Page 44 - Internal Auditing Standards
P. 44
Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts
Internal Control Elements Engagement-Level QC
Firm-Level QC Elements (ISQC 1)
(ISA 315) Elements (ISA 220)
Information Systems Quality Control System Audit Documentation
(Tracking performance) Documentation
Control Activities (Prevent Engagement Performance Engagement Performance
& detect/correct controls)
Monitoring (Are the fi rm’s/ Ongoing Monitoring of the Firm’s Applying Results of Ongoing
engagement’s objectives being Quality Control Policies and Monitoring to Specifi c Audit
met?) Procedures Engagements
4.3 The Control Environment
Delivery of high-quality and cost-effective services is the principal driver of success for professional audit
firms. Quality service is also vital in relation to the public-interest responsibilities of professional accountants.
The provision of quality services should always be a key objective in the firm’s business strategy; that
objective needs to be communicated to all personnel on a regular basis, and the results monitored. This
requires leadership and accountability for promised actions. Poor quality control can lead to inappropriate
opinions, poor client service, lawsuits, and loss of reputation.
In smaller firms, some of the hindrances to a strong tone at the top could include matters set out below.
Exhibit 4.3-1
Hindrance Description
Poor Attitudes A poor attitude is at the heart of most hindrances to quality. It includes such attitudes
(but not necessarily this extreme) as the following:
• Firm continually operates in a crisis mode;
• Poorly planned engagements and activities are the norm;
• Poor commitment to quality or compliance with the highest ethical standards;
• Not caring about the expectations of quality by the public and other stakeholders;
• Regarding changes in auditing standards as only applicable to big entities.
Some practices and terminology may get changed to demonstrate compliance
on the surface, but in substance, the old audit practices continue as before;
• Belief that there is no risk to the firm in small audits—so work performed should
be minimal;
• Audit work tailored to the fee received—not the risk involved;
• Clients considered totally trustworthy by the control partner;
• Minimizing or avoiding the need for “engagement quality control reviews”;
• Belief that, because the clients pay the bill, they must get what they want;
• Partners keeping (or accepting) an audit client (for the fees generated) even
though it is (would be) highly risky for the fi rm;
• Unwillingness to adopt standard firm policies on quality control. A partner
wants files and working papers to be prepared his/her way without regard for
what others do; and
• Asking staff to follow the firm’s policies, but not complying personally (i.e., “do
what I say, not what I do”).
42
