KVALITETSKONTROL (PIE) - MATERIALELISTE

Transcription

EAIG Common Audit Inspection Methodology
Quality Control Procedures - Information request from firms
KVALITETSKONTROL (PIE) - MATERIALELISTE
Materialelisten er baseret på Common Audit Inspection Methodology (herefter CAIM), som er udviklet af European Inspection Audit Group (herefter EAIG) i overensstemmelse med kravene i
ISQC 1.
Et at de essentielle elementer i CAIM, er opdelingen mellem "expected documentation " og "further information which may be required ". Opdelingen er for at skabe en proportionalitet mellem det
udførte arbejde og størrelsen af revisionsvirksomheden.
Nedenfor er de to kategorier kort beskrevet.
Expected documentation
Under afsnittet "expected information" er de informationer kontrollanten har anset for relevante i forbindelse med firma review. Kontrollanten vil i det omfang det er muligt tilpasse de ønskede
informationer så det passer til denne pågældende revisionsvirksomhed.
Såfremt revisionsvirksomheden er usikker på hvorvidt de kan fremskaffe eller producere de ønskede opysninger på materialelisten, bedes virksomheden kontakte kontrollanten. Kontrollant og
revisionsvirksomhed vil derefetr i fællesskab se hvordan de kan løse forholdet.
Further information which may be required (markeret med gul)
De er her tale om ekstra informationer kontrollanten kontrollanten kan bede om i forbindelse med kontrollen, hvis kontrollanten ser det for relevant for kontrollen, særligt i forbindelse med
udførelse af test og gennemgang.
Såfremt kontrollanten anser nogle af de ekstra informationer for relevante vil kontrollanten gøre dette tydeligt overfor revisionsvirksomheden.
26-06-2015
Page 1
N°
Ref. of the applicable Name of the applicable
policy(ies) /
policy(ies) /
procedure(s) /
procedure(s) /
document(s)
document(s)
REQUESTED INFORMATION
Audit firm's comments
0 - Initial actions
01
02
Beskriv fordelingen af stemmerettigheder i revisionsvirksomheden og ejerforholdene
Herunder oplysninger om alle relevante CVR-nr., som er tilknyttet revisionsvirksomhedens adresser enten i form af
kundeadministrationsselskaber eller i form af selskaber, der er en del af virksomhedens forretningsmæssige aktiviteter. Oplysninger om
registrerede virksomheder i Revireg.
Oplys følgende:
i. antallet af medarbejdere,
ii. antallet af godkendte revisorer, og
iii. antallet af underskriftsberettigede revisorer i revisionsvirksomheden.
Antallet af godkendte revisorer skal være afstemt til Revireg.
Endvidere skal der foretages en opgørelse af følgende:
i. antallet af kontorsteder, og
ii. antallet af tilknyttede godkendte revisorer pr. kontorsted, herunder antallet af underskriftsberettigede revisorer pr. kontorsted
03
Oplys:
i. antallet af kunder (gerne kundeliste hvis muligt fordelt på erklæringstype),
ii. cirka antal erklæringsopgaver med sikkerhed efter revisorlovens § 1, stk. 2 på nuværende tidspunkt, og
iii. revisionsvirksomhedens nettoomsætning pr. seneste balancetidspunkt for revisionsvirksomhedens regnskabsår
04
Liste med revisionsvirksomhedens kunder der er omfattet af revisorlovens § 21 stk. 3 incl. nr. 3 – 5 kunde med tilhørende omsætning
(omsætning gerne fordelt på opgaver for kunden).
Hvis der er sket ændringer i politik for håndtering af kunder med særlig offentlig fokus bedes dette oplyst.
26-06-2015
05
Har revisionsvirksomheden kunder, hvor der aflægges koncernregnskab vedlægges en særskilt liste med navnene på de kunder, hvor
dattervirksomhederne revideres af andre revisionsteams (komponentrevisor) end koncernrevisor.
06
Har revisionsvirksomheden kunder, som indenfor de seneste 18 måneder er taget under konkursbehandling eller i rekonstruktion vedlægge en
særskilt liste med navnene på disse kunder.
Page 2
N°
policy(ies) /
policy(ies) /
procedure(s) /
procedure(s) /
document(s)
document(s)
A - Tone at the Top
A1
A2
A3
A4
A5
A6
A7
A8
A9
A10
A11
A12
A13.a
A13.b
A13.c
A13.d
A13.e
Copies of the latest organization charts for the Firm and the audit practice.
Provide the key roles and the details of their allocated tasks and include:
(i) a functional organizational chart showing the business units ;and
(ii) the detail of the corporate governance structure with the list of partners, the composition of the supervisory board/ board of
directors/executive committee (as applicable).
The firm's mapping of the requirements of ISQC 1 against the firm's policies and procedures
(often this requirement is met in the QC manual of the firm).
Read-only access or access trough employee to all the IT systems used by the audit firm in connection with the present list of information,
including access to:
