AUD 689

ADVANCED AUDITING

TOPIC 2b
Quality Control (Audit
Quality)

1
YMI/AUD689/OCT2020
Learning Objectives

 To understand the elements of audit

quality based on ISQC 1 and ISA 220
 To understand the importance of quality
control to auditors

2
Audit Quality
 Quality Controls – a system that relates to the concept of
professional competence and the meeting of professional
standards (technical and ethical) in providing professional
services, so that audit failure and audit risk are reduced to
an acceptable low level.

 Four categories of audit deficiencies:

◦ tendency to accept management’s representations without adequate
verifications
◦ inadequate documentation of audit work
◦ failure to report any departures from accounting standards
◦ uncritical acceptance of questionable accounting practices

 In order to provide high quality work, one of important

element is audit engagement partner should take ultimate
responsibility for the overall quality on each audit
engagement
Audit Quality
 Reasons why we should provide quality audit service:
◦ to ensure professional standards are complied
◦ to restore and enhance public confidence

 Quality control in auditing must be developed at the

professional level (setting technical and ethical standards),
at the firm level (policies for its own practice) and also at
the engagement level (policies for every engagement).

 The audit firm should develop a quality control policies

and procedures to ensure that all audits are conducted in
accordance with ISAs or relevant national standard or
practices. This SOP however is depending on size of
practice, nature of practice and cost/benefit consideration.
Audit Quality
 Two components:
◦ International Standard on Quality Control (ISQC) 1, Quality
Control for Firms that Perform Audits and Reviews of Financial
Statements and Other Assurance and Related Services Engagements
◦ ISA 220 – Quality Control for an Audit of Financial Statements

 ISQC 1 and ISA 220 are both developed by IFAC and

adopted by MIA. ISQC 1 is intended for all assurance
engagement at firm level and ISA 220 provide quality
control standards applicable at engagement level.

 The audit quality is intended to tackle quality issues at

different level in providing professional services, such as:-
◦ Firm Level quality issue such as standard audit manual or program,
audit letters (bank confirmation), standard policy and procedure on
ethical issues, client acceptance, charged out rates and etc..
◦ Engagement Level Quality issue issues such as accepting new
appointment, sufficient qualified staff and etc.
Elements of Quality Control (ISQC 1)
- Firm Level
Elements of Policies and procedures SHOULD BE ESTABLISHED
Quality Control BY THE FIRM TO:
1- Leadership Emphasis on top level management where they
responsibilities should support and reinforce the important of quality
for quality control. They should recognises and reward the high
quality work and not only focus on the commercial
driven.
2 - Ethical Ensure fundamental principles of ethic are complied
requirement with. For example to address independent issues,
firm should put in place policies and procedures to
(Must have identify and evaluate threats to independence and
independence take necessary action. The partner should inform
checklist) about the client and scope of work so that the firm
can assess the impact on independent and any
indication of threats to independence should always
relay to the firm.
Elements of Quality Control (ISQC 1)
- Firm Level
Elements of Policies and procedures SHOULD BE ESTABLISHED BY
Quality Control THE FIRM TO:

3 - Acceptance (Important to ensure the client has integrity,

and continuance firm is competent to perform the engagement
of clients and and able to comply with ethical requirement
engagements such as independent).
So policy develop must ensure the firm is
thoroughly/timely evaluate existing and prospective
client. For example: to identify the attitude and
reputation of the key management, owners, related
parties. Nature of client business, reason of
appointment etc.
With that the firm should evaluate whether they have
the necessary resources, whether may give rise to a
conflict of interest and ultimately to decide whether to
accept or not to accept the appointment.
Elements of Quality Control (ISQC 1)
- Firm Level
Elements of Policies and procedures SHOULD BE ESTABLISHED BY
Quality Control THE FIRM TO:

4 - Human Cover the policies and procedures that relates to

resources recruitment process, development of competence,
carrier development, performance evaluation and
compensation to the staff.

Human resources policies also must ensure the staff

are committed to ethical principal in carry out
engagement in accordance with professional standards
and also failure to comply with may result in
disciplinary action.

This to ensure the firm has taken reasonable steps to

hired and to have right person that can deliver the high
quality work.
Elements of Quality Control (ISQC 1)
- Firm Level
Elements of Policies and procedures SHOULD BE ESTABLISHED BY
Quality Control THE FIRM TO:

5- Ensure every engagement team assigned have capability

Engagement to deliver a good job. Each engagement team comprise
performance engagement partner, senior, experience and less
experienced staff. The procedures should address the
following matters: On-Job-Coaching (proper briefing,
team work and training), Supervision and review
(experienced staff oversee the progress of the job) ,
Consultation (discussion with internal and external person
such as MIA to get advice), Resolving Difference of
Opinion (Should have proper channel and procedures on
to resolve and its must be properly documented) and
Engagement Quality Control Review (to evaluate of the
significant and conclusion made by the Engagement team
in issuing report and it must be made for all listed
entities) .
Elements of Quality Control (ISQC 1)
- Firm Level
Elements of Policies and procedures SHOULD BE ESTABLISHED BY
Quality Control THE FIRM TO:

6 – Monitoring Ensure the system of quality control remains relevant,

adequate and the policies have been complied with in
(Monitoring the the practice.
appropriateness The procedures should address the ongoing evaluation
of the policies and may identify for necessary changes and periodic
and monitoring inspection on the selected engagement.
the application To liase with appropriate personnel any weaknesses of
of policies in the control system and to have appropriate
every procedures to overcome the weaknesses.
engagement) The system should also incorporate the procedures on
how to cater the complaints, i.e. to investigate and
appropriate action to deal with.
Elements of Quality Control (ISA220)
- At Engagement Level
Elements of Policies and procedures SHOULD BE ESTABLISHED BY
Quality Control THE FIRM TO:
1- Leadership Designated engagement partner to every engagement to
responsibilities take overall quality of the audit assigned. The partner
for quality should become a rule model for other team members
and should always promote internal culture that stress
the important of audit quality.
2 - Ethical (On top other fundamental principles, compliance with
requirement independence requirement is primary important). The
engagement partner should be able to evaluate the
clients background and financial statement whether
there is any threats of independent to the engagement
team and to eliminate it. This to ensure the team able to
establish professional ethic during the course of the
audit work. Any threats should always discuss with
partner.
Elements of Quality Control (ISA220)
- At Engagement Level
Elements of Policies and procedures SHOULD BE ESTABLISHED BY
Quality Control THE FIRM TO:
3 - Acceptance Preliminary planning activities at the beginning audit
and work includes procedures acceptance and continuance of
continuance of the client.
clients and Accepting new client is more critical that continuing
engagements services to the existing as the auditor has possesses
knowledge about the entity and the environment.

For new client, auditor should investigate the prospective

client before accepting the appointment. Example:
Review financial information, third party information,
communicated with previous auditors, determine whether
independence can be maintained and necessary skill
required to perform the task and etc.
Elements of Quality Control (ISA220)
- At Engagement Level
Elements of Policies and procedures SHOULD BE ESTABLISHED BY
Quality Control THE FIRM TO:
4– The procedures developed must ensure that the partner
assignment of select the audit team that has necessary competencies
engagement to perform the audit in accordance with professional
team (human standards and applicable regulatory requirement.
resources)
Every engagement should be carried out by the
appropriate number of staff, time to perform and the
technical knowledge each staff must suitable for the job
undertaken, so that comply with all required standard
and regulatory and legal requirements and to enable
appropriate audit report to be issue.
Elements of Quality Control (ISA220)
- At Engagement Level
Elements of Policies and procedures SHOULD BE ESTABLISHED BY
Quality Control THE FIRM TO:
5- The engagement partner is ultimately responsible for
Engagement the performance of the team up to the standard. The
performance partner need to access the planning and risk, need to
timely supervise the team, review process and ensure
the engagement team well documented their job before
the audit report issued.
Engagement partner should address all issues and
identify matter that require consultation.
6 – Monitoring Engagement team (partner and member) should
communicate with the firm for any complaints regarding
the quality control policies and procedures for better
improvements and also failures to comply with
professional standards for may be disciplinary action to
be taken.
Objective: to restore public confidence and reducing the
auditor’s exposure to legal action.
AUDIT OVERSIGHT BOARD
 AOB will work together with all relevant
parties to ensure the successful
implementation of a robust and
independent audit oversight framework
BNM

CCM AOB Industry Group

(PIEs or
companies)

Auditors (Registered
auditors with AOB)
 AUDIT OVERSIGHT BOARD
 AOB is established under the auspices of the SC, and the SC
will remain accountable for all of the AOB’s acts and
omissions.
Why there is need to establish the Audit Oversight Board
(AOB)
◦ The assurance function preformed by external auditors on
company’s financial statements has long played an important role
in the corporate governance framework.The collapse of large
firms and news of fraud involving globally recognised firms over
the years have raised 1) concerns regarding the credibility of audited
financial statements.
◦ A strong corporate governance framework requires providing the
necessary assurance on the rigour of the audit process and the
quality and reliability of audited financial statements. Towards this
objective, we have invested considerable effort to establish the
Audit Oversight Board (AOB) 2) to provide independent audit
oversight over public interest entities (listed co and GLCs) and 3)to ensure
our regulatory framework for auditors is par with international
standards .
 AUDIT OVERSIGHT BOARD
 key responsibilities of the AOB
◦ implement policies and programmes in ensuring an
effective audit oversight system in Malaysia;
◦ register auditors of PIEs;
◦ direct the MIA to establish or adopt or by way of both,
the auditing and ethical standards to be applied by
registered auditors;
◦ conduct inspections and monitor programmes on
registered auditors to assess the degree of compliance of
auditing and ethical standards; and
◦ conduct inquiries and impose appropriate sanctions
against registered auditors who fail to comply with auditing and
ethical standards.
 AUDIT OVERSIGHT BOARD
Functions of the SC relating to audit oversight –
Section 31B SCA
1. To promote and develop and effective and
robust audit oversight framework in Malaysia
2. To promote confidence in the quality and
reliability of audited financial statements in
reliability of audited financial statements in
Malaysia
3. To regulate auditors of public interest
entities
 AUDIT OVERSIGHT BOARD
Various functions/responsibilities of AOB:
Registration - Registration process will encompass individual auditors
and audit firms of PIEs to ensure every party involved in the auditing
process is fit and proper . Non-registration is an offence. Registration is
done on an annual basis
Inspection - Inspection officers to have power to access working
papers, books and accounts and to take down oral or written
information
Inquiry - Inquiry conducted when there is reason to believe that
provisions of the Act, written notice or guidelines are breached
Sanctions - To enable effective and proportionate sanctions to be
taken ie suspension or revocation of approval
Standard setting - Compliance with established auditing standards is
an integral aspect inensuring reliability of the company’s audited financial
statement

Applicable to all auditors of Public Interest Entities (PIE) only

END OF TOPIC 2b