KVALITETSKONTROL (PIE) - MATERIALELISTE
Transcription
KVALITETSKONTROL (PIE) - MATERIALELISTE
EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms KVALITETSKONTROL (PIE) - MATERIALELISTE Materialelisten er baseret på Common Audit Inspection Methodology (herefter CAIM), som er udviklet af European Inspection Audit Group (herefter EAIG) i overensstemmelse med kravene i ISQC 1. Et at de essentielle elementer i CAIM, er opdelingen mellem "expected documentation " og "further information which may be required ". Opdelingen er for at skabe en proportionalitet mellem det udførte arbejde og størrelsen af revisionsvirksomheden. Nedenfor er de to kategorier kort beskrevet. Expected documentation Under afsnittet "expected information" er de informationer kontrollanten har anset for relevante i forbindelse med firma review. Kontrollanten vil i det omfang det er muligt tilpasse de ønskede informationer så det passer til denne pågældende revisionsvirksomhed. Såfremt revisionsvirksomheden er usikker på hvorvidt de kan fremskaffe eller producere de ønskede opysninger på materialelisten, bedes virksomheden kontakte kontrollanten. Kontrollant og revisionsvirksomhed vil derefetr i fællesskab se hvordan de kan løse forholdet. Further information which may be required (markeret med gul) De er her tale om ekstra informationer kontrollanten kontrollanten kan bede om i forbindelse med kontrollen, hvis kontrollanten ser det for relevant for kontrollen, særligt i forbindelse med udførelse af test og gennemgang. Såfremt kontrollanten anser nogle af de ekstra informationer for relevante vil kontrollanten gøre dette tydeligt overfor revisionsvirksomheden. 26-06-2015 Page 1 EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms N° Ref. of the applicable Name of the applicable policy(ies) / policy(ies) / procedure(s) / procedure(s) / document(s) document(s) REQUESTED INFORMATION Audit firm's comments 0 - Initial actions Expected documentation 01 02 Beskriv fordelingen af stemmerettigheder i revisionsvirksomheden og ejerforholdene Herunder oplysninger om alle relevante CVR-nr., som er tilknyttet revisionsvirksomhedens adresser enten i form af kundeadministrationsselskaber eller i form af selskaber, der er en del af virksomhedens forretningsmæssige aktiviteter. Oplysninger om registrerede virksomheder i Revireg. Oplys følgende: i. antallet af medarbejdere, ii. antallet af godkendte revisorer, og iii. antallet af underskriftsberettigede revisorer i revisionsvirksomheden. Antallet af godkendte revisorer skal være afstemt til Revireg. Endvidere skal der foretages en opgørelse af følgende: i. antallet af kontorsteder, og ii. antallet af tilknyttede godkendte revisorer pr. kontorsted, herunder antallet af underskriftsberettigede revisorer pr. kontorsted 03 Oplys: i. antallet af kunder (gerne kundeliste hvis muligt fordelt på erklæringstype), ii. cirka antal erklæringsopgaver med sikkerhed efter revisorlovens § 1, stk. 2 på nuværende tidspunkt, og iii. revisionsvirksomhedens nettoomsætning pr. seneste balancetidspunkt for revisionsvirksomhedens regnskabsår 04 Liste med revisionsvirksomhedens kunder der er omfattet af revisorlovens § 21 stk. 3 incl. nr. 3 – 5 kunde med tilhørende omsætning (omsætning gerne fordelt på opgaver for kunden). Hvis der er sket ændringer i politik for håndtering af kunder med særlig offentlig fokus bedes dette oplyst. 26-06-2015 05 Har revisionsvirksomheden kunder, hvor der aflægges koncernregnskab vedlægges en særskilt liste med navnene på de kunder, hvor dattervirksomhederne revideres af andre revisionsteams (komponentrevisor) end koncernrevisor. 06 Har revisionsvirksomheden kunder, som indenfor de seneste 18 måneder er taget under konkursbehandling eller i rekonstruktion vedlægge en særskilt liste med navnene på disse kunder. Page 2 EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms N° Ref. of the applicable Name of the applicable policy(ies) / policy(ies) / procedure(s) / procedure(s) / document(s) document(s) REQUESTED INFORMATION Audit firm's comments A - Tone at the Top Expected documentation A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13.a A13.b A13.c A13.d A13.e Copies of the latest organization charts for the Firm and the audit practice. Provide the key roles and the details of their allocated tasks and include: (i) a functional organizational chart showing the business units ;and (ii) the detail of the corporate governance structure with the list of partners, the composition of the supervisory board/ board of directors/executive committee (as applicable). The firm's mapping of the requirements of ISQC 1 against the firm's policies and procedures (often this requirement is met in the QC manual of the firm). Read-only access or access trough employee to all the IT systems used by the audit firm in connection with the present list of information, including access to: - the audit software, including all "industry packages"; and - the IT systems used to monitor the acceptance and continuance process, the ethics and independence requirements, the archiving process, the recruitment / performance management / learning activities. - Summary of the key changes in the firm since the previous inspection visit. - An electronic copy of key policies and procedures which have been changed, emphasizing the changes from the previous inspection visit (for convenience, a summary of these is provided in the specific topics). Details of actions taken/planned by the firm regarding each finding set out in any prior external and internal inspection reports. The actions are to be documented by the firm either through a copy of the relevant material or references/links to the material. The firm's prior year transparency report. The firm's latest transparency report. The firm’s annual report/financial statements for the last 3 years. The firm's analysis of: i. Partner to staff leverage; ii. Staff utilization; iii. Industry expertise; and iv. Ratio of additional services provided to audit clients. Electronic copy of the firm's policies and practices on the off-shoring of audit work, including a list of any off-shore centres currently being used for this purpose and any guidance on the extent or nature of work which can be performed off-shore. Overview of current and planned / target audit hours relating to the off-shores centres, as a % of i. Total hours for the relevant engagement; and ii. Total hours for the firm. Extracts of Board/Executive Council minutes relating to the audit firm. Copies of minutes of the audit firm’s senior management team. Communications - Messages from senior management to audit managers and staff in response to previous inspection findings. - List of other communications from senior management to the audit firm. - Details of the main communication on quality since the previous inspection. - Presentations used at recent partners’ meetings including communicating the results of previous inspections. - Induction and other “welcome” material. Further information which may be required A14 A15 A16 A17 List of audit clients for which on /off shore or outsourcing hours exceed 5% of working hours. List of all external audit tenders / proposal documents, successful or unsuccessful, during the year. List of partners / employees having left the firm since the last inspection and joined an audit client. Content and results of the last staff satisfaction survey held within the firm and details of any actions taken/planned in relation with the results. A18 Content and results of the last client satisfaction survey including the list of clients concerned and details of any actions taken/planned in relation with the results. CV of the CEO. The firm’s internal assessment of internal monitoring and other quality monitoring activities particularly those in response to deficiencies identified and communicated to the network through GPPC. A19 A20 26-06-2015 Page 3 EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms N° REQUESTED INFORMATION Ref. of the applicable Name of the applicable policy(ies) / policy(ies) / procedure(s) / procedure(s) / document(s) document(s) Audit firm's comments B - Ethics & Independence Expected documentation B1 B2 B3 B4 B5 B6 B7 B8 B9 Policies and procedures regarding independence and ethical requirements (including documentation of the firm's process to track rotation and cooling-off requirements). Mapping of the Firm’s quality procedures to the FSR's etiske regler. (often this requirement is met in the QC manual of the firm). Templates used by the firm for its most recent annual ethics & independence confirmation process for audit staff members and partners. All learning materials used to communicate to partners and staff in the field of ethics and independence. List of permitted / restricted / prohibited services. Policy and procedures related to disciplinary actions / sanctions. Any document showing annual measurement of the effectiveness of the firm’s ethics and independence programme ("member firm independence confirmation"). The firm’s records of consultation on ethical / independence queries. The firm's records on requests where the firm declined to (ii) perform other/non-audit services or of (ii) any decisions taken not to enter into or to (iii) cease a relationship with an audit client due to independence concerns (e.g. records of outcome of internal independence consultations). B10 B11 B12 B13.a B13.b Last available exception report showing annual ethics / independence confirmations missing. Excerpt from the firm database of annual ethics and independence confirmations for audit staff and partners. List of the firm's own investments. - Report/results on the latest personal independence compliance testing. - List of the individuals within the firm who were subject to the latest compliance testing including their respective level of