- the audit software, including all "industry packages"; and
- the IT systems used to monitor the acceptance and continuance process, the ethics and independence requirements, the archiving process, the
recruitment / performance management / learning activities.
- Summary of the key changes in the firm since the previous inspection visit.
- An electronic copy of key policies and procedures which have been changed, emphasizing the changes from the previous inspection visit (for
convenience, a summary of these is provided in the specific topics).
Details of actions taken/planned by the firm regarding each finding set out in any prior external and internal inspection reports. The actions are
to be documented by the firm either through a copy of the relevant material or references/links to the material.
The firm's prior year transparency report.
The firm's latest transparency report.
The firm’s annual report/financial statements for the last 3 years.
The firm's analysis of:
i. Partner to staff leverage;
ii. Staff utilization;
iii. Industry expertise; and
iv. Ratio of additional services provided to audit clients.
Electronic copy of the firm's policies and practices on the off-shoring of audit work, including a list of any off-shore centres currently being
used for this purpose and any guidance on the extent or nature of work which can be performed off-shore.
Overview of current and planned / target audit hours relating to the off-shores centres, as a % of
i. Total hours for the relevant engagement; and
ii. Total hours for the firm.
Extracts of Board/Executive Council minutes relating to the audit firm.
Copies of minutes of the audit firm’s senior management team.
Communications
- Messages from senior management to audit managers and staff in response to previous inspection findings.
- List of other communications from senior management to the audit firm.
- Details of the main communication on quality since the previous inspection.
- Presentations used at recent partners’ meetings including communicating the results of previous inspections.
- Induction and other “welcome” material.
Further information which may be required
A14
A15
A16
A17
List of audit clients for which on /off shore or outsourcing hours exceed 5% of working hours.
List of all external audit tenders / proposal documents, successful or unsuccessful, during the year.
List of partners / employees having left the firm since the last inspection and joined an audit client.
Content and results of the last staff satisfaction survey held within the firm and details of any actions taken/planned in relation with the results.
A18
Content and results of the last client satisfaction survey including the list of clients concerned and details of any actions taken/planned in
relation with the results.
CV of the CEO.
The firm’s internal assessment of internal monitoring and other quality monitoring activities particularly those in response to deficiencies
identified and communicated to the network through GPPC.
A19
A20
26-06-2015
Page 3
N°
policy(ies) /
policy(ies) /
procedure(s) /
procedure(s) /
document(s)
document(s)
B - Ethics & Independence
B1
B2
B3
B4
B5
B6
B7
B8
B9
Policies and procedures regarding independence and ethical requirements (including documentation of the firm's process to track rotation and
cooling-off requirements).
Mapping of the Firm’s quality procedures to the FSR's etiske regler.
(often this requirement is met in the QC manual of the firm).
Templates used by the firm for its most recent annual ethics & independence confirmation process for audit staff members and partners.
All learning materials used to communicate to partners and staff in the field of ethics and independence.
List of permitted / restricted / prohibited services.
Policy and procedures related to disciplinary actions / sanctions.
Any document showing annual measurement of the effectiveness of the firm’s ethics and independence programme ("member firm
independence confirmation").
The firm’s records of consultation on ethical / independence queries.
The firm's records on requests where the firm declined to
(ii) perform other/non-audit services or of
(ii) any decisions taken not to enter into or to
(iii) cease a relationship with an audit client due to independence concerns (e.g. records of outcome of internal independence consultations).
B10
B11
B12
B13.a
B13.b
Last available exception report showing annual ethics / independence confirmations missing.
Excerpt from the firm database of annual ethics and independence confirmations for audit staff and partners.
List of the firm's own investments.
- Report/results on the latest personal independence compliance testing.
