Government of India has, in exercise of the powers conferred under section 28A of the Chartered Accountant Act 1949, constituted Quality Review Board to make recommendations to the Council with regard to the quality of services ( including audit services) provided by the member of the Institute and to guide member of the institute to improve the quality of services and adherence to the various statutory and other regulatory requirements.
Quality Review Board(QRB) was established by Parliament of India with the mandate to review the quality of audit services provided by the members of the ICAI and to guide its members to improve the quality of audit services. QRB also notes failure to adhere to the various statutory and other regulatory requirements.
From the inception, it is continued endeavour of the QRB to oversee the Audit firm’s audit quality services and to ensure that the audit firms deficiencies in statutory audit services for listed and other public interest entities, in particular , are being appropriately and suitably addressed.
Keeping in view the experience gained during the process of reviews being carried out by the QRB as well as international practices and requirements for audit oversight , the Board has formed study groups for the following areas :
?Toundertake holistic examination of the “ Procedure for Quality Review of Audit review, criteria used for the selection of the firms, review team composition, reporting, confidentiality and other aspects make recommendations to the Board for suggesting appropriate amendments.
?Tosuggest measure to raise audit quality bar in line with the stakeholders perceptions towards high quality financial reporting, effective audits and good corporate governance.
?Tosuggest framework for undertaking Root cause analysis of review findings.
Root causes and Takeaways for Key findings
Insight |
|
Root Causes |
|
Takeaways for Audit Firms |
SA |
Quality Control |
1. |
Audit firm did not have comprehensive SQC |
1. |
Improve implementation and documentation |
SQC-1 |
Framework |
|
document on various elements of quality |
|
for various elements of the systems of quality |
|
|
|
control or was not backed by evidence |
|
control as per SQC-1 |
|
|
|
supporting implementation. |
2. |
Maintain policy & procedure to notify |
|
|
2. |
CEO and Managing Partner did not fully |
|
breaches of independence requirements |
|
|
|
recognize how audit environment had |
3. |
Provide eligibility and maintain objectivity of |
|
|
|
changed, and did not understand required |
|
engagement quality control reviewer (EQCR) |
|
|
|
quality control system to be implemented. |
4. |
Maintain Staff appraisal policy |
|
|
3. |
CEO and Managing Partner did not take action |
5. |
Maintain policies and procedures with regard |
|
|
|
to enhance Partners awareness, capabilities |
|
to engagement performance, engagement |
|
|
|
and competence to improve audit quality and |
|
documentation and archival process |
|
|
|
perform audit engagements. |
6. |
Improve monitoring mechanism and take |
|
|
4. |
Failure to allocate sufficient resources, |
|
corrective actions for any of the deficiency |
|
|
|
enough time and experienced, competent |
|
identified during inspection process and |
|
|
|
engagement team including EQCR. |
|
communicate to its partner. |
|
|
5. |
Failure to implement policies and procedures |
|
|
|
|
|
for acceptance and continuance of |
|
|
|
|
|
engagements. |
|
|
|
|
6. |
Failure to test independence on engagements |
|
|
|
|
|
ensuring independence at all times. |
|
|
|
|
7. |
Failure to have learning calendar and ensuring |
|
|
|
|
|
that firm’s partners and employees are |
|
|
|
|
|
complying ICAI CPE rules. |
|
|
|
|
8. |
Failure to implement elements of monitoring |
|
|
|
|
|
activity. |
|
|
|
Agreeing Terms of |
|
|
1. |
Agree on terms of audit engagement with |
Para 3 of SA 210 |
|
Audit Engagement |
|
|
|
management |
|
|
|
|
|
2. |
Cover all aspects of the objective and scope of |
|
|
|
|
|
|
audit, responsibilities of the management and |
|
|
|
|
|
|
auditors in the EL |
|
|
|
|
|
3. Identify the applicable financial reporting |
|
||
|
|
|
|
framework in EL |
|
|
|
|
|
4. |
Make reference to expected form and content |
|
|
|
|
|
|
of any reports to be issued |
|
|
|
|
|
5. EL |
should be signed and dated within a |
|
|
|
|
|
|
reasonable time from date of appointment |
|
|
Audit |
1. |
Audit firm’s personnel did not fully recognise |
