< Back

SQMS 1 and a Firm’s System of Quality Management (SOQM)

Posted on June 14, 2022 by | Tags: ISQM 1, Quality Management Standards, SOQM, SQMS 1,

In last week’s post we introduced you to the new quality management standards (ISQM 1 / SQMS 1 and ISQM 2 / SQMS 2) issued by the International Auditing and Assurance Board (IAASB) and the Auditing Standards Board (ASB). These standards were developed largely due to concerns about audit quality, as highlighted by inspection findings by regulators. The new quality management standards apply to all firms performing audits or reviews of financial statements, or other assurance or related services engagements in accordance with the standards published by the IAASB and ASB. In this post we take a deeper dive into ISQM 1 Quality Management for Firms that Perform Audits or Reviews of Financial Statements, or Other Assurance or Related Services Engagements (ISQM 1) and SQMS 1 A Firm’s System of Quality Management (SQMS 1) dealing with a firm’s system of quality management (SOQM).

Note that the ASB has a strategic objective to converge with the standards of IAASB and, as a result, the SQMSs were developed using the ISQMs as the base starting point. As such, there are only minor differences between the two sets of standards.

What is a system of quality management (SOQM)?

According to ISQM 1, a SOQM is a system designed, implemented, and operated by a firm to provide the firm with reasonable assurance that:

  1. The firm and its personnel fulfill their responsibilities in accordance with professional standards and applicable legal and regulatory requirements, and conduct engagements in accordance with such standards and requirements; and
  2. Engagement reports issued by the firm or engagement partners are appropriate in the circumstances.

Why is a properly designed and implemented SOQM important? Because, according to the IAASB’s implementation guide (available for download, along with the standard, here), the SOQM is the mechanism that creates an environment such that the firm can perform quality audits! It helps the firm in achieve consistent engagement quality because it‘s focused on how the firm manages the quality of engagements performed. The SOQM should operate in a continual and iterative manner, much like the risk assessment process in an audit, and is responsive in the nature and circumstances of the firm and its engagements.

Components of the firm’s SOQM

A SOQM addresses the following eight components:

The firm’s risk assessment process

ISQM 1 / SQMS 1 requires firms to apply a risk-based approach in designing, implementing, and operating the components of the SOQM in an interconnected and coordinated manner such that the firm proactively manages the quality of engagements performed by the firm. As such, the firm’s risk assessment process consists of:

  • establishing quality objectives
  • identifying and assessing quality risks to the achievement of the quality objectives; and
  • designing and implementing responses to address the assessed quality risk.

ISQM 1 / SQMS 1 set out the minimum quality objectives, specifically within components 2-7. The firm can establish additional quality objectives (or sub-objectives) if necessary to achieve the objectives of the SOQM.

Identifying and assessing quality risks puts attention on what could go wrong (WCGW) in achieving the quality objectives. The standards focus the firm on risks having the greatest impact on achieving the quality objectives, so that those risks are appropriately addressed. A risk qualifies as a quality risk when it meets both of the following criteria:

  1. The risk has a reasonable possibility of occurring; and
  2. The risk has a reasonable possibility of individually, or in combination with other risks,
    adversely affecting the achievement of one or more quality objectives.

Responses that are properly designed and implemented to address the quality risks mitigate the possibility that the quality risk occurs. This helps the firm achieve the quality objectives. Paragraph 34 of ISQM 1 sets out specific responses that the firm is required to design and implement. However, it is expected that the firm design and implement responses in addition to those specified in the standard to fully comply with the requirements.

Governance and leadership

This sets out quality objectives relating to the firm’s culture, leadership responsibility, and accountability, the firm’s organizational structure, assignments of roles and responsibilities, and resource planning and allocation.

Relevant ethical requirements

This component addresses quality objectives related to fulfilling relevant ethical requirements by the firm and its personnel. It also deals with relevant ethical requirements to the extent that they apply to others external to the firm such as networks, network firms, individuals in the network or network firms, or service providers.

Acceptance and continuance of client relationships and specific engagements

Should you accept or continue a client relationship or specific engagement? This component outlines the quality objectives surrounding the firm judgements that address these questions.

Engagement performance

Consistency is important in the performance of audit engagements. This component addresses the firm’s actions to promote and support the consistent performance of quality engagements. This includes direction, supervision and review, consultation, and differences of opinion. It also includes supporting engagement teams to exercise professional judgment and professional skepticism.

