Preparing for the new quality management standards: An overview for Canadian practitioners
Kirsten S. Albo of ASK KSA Consulting Inc. kicks off a four-part series on CSQM 1
Kirsten S. Albo, FCPA, FCA is the president of ASK KSA Consulting Inc., which helps SMPs save time and achieve peace of mind through consulting and advisory services related to conducting effective and efficient engagements and meeting the requirements of being in public practice. Visit the professional development page at ASK KSA.
THIS is a critical time in the Canadian accounting profession for chartered professional accountants in public practice. Many accounting standards are evolving, with none perhaps more important than the recently approved suite of quality management standards.
These standards strengthen the overall proficiency of firms and the engagements they perform by promoting a robust, proactive and scalable approach to quality management. The suite of quality management standards is comprised of CSQM 1, CSQM 2, and CAS 220, which replace extant CSQC.
Why should you care about the new standards? Because they will have an impact on all firms — regardless of the firm’s size — as the standards emphasize leadership and the establishment of a system of quality management, not just engagement quality control. In addition, the standards apply not only to audits and reviews but to other related services as well. If you are a practitioner who only provides compilation engagements, these standards and their concepts will be completely new.
In this, the first of a four-part series addressing the new standards, I will provide background and an overview of the each of the quality management standards.
The discussions related to quality management date back to 2013 when standard setters recognized the need to improve firm leadership and culture in the accounting profession, and an emergence of new trends and challenges faced by small firms in applying the standards. These discussions ultimately led to the new suite of quality standards, which were approved by the International Auditing and Assurance Standards Board (IAASB) in December 2020, and the Canadian Auditing and Assurance Standards Board (AASB) in January 2021.
It is comforting to appreciate that, before the AASB approved the standards, they undertook an extensive work effort to ensure there were no barriers to implementation in Canada. The standards represent a significant change in scope as they now apply to other related services, such as compilation engagement, agreed-upon procedures engagements, and engagements to report on supplemental matters arising from an audit or a review engagement. After numerous workshops, discussions with stakeholders and focus groups, the conclusion was reached that no Canadian-specific amendments were needed.
CSQM 1 is the first standard in the suite of quality management standards. It’s the big one, as it addresses the firm’s responsibility to design, implement and operate a system of quality management. The standard requires a firm (or sole practitioner) to establish quality objectives, to identify and assess risks related to the achievement of the quality objectives and to design and implement responses. These are outlined in eight components within CSQM 1 that operate in an iterative and integrated manner.
Other requirements of the standard relate to establishing roles and responsibilities for the system, leadership’s overall evaluation of the system, network requirements and services and documentation.
There are several factors to consider in the risk assessment process. The first is the quality objectives to be achieved. Most of the quality objectives are specified by CSQM 1, however, there may be additional quality objectives considered necessary by the firm.
Next is the identification and assessment of risks to the achieving of the quality objectives. That is, what are the quality risks of a firm? In answering the question, the focus is on the nature, circumstances and engagements performed by the firm. The conclusions reached provide the basis for the design and implement of risk responses.
Finally, a firm ensures the nature, timing and extent that the responses are based on, and responsive to, the reasons given for the quality risks assessments. Unlike the quality objectives, which are prescribed by the standard, the responses to the risks are dependent upon the nature and circumstances of the firm and the engagements it performs.
The standard also sets out the requirements related to monitoring and remediation of the system of quality management. These requirements include designing and implementing a monitoring process, inspecting completed engagements and evaluating findings. The standard includes a framework for evaluating findings and identifying deficiencies, including investigating their root causes.
Part two of this series will cover steps one and two of the risk assessment process related to establishing quality objectives and identifying and assessing quality risks. Part three will provide details on the last step of designing and implementing risks responses. Part four will explain evaluating the system of quality management including monitoring and remediating deficiencies.
CSQM 1 outlines “when” an Engagement Quality (EQ) reviewer is required. CSQM 2 outlines the “who” and the “how.” The requirements focus on the objective evaluation of the significant judgments made by the engagement team and the conclusions reach thereon.
The changes in CSQM 2 are intended to extend the scope of engagement subject to an EQ review. The standard also strengthens the eligibility criteria for an individual to be appointed as an EQ reviewer by specifically requiring an EQ reviewer to have competence and capabilities, including sufficient time and authority.
Finally, the standard enhances the EQ reviewers’ responsibilities related to performance and documentation through the establishment of EQ responsibilities to perform the EQ review at appropriate points in time during the engagement. The focus in on significant judgments and significant matters, including, when applicable to the type of engagement, the exercise of professional skepticism by the engagement team. There is also a “stand-back” requirement to determine whether the performance requirements have been fulfilled. The review must be completed before the report date.
CAS 220 deals with the specific responsibilities of the auditor and key elements of quality management at the engagement level.
The standard focuses on the critically important role of the engagement partner in managing and achieving quality on the audit engagement and reinforcing the importance of quality to all member of the engagement team. This responsibility is demonstrated through sufficient and appropriate involvement throughout the engagement and determining the nature, timing and extent of direction, supervision and review. These responsibilities are clarified and strengthened throughout the revised standard.
The effective date for establishing the design and implementation of the system of quality management in accordance with CSQM 1 is December 15, 2022, with the operation of the system to follow after this date. Monitoring of the system is to take place within the year following.
CSQM 2 is effective for audits and reviews and other related services engagement beginning on or after December 15, 2022. CAS 220 is effective for audit engagements for the same period. Early adoption is permitted but it is expected the full suite of quality management standards are adopted at the same time.
Conclusion and Next Steps
The concept of quality in engagements is not new, but the approach and key requirements in the upcoming standards are different and incremental in many cases. Implementing these standards will involve more than just updating an existing quality manual. It will require practitioners to assess where quality risks arise in their firms and in turn establish responses to those risks.
For those practitioners who perform audits and reviews, while the concepts may be different, they are not completely foreign, and they have a starting point based on existing quality policies and procedures. Those practitioners who perform only compilation or other related services will have a much bigger undertaking.
In either case, the time to start is now. Read the new standards. Then assign a leader within your firm who has the overall responsibility for the new quality standards. And stay tuned for upcoming articles, which will delve into the details of CSQM1 and its requirements.
Read all four articles in this four-part series:
Part One: Preparing for the new quality management standards: An overview for Canadian practitioners
Part Two: Preparing for the new quality management standards: CSQM 1 quality objectives and quality risks
Part Three: Preparing for the new quality management standards: CSQM 1 risk responses
Part Four: Preparing for the new quality management standards: CSQM 1 system evaluation and monitoring
Want more information on the new standards? Sign up for Overview of the New Canadian Quality Management Standards, a free professional development session from Kirsten through ASK KSA PD. Click here to view all professional development courses for Canadian accounting firms from ASK KSA PD.
Quality Management Standards
1. Specifically, the suite of Quality Management Standards is comprised of Canadian Standard on Quality Management (CSQM) 1, Quality Management for Firms that Perform Audits or Reviews of Financial Statements, Other Assurance or Related Services Engagements; CSQM 2, Engagement Quality Reviews; and CAS 220, Quality Management for an Audit of Financial Statements. These standards replace Canadian Standard of Quality Control (CSQC) 1, Quality Control for Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance Engagements.
Kirsten S. Albo, FCPA, FCA is the president of ASK KSA Consulting Inc., which helps small and medium-sized practices (SMPs) save time and achieve peace of mind through consulting and advisory services related to conducting effective and efficient engagements and meeting the requirements of being in public practice.