Comprehensive Guide to SQC 1 & SA 220 | Quality Control for Audits and Reviews
- Blog|Account & Audit|
- 12 Min Read
- By Taxmann
- |
- Last Updated on 30 November, 2024
SQC 1 (Standard on Quality Control 1) establishes guidelines for firms that perform audits, reviews of historical financial information, and other assurance or related services engagements. It requires firms to design and implement a quality control system to ensure compliance with professional standards, legal, and regulatory requirements. SA 220 (Standard on Auditing 220) focuses on quality control specifically at the audit engagement level. It outlines the auditor's responsibilities to ensure that audits comply with professional standards and legal requirements, and that the audit report issued is appropriate.
Table of Contents
- SQC 1 “Quality Control for Firms that Perform Audits & Reviews of Historical Financial Information, and Other Assurance & Related Services Engagements”
- SA 220 “Quality Control for an Audit of F.S.”
- Mechanisms for Review of Quality Control
Check out Taxmann's Audit Notes | Advanced Auditing Assurance & Professional Ethics | Audit | CLASS NOTES which is printed on premium glossy paper with a multi-coloured layout for an engaging and durable reading experience. It features a clear, font-optimised design for comfortable, long study sessions. The concise, point-wise format ensures efficient learning and quick revision, while flowcharts and visual aids break down complex topics. The key concepts are emphasised with yellow points for basic understanding and red points for high-priority exam content, making this book a comprehensive and user-friendly study tool. CA Final | New Syllabus | May/Nov. 2025 Exams
1. SQC 1 “Quality Control for Firms that Perform Audits & Reviews of Historical Financial Information, and Other Assurance & Related Services Engagements”
1.1 Purpose of SQC
The firm should establish a system of QC designed to provide it with reasonable assurance that:
(a) firm and its personnel comply with professional standards and regulatory and legal requirements, and
(b) reports issued by firm or EP(s) are appropriate.
1.2 Elements of a System of Quality Control
Firm’s system of QC should include policies and procedures addressing each of the following elements:
(a) Leadership responsibilities for quality within the firm.
(b) Ethical requirements.
(c) Acceptance and continuance of client relationships and specific engagements.
(d) Human resources.
(e) Engagement performance.
(f) Monitoring.
QC policies & procedures should be documented & communicated to firm’s personnel.
1.3 Leadership Responsibilities
- Firm should establish policies and procedures designed to promote an internal culture based on recognition that quality is essential in performing engagements.
- Such policies and procedures should require firm’s CEO or managing partners to assume ultimate responsibility for the firm’s system of QC.
- Any person assigned operational responsibility for firm’s QC system by firm’s CEO or managing board of partners should have sufficient & appropriate experience; ability, and necessary authority, to assume that responsibility.
Considerations to be Taken into Account While Upholding Quality of Firm
- Firm assigns its management responsibilities so that commercial considerations do not override quality of work performed.
- The firm’s policies and procedures in relation to its personnel are designed to demonstrate its overriding commitment to quality.
- Firm devotes sufficient resources for development & documentation of its QC policies and procedures.
- Firm before accepting an engagement should acquire vital information about the client. Such information help firm to decide about integrity of Client, promoters and KMP, competence (including capabilities, time & resources) to perform engagement and compliance with ethical requirements.
1.4 Ethical Requirements
Firm should establish policies and procedures designed to provide it with reasonable assurance that firm and its personnel comply with relevant ethical requirements.
1.5 Independence
- Firm should establish policies and procedures designed to provide it with reasonable assurance that firm, its personnel and others maintain independence.
- Such policies and procedures should enable the firm to:
-
- Communicate its independence requirements to its personnel & others.
- Identify & evaluate circumstances and relationships that create threats to independence, and to take appropriate action to eliminate those threats or reduce them to an acceptable level by applying safeguards, or, if considered appropriate, to withdraw from the engagement.
