Profl Responsibilities
Profl Responsibilities
Professional Responsibilities
Responsibilities in the audit engagements are covered by nine (9) pronouncements of the Auditing
and Assurance Council (AASC), formerly called the Auditing Standards and Practices Council
(ASPC). These Philippine Standards of Auditing (PSAs) include the following:
• PSA 200 (Revised and Redrafted) – Overall Objective of the Independent Auditor and the
Conduct of an Audit in Accordance with Philippine Standards on Auditing.
• PSA 210 (Redrafted) – Agreeing the Terms of Audit Engagements.
• PSA 220 (Redrafted) - Quality Control for an Audit of Financial Statements.
• PSA 230 (Redrafted) - Audit Documentation.
• PSA 240 (Redrafted) - The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial
Statements.
• PSA 250 (Redrafted) – Consideration of Laws and Regulations in an Audit of Financial
Statements.
• PSA 260 (Revised and Redrafted) – Communication with Those Charged with Governance.
• PSA 265 – Communicating Deficiencies in Internal Control to Those Charged with Governance
and Management.
• PSQC 1 – Quality Control for Firms that Perform Audits and Reviews of Historical Financial
Information, and Other Assurance and Related Services Engagements.
II. Quality Control to Provide Audit, Review and other Assurance Engagements
The firm should establish a system of quality control which consist of policies designed to provide it
with reasonable assurance that the firm and its personnel comply with professional standards and
regulatory and legal requirements, and that reports issued by the firm or engagement partners are
appropriate in the circumstances and the procedures necessary to implement and monitor
compliance with those policies. The quality control policies and procedures should be
documented and communicated to the firm’s personnel
b) Ethical requirements
d) Human resources
e) Engagement performance
f) Monitoring
• The firm should establish policies and procedures designed to promote an internal culture
based on the recognition that quality is essential in performing engagements. Such policies
and procedures should require the firm’s chief executive officer (or equivalent) or, if
appropriate, the firm’s managing board of partners (or equivalent), to assume ultimate
responsibility for the firm’s system of quality control.
• Any person or persons assigned operational responsibility for the firm’s quality control system
by the firm’s chief executive officer or managing board of partners should have sufficient and
appropriate experience and ability, and the necessary authority, to assume that responsibility.
AT Lecture 3 “ PSQC1 Redrafted, PSA 210 (Redrafted), PSA 220 (Redrafted)” 2
b. Ethical Requirements
• The firm should establish policies and procedures designed to provide it with reasonable
assurance that the firm and its personnel comply with relevant ethical requirements.
Independence
• The firm should establish policies and procedures designed to provide it with reasonable
assurance that the firm, its personnel and, where applicable, others subject to independence
requirements (including experts contracted by the firm and network firm personnel), maintain
independence where required by the Philippine Code. Such policies and procedures should
enable the firm to:
1. The firm and its personnel can readily determine whether they satisfy independence
requirements;
2. The firm can maintain and update its records relating to independence; and
3. The firm can take appropriate action regarding identified threats to independence
• The firm should establish policies and procedures designed to provide it with reasonable
assurance that it is notified of breaches of independence requirements, and to enable it to
take appropriate actions to resolve such situations. The policies and procedures should
include requirements for:
a) All who are subject to independence requirements to promptly notify the firm of
independence breaches of which they become aware;
b) The firm to promptly communicate identified breaches of these policies and procedures
to:
1. The engagement partner who, with the firm, needs to address the breach; and
2. Other relevant personnel in the firm and those subject to the independence
requirements who need to take appropriate action; and
3. Prompt communication to the firm, if necessary, by the engagement partner and the
other individuals referred of the actions taken to resolve the matter, so that the firm
can determine whether it should take further action.
At least annually, the firm should obtain written confirmation of compliance with its policies and
procedures on independence from all firm personnel required to be independent by the Philippine
Code.
• The firm should establish policies and procedures for the acceptance and continuance of
client relationships and specific engagements, designed to provide it with reasonable
assurance that it will only undertake or continue relationships and engagements where it:
a) Has considered the integrity of the client and does not have the information that would
lead it to conclude that the client lacks integrity;
b) Is competent to perform the engagement and has the capabilities, time and resources to
do so; and
c) Can comply with ethical requirements
AT Lecture 3 “ PSQC1 Redrafted, PSA 210 (Redrafted), PSA 220 (Redrafted)” 3
• The firm should obtain such information as it considers necessary in the circumstances
before accepting an engagement with a new client, when deciding whether to continue an
existing engagement, and when considering acceptance of a new engagement with an
existing client. Where issues have been identified, and the firm decides to accept to continue
the client relationship or a specific engagement, it should document how the issues were
resolved.