Resources

This component relates to obtaining, developing, using, maintaining, allocating, and assigning resources in a timely manner. It includes technological, intellectual, and human resources, and addresses service providers.

Information and communication

This component deals with quality objectives related to obtaining, generating, or using information regarding the SOQM. It also relates to communicating information within the firm and to external parties on a timely basis to enable the design, implementation, and operation of the SOQM.

The monitoring and remediation process

The firm shall establish a monitoring and remediation process to:

  • Provide relevant, reliable, and timely information about the design, implementation, and operation of the SOQM.
  • Take appropriate actions to respond to identified deficiencies such that deficiencies are remediated on a timely basis.

Annual evaluation of the firm’s SOQM

The standards require that, at least annually, the individual(s) assigned ultimate responsibility and accountability for the SOQM should evaluate the SOQM. They then must conclude whether the SOQM provides the firm with reasonable assurance that the objectives of the system are being achieved.

This evaluation yields one of three possible conclusions (which are like the various audit opinions):

  1. The SOQM provides the firm with reasonable assurance that the objectives of the SOQM are being achieved (unqualified opinion).
  2. Except for matters related to identified deficiencies that have a severe but not pervasive effect on the design, implementation, and operation of the SOQM, the SOQM provides the firm with reasonable assurance that the objectives of the SOQM are being achieved (qualified opinion).
  3. The SOQM does not provide the firm with reasonable assurance that the objectives of the SOQM are being achieved (adverse opinion).

Documentation

The firm shall prepare documentation of its SOQM that is sufficient to:

  1. Support a consistent understanding of the SOQM by personnel, including an understanding of their roles and responsibilities with respect to the SOQM and the performance of engagements;
  2. Support the consistent implementation and operation of the responses; and
  3. Provide evidence of the design, implementation, and operation of the responses, to support the evaluation of the SOQM by the individual(s) assigned ultimate responsibility and accountability for the SOQM.

This would include documentation of:

  • Individual(s) assigned ultimate responsibility and accountability for the SOQM and the operational responsibility for the SOQM
  • Firm’s quality objectives and quality risks
  • Description of the responses and how the firm’s responses address the quality risk
  • Information regarding the monitoring and remediation process

Effective dates of the quality management standards

Effective date for ISQM 1

The firm is required to have the SOQM designed and implemented in compliance with ISQM 1 by December 15, 2022. The evaluation of the SOQM is required to be performed within one year following December 15, 2022.

This means that by December 15, 2022, the firm is expected to:

  1. Establish the quality objectives, identify and assess the quality risks, and design and
    implement the responses; and
  2. Design and implement the monitoring activities.

The firm is required to implement the operation of the response and monitoring activities from December 15, 2022 onwards.

Check out this page on the IAASB website for the standard, a fact sheet, and first-time implementation guide.

Effective date for SQMS 1

SQMS 1 is effective as follows:

  • SOQM in compliance with SQMS 1 is required to be designed and implemented by December 15, 2025.
  • Evaluation of the SOQM is required to be performed within one year following December 15, 2025.

Check out this page on the AICPA website for the standard.

Final thoughts

Design, implementation and evaluation of your SOQM is no small feat. We believe that the first step is getting everyone on your team up to speed on the new requirements. Check out our Overview of SQMS1: System of Quality Management (SOQM) eLearning course and start learning today! Need to train your entire firm? Contact us for substantial discounts.

If you need help getting your audit and accounting training in compliance with ISQM 1 (or SQMS 1), let’s talk. We’re currently helping several accounting firms with their compliance and we’d be happy to help you too!

About GAAP Dynamics
We’re a DIFFERENT type of accounting training firm. We view training as an opportunity to empower professionals to make informed decisions at the right time. Whether it’s U.S. GAAP, IFRS, or audit training, we’ve trained thousands of professionals since 2001, including at some of the world’s largest firms. Our promise: Accurate, relevant, engaging, and fun training. Want to know how GAAP Dynamics can help you? Let’s talk!

Disclaimer
This post is for informational purposes only and should not be relied upon as official accounting guidance. While we’ve ensured accuracy as of the publishing date, standards evolve. Please consult a professional for specific advice.

New call-to-action
 
New call-to-action