Apycom Java Applets
  Apycom Java Applets
 

Glossary of Peer Review and Quality Control Terms

Peer Review Guide > Glossary of Peer Review and Quality Control Terms

A - E
   Accounting and auditing practice
   Center for Public Company Audit Firms
   Center Peer Review Program
   Client and engagement acceptance and continuance
   Control risk (peer review)
   Detection risk (peer review)
   Elements of quality control
   Engagement performance
   Engagement review

F - J
   Independence, integrity and objectivity
   Inherent risk (peer review)
   Inspection

K - P
   Letter of comments
   Letter of response
   Materiality
   Matter for further consideration (MFC)
   Monitoring
   Monitoring procedures
   Peer review risk
   Personnel management
   Pre-issuance and post-issuance reviews of engagements

Q - Z
   Quality control document
   Quality control system
   RAB (Report Acceptance Body)
   Report review
   Risk: peer review | detection | control
   SECPS peer review
   System review
   Systemic deficiency

Definition: The Statements on Quality Control Standards apply to all firms with an accounting or auditing practice. Under SQCS No. 2 accounting and auditing practice refers to all audit, attest, accounting and review, and other services for which standards have been established by the AICPA Auditing Standards Board or the AICPA Accounting and Review Services Committee under rule 201 or 202 of the AICPA Code of Professional Conduct (AICPA Professional Standards, vol. 2, ET sections 201 and 202).

The AICPA Peer Review Program has adopted this definition and requires that peer reviewer consider all such engagements in determining the scope of a peer review. Specifically peer reviewers are required to consider engagements covered by:

• Statements on Auditing Standards (SASs)
• Statements on Standards for Accounting and Review Services (SSARSs)
• Statements on Standards for Attestation Engagements (SSAEs)
• Government Auditing Standards (the Yellow Book), issued by the U.S. General Accounting Office (GAO).

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: The Center for Public Company Audit Firms (the Center) was established January 1, 2004 as a successor organization to the SEC Practice Section of the AICPA. Membership in the Center is voluntary.

The Center supports member firms that audit or are interested in auditing public companies. The Center is designed to:

• Provide a forum for member firms to express their views on technical and regulatory matters involving public company audit practice
   
• Enhance the quality of member firms’ public company audit practices through the development of technical and educational information, the communication of SEC and PCAOB developments, and the sharing of best practices information
   
• Develop relationships with, act as a liaison to, and communicate on issues with the SEC, PCAOB and others for the purpose of expressing the member firms’ views relating to public company audit practice
   
• Propose solutions and advance positions to the SEC and PCAOB on behalf of member firms (particularly critical for smaller firms who do not have the resources or connections to represent their own views)
   
• Administer a peer review program for member firms non-SEC practice, since PCAOB will only be inspecting issuer practices

The Center Peer Review Program is designed to review and evaluate those portions of a firm's accounting and auditing practice that are not inspected by the Public Company Accounting Oversight Board (PCAOB) (i.e., the non-SEC issuer practice) so firms can meet their state licensing, federal regulatory and/or AICPA membership requirements.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: The Center Peer Review Program is overseen by the Center for Public Company Audit Firms (the Center) and is designed to review and evaluate those portions of a firm's accounting and auditing practice that are not inspected by the Public Company Accounting Oversight Board (PCAOB) (i.e., the non-SEC issuer practice) so firms can meet their state licensing, federal regulatory and/or AICPA membership requirements. The Center was established January 1, 2004 as a successor organization to the SEC Practice Section of the AICPA. Membership in the Center is voluntary.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: SQCS No. 2 requires a firm to consider the acceptance of client engagements in addition to considering client relationships. This element emphasizes that firms should establish policies and procedures for deciding whether to accept or continue a client relationship and whether to perform a specific engagement for that client. Such policies should include reasonable assurance for the following items:

• The likelihood of association with a client whose management lacks integrity is minimized.
• Undertakes only those engagements that the firm can reasonably expect to be completed with professional care.
• Considers the risks associated with providing professional services in the particular circumstances.

While professional pronouncements already require a CPA firm to accept only those engagements it can complete with professional competence, a firm must also include policies and procedures to do so in its system of quality control.

In addition, a firm must establish policies and procedures that provide for obtaining an understanding with the client about the nature, scope, and limitations of the services to be performed. SQCS No. 2 refers the practitioner to professional standards for guidance on whether the understanding should be oral or written.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: Peer review control risk is the risk that a firm’s system of quality control will not prevent the performance of an engagement that does not conform with professional standards. Control risk is further divided into two parts:

• The firm’s control environment.
• The firm’s quality control policies and procedures.