1. |
Prepare audit documentation on a timely basis |
Para 5 of SA 230 |
|
Documentation |
|
the importance of audit documentation. |
|
duly recording who performed and reviewed |
|
|
|
2. Engagement team did not fully verify whether |
|
audit work and the date/s of completion and |
|
||
|
|
audit documentation was prepared. |
|
review |
|
|
|
3. Engagement Partner did not review audit |
2. |
Prepare audit documentation to understand: |
|
||
|
|
documentation nor provided sufficient |
|
• |
Nature, timing and extent of audit |
|
|
|
attention because they placed too much |
|
|
procedures performed to comply with SAs |
|
|
|
confidence on sharing awareness of entity |
|
|
and applicable legal and regulatory |
|
|
|
issues and audit procedures to be performed |
|
|
requirements |
|
|
|
among their engagement team. |
|
• Results of audit procedures performed, |
|
|
|
4. Engagement Partner did not provide sufficient |
|
|
and audit evidence obtained |
|
|
|
|
direction and supervision to less experienced |
|
• Significant matters arising during audit, |
|
|
|
|
audit practitioners despite they were in |
|
|
conclusions reached, and significant |
|
|
|
majority due to frequent turnover. |
|
|
professional judgments made |
|
|
5. |
Engagement Partner did not conduct |
3. |
Document decisions of significant matters |
|
|
|
|
sufficient review of audit documentation. |
|
with management and those charged with |
|
|
|
6. Engagement Partner did not have proper |
|
governance |
|
||
|
|
EQCR in place. |
4. |
Put in place EQCR system and ensure |
|
|
|
|
|
|
compliance |
|
|
7. |
Audit firm did not have in place education |
5. |
Put in place education/training system with |
|
|
|
system with due consideration of experience |
|
due consideration of experience of audit |
|
|
|
of audit practitioners, scope of their audit |
|
practitioners, scope of their audit |
|
|
|
engagements, newly adopted audit standards |
|
engagements, newly adopted audit standards |
|
|
|
and other relevant factors. |
|
and other relevant factors |
|
|
|
|
6. |
Comply with policies and procedures for |
|
|
|
|
|
assembly and archival of work papers within |
|
|
|
|
|
stipulated time. |
|
A u d i t o r ’ s |
|
|
1. |
Maintain professional scepticism through out |
Para 10 of SA-240 |
Responsibilities |
|
|
|
the audit period |
|
relating to fraud in |
|
|
2. |
Make inquires of management and other |
|
audit of FS |
|
|
|
within the entity and not merely with MD and |
|
|
|
|
|
CFO. Inquiry should also be made with |
|
|
|
|
|
Chairman, Audit Committee, Board Members, |
|
|
|
|
|
Internal Audit Team, KMP and others not |
|
|
|
|
|
generally associated with audit on regular |
|
|
|
|
|
basis |
|
|
|
|
3. |
Identify and sufficiently respond to significant |
|
|
|
|
|
risks such as revenue recognition, journal |
|
|
|
|
|
entries and related parties by adequately |
|
|
|
|
|
performing sufficient work in the areas |
|
|
|
|
|
identified |
|
|
|
|
4. |
Review of accounting estimates for biases and |
|
|
|
|
|
performing adequate work |
|
|
|
|
5. |
Review policies frequently to determine if the |
|
|
|
|
|
materiality policies are still appropriate in |
|
|
|
|
|
terms of requirement of SAs |
|
Risk Assessment |
1. |
Audit firm failed to establish overall audit |
and Responses to |
|
strategy |
Assessed Risk |
2. |
Audit firm failed to include in the audit plan |
|
|
about the planned audit procedures including |
|
|
identification and assessment of risk of |
|
|
material misstatements that are required to |
|
|
be carried out so that the engagement |
|
|
complies with SAs. |
|
3. |
Audit firm failed to implement a suitable |
|
|
sampling methodology and document on file |
|
|
any calculations as proof thereof and that the |
|
|
extent of testing is an adequate response to |
|
|
the assessed risk levels. |
|
4. |
Audit firm failed to test IT related controls, |
|
|
testing IT generated reports, changes to IT |
|
|
systems and have adequate IT personnel on |
|
|
engagement. |
|
5. |
Lack of appropriate audit tools, training and |
|
|
experienced staff as well as review. |
|
6. |
Audit firm failed to document design and |
|
|
effectiveness of controls and performing |
|
|
appropriate test of controls. |
- Perform risk assessment procedure to provide SA 300, 315, 320,330 a basis for identification and assessment of
risks of material misstatement at the financial statement and assertion levels.