seniority. B13.c B14.a B14.b - Communication of the results of the testing (including findings) within the firm. - Excerpt from the firm's database regarding the tracking of rotation requirements. - Report identifying PIEs / listed clients where the audit engagement partner or EQCR partner or a key partner has exceeded the normal 7 years rotation period and documentation of the extension granted. - Report identifying violations of the cooling-off period and documentation of the conclusions reached. List of largest non-audit services provided to respective audit clients by the firm (and if possible other audit firms from its network) including nature of the service and fee information. List of disciplinary actions / sanctions, highlighting those actions following an independence or ethical case. List of the reported ethics / independence violations (for the firm’s most recent fiscal year). B14.c B15 B16 B17 Further information which may be required B18 B19 B20 B21 B22 B23 B24 26-06-2015 Latest version of the firm's code of conduct and its approval by the Board of Directors or governing body and other decision-making bodies of the firm, as appropriate. Key communications / reporting made by the Ethics Officer / Independence partner to the management bodies of the firm. Results of the most recent ethics survey (if any) conducted amongst either (i) the firm’s staff; and/or (ii) the firm’s audit clients. List of: - corporate directorships and similar offices held in a personal capacity by a partner/director; and - corporate shareholding and similar ownership interests held by a partner/director or by his/her spouse, spouse equivalent or dependents; the name of the partner/director’s spouse (or spouse equivalent) together with the nature of any employment/office held. or access to the relevant system where the information is held. List of business relationships with audited entities. Where available, an analysis of the audit fees per client and audit fees per audit partner [if necessary, a list of the largest fees in each case would be sufficient, or a sample can be provided where needed]. Any guidance issued on setting of audit fee levels. Page 4 EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms N° REQUESTED INFORMATION Ref. of the applicable Name of the applicable policy(ies) / policy(ies) / procedure(s) / procedure(s) / document(s) document(s) Audit firm's comments C - Acceptance & Continuance Expected documentation C1 C2 C3 C4 C5 C6 C7 Policies and procedures applicable to the acceptance and continuance (A&C) process including a description of the systems and a copy of the different templates used for A&C. Policies and procedures in place regarding withdrawing from an engagement or from both the engagement and the client relationship. List of new PIE audit engagements since the last inspection visit. List of all PIE audit engagements currently assessed as high risk. Statistics / Data regarding the allocation of risk within the firm (percentage of engagements low risk / moderate risk / high risk per industry / partner…) for the last years. List of withdrawals and dismissals within PIE engagements since the last inspection visit. Policies and procedures in response to Money Laundering risk. Herunder politikker for hvidvask, legitimering af ultimative ejere og eventuel håndtering ved overtrædelser af reglerne for hvidvask. Further information which may be required C8 C9 C10 26-06-2015 Communication from the network related to A&C processes. Any document showing annual measurement of the firm’s A&C policies communicated to the management bodies of the firm (e.g. exception reports, results of the review of the global network). Communications with regulators regarding resignations. Page 5 EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms N° Ref. of the applicable Name of the applicable policy(ies) / policy(ies) / procedure(s) / procedure(s) / document(s) document(s) REQUESTED INFORMATION Audit firm's comments D - Partner matters (HR) Expected documentation D1 D2 D3 D4 D5 D6 D7 D8 D9 D10 D11 D12 i. Policies and procedures relating to partners evaluation and accountability, ii. guidance on setting objectives/goals, iii. templates used by the firm and/or description of the system/tool for partners (including the monitoring of objective-setting and performance appraisal processes). Any communication issued regarding partner accountability. The firm's policies and procedures related to the assignment of engagements to partners. List of changes in partners’ allocations (engagement assignments and other responsibilities) compared to the previous year. Summary / Report regarding the outcome of the last partner portfolio review. The firm’s compensation policy for partners. Figures showing the change in average audit partner remuneration/compensation over the last three years. The firm’s framework for partners' required competencies. The firm’s promotion