Extract ISQM Manual July 2022
Extract ISQM Manual July 2022
Extract ISQM Manual July 2022
Extracts
International Version 1
JULY 2022
The PCP ISQM Manual comprises of 4 sections:
• Guidance Manual;
• Root Cause Analysis
• Policies and Procedures
• Appendices: Sample forms and templates
As with all PCP products, once purchase has been made you will receive an e mail with
login details to our dedicated server where you can access all the products that you have
purchased from us.
If you require any assistance or have any questioons please contact Margaret on
Margaret@pcplimited.com or +44 151 625 7042
Detailed on the subsequent pages are some extracts of the various sections of the Manual.
Extract of ISQM Manual Guidance
2.0 Introduction
It is a mandatory requirement of ISQM 1 that all firms must design and implement risk
assessment procedures to establish the quality objectives, identify and assess quality
risks and design and implement responses to address those risks. This risk based
approach is a fundamental change from the requirements of ISQC 1.
A quality risk is defined in ISQM 1 as a risk that has a reasonable possibility of:
i) occurring; and
ii) individually or in combination with other risks, adversely affecting the
achievement of one or more quality objectives.
The purpose of using a risk based approach is to ensure that the firm tailors their System
of Quality Management (SOQM) to fit their own specific circumstances and considers the
factors which impact most on it.
It is important to recognise that the risk assessment should be done without having
regard to the existing system which is already in place from previous years.
Every firm must have a risk assessment process whose purpose is to establish quality
objectives, identify and assess quality risks, and design and implement responses to
address these risks. This will involve establishing both policies and procedures for the
firm.
The quality objectives are set out in the standard itself although additional objectives can
be added or sub objectives could be established. Both of these reflect the fact that
different firms have different circumstances. The quality objectives if they are achieved
collectively achieve the objectives of the SOQM. The quality objectives from one of the
pillars can overlap with or link into the quality objectives in another pillar. ISQM 1 requires
quality objectives to be set for the following components:
Engagement Performance
Resources
The firm’s risk assessment process and the monitoring and remediation process do not
contain quality objectives as these are set processes and ISQM 1 indicates specific
requirements of how these need to be applied.
The quality objectives should use the wording set out in the standard and should not be
amended.
The firm needs to consider and document the risks that could adversely impact on
achievement of the quality objectives. This is a significant departure from ISQC 1. Having
considered the risks the firm needs to establish if they are quality risks or not. A quality
risk only occurs if:
APPENDIX 01
Practice structure 7
APPENDIX 02
Audit Engagement Partner appraisal 8
APPENDIX 03
Fit and proper form for an individual 13
APPENDIX 04
Independence register 20
APPENDIX 05
Register of Public Interest Entities (PIEs) 22
APPENDIX 06
Annual declaration of confidentiality 24
APPENDIX 07
Independence questionnaire - Non PIEs 25
APPENDIX 08
Independence questionnaire – PIEs 37
APPENDIX 09
New client checklist 52
APPENDIX 10
Reappointment schedule 59
APPENDIX 11
Letter to client resigning as auditors 61
APPENDIX 12
Disengagement letter 62
APPENDIX 13
Interview questions 65
APPENDIX 14
Post interview assessment 68
APPENDIX 15
Letter requesting a reference 69
APPENDIX 16
Staff appraisal form 70
APPENDIX 17
CPD training record for staff 76
APPENDIX 18
International Education Standard (IES) 8 assessment form – for Audit Engagement
Partners 78
APPENDIX 19
Skills questionnaire for an individual 82
APPENDIX 20
Assignment of audit team 85
APPENDIX 21
Written agreement for consultation purpose 86
APPENDIX 22
Record of consultation 88
APPENDIX 23
Cold file review planning and control schedule 89
APPENDIX 24
Hot file review planning and control schedule 91
APPENDIX 25
Engagement quality review planning and control schedule 92
APPENDIX 26
Fit and proper form for the firm as a whole 93
APPENDIX 27
Template for audit file review engagements 95
APPENDIX 28
Guidance for conducting audit file review engagements 100
APPENDIX 29
ISQM annual whole firm review questionnaire 107
APPENDIX 30
Specimen subcontractor agreement 118
APPENDIX 31
Justification of professional indemnity insurance cover level 119
APPENDIX 32
Complaints form 120
APPENDIX 33
Annual conflict of interest declaration 121
APPENDIX 34
Conflicts of interest register – partners, directors, employees, consultants and
subcontractors 123
APPENDIX 35
Register of audit clients 124
APPENDIX 36
Evaluation of findings form 125
APPENDIX 37
Root cause assessment form 126
APPENDIX 38
Evaluation of previous deficiencies form 127
APPENDIX 39
Assessing a service provider checklist 128
APPENDIX 40
Induction policy and procedures for new staff 130
APPENDIX 41
Grievance procedures 138
APPENDIX 42
Register of gifts and hospitality 139
Appendix 3
Name:
Generally professional bodies audit regulations require the firm to obtain confirmation
from all partners, staff, sub-contractors, service providers and consultants involved in
audits that they:
• are independent;
All partners, staff, subcontractors and consultants should confirm that they understand
and will comply with the restrictions against insider dealing. Please complete this form,
sign it and return it to insert name by insert date at the latest.
