Quality Control for an Audit of Financials
ISA 220 Scope
ISA 220 deals with the specific responsibilities of the auditor regarding quality control procedures for an audit of financial statements. It also addresses, where applicable, the responsibilities of the engagement quality control reviewer. This ISA is to be read in conjunction with relevant ethical requirements.
System of Quality Control and Role of Engagement Teams
Quality control systems, policies and procedures are the responsibility of the audit firm. Under ISQC 1, the firm has an obligation to establish and maintain a system of quality control to provide it with reasonable assurance that:
- The firm and its personnel comply with professional standards and applicable legal and regulatory requirements; and
- Reports issued by the firm or engagement partners are appropriate in the circumstances.
ISA 220 is premised on the basis that the firm is subject to ISQC 1 or to national requirements that are at least as demanding.
Within the context of the firm’s system of quality control, engagement teams have a responsibility to implement quality control procedures that are applicable to the audit engagement and provide the firm with relevant information to enable the functioning of that part of the firm’s system of quality control relating to independence.
Engagement teams are entitled to rely on the firm’s system of quality control, unless information provided by the firm or other parties suggests otherwise.
Effective Date of ISA 220 15 December 2009
ISA 220 Objective
The objective of the auditor is to implement quality control procedures at the engagement level that provide the auditor with reasonable assurance that:
- The audit complies with professional standards and applicable legal and regulatory requirements; and
- The auditor’s report issued is appropriate in the circumstances.
Definitions
For definitions refer definitions page
ISA 220 Requirements
Leadership Responsibilities for Quality on Audits
The engagement partner shall take responsibility for the overall quality on each audit engagement to which that partner is assigned.
Throughout the audit engagement, the engagement partner shall remain alert, through observation and making inquiries as necessary, for evidence of non-compliance with relevant ethical requirements by members of the engagement team.
If matters come to the engagement partner’s attention through the firm’s system of quality control or otherwise that indicate that members of the engagement team have not complied with relevant ethical requirements, the engagement partner, in consultation with others in the firm, shall determine the appropriate action.
Independence
The engagement partner shall form a conclusion on compliance with independence requirements that apply to the audit engagement. In doing so, the engagement partner shall:
- Obtain relevant information from the firm and, where applicable, network firms, to identify and evaluate circumstances and relationships that create threats to independence;
- Evaluate information on identified breaches, if any, of the firm’s independence policies and procedures to determine whether they create a threat to independence for the audit engagement; and
- Take appropriate action to eliminate such threats or reduce them to an acceptable level by applying safeguards, or, if considered appropriate, to withdraw from the audit engagement, where withdrawal is possible
under applicable law or regulation. The engagement partner shall promptly report to the firm any inability to resolve the matter for appropriate action.
Acceptance and Continuance of Client Relationships and Audit Engagements
The engagement partner shall be satisfied that appropriate procedures regarding the acceptance and continuance of client relationships and audit engagements have been followed, and shall determine that conclusions reached in this regard are appropriate.
If the engagement partner obtains information that would have caused the firm to decline the audit engagement had that information been available earlier, the engagement partner shall communicate that information promptly to the firm, so that the firm and the engagement partner can take the necessary action.
Assignment of Engagement Teams
The engagement partner shall be satisfied that the engagement team, and any auditor’s experts who are not part of the engagement team, collectively have the appropriate competence and capabilities to:
- Perform the audit engagement in accordance with professional standards and applicable legal and regulatory requirements; and
- Enable an auditor’s report that is appropriate in the circumstances to be issued.
Engagement Performance Direction, Supervision and Performance
The engagement partner shall take responsibility for:
- The direction, supervision and performance of the audit engagement in compliance with professional standards and applicable legal and regulatory requirements; and
- The auditor’s report being appropriate in the circumstances.
Reviews
The engagement partner shall take responsibility for reviews being performed in accordance with the firm’s review policies and procedures.
On or before the date of the auditor’s report, the engagement partner shall, through a review of the audit documentation and discussion with the engagement team, be satisfied that sufficient appropriate audit evidence has
been obtained to support the conclusions reached and for the auditor’s report to be issued.
Consultation
The engagement partner shall:
- Take responsibility for the engagement team undertaking appropriate consultation on difficult or contentious matters;
- Be satisfied that members of the engagement team have undertaken appropriate consultation during the course of the engagement, both within the engagement team and between the engagement team and others at the appropriate level within or outside the firm;
- Be satisfied that the nature and scope of, and conclusions resulting from, such consultations are agreed with the party consulted; and
- Determine that conclusions resulting from such consultations have been implemented.
Engagement Quality Control Review
For audits of financial statements of listed entities, and those other audit engagements, if any, for which the firm has determined that an engagement quality control review is required, the engagement partner shall:
- Determine that an engagement quality control reviewer has been appointed;
- Discuss significant matters arising during the audit engagement, including those identified during the engagement quality control review, with the engagement quality control reviewer; and
- Not date the auditor’s report until the completion of the engagement quality control review.
The engagement quality control reviewer shall perform an objective evaluation of the significant judgments made by the engagement team, and the conclusions reached in formulating the auditor’s report. This evaluation shall involve:
- Discussion of significant matters with the engagement partner;
- Review of the financial statements and the proposed auditor’s report;
- Review of selected audit documentation relating to the significant judgments the engagement team made and the conclusions it reached; and
- Evaluation of the conclusions reached in formulating the auditor’s report and consideration of whether the proposed auditor’s report is appropriate.
For audits of financial statements of listed entities, the engagement quality control reviewer, on performing an engagement quality control review, shall also consider the following:
- The engagement team’s evaluation of the firm’s independence in relation to the audit engagement;
- Whether appropriate consultation has taken place on matters involving differences of opinion or other difficult or contentious matters, and the conclusions arising from those consultations; and
- Whether audit documentation selected for review reflects the work performed in relation to the significant judgments and supports the conclusions reached.
Differences of Opinion
If differences of opinion arise within the engagement team, with those consulted or, where applicable, between the engagement partner and the engagement quality control reviewer, the engagement team shall follow the firm’s policies
and procedures for dealing with and resolving differences of opinion.
Monitoring
An effective system of quality control includes a monitoring process designed to provide the firm with reasonable assurance that its policies and procedures relating to the system of quality control are relevant, adequate, and operating
effectively. The engagement partner shall consider the results of the firm’s monitoring process as evidenced in the latest information circulated by the firm and, if applicable, other network firms and whether deficiencies noted in that
information may affect the audit engagement.
Documentation
The auditor shall include in the audit documentation:
- Issues identified with respect to compliance with relevant ethical requirements and how they were resolved.
- Conclusions on compliance with independence requirements that apply to the audit engagement, and any relevant discussions with the firm that support these conclusions.
- Conclusions reached regarding the acceptance and continuance of client relationships and audit engagements.
- The nature and scope of, and conclusions resulting from, consultations undertaken during the course of the audit engagement.
The engagement quality control reviewer shall document, for the audit engagement reviewed, that:
- The procedures required by the firm’s policies on engagement quality control review have been performed;
- The engagement quality control review has been completed on or before the date of the auditor’s report; and
- The reviewer is not aware of any unresolved matters that would cause the reviewer to believe that the significant judgments the engagement team made and the conclusions it reached were not appropriate.