Page 48 - Internal Auditing Standards
P. 48
Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts
Exhibit 4.5-1
Keep track of: Description
Firm’s Risk • Client acceptance/continuance assessments.
Exposure • Reports from all persons responsible for some aspect of quality. This could
and Staff ’s include minutes of committee meetings (i.e., quality control), issues addressed,
Commitment or simply that there is nothing to report.
to Quality
• Firm-wide communications on the subject of quality.
• Most recent monitoring report, and the specific action steps required for each
deficiency found or recommendation made (who, what, when, etc.). Also track
dates when action steps are completed and send out reminders when necessary.
• Details of any client or third-party complaints about the firm’s work or the
behavior of the firm’s personnel. Also track how these complaints were
investigated, the results and communication with the complainant, and any
actions taken.
Ethics and • List of prohibited investments.
Independence • Details on what ethical (including independence) threats were identifi ed, and
the relevant safeguards that have been applied to eliminate or at least mitigate
such threats.
Personnel • Offer of employment.
• Evidence of reference checks performed on new employees.
• Actions to mentor, guide, and train new recruits.
• Copy and date of the annual staff confirmations on independence, and staff
knowledge of the firm’s quality control manual.
• Evidence of staff appraisals, including the date, and any actions resulting such as
attending training, etc.
• Staff scheduling, with comparisons of planned scheduling to actual.
• Dates of internal and external training sessions, the topics covered, and the
names of those who attended.
• Details of any disciplinary actions taken.
Engagement • Dates the team planning meeting was scheduled and when it actually took
Management place for all audit engagements.
• What files require engagement quality control reviews, who is assigned, and
the planned date. Then match the plan to who actually performed the review;
when it occurred; and any issues raised and their resolution.
• Reasons for any departures from any applicable ISA requirement, and the
alternative audit procedures performed to achieve the aim of that requirement.
• Details of consultations with others, and resolution of audit/accounting issues
raised, if any.
• Reasons for engagement delays and how such delays were addressed
and resolved. These could include changes in staff personnel, delays in
obtaining information, unavailability of client staff, scope restrictions, and any
disagreements with client management.
• Dating of the auditor’s report and compliance with the 60-day recommendation
for assembly of final engagement fi les.
• How monitor’s comments on the file were addressed.
46