- Obtain understanding of nature of entity, its operations, its ownership and governance structures, type of investments that the entity is making and plans to make, including investments in SPEs.
- Obtain understanding internal control relevant to the audit
- Design and perform further audit procedures whose nature, timing and extent are based on and are responsive to assessed risk of material misstatement at the assertion level.
- Include in the audit plan about the planned audit procedures including identification and assessment of risk of material misstatements and appropriate audit responses that are required to be carried out so that engagement complies with SAs.
- Test IT related controls, IT generated reports and have appropriate planned procedures including changes to IT systems and have appropriate IT personnel on engagement.
- Document the design and effectiveness of controls and performing appropriate test of controls to obtain sufficient appropriate audit evidence.
Audit Evidence |
1. |
Engagement team identifies significant risks |
|
|
but completes audit procedures only by |
|
|
inquiry without obtaining sufficient |
|
|
appropriate audit evidence. |
|
2. |
Engagement team identifies inconsistencies |
|
|
and irregularities with other audit evidence |
|
|
but does not determine the necessity of |
|
|
additional audit procedures. |
|
3. |
Even though the assessed risk of material |
|
|
misstatement is high, the engagement team |
|
|
performs the tests of details only by obtaining |
|
|
the entity's internal vouchers and other less |
|
|
reliable audit evidence without assessing the |
|
|
quality of the obtained auditevidence. |
|
4. |
During sampling among the audit procedures |
|
|
in response to the assessed risk, the |
|
|
engagement team does not select samples |
|
|
from the appropriate selection range to reach |
|
|
a conclusion for the entire population |
|
5. |
Engagement team did not perform audit |
|
|
procedures to comprehensively understand |
|
|
the related parties. |
|
6. |
Engagement team did not perform procedures |
|
|
on the management’s methods and data used |
|
|
for accounting estimates. |
|
7. |
Engagement team did not assess the |
|
|
management’s bias. |
|
|
|
- Design and perform audit procedures that are appropriate in circumstances for obtaining sufficient appropriate audit evidence.
- Maintain control over external confirmation requests while using external confirmation procedures.
- Select items for the sample in such a way that each sampling unit in the population has a chance of selection.
- Perform audit procedures to comprehensively understand related parties
- Appropriately identify and assess risks of material misstatement in accounting estimates, and perform appropriate audit procedures to address such risks
- Perform analytical procedures during planning stage, audit performance and when forming overall conclusion as to whether financial statements are consistent with auditor’s understanding ofentity.
- Maintain documentation for work performed.
SA – 500, 505, 510, 520, 530, 540, 550, 570 and 580
Audit Conclusions |
1. |
Audit firm does not conclude the audit opinion |
and Reporting |
|
at the end of the audit, based on audit |
|
|
evidence obtained and sometimes they have |
|
|
pressure to complete the audit ontime |
|
|
|
- Form an opinion on FS based on evaluation of Para 6 of SA 700 conclusions drawn from audit evidence
obtained and express clearly that opinion through written report that also describes the basis for opinion.
- Obtain reasonable assurance about whether FS as a whole are free from material misstatements, whether due to fraud or error.
- Modify opinion in auditor’s report and conclude, based on audit evidence obtained, that the financial statements as a whole are not free from material misstatement. Have appropriate consultations within the Firm for any modifications to the audit report and document such consultations as part of work papers.
- Include an Emphasis of Matter paragraph in auditor’s report to draw users’ attention to matter presented or disclosed in financial statements that, in the auditor’s judgment, is of such importance that it is fundamental to users’ understanding.
- Obtain management representation letter before audit report is issued.