- There should exist a mechanism by which EPs promptly notify firm of circumstances & relationships that create a threat to independence. All breaches of independence should be promptly notified to firm for appropriate action.
- At least annually , firm should obtain written confirmation of compliance with its policies and procedures on independence from all firm personnel.
- Firm should establish criteria for determining need for safeguards to address the familiarity threat. This is particularly relevant in context of audits of listed entities. For these audits, EP should be rotated after a pre – defined period, normally not more than 7 years.
1.6 Acceptance and Continuance of Client Relationships & Specific Engagements
- A firm before accepting an engagement should acquire vital information about client. Such information help firm to decide about:
-
- Integrity of Client, promoters and KMP.
- Competence (including capabilities, time and resources) to perform engagement.
- Compliance with ethical requirements.
- Firm should obtain necessary information:
-
- before accepting an engagement with a new client,
- when deciding whether to continue an existing engagement, and
- when considering acceptance of a new engagement with an existing client.
Where issues have been identified, & firm decides to accept or continue client relationship or a specific engagement, it should document how the issues were resolved.
- Establish Policies w.r.t. withdrawal from engagement & communication requirements, if circumstances warrant. Policies & procedures address issues that include:
-
- Discussing with appropriate level of mngt. & TCWG regarding the appropriate action that firm might take based on the relevant facts and circumstances.
- If the firm determines that it is appropriate to withdraw, discussing with appropriate level of management and TCWG withdrawal from the engagement or from both engagement and client relationship, and reasons for withdrawal.
- Considering whether there is a professional, regulatory or legal requirement for the firm to remain in place, or to report the withdrawal to regulatory authorities.
- Documenting significant issues, consultations, conclusions & basis for conclusions.
Considerations as to the Integrity of Clients
- Identity & business reputation of client’s principal owners, key management, related parties and TCWG.
- Nature of client’s operations, including its business practices.
- Information concerning attitude of client’s principal owners, key mngt. and TCWG towards matters such as aggressive interpretation of ASs & IC environment.
- Whether client is aggressively concerned with maintaining firm’s fees as low as possible.
- Indications of an inappropriate limitation in the scope of work.
- Indications that client might be involved in money laundering or criminal activities.
- Reasons for proposed appointment of firm and non-reappointment of previous firm.
Matters to be considered to determine whether firm has the capabilities, competence, time and resources to undertake an engagement
- Firm personnel have knowledge of relevant industries or subject matters;
- Firm personnel have experience with relevant regulatory or reporting requirements, or the ability to gain the necessary skills and knowledge effectively;
- The firm has sufficient personnel with the necessary capabilities and competence;
- Experts are available, if needed;
- Individuals meeting criteria & eligibility requirements to perform EQCR are available;
- Firm would be able to complete the engagement within the reporting deadline.
1.7 Human Resources
- Firm should establish policies and procedures designed to provide it with reasonable assurance that it has sufficient personnel with capabilities, competence & commitment to ethical principles necessary to perform its engagements in accordance with `professional standards and regulatory and legal requirements, and to enable firm or EPs to issue reports that are appropriate in the circumstances.
- Firm should establish policies and procedures requiring that:
-
- Identity and role of EP are communicated to key members of mngt. and TCWG;
- EP has appropriate capabilities, competence, authority & time to perform the role;
- Responsibilities of EP are clearly defined and communicated to that partner.
1.8 Engagement Performance
(A) Consultation
- Consultation should take place in difficult matters pertaining to an engagement and includes discussion, with individuals having specialized expertise for resolution.
- Consultation procedures require consultation on significant technical, ethical & other matters; appropriate documentation and implementation of conclusions.
- A firm needing to consult externally, may take advantage of advisory services provided by other firms or professional & regulatory bodies.
- Complete and proper documentation should be maintained on issues involved and results of consultation.
(B) Engagement Quality Control Review (EQCR)
- Significant judgments made in an engagement should be reviewed by EQC reviewer.
