
and commitment to ethical, legal and regulatory standards
(exercise due care):
= Plan personnel needs and set hiring objectives.
= Recruitment criteria and procedures.
= Capabilities and competence, professional education,
training and work experience.
= Advancement policies and procedures, career development,
promotion.
= Performance evaluation (i.e. staff appraisal including
communication, leadership and training skills, client
relations and personal attitude).
4.4.5 Assignment of Engagement Teams
< To assign audit work to proficient personnel:
= Appropriate engagement partner and staff, capabilities,
competence, authority, experience and time to carry out
their roles.
= Monitor workload and availability of engagement partner
and senior staff top ensure they are able to adequately
carry out their functions.
= Assess capabilities and competence when assigning staff
and to determine level of supervision (e.g. practical
experience of similar assignments, understanding of
client's environment, technical knowledge, application of
professional judgement).
4.4.6 Engagement Performance
< To monitor the engagement:
= Briefing of engagement staff, understanding of objectives.
= Supervision, on-the-job training and coaching.
= Methods of reviewing work performed, significant
judgements made and form of report issued.
= Reviewing work carried out, timing and extent of the review.
= Documentation of the review.
= Keeping all policies and procedures current.

5-8 © 2014 DeVry/Becker Educational Development Corp. All rights reserved.

Ali Niaz - ali.niaz298@gmail.com

P7 Advanced Audit and Assurance (INT) Session 5 • Quality Control

4.4.7 Consultation
< To consult, within or outside the firm, with those of
appropriate expertise:
= Consultation on difficult or contentious matters.
= Documentation of nature, scope and outcome of
consultations.
= Internal or external individuals with appropriate experience
and knowledge.
= Research resources, collective experience and technical
expertise of firm.
= Differences of opinion must be resolved and documented.

4.4.8 Engagement Quality Control Review

< Consider:
= All listed companies and other high-risk entities to be
reviewed.
= Review to be conducted before report is issued.
= Nature, timing and extent of the review including assigning
review personnel.
= Documentation and review programmes (instructions,
guidelines, etc).
= Report findings and implement recommendations.
4.4.9 Monitoring
< To obtain reasonable assurance that the system of quality
control is relevant, adequate, operating effectively and
complied with in practice:
= On-going consideration and evaluation of new developments
in standards, etc.
= Periodic inspection of completed assignments.
= May involve external expertise.
= Communication of monitoring process and results to all
partners and staff.
= Clearly defined communication channels for personnel to
raise issues. These policies and
= Complaints and allegations about the quality of the procedures should
firm's work investigated by an independent partner with be communicated
appropriate experience (may include legal counsel). to personnel in
= Documentation of all aspects of the monitoring process and a manner that
the action taken. provides reasonable
assurance that they
= Documentation to provide evidence of the operation of each
are understood and
element of the system of quality control. implemented.

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-9

Ali Niaz - ali.niaz298@gmail.com

Session 5 • Quality Control P7 Advanced Audit and Assurance

5 Individual Audit

5.1 ISA 220

< IAS 220 takes the requirements of ISQC 1 and applies them
in the context of an individual audit.
< The engagement partner is responsible to ensure that ISQC 1
is met.*
= Leadership—takes responsibility for the overall quality of
*Quality control
the audit engagement. procedures appropriate
= Ethical requirements—considers whether members of the to the individual audit
engagement team have complied with ethical requirements. should be implemented,
= Independence—forms a conclusion on the independence in the context of the
firm's general policies
of the firm and engagement staff.
and procedures under
= Acceptance—satisfied that appropriate procedures ISQC 1.
regarding the acceptance and continuance of client
relationships and engagements have been followed, and
that conclusions reached are appropriate and have been
documented.
= Assignment of engagement team—satisfied that
the engagement team collectively has the appropriate
capabilities, competence and time to perform the audit
engagement in accordance with professional standards
and regulatory and legal requirements, and to enable an
appropriate auditor's report to be issued.
= Engagement performance—take responsibility for
the direction, supervision and performance of the audit
engagement in compliance with professional standards, etc
and for the auditor's report that is issued to be appropriate.
= Sufficient appropriate audit evidence before the
auditor's report is issued, the engagement partner,
through review of working papers and discussion with
the engagement team, should be satisfied that sufficient
appropriate audit evidence has been obtained to support
the conclusions reached.
= Consultation—be responsible for the engagement team
consulting on difficult/contentious matters.
— Be satisfied that the engagement team has consulted
appropriately during the course of the engagement.
— Be satisfied that the nature and scope of, and
conclusions resulting from, such consultations are
documented and agreed with the party consulted.
= Engagement review—determine that an engagement
quality control reviewer has been appointed.
— Discuss significant matters arising during the audit
engagement (and the engagement quality control
review) with the engagement quality control reviewer.
— Not issue the auditor's report until the completion of the
engagement quality control review.

