Audit Quality Control: ISQC 1 Requirements

ISQC 1 Overview

ISQC 1 — Quality Management for Firms that Perform Audits or Reviews of Financial Statements is the international standard that requires accounting firms to establish and maintain a Quality Management System (QMS). It was revised in 2022 (effective December 2022) to adopt a risk-based approach focused on quality objectives, risks, and responses.

The standard requires the firm's leader to take responsibility for the QMS and fosters a culture of quality within the firm.

The Eight Components of ISQC 1

• Risk assessment: Identify and assess risks to quality management
• Governance and leadership: Tone at the top — commitment to quality, ethical values
• Ethical requirements: Independence, integrity, objectivity, professional competence
• Engagement performance: Appropriate supervision, review, and consultation
• Resources: Human, technological, and intellectual resources to execute engagements
• Information and communication: Internal communication of quality policies and procedures
• Monitoring and remediation: Ongoing monitoring and remediation of deficiencies
• Documentation: Maintain documentation sufficient to support the QMS

Engagement Quality Control Review (EQCR)

For listed entities and other high-risk engagements, ISQC 1 requires an engagement quality review — an independent assessment by a senior partner who was not involved in the engagement. The EQCR reviewer must:

• Read the financial statements and engagement report
• Read key working papers
• Evaluate the engagement team's assessment of significant risks
• Conclude whether the financial statements and report can be issued

Monitoring and Remediation

The firm must conduct:

• Root cause analysis on adverse findings from inspection and monitoring
• Corrective actions to address systemic issues
• Documentation of inspection results and actions taken

Internal links (related)

• Audit Quality Control
• Types of Audit Opinions
• Audit Evidence