260 likes | 705 Views
Documentation Working Papers & Quality Control. Regulation & Practice Workshop Skopje 25 November 2009 Paul F.M. Hurks (NIVRA). Regulation IFAC. Regulations on Documentation Working Papers & Quality Control SMO1 ISQC1 ISA 220 & 230. IFAC SMOs. Obligations for SCAAK as IFAC member:
E N D
Documentation Working Papers & Quality Control Regulation & Practice Workshop Skopje 25 November 2009 Paul F.M. Hurks (NIVRA)
Regulation IFAC Regulations on Documentation Working Papers & Quality Control SMO1 ISQC1 ISA 220 & 230
IFAC SMOs Obligations for SCAAK as IFAC member: • SMO 1 Quality Assurance • SMO 2 Education Standards • SMO 3 Auditing & Assurance Standards • SMO 4 Standards of Ethics • SMO 5 Public Sector Accounting Standards • SMO 6 Investigation & Discipline • SMO 7 IFRS
ICARM SMO-1 FIRM ISQC1-1 FIRM ISQC1 Professional ISA 220-230 Professional ISA 220-230 Professional ISA 220-230 Professional ISA 220-230 QA / QC: SMO 1. ISQC 1, ISA 220/230 3 levels: Professional ISA 220-230
IFAC SMO 1 • Implementation of a Quality Assurance Review Program (QARP) for Audit Engagements (AE) of Financial Statements (FS) • mandatory QARP for AE of FS of listed entities (minimum) • mandatory QARP for established and published criteria for all other AE of FS • Obligations on 3 levels: • (3rd) Oversight (MB / POB): review program: SMO 1 (= QA) • (2nd) Firm (including a sole practitioner): ISQC 1 (= QC) • (1st) Personal (audit professional, member): ISA 220 • Best endeavours to encourage and assist other responsible authorities to follow SMO 1, when applicable (government, regulators)
IFAC SMO 1 • Mandatory program tot assist members • Understand objectives (publication & CPD) • Implement and maintain an appropriate system (guidance / tools) • Mandatory review program • Selection on cycle approach (3 years) or risk based approach • Consider risk factors (listed entities, PIE, review results, quality and effectiveness of internal inspection program) • Reasonable frequency, even if not selected on risk based approach
IFAC SMO 1 • Review procedures • Assessment of the system of QC for listed entities • Review of QC policies and procedures & working paper review and discussions with staff to evaluate • Compliance with the system • Compliance with other regulatory and legal requirements • Working paper review includes • Existence & Effectiveness QC system • Compliance with regulatory and legal requirements • Evidence documented • Appropriateness of auditor’s report
IFAC SMO 1 • MB requires correction to member’s system, policies and procedures if not compliant • MB should take disciplinary actions with failing members • MB must be clear about linkage between conclusions and corrections • CPD, system, engagements, persons, number of peers • Reprimands, fines, suspension, expulsion
IFAC ISQC1 Obligations for Licensed firms (2nd level): • System for quality control for compliance with regulation • Leadership responsibility • Clients relationships & assignments • Human resources • Engagement performance • Monitoring • Documentation
IFAC ISQC1 • Leadership responsibility (tone at the top) • firm's mission: focus clearly on public interest • specialization (industry, clients) • assignments (audits, compilation, advice, tax) • tailored QC manual based on ISQC1 • procedures driven by checklists in a adequate way • procedures for timely updates of procedures in place • firm’s manual based on ethical requirements (CoE) • procedures for QC enforcement in place • standard audit programs available for tailoring purposes • communication
IFAC ISQC1 • Clients relationships & assignments • procedures for proposals, client & assignment acceptance & resignation • procedures for receiving client's assignment confirmation (ISA 210) • procedures refer to CoE requirements: integrity, objectivity, competence & due care, confidentiality, professional behaviour, independence • procedures include a written assessment of threats to CoE principles (7 steps) • procedures refer the assigning a licensed professional as the client partner • procedures refer to periodical partner rotation • procedures contain investigation of client's integrity & reputation • procedures contain investigation of fraud risks • communication
IFAC ISQC1 • Human resources • procedures for recruitment & retention of HR • procedures for assigning engagement teams based on availability, competence, skills and experience • Procedures for proper instruction & guidance for teams • procedures for facilitating training (internal) & education and CPD (external) based on IESs • procedures for supervision & periodical evaluation • procedures for reward & discipline • procedures for carreer planning • communication
IFAC ISQC1 • Engagement performance (1) • engagement process based on ISAs and tailored audit programs? • assign the team members based on criteria • budget the audit fee for the assignment • partner's role and responsibilities (e.g. pre-audit meeting, supervision) • procedures for threats/safequards of CoE principles (7 steps) • understanding the client's business & financial reporting system • assess materiality & risk (including fraud, non-compliance) • assess internal control risks & internal control reliance (including IT) • analytical review, substantive testing, cut-off, third party confirmations • choice and correct use of appicable accouning standards (local or IFRS)