The control environment represents the collective effect of various factors that establish, enhance, mitigate, or cancel the effectiveness of specific quality control policies and procedures. Tone at the top is critical. The control environment reflects the overall attitude, awareness, and actions of firm management and the message management sends to employees concerning the importance of quality work and the firm’s emphasis on quality.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: Peer review detection risk is the risk that the peer review team will fail to detect design or compliance deficiencies in the reviewed firm’s system of quality control that might result in the firm:

• Having less than reasonable assurance of conforming with professional standards (the basis for a modified report); or
• Constitute conditions whereby there is more than a remote possibility that the firm will not conform with professional standards on accounting and auditing engagements (the basis for a letter of comments finding).

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: SQCS No. 2 defines five elements of a system of quality control along with the objective of each element. In addition, the standard outlines various types of polices and procedures to consider when developing a system of quality control. The best system is the one that provides the firm with reasonable assurance of conforming to professional standards and the standards of the firm. The quality control policies and procedures applicable to a firm’s accounting and auditing practice should encompass the following five quality control elements:

1. Independence, integrity and objectivity
2. Personnel management
3. Client and engagement acceptance and continuance
4. Engagement performance
5. Monitoring

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: This is the element that most firms think of when they think of a peer review. It also generally takes the most time with respect to monitoring or the performance of a peer review. The engagement performance element requires firms to establish policies and procedures to cover:

• Planning, performing, supervising, reviewing, documenting, and communicating the results of each engagement in accordance with the applicable professional standards.
• Assuring that personnel refer to authoritative literature or other sources and consult, when appropriate, on a timely basis within or outside the firm.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: Engagement reviews are available only to firms that perform no engagements under the Statements on Auditing Standards (SASs), or examinations of prospective financial statements under the Statements for Standards for Attestation Engagements (SSAEs.) Firms required to have an engagement review may elect to have system review. 

• Firms that perform only compilation engagements that omit substantially all disclosures will be subject only to a report review, which is described below. (Although inclusion of selected disclosures for financial statements that otherwise omit substantially all disclosures are subject to an engagement review.)
• An engagement review will carry an additional objective to assess whether working paper documentation conforms with the requirements of SSARS and SSAEs, as applicable to those engagements in all material respects.

An engagement review provides no opinion on the reviewed firm's system of quality control and therefore the reviewer is not opining on the firm's compliance with its own quality control policies and procedures or with AICPA quality control standards. It merely provides limited assurance that the submitted reports, financial statements and information conform with the requirements of Professional Standards and documentation are in conformity with SSARS and the SSAEs.

Since an engagement review does not require a firm to document any work other than that required by SSARS or SSAEs, the peer reviewer only expresses limited assurance on whether the firm's documentation conforms with those standards. Some examples of the documentation that a reviewer would consider in his or her procedures include:

Documents to send to the reviewer: For each engagement selected for review, the reviewed firm should submit the following:

• Appropriate financial statements or information and the accountant's report.
• Engagement Questionnaire (PRP §6100.14) for each financial statement submitted for review. This form provides specified background information and representations about each engagement.
• The firm's documentation required by SSARS and the SSAEs for each engagement. Some examples of the documentation that a reviewer would consider in his/her procedures include:
  • Management representation letter on review engagements.
  • Documentation of the matters covered in the accountant's inquiry and analytical procedures in a review engagement.
  • Unusual matters that the accountant considered during the performance of the review including their disposition.
  • Documentation as may be required by SSAEs.
  • Engagement letter for SSARS No.8 compilations, if any were selected.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: Firms are required to establish policies and procedures assuring that personnel maintain independence (in fact and appearance) in all required circumstances; perform all professional responsibilities with integrity, and maintain objectivity while performing those responsibilities.

Independence, integrity and objectivity are described in more detail in the AICPA Code of Professional Conduct and AICPA Professional Standards AU §220, Independence. The concept of independence embodies the notion of impartiality. It includes an obligation to be fair not only to the entity being reported upon, but also to those who may otherwise use the report. Integrity is the requirement for the practitioner to be honest and candid within the boundaries of client confidentiality for which service and the public trust should not be subordinated to personal gain or advantage. Objectivity is the practitioner’s state of mind and carries with it the obligation to be impartial, intellectually honest and free of conflicts of interest.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: Inherent peer review risk is the likelihood that an accounting or auditing engagement will fail to conform with professional standards, assuming the firm does not have a system of quality control. In other words, given the firm’s existing clients and its existing professional talent, what is the risk that an engagement would not conform with professional standards without the normal checks and balances provided by a system of quality control?