- Extent of review depends on complexity of engagement and risk that report might not be appropriate. Review does not reduce responsibilities of EP.
- EQCR is mandatory for all audits of F.S. of listed entities.
Matters to be considered in an EQCR for audits of F.S. of listed entities
- ET evaluation of firm’s independence in relation to the specific engagement.
- Significant risks identified during the engagement and responses to those risks.
- Judgments made, particularly with respect to materiality & significant risks.
- Whether appropriate consultation taken place on matters involving differences of opinion or other difficult matters & conclusions from those consultations.
- Significance & disposition of corrected and uncorrected misstatements.
- Matters to be communicated to management and TCWG and regulatory bodies.
- Whether working papers selected for review reflect the work performed in
relation to the significant judgments and support the conclusions reached. - Appropriateness of the report to be issued.
Engagement Quality Control Reviewer (EQC Reviewer)
- Should be a suitably qualified external person such as a partner or employee (who should be member of ICAI) or can be from another firm similar background.
- Maintain objectivity of EQC reviewer. Therefore, participation in engagement or making decisions for ET is to be avoided at all costs.
- Firm’s policies should provide for replacement of EQC reviewer where the ability to perform an objective review may be impaired.
(C) Differences of Opinion
- There might be difference of opinion within ET, with those consulted & between EP & EQC reviewer. Report should be issued after resolution of such differences.
- In case, recommendations of EQC reviewer are not accepted by EP and matter is not resolved to reviewer’s satisfaction, matter should be resolved by consulting with another practitioner or firm, or a professional or regulatory body.
(D) Engagement Documentation
- Engagement files should be completed in not more than 60 days after date of auditor’s report.
- Establish policies & procedures designed to maintain confidentiality, safe custody, integrity, accessibility and retrievability of engagement documentation.
- Unless otherwise specified by law or regulation, engagement documentation is property of firm. Firm may, at its discretion, make portions of, or extracts from, engagement documentation available to clients, provided such disclosure does not undermine validity of work performed, or independence of firm or its personnel.
- Engagement documentation to be retained for a sufficient period. In specific case of audit engagements, retention period ordinarily is no shorter than 7 years from date of auditor’s report.
Policies and Procedures on Documentation of EQCR
Policies & procedures on documentation of EQCR should require documentation that:
(a) Procedures required by firm’s policies on EQCR have been performed.
(b) EQCR has been completed before the report is issued and
(c) Reviewer is not aware of any unresolved matters that would cause reviewer to believe that significant judgments the ET made and conclusions they reached were not appropriate.
1.9 Monitoring
Firm should establish policies & procedures designed to provide it with reasonable assurance that policies & procedures w.r.t. QC system are relevant, adequate & operating effectively. Such policies and procedures should include an ongoing consideration & evaluation of firm’s system of QC, including a periodic inspection of a selection of completed engagements.
Factors to be considered in monitoring of QC of engagements
- Deciding whether QC system of firm has been appropriately designed & effectively implemented.
- Examining whether new developments in professional standards, legal & regulatory requirements have been reflected in QC policies.
- Conducting monitoring by entrusting responsibility of monitoring process to a partner or other persons with sufficient and appropriate experience & authority.
- Dealing with complaints & allegations against firm or its employees, of non-compliance with professional standards or regulatory requirements.
- Taking remedial actions against personnel who did not conform to QC policies.
- Taking action when deficiencies in design or operation of firm’s QC policies and procedures, or non-compliance with firm’s system of QC are identified.
2. SA 220 “Quality Control for an Audit of F.S.”
2.1 Objectives of the Auditor
To implement QC procedures at engagement level that provide the auditor with reasonable assurance that:
(a) Audit complies with professional standards and regulatory & legal requirements; &
(b) Auditor’s report issued is appropriate in the circumstances.
Note: SA-220 is premised on the basis that firm is subject to SQC 1. Within context of Fifirm’s system of QC, ETs have a responsibility to implement QC procedures that are applicable to the audit engagement.
