By Doris Flores Brooks, Director (North Pacific), PASAI
The American Institute of Certified Public Accountants (AICPA) has issued a new standard on a Firm’s System of Quality Management. To be compliant with the standard, systems are to be implemented by 15 December 2025, and will be effective for audits and reviews of financial statements for periods beginning from that date.
The standard applies to firms who perform audits of financial statements. It does not apply to government audit offices. However, they may find the standard useful in improving their overall internal quality control system and quality assurance.
INTOSAI has also issued an exposure draft of ISSAI 140 Quality Management for SAIs. The new ISSAI provides guidance on establishing and maintaining an appropriate system of quality management to cover all audit and other assurance work performed by each SAI.
SAIs operate under different mandates and models with their size varying greatly around the world. The guidance may not be equally applicable to all SAIs but is intended to lead SAIs towards the common goal of audit quality.
Here, I will outline some of the characteristics of the new AICPA standard and not the ISSAI 40 exposure draft.
The AICPA standard follows a new risk-based approach to include a risk assessment process, tailored quality management, revised components of systems of quality management, more robust leadership and governance requirements and an enhanced monitoring and remediation process.
The components of quality management
There are eight components of quality management:
Risk assessment process
Governance and leadership
Relevant ethical requirements
Acceptance and continuance of client relationships and specific engagements
Engagement performance
Resources
Information and communication
Monitoring and remediation process
Risk assessment process
Establish quality objectives, identify and assess quality risks, design and implement responses.
Governance and leadership
Office culture, leadership responsibility and accountability, office organisational structure, assignment of roles and responsibilities, resource planning and allocation and the tone at the top.
Relevant ethical requirements
Know the requirements and follow them.
Acceptance and continuance of client relationships and specific engagements
Establish the necessary objectives to make appropriate judgements.
Engagement performance
The office’s actions to promote and support consistent performance of quality engagements.
Resources
Obtain, develop, use, maintain, allocate and assign resources in a timely manner to enable the design and use of the system of quality management and performance engagement, including technological, intellectual and human resources.
Information and communication
Obtain, generate and use information about the system of quality management, and communicate information to internal and external parties on a timely basis.
Monitoring and remediation process
Provide the office with relevant, reliable and timely information about the design and use of the system of quality management and take appropriate action to remediate deficiencies on a timely basis.
An audit firm should design and use a system of quality management to provide it with reasonable assurance that its personnel:
fulfil their responsibilities in accordance with professional standards and applicable legal and regulatory requirements;
conduct engagements in accordance with standards and requirements; and
issue engagement reports that are appropriate in the circumstances.
For more information
Refer to AICPA’s Statements on Quality Management Standards A Firm’s System of Quality Management and Engagement Quality Reviews.
SAIs who operate in a congressional system (which is predominant in the North Pacific) can now pick and choose between the AICPA quality management statements or the ISSAI 40 exposure draft.
References
I acknowledge Dr Jeanne Yamamura. I obtained much of the above information from the session she presented on AICPA Quality Management Standards at the 2023 APIPA Conference.