• With regard to the integrity of a client, matters that the firm considers include, for example:
1. The identity and business reputation of the client’s principal owners, key management,
related parties and those charged with its governance
2. The nature of the client’s operations, including its business practices
3. Information concerning the attitude of the client’s principal owners, key management and
those charged with its governance towards such matters as aggressive interpretation of
accounting standards and the internal control environment
4. Whether the client is aggressively concerned with maintaining the firm’s fees as low as
possible
5. Indications of an inappropriate limitation in the scope of work
6. Indications that the client might be involved in money laundering or other criminal
activities
7. The reasons for the proposed appointment of the firm and non-reappointment of the
previous firm
8. The extent of knowledge of a firm will have regarding the integrity of a client will generally
grow within the context of an ongoing relationship with that client
Information on such matters that the firm obtains may come from, for example:
• In considering whether the firm has the capabilities, competence, time and resources to
undertake a new engagement from a new or an existing client, the firm reviews the specific
requirements of the engagement and existing partner and staff profiles at all relevant levels.
Matters the firm considers include whether:
• Where the firm obtains information that would have caused it to decline an engagement if that
information had been available earlier, policies and procedures on the continuance of the
engagement and the client relationship should include consideration of:
1. The professional and legal responsibilities that apply to the circumstances, including whether
there is a requirement for the firm to report to the person or persons who made the
appointment, or, in some cases, to regulatory authorities; and
2. The possibility of withdrawing from the engagement or from both the engagement and the
client relationship.
• Policies and procedures on withdrawal from an engagement or from both the engagement and
the client relationship address issues include the following:
1. Discussing with the appropriate level of the client’s management and those charged with
governance regarding the appropriate action that the firm might take based on the relevant
facts and circumstances.
AT Lecture 3 “ PSQC1 Redrafted, PSA 210 (Redrafted), PSA 220 (Redrafted)” 4
2. If the firm determines that is appropriate to withdraw, discussing with the appropriate level of
the client’s management and those charged with its governance withdrawal from the
engagement or from both the engagement and the client relationship, and the reasons for the
withdrawal.
3. Considering whether there is a professional, regulatory or legal requirement for the firm to
remain in place, or for the firm to report the withdrawal from the engagement, or from both the
engagement and the client relationship, together with the reasons for the withdrawal, to
regulatory authorities.
4. Documenting significant issues, consultations, conclusions and the basis for the conclusions.
Human Resources
• The firm should establish policies and procedures designed to provide it with reasonable
assurance that it has sufficient personnel with the capabilities, competence, and commitment
to ethical principles necessary to perform its engagements in accordance with professional
standards and regulatory and legal requirements and to enable the firm or engagement
partners to issue reports that are appropriate in the circumstances.
1. Recruitment;
2. Performance evaluation;
3. Capabilities;
4. Competence;
5. Career development;
6. Promotion;
7. Compensation; and
8. The estimation of personnel needs
Engagement Performance
• The firm should establish policies and procedures designed to provide it with reasonable
assurance that engagements are performed in accordance with professional standards and
regulatory and legal requirements, and that the firm or the engagement partner issue reports
that are appropriate in the circumstances.
• Through its policies and procedures, the firm seeks to establish consistency in the quality of
engagement performance. This is often accomplished through written or electronic manuals,
software tools or other forms of standardized documentation, and industry or subject matter-
specific guidance materials. Matters addressed include the following:
Monitoring
• The firm should establish policies and procedures designed to provide it with reasonable
assurance that the policies and procedures relating to the system of quality control are
relevant, adequate, operating effectively and complied with its practice. Such policies and
procedures should include an ongoing consideration and evaluation of the firm’s system of
quality control, including a periodic inspection of a selection of completed engagements.
• The purpose of monitoring compliance with quality control policies and procedures is to
provide an evaluation of:
1. Adherence to professional standards and regulatory and legal requirements;
2. Whether the quality control system has been appropriately designed and effectively
implemented; and
AT Lecture 3 “ PSQC1 Redrafted, PSA 210 (Redrafted), PSA 220 (Redrafted)” 5
3. Whether the firm’s quality control policies and procedures have been appropriately
applied, so that reports that are issued by the firm or engagement partners are
appropriate in the circumstances.