policies and procedures for staff and partnership. List of audit partners with their different responsibilities, rating and remuneration classification. List of candidates to partnership in the past year. List of promotions to partnership in the past year. Further information which may be required D13 The firm’s data and statistics on goal settings and performance evaluation for partners. E - Staff matters (HR) Expected documentation E1 Policies and procedures regarding HR including templates used by the firm and description of the system(s)/tool(s) used for HR. E2 E3 E4 The firm’s internal HR-statistics, data and reports. The firm’s policies and procedures regarding the assignment of staff to audit engagements. Policies and procedures relating to the staff evaluation process (including related templates for appraisals and description of system used). E5 E6 E7 E8 E9 E10 Policies and procedures relating to the framework for competencies required by audit staff (per level). Policies and procedures relating to compensation schemes by staff level. Recruitment plan for the year under review and subsequent years where available. Statistics of workload covering managers and qualified staff including: • Managed budget; • Production; • Number of clients; and • Chargeability/productivity. List of audit staff by category with results (rating) of the year-end appraisals. List of staff promoted and not promoted (having been considered for promotion). E11 List of performance bonuses awarded and the basis for being awarded in each case. E12 List of new joiners / leavers for the year with indication of the level/grade. Further information which may be required E13 26-06-2015 Employee statistics over the last three years, where available, including: - Number of partners and staff per level; - Number of partners and staff per Business Unit (depending on how the firm is managed); - Number of certified public accountants; - Number of new hires; - Number of resignations (turnover); and - Ratio of partners to staff. Page 6 EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms N° Ref. of the applicable Name of the applicable policy(ies) / policy(ies) / procedure(s) / procedure(s) / document(s) document(s) REQUESTED INFORMATION Audit firm's comments F - Methodology Expected documentation F1 F2 F3 F4 F5 F6 F7 F8 F9 F10 F11 F12 Details of any changes to the firm’s mapping of the requirements of the Clarified ISAs to its audit methodology and related guidance [and copy of / access to this material]. Details of any changes made or planned to the firm’s audit methodology, including related systems, guidance and standard templates, including work programmes. List of all “national add-ons” to the global firm’s audit methodology, if applicable. Description of the process for reviewing new audit-related material issued by the national regulator and a summary of the main actions taken and communicated by the firm in response to that new material. Description of the design and change management process for the firm’s audit software (including responsibilities, approval and the archiving process). Description of the global design and change management process for the global methodology and the global audit software tool (if applicable). Details of the significant changes to the global audit methodology and audit software. The firm’s requirements in its audit methodology for the assessment of the design and the testing of general IT controls and IT application controls. The firm’s approach regarding the use of IT specialists in audits. Details of any changes to the firm’s audit report templates and guidance. Details of the methodology and related guidance dealing with professional scepticism. List of technical alerts, audit newsletters, annual audit update courses etc. and copy of / access to this material. Further information which may be required F13 F14 F15 F16 F17 26-06-2015 List of any separate guidance/standard documentation etc. issued on how the firm's methodology is to be applied to specific industry groups (e.g. banking and other financial sector audits). The firm's audit methodology and related guidance on general IT controls and the audit of IT application controls. Description of how the audit teams have to test the completeness and accuracy of reports produced by an audited entity (and relied upon for audit purposes). Copies of any training material on assessing and testing IT controls provided to audit personnel. Copies of any IT audit related training material for IT audit specialists. Page 7 EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms N° Ref. of the applicable Name of the applicable policy(ies) / policy(ies) / procedure(s) / procedure(s) / document(s) document(s) REQUESTED INFORMATION Audit firm's comments G - Training Expected documentation G4 The firm’s policies and procedures related to learning management. The firm’s learning plan for the