- List of the individuals within the firm who were subject to the latest compliance testing including their respective level of seniority.
B13.c
B14.a
B14.b
- Communication of the results of the testing (including findings) within the firm.
- Excerpt from the firm's database regarding the tracking of rotation requirements.
- Report identifying PIEs / listed clients where the audit engagement partner or EQCR partner or a key partner has exceeded the normal 7
years rotation period and documentation of the extension granted.
- Report identifying violations of the cooling-off period and documentation of the conclusions reached.
List of largest non-audit services provided to respective audit clients by the firm (and if possible other audit firms from its network) including
nature of the service and fee information.
List of disciplinary actions / sanctions, highlighting those actions following an independence or ethical case.
List of the reported ethics / independence violations (for the firm’s most recent fiscal year).
B14.c
B15
B16
B17
B18
B19
B20
B21
B22
B23
B24
26-06-2015
Latest version of the firm's code of conduct and its approval by the Board of Directors or governing body and other decision-making bodies of
the firm, as appropriate.
Key communications / reporting made by the Ethics Officer / Independence partner to the management bodies of the firm.
Results of the most recent ethics survey (if any) conducted amongst either
(i) the firm’s staff; and/or
(ii) the firm’s audit clients.
List of:
- corporate directorships and similar offices held in a personal capacity by a partner/director; and
- corporate shareholding and similar ownership interests held by a partner/director or by his/her spouse, spouse equivalent or dependents; the
name of the partner/director’s spouse (or spouse equivalent) together with the nature of any employment/office held.
or access to the relevant system where the information is held.
List of business relationships with audited entities.
Where available, an analysis of the audit fees per client and audit fees per audit partner [if necessary, a list of the largest fees in each case
would be sufficient, or a sample can be provided where needed].
Any guidance issued on setting of audit fee levels.
Page 4
N°
policy(ies) /
policy(ies) /
procedure(s) /
procedure(s) /
document(s)
document(s)
C - Acceptance & Continuance
C1
C2
C3
C4
C5
C6
C7
Policies and procedures applicable to the acceptance and continuance (A&C) process including a description of the systems and a copy of the
different templates used for A&C.
Policies and procedures in place regarding withdrawing from an engagement or from both the engagement and the client relationship.
List of new PIE audit engagements since the last inspection visit.
List of all PIE audit engagements currently assessed as high risk.
Statistics / Data regarding the allocation of risk within the firm
(percentage of engagements low risk / moderate risk / high risk per industry / partner…) for the last years.
List of withdrawals and dismissals within PIE engagements since the last inspection visit.
Policies and procedures in response to Money Laundering risk.
Herunder politikker for hvidvask, legitimering af ultimative ejere og eventuel håndtering ved overtrædelser af reglerne for hvidvask.
C8
C9
C10
26-06-2015
Communication from the network related to A&C processes.
Any document showing annual measurement of the firm’s A&C policies communicated to the management bodies of the firm (e.g. exception
reports, results of the review of the global network).
Communications with regulators regarding resignations.
Page 5
N°
policy(ies) /
policy(ies) /
procedure(s) /
procedure(s) /
document(s)
document(s)
D - Partner matters (HR)
D1
D2
D3
D4
D5
D6
D7
D8
D9
D10
D11
D12
i. Policies and procedures relating to partners evaluation and accountability,
ii. guidance on setting objectives/goals,
iii. templates used by the firm and/or description of the system/tool for partners (including the monitoring of objective-setting and performance
appraisal processes).
Any communication issued regarding partner accountability.
The firm's policies and procedures related to the assignment of engagements to partners.
List of changes in partners’ allocations
(engagement assignments and other responsibilities) compared to the previous year.
Summary / Report regarding the outcome of the last partner portfolio review.
The firm’s compensation policy for partners.
Figures showing the change in average audit partner remuneration/compensation over the last three years.
The firm’s framework for partners' required competencies.