5-10 © 2014 DeVry/Becker Educational Development Corp. All rights reserved.

Ali Niaz - ali.niaz298@gmail.com

P7 Advanced Audit and Assurance (INT) Session 5 • Quality Control

5.2 Assignment of Engagement Teams

< The appropriate capabilities and competence expected of the
engagement team as a whole include the following:
= An understanding of, and practical experience with, audit
engagements of a similar nature and complexity through
appropriate training and participation.
= An understanding of professional standards and regulatory
and legal requirements.
= Appropriate technical knowledge, including knowledge of
relevant information technology.
= Knowledge of relevant industries in which the client operates.
= Ability to apply professional judgement.
= An understanding of the firm's quality control policies and
procedures.

5.3 Direction
< Involves informing engagement team members of:
= their responsibilities;
= nature of the entity's business;
= risk-related issues;
= problems that may arise; and
= the detailed approach to the performance of the engagement.
< Communication tools:
= Team briefing
= Audit programme
= Time budgets
= Overall audit strategy and plan.

5.4 Supervision*
< Functions of personnel carrying out supervisory
responsibilities include: *This is closely related
= To monitor progress to consider whether: to both direction and
— assistants have the necessary skills and competence; review, and may
involve elements
— assistants understand the audit directions;
of both.
— work is being carried out in accordance with the overall
audit plan and the audit programme;
= To become informed of and address significant accounting and
auditing questions (e.g. by modifying the audit programme);
= To resolve, if possible, any differences of professional
judgement between personnel;
= To identify matters for consultation by more experienced
engagement team members during the audit engagement.

5.5 Review
< Work performed by a team member is reviewed by more
experienced team members.

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-11

Ali Niaz - ali.niaz298@gmail.com

Session 5 • Quality Control P7 Advanced Audit and Assurance

< Reviewers consider whether:

= work has been performed in accordance with professional
standards, regulatory and legal requirements;
= work has been performed in accordance with audit programme;
= there is a need to revise the nature, timing and extent of
work performed;
= work performed and results obtained are adequately
documented;
= all significant audit matters have been resolved, raised for
further consideration or are reflected in audit conclusions;
= objectives of audit procedures have been achieved;
= audit evidence is sufficient and appropriate to support the
*It is, for example,
audit opinion; and too late for the audit
= conclusions expressed are consistent with the results of the partner to review the
work performed and support the audit opinion. audit strategy after the
< Review on a timely basis:* audit has been carried
out. Where the audit
= overall audit plan and the audit programme;
involves high risk and
= assessments of inherent risk and control risk; subjective matters, a
= documentation of audit evidence obtained from substantive second partner would
procedures; and usually be involved at
all key review stages.
= financial statements, proposed audit adjustments and the
proposed auditor's report.

5.6 Quality Control Review Procedures*

5.6.1 Audit Review Panel
< A small number of partners and/or technical senior managers in
*Collectively, the
the firm (e.g. may be carried out by the technical department).
review procedures aim
< Acts as a source of reference to ensure a consistent approach to assess whether an
is adopted. engagement has been
< Before issuing audit report, panel considers: planned and performed
in accordance with
= conflicts of interest or other matters which may detract from
professional standards
objectivity; and whether reports
= proposed modifications; issued (or to be
= interpretation of statute; and issued) are appropriate
in the circumstances.
= contentious matters.

5.6.2 Second Partner Review

< This is a review within the firm.
< Second partner is as independent as possible but having
knowledge of client.
< Often considered as part of the standard audit approach to
that client.
< Review is in more depth than a panel review.
< Second opinion is compared with first and any conflict resolved
before issue of auditor's report.
< Time-consuming and expensive, therefore limited to high-risk
and public interest audits.

5-12 © 2014 DeVry/Becker Educational Development Corp. All rights reserved.