current year (including the list of mandatory training modules for all levels, including GAAP, GAAS, induction, ethics and independence etc.). Liste over eventuelle særlige undervisningsmæssige tiltag vedrørende revisioner for 2014 f. eks. opdelt på PIE og NON-PIE kunder, eventuelt målrettet særlige brancher eller risikoområder Description of the system used by the firm to track training attendance (for internal and external training), completion (tests results) and effectiveness (evaluation forms). Description of the controls performed to ensure all partners and staff have completed the mandatory training within the firm. G5 Attendance statistics for the firm’s mandatory training program including analysis of remedial actions taken for any absence. G1 G2 G2.1 DK G3 G6 G7 G7.1 DK G7.2 DK Description of the monitoring process to ensure compliance with requirements of Continuing Professional Development (“CPD”). List of audit partners and qualified staff who have not met the requirements of CPD (cumulative training hours on a yearly basis for three years) and details of actions taken for remediation. Liste over alle godkendte revisorer, der er underlagt reglerne i efteruddannelsesbekendtgørelsen. Antallet af godkendte revisorer skal være afstemt med Revireg. I de revisionsvirksomheder hvor der foretages central indberetning af efteruddannelsestimer, ønskes en liste over de enkelte godkendte revisorer med samlede efteruddannelsestimer fordelt på de 3 kategorier (revsion, regnskab og skat) Alternativt til de revisionsvirksomheder, der ikke foretager central indberetning af efteruddannelsestimer, vil kontrollant gennemføre sine stikprøver med udgangspunkt i de godkendte revisorer, der har indberettet efteruddannelsestimer. G7.3 DK Såfremt revisionsvirksomheden er vidende om godkendte revisorer, der ikke har opfyldt kravene til efteruddannelse ønskes en liste over de revisorer med eventuel tilhørende dokumentation for efterfølgende dispensation givet af Erhvervsstyrelsen eller øvrige forhold der skal iagtages. G8 Annual audit update training material (for all levels). G9 Details of any specific training material issued regarding the application of professional scepticism. G10 Non-attendance statistics for the firm’s core training programme and mandatory annual audit update training. G11 Analysis of the reasons for participants not completing trainings and actions for remediation. G12 Analysis of the results of participants for the significant final tests/exams along with the success rate, the firm’s root-cause analysis if the failure rate was high and description of remedial training if candidates were unsuccessful. Further information which may be required G15 The firm’s policies and procedures related to the accreditation process. Description of the monitoring process to ensure compliance with the accreditation requirements (training, tests etc.) and the impact of non compliance for individuals. List of accredited partners and employees, including the type of accreditation held. G16 G17 List of external training undertaken within the firm. Details of sanctions pursued by the firm for partners and employees who have not complied with the training requirements. G13 G14 26-06-2015 Page 8 EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms N° Ref. of the applicable Name of the applicable policy(ies) / policy(ies) / procedure(s) / procedure(s) / document(s) document(s) REQUESTED INFORMATION Audit firm's comments H - Consultations (EQC) Expected documentation H1 H2 The firm’s policies and procedures relating to consultations. List of all consultations performed for the year under inspection, including the hours charged by the consultation teams (breakdown analysis in to Independence consultations, Risk Management consultations, Accounting and auditing consultations), if available. H3 H4 The firm’s policies and procedures for the resolution of differences of opinion. List of all audit engagements for which consultation occurred, including the topic of the consultation. Further information which may be required H5 List of all audit engagements for which differences of opinion arose, including the area of disagreement. I - EQCR (EQC) Expected documentation I1 I2 I3 I4 I5 I6 I7 The firm’s criteria for the eligibility of the EQC reviewer. List of all EQC-Reviewers of the firm. The firm’s policies and procedures related to the EQCR. The firm’s guidance on the extent of the EQC review. Templates used for the EQCR. List of all audits to which an EQCR was allocated, including the name of the EQC-Reviewer, the hours charged by the EQC-Reviewer and the total audit engagement hours. A list of audit engagements where no (or very few) audit hours were charged by the EQC reviewer. J - Other quality control reviews (EQC) - Kun relevant hvor de udføre andre EQC Expected documentation J1 The firm’s policies and procedures related to other quality control reviews (e.g. “Hot Reviews”, pre-issuance reviews). Further information which may be required J2 List with all audit engagements selected for other preventative quality reviews. K - Audit documentation and data security (EQC) Expected documentation K1 The firm’s policies and procedures related to: i. engagement documentation completion, assembly and retention of final audit files; and ii. confidentiality, safe custody, integrity, accessibility and retrievability of engagement documentation. Further information which may be required K2 26-06-2015 Monitoring report on late archiving. Page 9 EAIG Common Audit Inspection Methodology Quality Control Procedures - Information request from firms N° REQUESTED INFORMATION Ref. of the applicable Name of the applicable policy(ies) / policy(ies) / procedure(s) / procedure(s) / document(s) document(s) Audit firm's comments L - Internal Monitoring Expected documentation L1 Overall monitoring plan (local or network process) and supporting documentation, including standard review questionnaires/programmes, other documentation used and any briefing/training material and guidance provided to the monitoring team. L2 L3 L4 L5 L6 The firm's policies and procedures related to monitoring. Latest copy of the global firm’s instructions and guidance for the monitoring review, if applicable. List of partners not covered by the monitoring in the last 3 years and the reasons for this. Guidance on the objectivity of the individuals involved in the monitoring process. Details of any changes in the firm’s monitoring processes since the previous year, including changes to grading or other criteria used to distinguish between higher and lower quality audits, central moderation processes and reporting arrangements. Details of, and the reasons for, any departures from monitoring policies/guidance issued by the firm’s international network (e.g. grading criteria). Copy of the last firm’s overall monitoring report(s) setting out details of the monitoring results (covering both audit file reviews and firm-wide procedures) or details of when this is to be finalized. Access to the database containing the results of the procedures performed. Copies of overall monitoring presentations at an office / business unit level (if produced). Details of whether the above reports have been considered by the firm’s Board (and on what date(s)) and copies of any summaries etc. provided to the Board. Remedial action plan / sanctions applied in response to the overall monitoring results. Copies of any global monitoring reports relating to the [local country] firm. A list of individual offices/business units and audit engagements reviewed (or to be reviewed) in the latest monitoring, identifying those audits relating to PIE entities, the monitoring results for each audit engagement reviewed and grading (or access to a database containing this information). Where the information can be provided without significant time commitment, provide the following additional data: i. % change in audit fee from prior to current year; ii. % change in audit hours from prior to current year; iii. Revenue by partner; iiii. Total clients for lead engagement partner; iiiii. Total market cap for lead engagement partner; iiiiii. Number of hours managed by lead engagement partner; and iiiiii. Fundamental restatements of audit reports by lead engagement partner. L7 L8 L9 L10 L11 L12 L13 L14 L15 Further information which may be required L16 Details of the composition of the monitoring team, including: - The level of seniority of the team leaders, the office/business unit in which they are based and which office/business unit they were responsible for reviewing; - The total number of monitoring reviewers; - The extent, if any, to which reviewers based outside the [local country] were involved in the monitoring; - The extent to which financial services (FS) audits are not reviewed by FS specialists or those involved in FS audits; and - The extent to which IT auditors are used on reviews. M - Complaints and allegations Expected documentation M1 M2 M3 M4 M5 M6 26-06-2015 The firm’s processes for dealing with audit-related complaints or allegations originating either internally or externally. The firm’s arrangements for “whistle-blowing” by partners and staff involved in audit work and how these arrangements have been communicated within the firm. Summary of outstanding claims, or circumstances that may give rise to a claim, notified to the firm’s insurers. Details of any actual or probable litigation between the firm and a current audit client (or affiliate thereof), stating whether the firm has notified the Audit Committee/Board of its intention to resign as auditor. Details of any other complaints or allegations. List of personal complaints and suspicions of business wrongdoing as reported by partners and staff in compliance with the firm's arrangements for "whistle-blowing". Page 10