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: An inspection is a set of monitoring procedures that a CPA firm performs with respect to its accounting and auditing practice.

The need for and extent of inspection procedures depends on the existence and effectiveness of other monitoring procedures. The firm’s size, number of offices, organizational structure, and the nature, diversity and complexity of its practice affect decisions about the need for and extent of inspection procedures. The results of recent practice reviews and previous inspections also influence the decisions. In addition, appropriate cost-benefit considerations may be considered, but this does not relieve the firm of its responsibility to effectively monitor its practice. Although the standards do not specifically require the performance of inspections, it is unlikely that most firms will be able to maintain effective monitoring without one. Typical inspection procedures include:

• Review of selected administrative and personnel records that relate to quality control elements.
• Review of engagement documentation, reports, and clients’ financial statements.
• Discussions with the firm’s personnel.
• Summarization of inspection findings at least annually and consideration of their systemic causes.
• Determination of corrective action with respect to specific engagements or to the firm’s system of quality control.
• Communication of inspection findings to appropriate firm management personnel.
• Oversight by firm management to determine that proper, timely adjustments are made to the firm’s QC system.

Inspection procedures may be performed at a fixed time of year, on an ongoing basis, or a combination of the two.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: A letter of comments (LOC) is prepared by a reviewer to report matters (including the matters, if any, that resulted in a modified or adverse report) that the review team believes resulted in conditions being created in which there was more than a remote possibility that the firm would not conform with professional standards on accounting and auditing engagements and to set forth recommendations regarding those matters.

Findings in a letter of comments can arise from:

1. Weaknesses in the design of the reviewed firm’s system of quality control that result in a condition in which there is more than a remote possibility that the firm will conform with professional standards on accounting and auditing engagements.
2. Instances of non-compliance with the system of quality control that result in a condition in which there is more than a remote possibility that the firm will conform with professional standards on accounting and auditing engagements

The LOC also provides recommendations to assist the firm in implementing changes to policies or procedures to meet the requirements of the quality control standards for an accounting and auditing practice established by the AICPA.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: A letter of response (LOR) is prepared by the reviewed firm to describe the specific action(s) the firm plans to take with respect to each finding/recommendation in the reviewer's letter of comments. The specific actions are normally described by showing how the firm will adjust its policies or practices to prevent recurrence of the types of matters noted in the reviewer's findings.

If a firm disagrees with a finding or recommendation and the firm and reviewer can not resolve the disagreement, the firm should indicate the disagreement in it LOR and describe the reason and underlying support for the firm's disagreement.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: Materiality is a concept that relates to the quantitative and qualitative importance of matters related to financial statements. A peer review includes a review of the financial statements that a CPA firm has audited, reviewed or complied.  During a peer review, a reviewer may note a deficiency in a financial statement that a CPA firm has reported on. Judgments about materiality of these deficiencies have a bearing on the overall conclusions reached by a peer reviewer. U.S. and international definitions of materiality are very similar as noted below:

U.S. Generally Accepted Accounting Principles from Financial Accounting Standards Board (FASB) Statement of Financial Accounting Concepts No. 2, Qualitative Characteristics of Accounting Information defines materiality as:

"¼the magnitude of an omission or misstatement of accounting information that, in the light of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement."

International Auditing Standards define materiality in the glossary of the International Accounting Standards Board’s “Framework for the Preparation and Presentation of Financial Statements” as:

Materiality—Information is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the financial statements. Materiality depends on the size of the item or error judged in the particular circumstances of its omission or misstatement. Thus, materiality provides a threshold or cutoff point rather than being a primary qualitative characteristic which information must have if it is to be useful.

See the Materiality page for an expended descriptions of current and new U.S. auditing standards, international auditing standards, the application of materiality to audits, reviews and compilations and considerations related to peer reviews.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: A matter for further consideration (MFC) form is used by a reviewer to record and track matters that may require additional follow-up.  For example, a reviewer might use the form to record an instance where a required procedure was not performed or documented, a required financial statement disclosure was omitted, or a transaction was not accounted for correctly. 

An MFC form is also used to record questions about the design of or compliance with the firm's quality control system.