• The firm should evaluate the effect of deficiencies noted as a result of the monitoring process
and should determine whether they are either:
a) Instances that do not necessarily indicate that the firm’s system of quality control is
insufficient to provide it with reasonable assurance that it complies with professional
standards and regulatory and legal requirements, and that the reports issued by the firm or
engagement partners are appropriate in the circumstances; or
b) Systematic, repetitive, or other significant deficiencies that require prompt corrective action.
• The firm should communicate to relevant engagement partners and other appropriate personnel
deficiencies noted as a result of the monitoring process and recommendation for appropriate
remedial action.
• The firm’s evaluation of each type of deficiency should result in recommendations for one or more
of the following:
a) Taking appropriate remedial action in relation to an individual engagement or member of
personnel;
b) The communication of the findings to those responsible for training and professional
development;
c) Changes to the quality control policies and procedures; and
d) Disciplinary action against those who fail to comply with the policies and procedures of the
firm, especially those who do so repeatedly.
• At least annually, the firm should communicate the results of the monitoring of its quality control
system to engagement partners and other appropriate individuals within the firm, including the
firm’s chief executive officer or, if appropriate, its managing board of partners. Such
communication should enable the firm and these individuals to take prompt and appropriate
action where necessary in accordance with their defined roles and responsibilities. Information
communicated should include the following:
a) A description of the monitoring procedures performed
b) The conclusions drawn from the monitoring procedures
c) Where relevant, a description of systematic, repetitive or other significant deficiencies and of
the actions taken to resolve or amend those deficiencies
An engagement quality control review ordinarily involves discussion with the engagement partner,
a review of the financial statements or other subject matter information and the report, and, in
particular, consideration of whether the report is appropriate. It also involves a review of selected
working papers relating to the significant judgments the engagement team made and the conclusions
they reached. The extent of the review depends on the complexity of the engagement and the risk
that the report might not be appropriate in the circumstances. The review does not reduce the
responsibilities of the engagement partner.
An engagement quality control review for audits of financial statements of listed entities includes
considering the following:
a. The engagement team’s evaluation of the firm’s independence in relation to the specific
engagement
b. Significant risks identified during the engagement and the responses to those risks
c. Judgments made, particularly with respect to materiality and significant risks
d. Whether appropriate consultation has taken place on matters involving differences of opinion or
other difficult or contentious matters, and the conclusions arising from those consultations
e. The significance and disposition of corrected and uncorrected misstatements identified during the
engagement
f. The matters to be communicated to management and those charged with governance and, where
applicable, other parties such as regulatory bodies
g. Whether working papers selected for review reflect the work performed in relation to the
significant judgments and support the conclusions reached.
h. The appropriateness of the report to be issued.
AT Lecture 3 “ PSQC1 Redrafted, PSA 210 (Redrafted), PSA 220 (Redrafted)” 6
The firm’s policies and procedures are designed to maintain the objectivity of the engagement quality
control reviewer. For example, the engagement quality control reviewer:
Policies and procedures on documentation of the engagement quality control review should require
documentation that:
a) The procedures required by the firm’s policies on engagement quality control review have been
performed;
b) The engagement quality control review has been completed before the report is issued; and
c) The reviewer is not aware of any unresolved matters that would cause the reviewer to believe
that the significant judgments the engagement team made and the conclusions they reached
were not appropriate.
The firm should establish policies and procedures designed to provide it with reasonable at it deals
appropriately with
a. Complaints and allegations that the work performed by the firm fails to comply with
professional standards and regulatory and legal requirements , and
b. Allegations of non-compliance with the firm’s system of quality control.
Documentation
The firm should establish policies and procedures requiring appropriate documentation to provide
evidence of the operation of each element of its system of quality control.
Factors to consider when determining the form and content of documentation evidencing the
operation of each of the elements of the system of quality control include the following:
• The size of the firm and the number of offices.
• The degree of authority both personnel and offices have.
• The nature and complexity of the firm’s practice and organization.