2.2 Leadership Responsibilities for Quality in Audits
EP is to take responsibility for overall quality on each audit engagement. As a part of this responsibility, EP should emphasize following to engagement team (ET):
- Compliance with professional Standards and regulatory and legal requirements.
- Compliance with firm’s Quality Control Policies and procedures as applicable.
- Issuance of appropriate audit report.
- Ability to raise concerns without fear.
- Quality is essential & indispensable in engagement performance.
2.3 Relevant Ethical Requirements
In relation to ethical requirements in an audit engagement, EP is responsible for:
- Identifying a threat to independence that safeguards may not be able to eliminate or reduce to an acceptable level.
- Reporting by EP to relevant persons within the firm to determine appropriate action, which may include eliminating the activity or interest that creates the threat, or withdrawing from the audit engagement, where withdrawal is legally permitted.
2.4 Independence
EP shall form a conclusion on compliance with independence requirements that apply to audit engagement. In doing so, EP shall obtain relevant information from firm &, where applicable, network firms, to identify & evaluate circumstances and relationships that create threats to independence.
2.5 Acceptance & Continuance of Client Relationship & Audit Engagement
- Responsibility of EP is on lines of SQC 1 which requires that firm should obtain such information as it considers necessary
-
- before accepting an engagement with a new client,
- when deciding whether to continue an existing engagement, &
- when considering acceptance of a new engagement with an existing client.
- EP shall be satisfied that appropriate procedures regarding acceptance & continuance of client relationships and audit engagements have been followed, and shall determine that conclusions reached in this regard are appropriate.
- If EP obtains information that would have caused firm to decline audit engagement had that information been available earlier, EP shall communicate that information promptly to firm, so that firm and EP can take the necessary action.
Examples of information which may cause the firm to withdraw
- Integrity of principal owners, key management and TCWG of the entity;
- Competency of ET to perform the audit engagement and availability of necessary capabilities, including time and resources;
- Compliance with relevant ethical requirements by firm and the ET; and
- Significant matters that have arisen during current or previous audit engagement, and their implications for continuing the relationship.
2.6 Engagement Quality Control Review (EQCR)
For audits of F.S. of listed entities, & those other audit engagements, if any, for which firm has determined that an EQCR is required, EP shall:
(a) Determine that an EQC reviewer has been appointed.
(b) Discuss significant matters arising during the audit engagement, including those identified during the EQCR, with the EQC reviewer.
(c) Not date the auditor’s report until the completion of the EQCR.
Matters to be evaluated by EQC Reviewer
EQC reviewer shall perform an objective evaluation of significant judgments made by the ET, and conclusions reached in formulating auditor’s report. This evaluation shall involve:
(a) Discussion of significant matters with the EP.
(b) Review of F.S. and the proposed auditor’s report.
(c) Review of selected audit documentation relating to the significant judgments the ET made and the conclusions it reached and
(d) Evaluation of conclusions reached in formulating auditor’s report and consideration of whether the proposed auditor’s report is appropriate.
Additional Considerations in audit of F.S. of Listed Entities:
- ET’s evaluation of firm’s independence in relation to audit engagement.
- Whether appropriate consultation has taken place on matters involving differences of opinion/difficult matters & conclusions arising from consultations.
- Whether audit documentation selected for review reflects the work performed w.r.t. significant judgments made & supports the conclusions reached.
Note: Performance of EQCR does not reduce the responsibilities of the EP for the audit engagement and its performance.