Ali Niaz - ali.niaz298@gmail.com

P7 Advanced Audit and Assurance (INT) Session 5 • Quality Control

5.6.3 "Hot" Review

< Conducted before the audit report is signed and issued. Aim
is to ensure that the audit file supports the audit opinion in
matters of high risk to the audit firm.
< Usually applied:
= to high-risk audits such as listed companies, public interest
entities, specialist audits (e.g. banks, extraction industry);
= where the audit report is to be modified or where
modification of the audit report was considered but
subsequently not applied;
= to the largest clients of each partner.
< May be conducted by the audit review panel or an independent
second partner.
< In greater depth than panel review (but time does not permit
as much detail as a second partner review).
< Concentrates on:
= conformity with firm's and professional standards (which
ever are higher);
= compliance with ISAs;
= ensuring all significant points and issues appropriately
dealt with;
= compliance of financial statements with statute and IFRSs;
= quality of discussions and reporting to those charged with
governance;
= appropriate consultations and conclusions reached on
contentious issues;
= quality of the report (and supporting arguments) to
management;
= adherence to terms of engagement letter;
= content of representation letter; and
= all matters fully documented.

5.6.4 Post-Audit Review

< "Cold" reviews performed after auditor's report issued.*

*For international firms, the review team is usually drawn from

different countries. For smaller firms (e.g. national networks or
individual partnerships) the function of the "cold review" is often
carried out by an external independent reviewer as part of the
training and technical services supplied by consortium.

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-13

Ali Niaz - ali.niaz298@gmail.com

Session 5 • Quality Control P7 Advanced Audit and Assurance

< Conducted by senior staff/partners from other offices.

< Objectives of review:
= evaluate assessment of independence;
= evaluate process of planning;
= identify that significant risks and responses adequately
dealt with;
= assess engagement team's review and response to risk
of fraud;
= review judgements made on materiality and significant risks;
= review audit sections for completeness and application of
work programme;
= significance of corrected and uncorrected errors;
= matters communicated to management and governance;
= confirm closedown procedures (e.g. going concern review,
subsequent events, management letter, representation
letter, contentious issues, etc);
= confirm firm's standards applied;
= check adequacy of documentation;
= appropriateness of the audit report issued;
= identify weaknesses in procedures and recommend
improvements;
= assist staff in performance of audit work; and
= recommend more efficient and cost effective audit approach.
< Recommendations must be followed up to ensure
implementation.
< Time-consuming therefore applied to selected audits covering
all partners and managers on a rotational basis.

6 Audit Quality Framework

The IAASB's consultation paper "A Framework for Audit Quality" is

examinable only to the extent that a relevant article is published in
Student Accountant. For wider reading, this section is based on the
framework as published in 2014 rather than the earlier consultation
paper.

6.1 Overview
< IAASB developed the framework to describe the different
elements that create the environment for audit quality at the
levels of the engagement, the firm and the national body.
< The framework is not a substitute for the ISA, ISQC, ethical
codes or other regulatory requirements and does not prescribe
additional standards or provide requirements for the conduct
of an audit. Instead, it aims to:
= Raise awareness of the key elements of audit quality;
= Encourage key stakeholders to explore ways to improve
audit quality; and
= Facilitate dialogue between audit quality stakeholders.

5-14 © 2014 DeVry/Becker Educational Development Corp. All rights reserved.

Ali Niaz - ali.niaz298@gmail.com

P7 Advanced Audit and Assurance (INT) Session 5 • Quality Control

< Key stakeholders and examples of the use of the framework

include:
= International audit networks, national audit firms,
professional accountancy organisations—to benchmark
their own quality-control procedures and communicate
improvements as necessary.
= Those charged with governance (e.g. audit committees)—to
consider the effectiveness of the audit.
= Public sector organisations—to assess effectiveness of an
audit in the public sector.
= Regulators (e.g. ACCA)—to assess regulations and guidance
relating to audit quality.
= Oversight bodies (e.g. FRC in the UK)—to evaluate their
activities aimed at enhancing audit quality.
= International/national standard setters—as a benchmark for
developing quality-control standards and guidance.
= Academics—to structure their academic research and
teaching activities.
< A high-quality audit has been achieved if the engagement
team:*
= Used relevant values, ethics and attitudes;
= Demonstrated appropriate knowledge, skills and experience
within a sufficient time frame to conduct the audit;
= Applied a rigorous audit process and quality-control
procedures that complied with laws, regulations and
applicable standards;
= Delivered sound and timely reports; and
= Had appropriate interaction with stakeholders.

*The highest audit quality is achieved in an environment in which the

auditor interacts with all participants in the financial reporting supply
chain (i.e. those involved in the preparation, approval, audit, analysis
and use of financial reports).