Please let Insert name of the Individual with Ultimate Responsibility and
Accountability for the Statement of Quality Management (IAUR) know if you have any
questions. You will be asked to renew this statement every year. In the meantime,
any changes must immediately be notified to the Insert name of the Individual with
Ultimate Responsibility and Accountability for the Statement of Quality Management
(IAUR).
A INDEPENDENCE
In accordance with the policies of insert name of the firm, all partners, professional staff
and others involved in or otherwise connected with professional work must complete and
sign a statement of independence as a condition of employment.
1 Do you or anyone closely connected with you, have any beneficial interest* in
any client of the firm or in a trust holding shares or investments in any client?
YES / NO
Where the answer is ‘yes’, please list below the investments held.
INSERT ANSWER
2 Do you or anyone closely connected with you, hold voting rights in any other firm
of statutory auditors?
YES / NO
If ‘yes’, give details.
INSERT ANSWER
3 Have you or anyone closely connected with you, been employed by any audit
client of the firm during the last two years or are you currently in substantive
negotiations with a view to joining any audit client?
YES / NO
INSERT ANSWER
4 Have you or anyone closely connected with you been seconded to or involved in
the management, business activities or records of any client?
YES / NO
INSERT ANSWER
5 Do you or anyone closely connected with you, have a mutual business interest
with a client or a principle
of a client?
YES / NO
INSERT ANSWER
6 Do you or anyone closely connected with you, have a loan from or to or given
or accepted any guarantee from or to a client?
YES / NO
INSERT ANSWER
7 Are you or anyone closely connected with you, intending to join, or are currently
in substantive negotiations with a view to joining, any client?
YES / NO
—
SECTION 01
Elements of a Quality Management System
SECTION 02
The firm’s risk assessment process 8
SECTION 03
Governance and leadership 10
SECTION 04
Relevant ethical requirements 14
SECTION 05
Acceptance and continuance of client relationships & specific engagements 22
SECTION 06
Resources 26
SECTION 07
Engagement performance 35
SECTION 08
Information and communication 40
SECTION 09
Monitoring and remediation process 45
SECTION 10
Specified responses 52
SECTION 11
Network requirements and related services 54
SECTION 12
Evaluating the System of Quality Management 57
SECTION 13
Documentation 61
SECTION 14
ISQM 2 63
7.0 The firm’s policy on engagement performance
➢ The firm will ensure all audit work is adequately planned, controlled, supervised
and reviewed such that all reports issued are appropriate in the circumstances.
➢ The firm’s policy is that responsibility for the internal quality control system must
lie with a person eligible for appointment as a statutory auditor. This person is the
Individual Assigned Ultimate Responsibility and Accountability for the System of
Quality Management (IAUR).
➢ The firm’s policy is to ensure that sufficient time is provided for staff to conduct all
audit and assurance assignments to a good standard.
The following systems will be used on the following assignments covered by ISQM 1:
WORK
VERSION LATEST VERSION
ASSIGNMENT TYPE PROGRAMME
DATE YES / NO
USED
Audit
Other Special
Category Audit (list)
Grant Application
Certificates
Other Assurance
Services (list)
Review Engagements
(limited assurance
review engagement)
The firm completes their standard audit programme for all audits and will tailor the audit
programme to suit the circumstances of the specific client concerned.
➢ Where difficult or contentious issues arise, the firm is committed to ensuring that
the nature, scope, extent and results of the consultation are documented.
➢ A written agreement for consultation purposes (Appendix 21) exists for all
external engagements. Irrespective of whether or not the consultation is internal
or external, a record of consultation (Appendix 22 ) must be completed.
➢ All consultations must take place within 14 days of the matter being notified as
arising if a service provider is used, their competence will be assessed using the
“Assessing a Service Provider Form” at Appendix 39.
➢ For PIEs, if a difference of opinion arises between the Ethics Partner and
persons consulting them, and the firm concludes that the opinion of the Ethics
Partner is not to be followed then the matter must be reported to the firm’s
independent non-executives or the firm’s most senior governance body. The
Audit Engagement Partner also has to report this matter to those charged with
governance.