We are a Dallas, Texas CPA firm specializing in audit, review, compilation, and agreed upon procedures services for Texas businesses in a wide range of industries and sizes.
".25 The auditor should include in the audit documentation the following:(Ref: par. .A35)
Issues identified with respect to compliance with relevant ethical requirements and how they were resolved
Conclusions on compliance with independence requirements that apply to the audit engagement and any relevant discussions with the firm that support these conclusions
Conclusions reached regarding the acceptance and continuance of client relationships and audit engagements
The nature and scope of, and conclusions resulting from, consultations undertaken during the course of the audit engagement (Ref:par. .A36)
.26 The engagement quality control reviewer should document, for the audit engagement reviewed
that the procedures required by the firm's policies on engagement quality control review have been performed;
the date that the engagement quality control review was completed; and
that the reviewer is not aware of any unresolved matters that would cause the reviewer to believe that the significant judgments that the engagement team made and the conclusions it reached were not appropriate"
AU-C Section 230 addresses the auditor's responsibility to prepare audit documentation for an audit of financial statements. Section 230 also states that it is neither necessary nor practicable for the auditor to document every matter considered, or professional judgment made, in an audit.
Documentation of consultations with other professionals involving difficult or contentious matters that is sufficiently complete and detailed contributes to an understanding of
the issue on which consultation was sought and
the results of the consultation, including any decisions made, thebasis for those decisions, and how they were implemented.
"An effective system of quality control includes a monitoring process designed to provide the firm with reasonable assurance that its policies and procedures relating to the system of quality control are relevant, adequate, and operating effectively. The engagement partner should consider
the results of the firm's monitoring process as evidenced in the latest information circulated to the engagement partner by the firm and, if applicable, other network firms and
whether deficiencies noted in that information may affect the audit engagement. (Ref: par. .A32–.A34)"
QC section 10 requires the firm to establish a monitoring process designed to provide it with reasonable assurance that the policies and procedures relating to the system of quality control are relevant, adequate, and operating effectively.
In considering deficiencies that may affect the audit engagement, the engagement partner may consider measures the firm took to rectify the situation that the engagement partner considers sufficient in the context of that audit.
A deficiency in the firm's system of quality control does not necessarily
indicate that a particular audit engagement was not performed in accordance
with professional standards and applicable legal and regulatory requirements
or that the auditor's report was not appropriate.
.21 For those audit engagements, if any, for which the firm has determined that an engagement quality control review is required, the engagement partner should
determine that an engagement quality control reviewer has been appointed;
discuss significant findings or issues arising during the audit engagement, including those identified during the engagement quality control review, with the engagement quality control re-viewer; and
not release the auditor's report until the completion of the engagement quality control review. (Ref: par. .A23–.A25)
.22 The engagement quality control reviewer should perform an objective evaluation of the significant judgments made by the engagement team and the conclusions reached in formulating the auditor's report. This evaluation should involve
discussion of significant findings or issues with the engagement partner;
reading the financial statements and the proposed auditor's report;
review of selected audit documentation relating to the significant judgments the engagement team made and the related conclusions it reached; and
evaluation of the conclusions reached in formulating the auditor's report and consideration of whether the proposed auditor's report is appropriate. (Ref: par. .A26–.A31)
Differences of Opinion
.23 If differences of opinion arise within the engagement team; with those consulted; or, when applicable, between the engagement partner and the engagement quality control reviewer, the engagement team should follow the firm's policies and procedures for resolving differences of opinion."
An engagement quality control review is a process designed to provide an objective evaluation, before the report is released, of the significant judgments the engagement team made and the
conclusions it reached in formulating the auditor's report. The engagement quality control review process is only for those audit engagements, if any, for which the firm has determined that
an engagement quality control review is required, in accordance with its policies and procedures.
An engagement quality control reviewer is a partner, other person in the firm, suitably qualified external person, or team made up of such individuals, none of whom is part of the engagement team,
with sufficient and appropriate experience and authority to objectively evaluate the significant judgments that the engagement team made and the conclusions it reached in formulating the auditor's
report.
An engagement quality control review should be conducted in a timely manner at appropriate stages during the engagement so that significant findings or issues can be promptly resolved to the engagement quality control reviewer's satisfaction.
Documentation of the engagement quality control review may be completed after the
report release date as part of the assembly of the final audit file, as required in AU-C Section 230. However, when the engagement quality control review is completed after the auditor's report is dated and identifies instances where additional procedures or additional evidence is necessary, the date of the report should be changed to the date when the additional procedures have been satisfactorily completed or the additional evidence has been obtained, as required by AU-C Section 700.