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-15

Ali Niaz - ali.niaz298@gmail.com

Session 5 • Quality Control P7 Advanced Audit and Assurance

6.2 Elements
< The elements of the framework are:
= Inputs
Contextual Factors
= Processes
= Outputs
Interactions
= Interactions
= Contextual
(also called
environmental) Those
Process
Charged
factors. with Regulators
Governance
6.2.1 Inputs
< Values, ethics
and attitudes of
auditors are mainly Audit
influenced by: Quality
= the culture of
the audit firm
(e.g. top-down Management Inputs Outputs Users
embedding of
ethical values);
= regulators (e.g.
ACCA Code of
Ethics); and
Auditor
= oversight bodies
(i.e. enforcers).
< Knowledge, skills
and experience of
auditors which are
driven by:
= the attractiveness of the profession as a career (recruitment
and retention);
= regulatory requirements (e.g. rigorous qualifications);
= in-house practical, technical and managerial training plus
on-the-job coaching and development.
6.2.2 Process
< Auditors apply a rigorous audit process and quality-control
procedures that comply with laws, regulations and applicable
standards.
< Audit methodologies are continuously reviewed and adapted to
developments in professional standards and to findings from
quality-control reviews and external, regulatory inspections.
< The process is transparent and communicated to stakeholders
in the process (e.g. junior audit team members, audit
committees) so that there is effective interaction.

5-16 © 2014 DeVry/Becker Educational Development Corp. All rights reserved.

Ali Niaz - ali.niaz298@gmail.com

P7 Advanced Audit and Assurance (INT) Session 5 • Quality Control

6.2.3 Outputs
< Are both external (e.g. audit report) and internal (e.g.
weakness letter).
< Reports and information may be from the auditor (as above)
or from any other stakeholder. For example:
= The financial statements
= Internal audit reports
= Regulatory inspection reports
= Disciplinary reports.

6.2.4 Interactions
< The key players in the financial reporting supply chain must
interact, formally and informally, at a high level to ensure and
continually improve audit quality. For example:
= Auditors and management (e.g. audit matters,
improvements to financial systems, observations on
regulatory matters).
= Auditors and those charged with governance (e.g. two-
way communication on matters of independence, risks and
controls).
= Auditors and shareholders (e.g. at AGMs).
= Auditors and regulators (e.g. in banking, insurance and
charity sectors).
= Management and those charged with governance (e.g. on
improvements in control systems).
= Management and regulators (e.g. under listing
requirements).
= Management and shareholders (e.g. investors' website).
= Those charged with governance and users of financial
statements (e.g. through the chairman's statement and
reports of committees).
= Regulators and users of financial statements (e.g.
publication of audit quality reviews of major firms).
6.2.5 Contextual
< Contextual factors have the potential to affect the nature and
quality of financial reporting and directly, or indirectly, audit
quality. Where appropriate, auditors should respond to these
factors when determining the audit strategy and the nature,
timing and extent of obtaining sufficient appropriate audit
evidence.
< These factors include:*
= The applicable financial reporting framework
= Laws and regulations
= Business practices and commercial law *Many of these are
= Corporate governance identified in ISA 315.
= Broader cultural factors
= Litigation environment
= Audit regulation
= Human resources (attracting, retaining and developing
"talent").

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-17

Ali Niaz - ali.niaz298@gmail.com

 Session 5 Quiz
Estimated time: 30 minutes

1. State what an SMO is. (1)

2. State what major QC issues were raised by the AQR (AIU) concerning UK audit firms. (2.1)
3. Describe the scope and design of a QC assurance review programme under SMO 1. (2.2)
4. True or false? High-quality audit work is essential to ensure that all audit fees will be
collected. (3.1)
5. Identify factors to be considered in determining the nature, timing and extent of quality
control policies and procedures. (4.2)
6. List SIX areas of example control procedures detailed in ISQC 1. (4.4)
7. Under ISQC 1, explain the reason for monitoring. (4.4.9)
8. Explain the concept of a "hot review" and when it would be used. (5.6.3)

Study Question Bank

Estimated time: 50 minutes

Priority Estimated Time Completed

Q9 Agnesal 50 minutes

5-18 © 2014 DeVry/Becker Educational Development Corp. All rights reserved.

Ali Niaz - ali.niaz298@gmail.com

NOTES

© 2014 DeVry/Becker Educational Development Corp. All rights reserved. 5-19

Ali Niaz - ali.niaz298@gmail.com