Aud4033 Isa - 220
Aud4033 Isa - 220
Aud4033 Isa - 220
Applicability
International Standards on Auditing are to be applied in the audit of historical financial
information.
1
Effective Date in Malaysia
Copyright © December 2018 by the International Federation of Accountants (IFAC). All rights
reserved. Used with permission of IFAC. Contact Permissions@ifac.org for permission to
reproduce, store or transmit, or to make other similar uses of this document.
2
INTERNATIONAL STANDARD ON AUDITING 220
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
(Effective for audits of financial statements for periods
beginning on or after 1 January 2010)
CONTENTS
Paragraph
Introduction
Scope of this ISA ..................................................................................................................... 1
System of Quality Control and Role of Engagement Teams .................................................. 2−4
Effective Date .......................................................................................................................... 5
Objective ................................................................................................................................ 6
Definitions .............................................................................................................................. 7
Requirements
Leadership Responsibilities for Quality on Audits ................................................................... 8
Relevant Ethical Requirements ............................................................................................... 9−11
Acceptance and Continuance of Client Relationships and Audit
Engagements .................................................................................................................... 12−13
Assignment of Engagement Teams ........................................................................................ 14
Engagement Performance ...................................................................................................... 15−22
Monitoring ................................................................................................................................ 23
Documentation ........................................................................................................................ 24−25
Application and Other Explanatory Material
System of Quality Control and Role of Engagement Teams .................................................. A1−A2
Leadership Responsibilities for Quality on Audits ................................................................... A3
Relevant Ethical Requirements ............................................................................................... A4−A7
Acceptance and Continuance of Client Relationships and Audit
Engagements .................................................................................................................... A8−A10
Assignment of Engagement Teams ........................................................................................ A11−A13
Engagement Performance ...................................................................................................... A14−A33
Monitoring ................................................................................................................................ A34−A36
Documentation ........................................................................................................................ A37
International Standard on Auditing (ISA) 220, Quality Control for an Audit of Financial Statements,
should be read in conjunction with ISA 200, Overall Objectives of the Independent Auditor and the
Conduct of an Audit in Accordance with International Standards on Auditing.
3
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
Introduction
Scope of this ISA
1. This International Standard on Auditing (ISA) deals with the specific responsibilities of the
auditor regarding quality control procedures for an audit of financial statements. It also
addresses, where applicable, the responsibilities of the engagement quality control reviewer.
This ISA is to be read in conjunction with relevant ethical requirements.
Effective Date
5. This ISA is effective for audits of financial statements for periods beginning on or after 1 January
2010.
Objective
6. The objective of the auditor is to implement quality control procedures at the engagement level
that provide the auditor with reasonable assurance that:
(a) The audit complies with professional standards and applicable legal and regulatory
requirements; and
(b) The auditor’s report issued is appropriate in the circumstances.
Definitions
7. For purposes of the ISAs, the following terms have the meanings attributed below:
(a) Engagement partner2 – The partner or other person in the firm who is responsible for the
audit engagement and its performance, and for the auditor’s report that is issued on
behalf of the firm, and who, where required, has the appropriate authority from a
professional, legal or regulatory body.
(b) Engagement quality control review – A process designed to provide an objective
evaluation, on or before the date of the auditor’s report, of the significant judgments the
engagement team made and the conclusions it reached in formulating the auditor’s
report. The engagement quality control review process is for audits of financial
statements of listed entities and those other audit engagements, if any, for which the firm
has determined an engagement quality control review is required.
1
ISQC 1, Quality Control for Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance and
Related Services Engagements, paragraph 11
2
“Engagement partner,” “partner,” and “firm” should be read as referring to their public sector equivalents where relevant.
4
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
(c) Engagement quality control reviewer – A partner, other person in the firm, suitably
qualified external person, or a team made up of such individuals, none of whom is part
of the engagement team, with sufficient and appropriate experience and authority to
objectively evaluate the significant judgments the engagement team made and the
conclusions it reached in formulating the auditor’s report.
(d) Engagement team – All partners and staff performing the engagement, and any individuals
engaged by the firm or a network firm who perform audit procedures on the engagement.
This excludes an auditor’s external expert engaged by the firm or a network firm.3 The term
“engagement team” also excludes individuals within the client’s internal audit function who
provide direct assistance on an audit engagement when the external auditor complies with
the requirements of ISA 610 (Revised 2013).4
(g) Listed entity – An entity whose shares, stock or debt are quoted or listed on a recognized
stock exchange, or are marketed under the regulations of a recognized stock exchange
or other equivalent body.