The engagement partner should be alert for changes in circumstances in which an engagement quality control review is necessary, even though at the start of the engagement such a review was not required. The extent of the engagement quality control review may depend, among other things, on the complexity of the audit engagement and the risk that the auditor's report might not be appropriate in the circumstances. The performance of an engagement quality control review does not reduce the responsibilities of the engagement partner for the audit engagement and its performance.
Matters that may be considered in an engagement quality control review include the following:
Significant risks identified during the engagement in accordance with AU-C Section 315 and the responses to those risks in accordance with AU-C Section 330, including the engagement team's assessment of, and response to, the risk of fraud in accordance with AU-C Section 240
Judgments made with respect to materiality and significant risks
The significance and disposition of corrected and uncorrected misstatements identified during the audit
The matters to be communicated to management and those charged with governance and,when applicable, other parties, such as regulatory bodies
The engagement quality control reviewer may also consider the following:
The evaluation of the firm's independence with regard to the audit engagement
Whether appropriate consultation has taken place on matters involving differences of opinion or other difficult or contentious matters and the related conclusions arising from those consultations
Whether audit documentation selected for review reflects the work performed regarding the significant judgments and supports the conclusions reached
take responsibility for the engagement team undertaking appropriate consultation on difficult or contentious matters;
be satisfied that members of the engagement team have under-taken appropriate consultation during the course of the engagement, both within the engagement team and between the engagement team and others at the appropriate level within or outside the firm;
be satisfied that the nature and scope of such consultations are agreed with, and conclusions resulting from such consultations are understood by, the party consulted; and
determine that conclusions resulting from such consultations have been implemented. (Ref: par. .A20–.A22)"
Members of the engagement team have a responsibility to bring to the attention of appropriate personnel matters that, in their professional judgment, are difficult or contentious and may require consultation.
Effective consultation on significant technical, ethical, and other matters within the firm or, when applicable, outside the firm can be achieved when those consulted
are given all the relevant facts that will enable them to provide informed advice and
have appropriate knowledge, authority, and experience.
The engagement team may consult outside the firm (for example, when the firm lacks appropriate internal resources).The engagement team may take advantage of advisory services provided by other firms, professional and regulatory bodies, or commercial organizations that provide relevant quality
control services.
"The engagement partner should take responsibility for the following:
The direction, supervision, and performance of the audit engagement in compliance with professional standards, applicable legal and regulatory requirements, and the firm's policies and procedures (Ref: par. .A12–.A14 and .A19)
The auditor's report being appropriate in the circumstances"
The engagement partner should inform the engagement team about their responsibilities to comply with relevant ethical requirements and plan and perform the audit with professional skepticism, as required by AU-C Section 200.
A discussion with the engagement team should involve:
The objectives of the work to be performed
The nature of the entity's business
Risk-related issues
Problems that may arise
The detailed approach to the performance of the engagement
Supervision of the engagement team should include the following:
Tracking the progress of the audit engagement
Considering the competence and capabilities of individual members of the engagement team
Addressing significant findings or issues arising during the audit engagement
Identifying matters for consultation or consideration by qualified engagement team members during the audit engagement
".16 The engagement partner should be satisfied that the engagement team and any auditor's external specialists, collectively, have the appropriate competence and capabilities to
perform the audit engagement in accordance with professional standards and applicable legal and regulatory requirements and
enable an auditor's report that is appropriate in the circumstances to be issued. (Ref: par. .A9–.A11)"
The engagement partner has a responsibility to ensure that the engagement team members are competent and experienced enough to perform the audit engagement and issue an appropriate audit report.
In order to determine whether he has selected the appropriate engagement team, the engagement partner should make sure the engagement team has
understanding of, and practical experience with, audit engagements of a similar nature and complexity through appropriate training and participation.
understanding of professional standards and applicable legal and regulatory requirements.
technical expertise, including expertise with relevant IT and specialized areas of accounting or auditing.
knowledge of relevant industries in which the entity operates.
ability to apply professional judgment.
understanding of the firm's quality control policies and procedures.
".18 The engagement partner should take responsibility for reviews being performed in accordance with the firm's review policies and procedures. (Ref: par. .A15–.A16 and .A19) .19 On or before the date of the auditor's report, the engagement partner should, through a review of the audit documentation and discussion with the engagement team, be satisfied that sufficient appropriate audit evidence has been obtained to support the conclusions reached and for the auditor's report to be issued. (Ref: par. .A17–.A19)"
QC Section 10 recommends that suitably experienced team members review the work of other team members. As such, the engagement partner may delegate part of the review responsibility to other members of the engagement team.