IFAC ISQC1 • Engagement performance (2) • timely team member supervison and (independent partner) review • technical consultation & use of other auditors / experts • differences of opinion • assess safeguard going concern • receiving a Letter of Representation • wrap-up & evaluating audit evidence based on reassessment of materiality • assessing the appropriateness of the auditor's opinion, reporting (& signing) • communication with the client (opinion/findings/advice) • invoicing audit fee and budget evaluation • timely closure and archiving of working paper files
IFAC ISQC1 • Monitoring (Plan Do Check Act): TQM • planning • client / engagement acceptance • yearly independence declaration • incidents, internal & external: complaints, allegations • review & inspection • reporting & evaluation • HR (evalution, CPD) • follow-up procedures for removing deficiencies: adjustments, instructions, reprimands, sanctions • communication
IFAC ISQC1 • Documentation (ref. ISA 230) • strategy, policy, mission • (customized) manual & procedures, checklists, tools • working papers • inspection and (independent) reviews • monitoring (compliance officer) • file access & retention procedures • communication (make available)
IFAC ISA 220 Obligations for Professionals on Quality Control: What is quality? • For the client (client interest) advice & help, low taxes, quick response, compliance • For the society (public society interest) relevant information, integrity, trust, reliability, expertise, reputation, transparent, accountable Important for your strategy: • Quality Control is or will be a competitive tool! • It’s Integrity that sells the best!
IFAC ISA 220 Obligations for Professionals on Quality Control (1st level): • responsibility engagement partner • ethical requirements (e.g. independence) • client / engagement acceptance (information!) • assign the team members based on criteria • engagement performance • supervision & (independent) review • quality control • communication • documentation
IFAC ISA 230 Obligations for Professionals on Documentation: NOT DOCUMENTED IS THE SAME AS NOT DONE! “trust me > show me > prove me”
IFAC ISA 230 Obligations for Professionals on Documentation: • covers audit evidence to support the auditor’s opinion • shows compliance with • international & national standards and regulation, and • firm’s manual & procedures, including ethical requirements • shows ‘story of the audit’ planning, timing, accounting principles, extent audit work: materiality, (fraud)risk & respons (IC & IT), analytical review, substantive testing, third party confirmations, findings, results, consults, considerations & discussions, meetings with client management and governance responsibles, judgement & conclusions • due process: timely = instantly (direct support audit ‘work in process’) • accessable and understandable without explanation, also for ‘w.i.p’ for instruction, supervision and review purposes • Identification of assignment, partner, team members & reviewer(s) • wrap up, file closure, file retention
IFAC ISA 210 Obligations for Professionals on Assignment Confirmation: • written and signed in advance (first time & yearly renewal) • conditions: integrity, necessary data and cooperation, anti-fraud • responsibilities client and firm (Letter of Representation) • limitations assignment: audit, review, complilation, materiality • reference to ISAs & CoE • engagement partner • use of other experts • reporting • timing • budget, invoicing & payment • liability & limitation
SMP focus on documentation What often goes wrong in SMP audit practice?: • Strategy, mission, clients, quality focus (public interest) • Quality control manual, templates, procedures, checklists • Written assignment confirmation • ISA 240/250 and consequences for the audit • Tailored planning & work program based on ‘risk & respons’ • Work program documentation & completion (electronic files) • Clarity about who did what and when (identification)? (including supervision) • Substandard consultation performance • CPD registration • Code of Ethics (e.g. integrity, independence, expertise, confidentaility) • Considerations, evaluation & conclusions • TQM monitoring (inspection, independence declarations) • Firm going concern risk respons: deputization, insurance (public interest)
SMP Focus ISQC 1 ISQC 1 SMP facilities: Agreement with other (sole) practitioners: • Combining consultation activities (partly) • Combining inspection activities • Reciprocal compliance officer • Firm’s going concern (deputization)
Concluding remarks “Do you really want to be in this profession?” • Moral • Honourable • Responsible • Transparent • Ethical • Trustworthy • Focus on Public Society interest “What is your tone? (your personal fundamental incentive)?”