(h) Monitoring – A process comprising an ongoing consideration and evaluation of the firm’s
system of quality control, including a periodic inspection of a selection of completed
engagements, designed to provide the firm with reasonable assurance that its system of
quality control is operating effectively.
(i) Network firm – A firm or entity that belongs to a network.
(j) Network – A larger structure:
(i) That is aimed at cooperation, and
(ii) That is clearly aimed at profit or cost-sharing or shares common ownership, control
or management, common quality control policies and procedures, common
business strategy, the use of a common brand name, or a significant part of
professional resources.
(k) Partner – Any individual with authority to bind the firm with respect to the performance of
a professional services engagement.
(l) Personnel – Partners and staff.
(m) Professional standards – International Standards on Auditing (ISAs) and relevant ethical
requirements.
(n) Relevant ethical requirements – Ethical requirements to which the engagement team and
engagement quality control reviewer are subject, which ordinarily comprise Parts A and
B of the International Ethics Standards Board for Accountants’ Code of Ethics for
Professional Accountants (IESBA Code) related to an audit of financial statements
together with national requirements that are more restrictive.
(o) Staff – Professionals, other than partners, including any experts the firm employs.
(p) Suitably qualified external person – An individual outside the firm with the competence and
capabilities to act as an engagement partner, for example, a partner of another firm, or an
employee (with appropriate experience) of either a professional accountancy body whose
members may perform audits of historical financial information or of an organization that
3
ISA 620, Using the Work of an Auditor’s Expert, paragraph 6(a), defines the term “auditor’s expert.”
4
ISA 610 (Revised 2013), Using the Work of Internal Auditors, establishes limits on the use of direct assistance. It also
acknowledges that the external auditor may be prohibited by law or regulation from obtaining direct assistance from internal
auditors. Therefore, the use of direct assistance is restricted to situations where it is permitted.
5
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
Requirements
Leadership Responsibilities for Quality on Audits
8. The engagement partner shall take responsibility for the overall quality on each audit
engagement to which that partner is assigned. (Ref: Para. A3)
Independence
11. The engagement partner shall form a conclusion on compliance with independence
requirements that apply to the audit engagement. In doing so, the engagement partner shall:
(Ref: Para. A5)
(a) Obtain relevant information from the firm and, where applicable, network firms, to identify and
evaluate circumstances and relationships that create threats to independence;
(b) Evaluate information on identified breaches, if any, of the firm’s independence policies and
procedures to determine whether they create a threat to independence for the audit
engagement; and
(c) Take appropriate action to eliminate such threats or reduce them to an acceptable level by
applying safeguards, or, if considered appropriate, to withdraw from the audit engagement,
where withdrawal is possible under applicable law or regulation. The engagement partner
shall promptly report to the firm any inability to resolve the matter for appropriate action. (Ref:
Para. A6–A7)
6
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
Engagement Performance
Direction, Supervision and Performance
15. The engagement partner shall take responsibility for:
(a) The direction, supervision and performance of the audit engagement in compliance with
professional standards and applicable legal and regulatory requirements; and (Ref: Para.
A14–A16, A21)
(b) The auditor’s report being appropriate in the circumstances.
Reviews
16. The engagement partner shall take responsibility for reviews being performed in accordance
with the firm’s review policies and procedures. (Ref: Para. A17–A18, A21)
17. On or before the date of the auditor’s report, the engagement partner shall, through a review
of the audit documentation and discussion with the engagement team, be satisfied that
sufficient appropriate audit evidence has been obtained to support the conclusions reached
and for the auditor’s report to be issued. (Ref: Para. A19–A21)
Consultation
18. The engagement partner shall:
(a) Take responsibility for the engagement team undertaking appropriate consultation on
difficult or contentious matters;
(b) Be satisfied that members of the engagement team have undertaken appropriate
consultation during the course of the engagement, both within the engagement team and
between the engagement team and others at the appropriate level within or outside the
firm;
(c) Be satisfied that the nature and scope of, and conclusions resulting from, such
consultations are agreed with the party consulted; and
(d) Determine that conclusions resulting from such consultations have been implemented.