A review consists of consideration of whether, for example
the work has been performed in accordance with professional standards and applicable legal and regulatory requirements;
significant findings or issues have been raised for further consideration;
appropriate consultations have taken place and the resulting conclusions have been documented and implemented;
the nature, timing, and extent of the work performed is appropriate and without need for revision;
the work performed supports the conclusions reached and is appropriately documented;
the evidence obtained is sufficient and appropriate to support the auditor's report; and
the objectives of the engagement procedures have been achieved.
Timely reviews by the engagement partner should the following items are appropriately addressed:
Critical areas of judgment
Significant risks
Other areas that the engagement partner considers important
The engagement partner need not review all audit documentation; however, he must document
the extent and timing of the reviews as required by AU-C Section 230.
An engagement partner taking over an audit during the engagement may review the work performed to the date of the change in order to assume the responsibilities of an engagement partner.
These direction, supervision, and review responsibilities are also required when the engagement team includes a member with expertise in a specialized area of accounting or auditing. For example the engagement partner might
Agree with that member upon the nature, scope, and objectives of that member's work and the respective roles of, and the nature, timing, and extent of communication between, that member and other members of the engagement team
Evaluate the adequacy of that member's work, including the relevance and reasonableness of that member's findings or conclusions and the consistency of those findings or conclusions with other audit evidence
".14 The engagement partner should be satisfied that appropriate procedures regarding the acceptance and continuance of client relationships and audit engagements have been followed and should determine that conclusions reached in this regard are appropriate. (Ref: par. .A7–.A8) .15 If the engagement partner obtains information that would have caused the firm to decline the audit engagement had that information been available earlier, the engagement partner should communicate that information promptly to the firm so that the firm and the engagement partner can take the necessary action. (Ref: par. .A8)"
The engagement partner is responsible for ensuring that the acceptance and continuance procedures are followed in accordance with AU-C Section 210. And if he later obtains information that would have caused the firm to decline the audit engagement, he should communicate that information to the firm so they can take the appropriate action.
According to QC Section 10, The following information is helpful for the engagement partner to access whether to accept or decline an audit engagement:
The integrity of the principal owners, key management, and those charged with governance of the entity
Whether the engagement team is competent to perform the audit engagement and has the necessary capabilities, including time and resources
Whether the firm and the engagement team can comply with relevant ethical requirements
Significant findings or issues that have arisen during the current or previous audit engagement and their implications for continuing the relationship
".11 Throughout the audit engagement, the engagement partner and other members of the engagement team should remain alert for evidence of noncompliance with relevant ethical requirements by members of the engagement team. (Ref: par. .A4) .12 If matters come to the engagement partner's attention, through the firm's system of quality control or otherwise, that indicate that members of the engagement team have not complied with relevant ethical requirements, the engagement partner, in consultation with others in the firm as appropriate, should determine that appropriate action has been taken.
Independence
.13 The engagement partner should form a conclusion on compliance with independence requirements that apply to the audit engagement. In doing so, the engagement partner should
obtain relevant information from the firm and, when applicable,
network firms to identify and evaluate circumstances and relationships
that create threats to independence;
evaluate information on identified breaches, if any, of the firm's
independence policies and procedures to determine whether they create a
threat to independence for the audit engagement; and
take appropriate action to eliminate such threats or reduce them to
an acceptable level by applying safeguards or, if considered
appropriate, to withdraw from the audit engagement when withdrawal is
possible under applicable law or regulation.The engagement partner
should promptly report to the firm any inability to resolve the matter
so that the firm may take appropriate action. (Ref: par. .A5–.A6)"
The engagement partner should constantly be on alert that the firm's ethical requirements are being met. This includes the engagement team's duty to
Fulfill its responsibilities
act in the public interest
act with integrity
be objective and independent;
and act with due care
A more detailed discussion of relevant ethics requirements were included in AU-C Section 200.16. If a member of the engagement team has not complied with a relevant ethical requirement, the engagement partner should take appropriate action.
The engagement partner should also determine whether the engagement is in compliance with independence rules by doing the following:
obtain information from the firm in order to identify relationships and threats to independence
identify any breaches to independence policies, if any, that would impair the independence of the engagement
take actions to eliminate threats to independence or reduce them to an acceptable level
A more detailed discussion of independence requirements were included in AU-C Section 200.15.
"The engagement partner should take responsibility for the overall quality on each audit engagement to which that partner is assigned. In fulfilling this responsibility, the engagement partner may delegate the performance of certain procedures to, and use the work of, other members of the engagement team and may rely upon the firm's system of quality control."
First, let's define a few terms noted in this requirement:
The engagement partner is the partner or other person in the firm who is responsible for the audit engagement and its performance and for the auditor's report that is issued on behalf of the firm and who, when required, has the appropriate authority from a professional, legal, or regulatory body.
A partner is any individual with authority to bind the firm with respect to the performance of a professional services engagement. For purposes of this definition, partner may include an employee with
this authority who has not assumed the risks and benefits of ownership.