2.7 SQC 1 vs. SA 220
SQC 1 | SA 220 |
Applies to entire firm & fix responsibility of firm to be assumed by CEO/Managing partners. | Applies to a particular audit engagement & EP takes responsibility of the same. |
Applicable to audits, reviews of historical financial Information, other assurance & related services engagements. | Applicable to audit engagements only. |
SQC 1 relates to setting up of a quality control system consisting of policies and procedures for firm as a whole. | SA 220 deals with responsibilities of ETs to implement QC procedures that are applicable to audit engagements. |
SQC 1 pertains to establishing a system of QC designed to provide firm with a reasonable assurance that a firm and its personnel comply with professional standards & regulatory & legal requirements so that reports issued by firm/EPs are appropriate. | SA 220 is premised on basis that firm is subject to SQC 1. Hence, SQC 1 is sine qua non for applicability of SA 220. It is within overall context of a firm’s system of QC, ETs implement QC procedures applicable to audit engagements. |
3. Mechanisms for Review of Quality Control
3.1 Peer Review Board (PRB)
PRB is constituted by Council of ICAI. Main objective of PRB is to ensure that, in carrying out assurance assignments:
(a) Technical, professional & ethical standards including regulatory requirements are complied with by members of ICAI.
(b) Proper systems are in place including documentation thereof which amply demonstrate quality of assurance services provided by members.
Points to remember
- Peer review – Examination and review of systems & procedures to determine whether same have been put in place by Practice Unit for ensuring quality of assurance services as envisaged by the technical, professional & ethical Standards or any other regulatory requirements.
- On completion of this exercise, a “Peer Review Certificate” is issued in case of unqualified report. In case of a qualified report, it is informed to PU that same cannot be issued along with the reasons therefor as well as inform about the due date for conducting a follow-on review as may be decided by the Board.
3.2 Quality Review Board
- Quality review Board has been set up by C.G. It consists of members nominated by C.G. and Council of ICAI. Functions of QRB are:
-
- To make recommendations to the Council regarding the quality of services provided by the members of the Institute;
- To review the quality of services provided by the members of the Institute including audit services and
- To guide the members of the Institute to improve the quality of services and adherence to the various statutory and other regulatory requirements.
- Statutory auditors in respect of the companies are identified for their audit quality review based upon risk-based approach.Review is carried out by technical reviewers who are empanelled by QRB.
3.3 National Financial Reporting Authority (NFRA)
- NFRA has been constituted in terms of Sec. 132(1) of Companies Act, 2013. Duties of NFRA include the following:
-
- Monitor & enforce compliance with ASs and auditing standards.
- Oversee quality of service of professions associated with ensuring compliance with such standards and suggest measures for improvement in the quality of service.
- NFRA has power to monitor and enforce compliance with ASs & auditing standards and oversee the quality of service u/s 132(2) or undertake investigation u/s 132(4) of the auditors of certain class of companies.Such companies include listed companies, insurance companies, banking companies and other companies as provided for in Rule 3 of NFRA Rules, 2018.
Note: Overseeing quality of audit services of listed companies falls under the purview of NFRA.
Disclaimer: The content/information published on the website is only for general information of the user and shall not be construed as legal advice. While the Taxmann has exercised reasonable efforts to ensure the veracity of information/content published, Taxmann shall be under no liability in any manner whatsoever for incorrect information, if any.
Taxmann Publications has a dedicated in-house Research & Editorial Team. This team consists of a team of Chartered Accountants, Company Secretaries, and Lawyers. This team works under the guidance and supervision of editor-in-chief Mr Rakesh Bhargava.
The Research and Editorial Team is responsible for developing reliable and accurate content for the readers. The team follows the six-sigma approach to achieve the benchmark of zero error in its publications and research platforms. The team ensures that the following publication guidelines are thoroughly followed while developing the content:
- The statutory material is obtained only from the authorized and reliable sources
- All the latest developments in the judicial and legislative fields are covered
- Prepare the analytical write-ups on current, controversial, and important issues to help the readers to understand the concept and its implications
- Every content published by Taxmann is complete, accurate and lucid
- All evidence-based statements are supported with proper reference to Section, Circular No., Notification No. or citations
- The golden rules of grammar, style and consistency are thoroughly followed
- Font and size that’s easy to read and remain consistent across all imprint and digital publications are applied