(Ref: Para. A22–A23)
7
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
(d) Evaluation of the conclusions reached in formulating the auditor’s report and
consideration of whether the proposed auditor’s report is appropriate. (Ref: Para. A27–
A29, A31–A33)
21. For audits of financial statements of listed entities, the engagement quality control reviewer, on
performing an engagement quality control review, shall also consider the following:
(a) The engagement team’s evaluation of the firm’s independence in relation to the audit
engagement;
(b) Whether appropriate consultation has taken place on matters involving differences of
opinion or other difficult or contentious matters, and the conclusions arising from those
consultations; and
(c) Whether audit documentation selected for review reflects the work performed in relation
to the significant judgments and supports the conclusions reached. (Ref: Para. A30–A33)
Differences of Opinion
22. If differences of opinion arise within the engagement team, with those consulted or, where
applicable, between the engagement partner and the engagement quality control reviewer, the
engagement team shall follow the firm’s policies and procedures for dealing with and resolving
differences of opinion.
Monitoring
23. An effective system of quality control includes a monitoring process designed to provide the firm
with reasonable assurance that its policies and procedures relating to the system of quality control
are relevant, adequate, and operating effectively. The engagement partner shall consider the results
of the firm’s monitoring process as evidenced in the latest information circulated by the firm and, if
applicable, other network firms and whether deficiencies noted in that information may affect the
audit engagement. (Ref: Para A34–A36)
Documentation
24. The auditor shall include in the audit documentation: 5
(a) Issues identified with respect to compliance with relevant ethical requirements and how
they were resolved.
(b) Conclusions on compliance with independence requirements that apply to the audit
engagement, and any relevant discussions with the firm that support these conclusions.
(c) Conclusions reached regarding the acceptance and continuance of client relationships
and audit engagements.
(d) The nature and scope of, and conclusions resulting from, consultations undertaken during
the course of the audit engagement. (Ref: Para. A37)
25. The engagement quality control reviewer shall document, for the audit engagement reviewed,
that:
(a) The procedures required by the firm’s policies on engagement quality control review have
been performed;
(b) The engagement quality control review has been completed on or before the date of the
auditor’s report; and
(c) The reviewer is not aware of any unresolved matters that would cause the reviewer to believe
that the significant judgments the engagement team made and the conclusions it reached
were not appropriate.
***
5
ISA 230, Audit Documentation, paragraphs 8-11, and A6
8
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
9
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
Acceptance and Continuance of Client Relationships and Audit Engagements (Ref: Para. 12)
A8. ISQC 1 requires the firm to obtain information considered necessary in the circumstances
before accepting an engagement with a new client, when deciding whether to continue an
existing engagement, and when considering acceptance of a new engagement with an existing
client.6 Information such as the following assists the engagement partner in determining
whether the conclusions reached regarding the acceptance and continuance of client
relationships and audit engagements are appropriate:
• The integrity of the principal owners, key management and those charged with governance
of the entity;
• Whether the engagement team is competent to perform the audit engagement and has the
necessary capabilities, including time and resources;
• Whether the firm and the engagement team can comply with relevant ethical requirements;
and
• Significant matters that have arisen during the current or previous audit engagement, and
their implications for continuing the relationship.
A9. Law, regulation, or relevant ethical requirements 7 may require the auditor to request, prior to
accepting the engagement, the predecessor auditor to provide known information regarding
any facts or circumstances that, in the predecessor auditor’s judgment, the auditor needs to be
6
ISQC 1, paragraph 27(a)
7
See, for example, Section 210.14 of the IESBA Code.
10
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
aware of before deciding whether to accept the engagement. In some circumstances, the
predecessor auditor may be required, on request by the proposed successor auditor, to provide
information regarding identified or suspected non-compliance with laws and regulations to the
proposed successor auditor. For example, where the predecessor auditor has withdrawn from
the engagement as a result of identified or suspected non-compliance with laws and
regulations, the IESBA Code requires that the predecessor auditor, on request by a proposed
successor auditor, provides all such facts and other information concerning such non-
compliance that, in the predecessor auditor’s opinion, the proposed successor auditor needs
to be aware of before deciding whether to accept the audit appointment. 8
Engagement Performance
Direction, Supervision and Performance (Ref: Para. 15(a))
A14. Direction of the engagement team involves informing the members of the engagement team of
matters such as:
8
See, for example, Section 225.31 of the IESBA Code.
11
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
• Their responsibilities, including the need to comply with relevant ethical requirements,
and to plan and perform an audit with professional skepticism as required by ISA 200. 9
• Responsibilities of respective partners where more than one partner is involved in the
conduct of an audit engagement.
• The objectives of the work to be performed.
• The nature of the entity’s business.
• Risk-related issues.
• Problems that may arise.
• The detailed approach to the performance of the engagement.
Discussion among members of the engagement team allows less experienced team members to
raise questions with more experienced team members so that appropriate communication can
occur within the engagement team.