Firms may use different titles to refer to individuals with this
authority.
A firm is a form of organization permitted by law or regulation whose
characteristics conform to resolutions of the Council of the AICPA and
that is engaged in public practice.
The engagement team is all partners and staff performing the engagement and any individuals engaged by the firm or a network firm who perform audit procedures on the engagement. This excludes an auditor's external specialist engaged by the firm or a network firm. The term engagement team
also excludes individuals within the client's internal audit function
who provide direct assistance on an audit engagement when the external
auditor complies with the requirements of section 610, Using the Work of
Internal Auditors.
Staff are professionals, other than partners, including any specialists that the firm employs.
A network firm is a firm or other entity that belongs to a network, as defined in ET section 0.400. A network is an association of entities, as defined in ET section 0.400, Definitions.
Leadership responsibilities are the tone at the top; for example, the engagement partner's communications and actions should emphasize:
the importance to audit quality of
performing work that complies with professional standards and applicable legal and regulatory requirements;
complying with the firm's applicable quality control policies and procedures;
issuing auditor's reports that are appropriate in the circumstances; and
the engagement team's ability to raise concerns without fear of reprisals and
the fact that quality is essential in performing audit engagements.
.01 This section addresses the specific responsibilities of the auditor regarding quality control procedures for an audit of financial statements. It also addresses, when applicable, the responsibilities of the engagement quality control reviewer. This section also applies, adapted as necessary, to other engagements conducted in accordance with generally accepted auditing standards (GAAS) (for example, a review of interim financial information conducted in accordance with section 930, Interim Financial Information). This section is to be read in conjunction with the AICPA Code of Professional Conduct and other relevant ethical requirements.
.02 Although Statements on Quality Control Standards are not applicable to auditors in government audit organizations, this section is applicable to auditors in government audit organizations who perform financial audits in accordance with GAAS.
System of Quality Control and the Role of the Engagement Teams
.03 Quality control systems, policies, and procedures are the responsibility of the audit firm. Under QC section 10, A Firm's System of Quality Control, the firm has an obligation to establish and maintain a system of quality control to provide it with reasonable assurance that
the firm and its personnel comply with professional standards and applicable legal and regulatory requirements and
reports issued by the firm are appropriate in the circumstances.
.04 Within the context of the firm's system of quality control, engagement teams have a responsibility to implement quality control procedures that are applicable to the audit engagement and provide the firm with relevant information to enable the functioning of that part of the firm's system of quality control relating to independence.
.05 Engagement teams are entitled to rely on the firm's system of quality control, unless the engagement partner determines that it is inappropriate to do so based on information provided by the firm or other parties.
.06 The engagement partner may use the assistance of other members of the engagement team or other personnel within the firm in meeting the requirements of this section. The requirements imposed by this section on engagement partners do not relieve other members of the engagement team of any of their professional responsibilities.
Effective Date
.07 This section is effective for engagements conducted in accordance with GAAS for periods ending on or after December 15, 2012.
Objective
.08 The objective of the auditor3 is to implement quality control procedures at the engagement level that provide the auditor with reasonable assurance that
the audit complies with professional standards and applicable legal and regulatory requirements and
the auditor's report issued is appropriate in the circumstances."
AU-C Section 220 provides the requirements for Quality Control in the audit of financial statements. It also discusses the requirements of the quality control review, if applicable, and should be read in conjunction with the AICPA Code of Professional Conduct.
Best practices for quality control policies are discussed in QC Section 10 "A Firm's System of Quality Control", which can be found at this link: https://www.aicpa.org/content/dam/aicpa/research/standards/auditattest/downloadabledocuments/qc-00010.pdf
QC Section 10 requires that the audit firm establish and maintain a system of quality control that provides reasonable assurance that the firm and its personnel comply with professional standards and legal and regulatory requirements, and the reports issued by the firm are appropriate in the circumstances. To fulfill that responsibility, QC Section 10 addresses the following topics:
Leadership responsibilities for quality within the firm
Relevant ethical requirements
Acceptance and continuance of client relationships and specific engagements
Human resources
Engagement performance
Monitoring
Engagement teams have a responsibility to comply with the quality control policies implemented by the audit firm, especially those related to independence. In addition, the engagement team is entitled to rely on the firm's system of quality control, for example:
competence of personnel through their recruitment and formal training.
independence through the accumulation and communication of relevant independence information.
maintenance of client relationships through acceptance and continuance systems.
adherence to applicable legal and regulatory requirements through the monitoring process.
Many of the requirements in this section are addressed to the engagement partner; but the engagement partner may delegate some of the duties to others within the firm. In turn, the duties imposed on engagement partners in this section does not relieve other engagement team members of their duties.