The firm’s promotion policies and procedures for staff and partnership.
List of audit partners with their different responsibilities, rating and remuneration classification.
List of candidates to partnership in the past year.
List of promotions to partnership in the past year.
D13
The firm’s data and statistics on goal settings and performance evaluation for partners.
E - Staff matters (HR)
E1
Policies and procedures regarding HR including templates used by the firm and description of the system(s)/tool(s) used for HR.
E2
E3
E4
The firm’s internal HR-statistics, data and reports.
The firm’s policies and procedures regarding the assignment of staff to audit engagements.
Policies and procedures relating to the staff evaluation process (including related templates for appraisals and description of system used).
E5
E6
E7
E8
E9
E10
Policies and procedures relating to the framework for competencies required by audit staff (per level).
Policies and procedures relating to compensation schemes by staff level.
Recruitment plan for the year under review and subsequent years where available.
Statistics of workload covering managers and qualified staff including:
• Managed budget;
• Production;
• Number of clients; and
• Chargeability/productivity.
List of audit staff by category with results (rating) of the year-end appraisals.
List of staff promoted and not promoted (having been considered for promotion).
E11
List of performance bonuses awarded and the basis for being awarded in each case.
E12
List of new joiners / leavers for the year with indication of the level/grade.
E13
26-06-2015
Employee statistics over the last three years, where available, including:
- Number of partners and staff per level;
- Number of partners and staff per Business Unit (depending on how the firm is managed);
- Number of certified public accountants;
- Number of new hires;
- Number of resignations (turnover); and
- Ratio of partners to staff.
Page 6
N°
policy(ies) /
policy(ies) /
procedure(s) /
procedure(s) /
document(s)
document(s)
F - Methodology
F1
F2
F3
F4
F5
F6
F7
F8
F9
F10
F11
F12
Details of any changes to the firm’s mapping of the requirements of the Clarified ISAs to its audit methodology and related guidance [and copy
of / access to this material].
Details of any changes made or planned to the firm’s audit methodology, including related systems, guidance and standard templates, including
work programmes.
List of all “national add-ons” to the global firm’s audit methodology, if applicable.
Description of the process for reviewing new audit-related material issued by the national regulator and a summary of the main actions taken
and communicated by the firm in response to that new material.
Description of the design and change management process for the firm’s audit software (including responsibilities, approval and the archiving
process).
Description of the global design and change management process for the global methodology and the global audit software tool (if applicable).
Details of the significant changes to the global audit methodology and audit software.
The firm’s requirements in its audit methodology for the assessment of the design and the testing of general IT controls and IT application
controls.
The firm’s approach regarding the use of IT specialists in audits.
Details of any changes to the firm’s audit report templates and guidance.
Details of the methodology and related guidance dealing with professional scepticism.
List of technical alerts, audit newsletters, annual audit update courses etc. and copy of / access to this material.
F13
F14
F15
F16
F17
26-06-2015
List of any separate guidance/standard documentation etc. issued on how the firm's methodology is to be applied to specific industry groups
(e.g. banking and other financial sector audits).
The firm's audit methodology and related guidance on general IT controls and the audit of IT application controls.
Description of how the audit teams have to test the completeness and accuracy of reports produced by an audited entity (and relied upon for
audit purposes).
Copies of any training material on assessing and testing IT controls provided to audit personnel.
Copies of any IT audit related training material for IT audit specialists.
Page 7
N°
policy(ies) /
policy(ies) /
procedure(s) /
procedure(s) /
document(s)
document(s)
G - Training
G4
The firm’s policies and procedures related to learning management.
The firm’s learning plan for the current year (including the list of mandatory training modules for all levels, including GAAP, GAAS,
induction, ethics and independence etc.).