a) Engagement partner” – the partner or other person in the firm who is responsible for the
engagement and its performance, and for that report that is issued on behalf of the firm, and
who, where required, has the appropriate authority from a professional, legal or regulatory
body;
c) “Engagement quality control reviewer” – a partner, other persons in the firm, suitably qualified
external person, or a team made up of such individuals with sufficient and appropriate
experience and authority to objectively evaluate, before the report is issued, the significant
judgments the engagement team and the conclusions they reached in formulating the report;
g) “Listed entity” – an entity whose shares, stock or debt quoted or listed on a recognized stock
exchange, or are market under the regulations of a recognized stock exchange or other
equivalent body;
AT Lecture 3 “ PSQC1 Redrafted, PSA 210 (Redrafted), PSA 220 (Redrafted)” 7
i) “Network firm” – an entity under common control, ownership or management with the firm or
any other entity that is reasonable and informed third party having knowledge of all relevant
information would reasonably conclude as being part of the firm nationally or internationally;
j) “Partner” – any individual with authority to bind the firm with respect to the performance of a
professional services engagement;
m) “Reasonable assurance” – in the context of this PSQC, a high, but not absolute, level of
assurance;
n) “Staff” – professionals, other than partners, including any experts the firm employs; and
o) “Suitably qualified external person” – an individual outside the firm with the capabilities and
competence to act as an engagement partner, for example, a partner of another firm, or an
employee (with appropriate experience) of either a professional accountancy body whose
members may perform audits and reviews of historical financial information, or other assurance
or related services engagements, or of an organization that provides relevant quality control
services.
PSA 220 Redrafted “Quality Control for an Audit of Financial Statement”, deals with the specific
responsibilities of the auditor regarding quality control procedures for an audit of financial statements.
It also addresses, where applicable, the responsibilities of the engagement quality control reviewer.
A quality control system is a set of policies and procedures designed to provide reasonable
assurance that the public accounting firm complies with professional standards. The nature and
extent of a firm’s quality control policies and procedures depend on such factors as:
Quality control systems, policies and procedures are the responsibility of the audit under PSQC 1
(Redrafted), the firm has an obligation to establish and maintain a system of quality control to provide
with reasonable assurance that
a) The firm and its personnel comply with professional standards and regulatory and legal
requirements, and
b) The reports issued by the firm or engagement partners are appropriate in the circumstances.
Engagement Teams
1. Implement quality control procedures that are applicable to the audit engagement
2. Provide the firm with relevant information to enable the functioning of that part of the firm’s
system of quality control relating to independence,
Quality control policies should be implemented at both the level of audit firm (i.e. partners of a firm
providing audit services or a sole practitioner providing audit services, as appropriate) and on
individual audits.
AT Lecture 3 “ PSQC1 Redrafted, PSA 210 (Redrafted), PSA 220 (Redrafted)” 8
The engagement partner should take responsibility for the overall quality on each audit
engagement to which the partner is assigned. This includes such actions and messages which
emphasize:
a. The importance of:
1. Performing work that complies with professional standards and regulatory and legal
requirements.
2. Complying with the firm’s quality control policies and procedures as applicable; and
3. Issuing auditor’s reports that are appropriate in the circumstances
The engagement partner should consider whether members of the engagement team have
complied with ethical requirements which include:
a. Integrity
b. Objectivity
c. Professional competence and due care
d. Confidentiality
e. Professional behavior.
III. Acceptance and Continuance of Client Relationships and Specific Audit Engagements
The engagement partner should be satisfied that appropriate procedures regarding the
acceptance and continuance of client relationships and specific audit engagements have been
followed and that conclusions reached in this regard are appropriate and have been documented.
The engagement partner should be satisfied that the engagement team collectively has the
appropriate capabilities, competence and time to perform the audit engagement in
accordance with professional standards and regulatory and legal requirements, and to enable
an auditor’s report that is appropriate in the circumstances to be issued.
V. Engagement Performance
The engagement partner should take responsibility for the direction, supervision and
performance of the audit engagement in compliance with professional standards and regulatory
and legal requirements, and for the auditor’s report that is issued to be appropriate in the
circumstances. This includes:
• Direction, supervision and performance
• Reviews
• Consultation
• Engagement quality control review
• Resolution of differences of opinion
VI. Monitoring
An effective system of quality control includes a monitoring process designed to provide the
firm with reasonable assurance that its policies and procedures relating to the system of quality
control are relevant, adequate and operating effectively.
AT Lecture 3 “ PSQC1 Redrafted, PSA 210 (Redrafted), PSA 220 (Redrafted)” 9
The engagement partner considers the results of the monitoring process as evidenced in the
latest information circulated by the firm and, if applicable, other network firms. The
engagement partner considers:
• Whether deficiencies noted in that information may affect the audit engagement,
• Whether the measures the firm took to rectify the situation are sufficient in the context of
that audit.
Documentation
The engagement quality control reviewer shall document, for the audit engagement reviewed, that
1. The procedures required by the firm’s policies on engagement quality control review have
been performed.
2. The engagement quality control review has been completed on or before the date of the
auditor’s report.
3. The reviewer is not aware of any unresolved matters that would cause the reviewer to believe
that the significant judgments the engagement team made and the conclusions they reached
were not appropriate.