A15. Appropriate teamwork and training assist less experienced members of the engagement team
to clearly understand the objectives of the assigned work.
A16. Supervision includes matters such as:
• Tracking the progress of the audit engagement.
• Considering the competence and capabilities of individual members of the engagement
team, including whether they have sufficient time to carry out their work, whether they
understand their instructions and whether the work is being carried out in accordance
with the planned approach to the audit engagement.
• Addressing significant matters arising during the audit engagement, considering their
significance and modifying the planned approach appropriately.
• Identifying matters for consultation or consideration by more experienced engagement
team members during the audit engagement.
Reviews
Review Responsibilities (Ref: Para. 16)
A17. Under ISQC 1, the firm’s review responsibility policies and procedures are determined on the
basis that work of less experienced team members is reviewed by more experienced team
members.10
A18. A review consists of consideration whether, for example:
• The work has been performed in accordance with professional standards and applicable legal
and regulatory requirements;
• Significant matters have been raised for further consideration;
• Appropriate consultations have taken place and the resulting conclusions have been
documented and implemented;
• There is a need to revise the nature, timing and extent of work performed;
• The work performed supports the conclusions reached and is appropriately documented;
• The evidence obtained is sufficient and appropriate to support the auditor’s report; and
• The objectives of the engagement procedures have been achieved.
9
ISA 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International
Standards on Auditing, paragraph 15
10
ISQC 1, paragraph 33
12
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
Considerations Relevant Where a Member of the Engagement Team with Expertise in a Specialized
Area of Accounting or Auditing Is Used (Ref: Para. 15–17)
A21. Where a member of the engagement team with expertise in a specialized area of accounting
or auditing is used, direction, supervision and review of that engagement team member’s work
may include matters such as:
• Agreeing with that member the nature, scope and objectives of that member’s work; and the
respective roles of, and the nature, timing and extent of communication between that member
and other members of the engagement team.
• Evaluating the adequacy of that member’s work including the relevance and reasonableness
of that member’s findings or conclusions and their consistency with other audit evidence.
11
ISA 230, paragraph 9(c)
12
ISA 700 (Revised), Forming an Opinion and Reporting on Financial Statements, paragraph 49
13
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
A26. Completion of the engagement quality control review means the completion by the engagement
quality control reviewer of the requirements in paragraphs 20–21, and where applicable,
compliance with paragraph 22. Documentation of the engagement quality control review may be
completed after the date of the auditor’s report as part of the assembly of the final audit file. ISA
230 establishes requirements and provides guidance in this regard.13
Nature, Timing and Extent of Engagement Quality Control Review (Ref: Para. 20)
A27. Remaining alert for changes in circumstances allows the engagement partner to identify situations
in which an engagement quality control review is necessary, even though at the start of the
engagement, such a review was not required.
A28. The extent of the engagement quality control review may depend, among other things, on the
complexity of the audit engagement, whether the entity is a listed entity, and the risk that the
auditor’s report might not be appropriate in the circumstances. The performance of an
engagement quality control review does not reduce the responsibilities of the engagement
partner for the audit engagement and its performance.
A29. When ISA 70114 applies, the conclusions reached by the engagement team in formulating the
auditor’s report include determining:
• The key audit matters to be included in the auditor’s report;
• The key audit matters that will not be communicated in the auditor’s report in accordance
with paragraph 14 of ISA 701, if any; and
• If applicable, depending on the facts and circumstances of the entity and the audit, that
there are no key audit matters to communicate in the auditor’s report.
In addition, the review of the proposed auditor’s report in accordance with paragraph 20(b)
includes consideration of the proposed wording to be included in the Key Audit Matters section.
13
ISA 230, paragraphs 14-16
14
ISA 701, Communicating Key Audit Matters in the Auditor’s Report
15
ISA 315 (Revised), Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its
Environment
16
ISA 330, The Auditor’s Responses to Assessed Risks
17
ISA 240, The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements
14
QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
Documentation
A37. Documentation of consultations with other professionals that involve difficult or contentious
matters that is sufficiently complete and detailed contributes to an understanding of:
18
ISQC 1, paragraph 48
15
Dewan Akauntan, Unit 33-01, Level 33, Tower A, The Vertical, Avenue 3
Bangsar South City, No.8, Jalan Kerinchi, 59200 Kuala Lumpur, Malaysia
[phone] +603 2722 9000 [fax] +603 2722 9100
[web] www.mia.org.my [email] technical@mia.org.my