Liste over eventuelle særlige undervisningsmæssige tiltag vedrørende revisioner for 2014 f. eks. opdelt på PIE og NON-PIE kunder, eventuelt
målrettet særlige brancher eller risikoområder
Description of the system used by the firm to track training attendance (for internal and external training), completion (tests results) and
effectiveness (evaluation forms).
Description of the controls performed to ensure all partners and staff have completed the mandatory training within the firm.
G5
Attendance statistics for the firm’s mandatory training program including analysis of remedial actions taken for any absence.
G1
G2
G2.1 DK
G3
G6
G7
G7.1 DK
G7.2 DK
Description of the monitoring process to ensure compliance with requirements of Continuing Professional Development (“CPD”).
List of audit partners and qualified staff who have not met the requirements of CPD (cumulative training hours on a yearly basis for three
years) and details of actions taken for remediation.
Liste over alle godkendte revisorer, der er underlagt reglerne i efteruddannelsesbekendtgørelsen. Antallet af godkendte revisorer skal være
afstemt med Revireg.
I de revisionsvirksomheder hvor der foretages central indberetning af efteruddannelsestimer, ønskes en liste over de enkelte godkendte revisorer
med samlede efteruddannelsestimer fordelt på de 3 kategorier (revsion, regnskab og skat)
Alternativt til de revisionsvirksomheder, der ikke foretager central indberetning af efteruddannelsestimer, vil kontrollant gennemføre sine
stikprøver med udgangspunkt i de godkendte revisorer, der har indberettet efteruddannelsestimer.
G7.3 DK
Såfremt revisionsvirksomheden er vidende om godkendte revisorer, der ikke har opfyldt kravene til efteruddannelse ønskes en liste over de
revisorer med eventuel tilhørende dokumentation for efterfølgende dispensation givet af Erhvervsstyrelsen eller øvrige forhold der skal
iagtages.
G8
Annual audit update training material (for all levels).
G9
Details of any specific training material issued regarding the application of professional scepticism.
G10
Non-attendance statistics for the firm’s core training programme and mandatory annual audit update training.
G11
Analysis of the reasons for participants not completing trainings and actions for remediation.
G12
Analysis of the results of participants for the significant final tests/exams along with the success rate, the firm’s root-cause analysis if the
failure rate was high and description of remedial training if candidates were unsuccessful.
G15
The firm’s policies and procedures related to the accreditation process.
Description of the monitoring process to ensure compliance with the accreditation requirements (training, tests etc.) and the impact of non
compliance for individuals.
List of accredited partners and employees, including the type of accreditation held.
G16
G17
List of external training undertaken within the firm.
Details of sanctions pursued by the firm for partners and employees who have not complied with the training requirements.
G13
G14
26-06-2015
Page 8
N°
policy(ies) /
policy(ies) /
procedure(s) /
procedure(s) /
document(s)
document(s)
H - Consultations (EQC)
H1
H2
The firm’s policies and procedures relating to consultations.
List of all consultations performed for the year under inspection, including the hours charged by the consultation teams (breakdown analysis in
to Independence consultations, Risk Management consultations, Accounting and auditing consultations), if available.
H3
H4
The firm’s policies and procedures for the resolution of differences of opinion.
List of all audit engagements for which consultation occurred, including the topic of the consultation.
H5
List of all audit engagements for which differences of opinion arose, including the area of disagreement.
I - EQCR (EQC)
I1
I2
I3
I4
I5
I6
I7
The firm’s criteria for the eligibility of the EQC reviewer.
List of all EQC-Reviewers of the firm.
The firm’s policies and procedures related to the EQCR.
The firm’s guidance on the extent of the EQC review.
Templates used for the EQCR.
List of all audits to which an EQCR was allocated, including the name of the EQC-Reviewer, the hours charged by the EQC-Reviewer and the
total audit engagement hours.
A list of audit engagements where no (or very few) audit hours were charged by the EQC reviewer.
J - Other quality control reviews (EQC) - Kun relevant hvor de udføre andre EQC
J1
The firm’s policies and procedures related to other quality control reviews (e.g. “Hot Reviews”, pre-issuance reviews).
J2
List with all audit engagements selected for other preventative quality reviews.
K - Audit documentation and data security (EQC)
K1
The firm’s policies and procedures related to:
i. engagement documentation completion, assembly and retention of final audit files; and
ii. confidentiality, safe custody, integrity, accessibility and retrievability of engagement documentation.
K2
26-06-2015
Monitoring report on late archiving.
Page 9
N°
policy(ies) /
policy(ies) /
procedure(s) /
procedure(s) /
document(s)
document(s)
L - Internal Monitoring
L1
Overall monitoring plan (local or network process) and supporting documentation, including standard review questionnaires/programmes,
other documentation used and any briefing/training material and guidance provided to the monitoring team.
L2
L3
L4
L5
L6
The firm's policies and procedures related to monitoring.
Latest copy of the global firm’s instructions and guidance for the monitoring review, if applicable.
List of partners not covered by the monitoring in the last 3 years and the reasons for this.
Guidance on the objectivity of the individuals involved in the monitoring process.
Details of any changes in the firm’s monitoring processes since the previous year, including changes to grading or other criteria used to
distinguish between higher and lower quality audits, central moderation processes and reporting arrangements.
Details of, and the reasons for, any departures from monitoring policies/guidance issued by the firm’s international network (e.g. grading
criteria).
Copy of the last firm’s overall monitoring report(s) setting out details of the monitoring results (covering both audit file reviews and firm-wide
procedures) or details of when this is to be finalized.
Access to the database containing the results of the procedures performed.
Copies of overall monitoring presentations at an office / business unit level (if produced).
Details of whether the above reports have been considered by the firm’s Board (and on what date(s)) and copies of any summaries etc.
provided to the Board.
Remedial action plan / sanctions applied in response to the overall monitoring results.
Copies of any global monitoring reports relating to the [local country] firm.
A list of individual offices/business units and audit engagements reviewed (or to be reviewed) in the latest monitoring, identifying those audits
relating to PIE entities, the monitoring results for each audit engagement reviewed and grading (or access to a database containing this
information).
Where the information can be provided without significant time commitment, provide the following additional data:
i. % change in audit fee from prior to current year;
ii. % change in audit hours from prior to current year;
iii. Revenue by partner;
iiii. Total clients for lead engagement partner;
iiiii. Total market cap for lead engagement partner;
iiiiii. Number of hours managed by lead engagement partner; and
iiiiii. Fundamental restatements of audit reports by lead engagement partner.
L7
L8
L9
L10
L11
L12
L13
L14
L15
L16
Details of the composition of the monitoring team, including:
- The level of seniority of the team leaders, the office/business unit in which they are based and which office/business unit they were
responsible for reviewing;
- The total number of monitoring reviewers;
- The extent, if any, to which reviewers based outside the [local country] were involved in the monitoring;
- The extent to which financial services (FS) audits are not reviewed by FS specialists or those involved in FS audits; and
- The extent to which IT auditors are used on reviews.
M - Complaints and allegations
M1
M2
M3
M4
M5
M6
26-06-2015
The firm’s processes for dealing with audit-related complaints or allegations originating either internally or externally.
The firm’s arrangements for “whistle-blowing” by partners and staff involved in audit work and how these arrangements have been
communicated within the firm.
Summary of outstanding claims, or circumstances that may give rise to a claim, notified to the firm’s insurers.
Details of any actual or probable litigation between the firm and a current audit client (or affiliate thereof), stating whether the firm has
notified the Audit Committee/Board of its intention to resign as auditor.
Details of any other complaints or allegations.
List of personal complaints and suspicions of business wrongdoing as reported by partners and staff in compliance with the firm's
arrangements for "whistle-blowing".
Page 10

KVALITETSKONTROL (PIE) - MATERIALELISTE

Transcription

Similar documents

pdf - Audit Projekt Odense

værktøjshæfte

1 dags kursus i Kognitiv audit.

Procedure for intern audit - Om skolen - Hotel

Audit – det stads…

Audit løgne - ISO Academy

Plejeplan - Amager Strandpark

Audit trails - AAU kvalitetssikring