PSA 210 Redrafted, “Agreeing the Terms of Audit Engagement” deals with the auditor’s
responsibilities in agreeing the terms of audit engagement with management and where appropriate,
those charged with governance. This includes establishing that certain preconditions for an audit,
responsibility for which rests with management and, where appropriate, those charged with
governance are present. It also deals with those aspects of engagement acceptance that are within
the control of the auditor.
The objective of the auditor is to accept or continue an audit engagement only when the basis upon
which it is to be performed has been agreed, through
In order to establish whether the preconditions for an audit are present, the auditor shall :
1. Determine whether the financial reporting framework to be applied in the preparation of the
financial statements is acceptable, and
2. Obtain the agreement of management that it acknowledges and understands the responsibility
a. For the preparation of the financial statements in accordance with the applicable financial
reporting framework, including where relevant their fair presentation.
b. For such internal control as management determines is necessary to enable the preparation
of financial statements that are free from material misstatement, whether due to fraud or error
c. To provide the auditor with
1. Access to all information of which management is aware that is relevant to the
preparation of the financial statements such as records, documentation and other
matters.
2. Additional information that the auditor may request from management for the purpose of
the audit.
3. Unrestricted access to persons within the entity from whom the auditor determines it
necessary to obtain evidence.
AT Lecture 3 “ PSQC1 Redrafted, PSA 210 (Redrafted), PSA 220 (Redrafted)” 10
If management or those charged with governance imposes a limitation on the scope of the auditor’s
work in the terms of a proposed audit engagement such that the auditor believes the limitation will
result in the auditor disclaiming an opinion on the financial statements, the auditor shall not accept
such a limited engagement as an audit engagement, unless required by law or regulation to do so.
Once the aforementioned issues have been discussed to the satisfaction of both parties, the agreed
terms of the audit engagement shall be recorded in an audit engagement letter or other suitable
form written agreement and shall include
- A formal written agreement between the CPA firm and the client for the conduct of the audit and
related services.
a. An engagement letter is a written contract between an auditor and a client which generally serves
to
1. Minimize misunderstandings with respect to the engagement.
2. Document and confirm the auditor’s acceptance of the engagement, the objective and scope
of the audit , the extent of the auditor’s responsibilities t the client and the form of any reports.
b. This is usually sent by the auditor before the commencement of the engagement .
Other Matters That the Auditor May Wish to Include in the Engagement Letter
11. Request for the client to confirm the terms of the engagement by acknowledging receipt of the
engagement letter.
12. Description of any other letters or reports the auditor expects to issue to the client.
13. Basis on which fees are computed and any billing arrangements.
14. Arrangements concerning the involvement of other auditors and experts in some aspects of the
audit.
15. Arrangement concerning the involvement of internal auditors and other client staff.
16. Arrangements to be made with the predecessor auditor, if any, in the case of an initial audit.
17. Any restriction of the auditor’s liability when such possibility exists.
18. A reference to any further agreements between the auditor and the client.
Audit of Components
When the auditor of a parent entity is also the auditor of its subsidiary, branch or division
(component), the factors that influence the decision whether to send a separate engagement letter to
the component include:
1. Who appoints the auditor of the component
2. Whether a separate audit report is to be issued on the component
3. Legal requirements
4. The extent of any work performed by other auditors
5. Degree of ownership by parent
6. Degree of independence of the component’s management
Client Continuance
Auditors must not only decide whether to accept new clients; they also should periodically review their
list of current clients and remove those clients the firm no longer wants to be associated with.
Recurring Audits
On recurring audits, the auditor should consider whether circumstances require the terms of
engagement to be revised and whether there is a need to remind the client of the existing
terms of engagement.
The auditor may decide not to send a new engagement letter each period. However, the following
factors may make it appropriate to send a new letter:
1. Any indication that the client misunderstands the objective and scope of the audit.
2. Any revised or special terms of the engagement.
3. A recent change in senior management, board of directors, or ownership.
4. A significant change in nature or size of the client’s business.
5. Legal requirements.
6. A change in the financial reporting framework adopted by management in preparing the financial
statements.
An auditor who, before the completion of the engagement, is requested to change the engagement to
one which provides a lower level of assurance, should consider the appropriateness of doing so.
Some of the reasons that may prompt the client to request the auditor to change the engagement are:
1. Change in circumstances affecting the need for the service
2. A misunderstanding as to the nature of an audit or related service originally requested, and
3. Restriction on the scope of the engagement whether imposed by management or caused by
circumstances.
*************************