Running your own business is not easy, and certainly not for the faint of heart − especially when it is necessary to implement new requirements. Will there ever be an ideal time?
For any business to be successful, it must be managed properly. No matter what goods or services you provide, they must be of the right quality to serve your clients, enhance your reputation and ensure sustainability. Even more so when the profession you have chosen is serving the public interest. In the auditing and accounting profession, quality is not just a matter of compliance, but an essential pillar for the sustainability of your firm, and more importantly, that of the profession itself.
This is the mindset with which we need to approach the new quality management standards. Even though compliance is expected − by the regulators, clients and stakeholders − compliance should not be our driving force. Rather a need to implement the basic good principles of business enshrined in the quality management standards and, in doing so, restore the reputation of the profession and enhance the credibility of the financial reporting ecosystem. For auditors, quality management is not voluntary. It is an absolute necessity to achieve our objective – to act in the public interest.
At its core, ISQM 11 requires you to perform four steps to ensure implementation:
- Identify quality objectives
- Identify the quality risks that could keep you from achieving these objectives
- Implement responses to the risks identified
- Monitor, remediate and evaluate the quality system put in place
THE BENEFITS
If this process is implemented properly, there are vast benefits for small and medium firms, such as:
A proactive approach to quality
ISQM 1 introduces a proactive approach to quality management rather than a reactive approach. Instead of just treating the symptoms, we are identifying the root cause for deficiencies and proactively mitigating the risk of them happening again. These risks may not disappear, but they will reduce over time.
In this way, we can learn from our own mistakes, and that of others, to prevent future inspection findings and quality deficiencies. This will also reduce the risk of actions against the firm and reduce the insurance premium over time.
Providing clear goals
Achieving a goal is simple when you understand what it is you need to achieve. Quality is measured at engagement level, but to ensure that all engagements are performed at the same level of quality, quality management needs to be implemented at firm level. The quality management components and objectives provided by the standard provide clear goals that need to be met. There is no need to wonder how we are going to manage our firm to achieve quality: the standard tells you exactly how.
Quality objectives provided by the standard can be adopted by small and medium firms as is. It is possible for any firm to identify new or sub-objectives, but for small to medium entities those identified by the standard is sufficient. All these objectives are logical and in line with normal business management principles. Naturally, with an added twist for the audit profession. Who said we couldn’t be original?
Scalability
The new ISQM 1 requires firms to achieve objectives rather than comply with a checklist of controls. This allows for greater scalability. Small firms no longer need to comply with a bulky checklist of processes that may not be practical for them to implement. Rather each firm can evaluate the risk that they may not achieve a quality objective and then implement tailored responses that can easily be integrated into the firm’s management system that is already in place.
Constant improvement
To strive for perfection is to strive for disappointment. No firm, auditor or engagement will ever be perfect. However, we can become better. We can continuously improve every single day. This is only possible if we know our own shortcomings. The risk assessment process requires every firm to take an honest look at their circumstances and identify their weaknesses and deficiencies.
For a small to medium entity, this process should be easier, as those in charge of governance are actively involved in the day-to-day operations and as such, closer to the risks.
Implementing responses to these risks will lead to more efficient engagements, saving time in the long run. Leading to better recoverability and greater profit. This is because the right people are doing the right things at the right time.
Knowing your weaknesses also allows you to improve your service offering. Leading to improved client relations and business reputation.
Focused responses
An in-depth understanding of the firm’s circumstances that informs the risk assessment allows the firm to plan focused responses. For example, instead of just knowing that you need to provide training, you can plan exactly what training needs to be provided for which employees at which time. You can plan your resources to have the right people at the right time for the right engagements.
Emphasising and enhancing communication
Communication is an important component of the new ISQM 1. Understanding your firm’s weaknesses is only possible through honest communications and feedback from others within the firm. Evaluating the effectiveness of your quality management system can only be achieved through proper communication with stakeholders. The requirement to document your quality management systems also improves communications. It is easier to communicate responsibilities if the risks and responses are documented. Or at least if you have a more coherent idea of what they should be.
Creating a culture of quality
Quality management needs to be a culture, a mindset, a way of being. It cannot merely be a static document on the server that is completed once and then forgotten. It needs to be integrated into the day-to-day operations − integrated into the human resource processes, the remuneration processes, the client relations, the governance, etc. ISQM 1 allows for this integration: it allows for quality to trickle into every corner of the business and be the foundation upon which we perform engagements.
GETTING STARTED
If you have not started with implementation yet, here are a few steps to get you going:
- Just start. This is probably the most difficult. You may perceive ISQM 1 as a mountain impossible to climb, but once you take that first step, everything will fall in place.
- Read the standard! Not sure where to start? You cannot implement what you do not know. Read the standard, watch a few videos, read a few articles. The guidance available is extensive.
- Have internal discussions. Communicate the importance of quality within the firm and get everyone on board for this journey.
- Appoint a responsible person to head up this project. If no one takes responsibility, nothing will happen.
- PLAN (In capital letters) – too much effort without a plan will get you nowhere and may cause you to feel overwhelmed.
- Break it up into smaller pieces. Not everything needs to be done immediately.
- Do not overthink it. This is not rocket science – thank goodness – and you do not need expert knowledge. You just need to ask yourself what you want to achieve, what are the obstacles, and how can you overcome them.
- If you have performed all these steps and are still unsure, there are multiple service providers out there in the market ready to help.
THE GOOD NEWS
ISQM 1 is not anything new. It is not more work. It is simply best practice made requirement. These practices may already have been implemented in your firm to a great extent; the only change is that they need to be documented, evaluated and evidenced.
There may never be an ideal time to implement new regulations, but every day is an ideal time to manage your business properly.
Note
1 International Standard on Quality Management (ISQM) 1, Quality Management for Firms that Perform Audits or Reviews of Financial Statements, or Other Assurance or Related Services Engagements.
Author
Yvonne Rossouw CA(SA), Training developer |Public speaker| Audit consultant, ProBeta Training