Once prepared, If a firm agrees with the comments written on the MFC form, the engagement partner should indicate his/her agreement and consider the underlying causes of deficiencies noted. If the firm disagrees with the matter, he/she should provide support for that position, including citations from professional standards that support the position.

Often a matter may be resolved satisfactorily with the MFC form showing that no deficiency exists. For example, the firm may have located the documentation in question or provided support for a particular position taken.

Preparation of an MFC form does not imply that a deficiency exists -- only that the reviewer has questions that require additional information from the firm. After the MFC form is prepared, it is given to the reviewed firm (as early as possible in the review process) so that the firm has time to research the issue and respond on the form.

After reviewing the firm's response, the reviewer considers whether the firm's response is appropriate, prepares additional team captain comments, if necessary, and evaluates whether to incorporate the matter into a letter of comments finding.

The fact that an MFC is ultimately resolved to the reviewer's satisfaction does not imply that the MFC form should not have been prepared in the first place.  Resolution of an MFC with no LOC implications is a common occurrence. 

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: Monitoring procedures, which may or may not include inspection procedures, provide the firm with a way to identify and communicate circumstances that could indicate the need to change its system of quality control or to improve its level of compliance with the system. Monitoring is required under the quality control standards for all firms.

SQCS No. 2 defines inspection as a retroactive evaluation of whether the firm’s policies and procedures, guidance materials, and practice aids continue to be appropriate, whether its professional development activities are effective and the degree of the firm’s compliance with its policies and procedures and professional standards. Inspection procedures are not required by SQCS Nos. 2 and 3 if other effective monitoring procedures, such as appropriate pre-issuance or post-issuance review procedures, exist.

Monitoring is essential for a firm if it is to keep up with changes that could affect the firm’s practice and to make needed changes on a timely basis. For example, the ongoing nature of monitoring provides the firm with the opportunity to identify new pronouncements that might affect its clients or the firm’s engagements or whether all professionals are meeting applicable CPE requirements.

The AICPA Peer Review Programs have issued guidance on monitoring that advises firms to seek advice on monitoring issues from their peer reviewers. Therefore, firms with questions about how to implement this part of the standard should consider asking their reviewers about the specific procedures that should performed in conjunction with monitoring. Reviewers can also help firms to tailor their procedures to match the unique characteristics of the firm’s practice.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: The quality control standards provide guidance for implementing monitoring procedures and lists the following examples of monitoring procedures:

• Inspection procedures
• Pre- or post-issuance review of selected engagements
• Review of selected administrative and personnel records pertaining to the QC elements
• Analysis and assessment of
• New professional pronouncements
• Results of independence confirmations
• Continuing professional development and similar activities
• Client/engagement acceptance and continuation decisions
• Interviews of firm personnel
• Determination of QC system corrective actions
• Communication of weaknesses identified in the QC system or in personnel’s understanding or compliance with the system
• Follow-up by appropriate personnel to ensure timely, necessary modifications to the QC system

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: Peer review risk is the risk the peer review team will

• Fail to identify significant weaknesses in the reviewed firm’s system of quality control or compliance with it;
• Issue an inappropriate opinion on the reviewed firm’s system of quality control for its accounting and auditing practice and/or compliance with that system; or
• Reach an inappropriate decision about whether to issue a letter of comments and/or about the findings to be included in or excluded from the letter of comments.

Peer Review Risk = Inherent Risk x Control Risk x Detection Risk

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: The firm’s policies and procedures related to personnel management should provide it with reasonable assurance that

• Personnel hired have attributes that allow them to perform competently.
• Work is assigned to those with the right amount of technical skill and training for the assignment.
• Staff selected for advancement possess the qualifications necessary to assume the associated additional
responsibilities.
• Personnel participate in general and industry specific continuing professional education and other professional development activities that enable them to fulfill their assigned responsibilities and the requirements of the AICPA and regulatory bodies.

SQCS No. 2 requires the firm to ensure that all professional personnel have both general and industry-specific knowledge and skills that relate to the types of clients and services they perform. Rather than just counting CPE hours, firms must give careful thought about the subject matter of CPE courses taken by its people and how best to provide them with the skills they need. Professional personnel generally refers to all individuals who perform professional services for which the firm is responsible whether or not they are CPAs. Professional personnel ordinarily include:

• CPAs and individuals qualified to seek that status.
• Part-time employees who work year round on accounting and auditing engagements.
• Individuals who provide client services on accounting and auditing engagements regardless of their education, depending on the type of duties performed. The firm should consider whether:
1. The work is directly related to the practice of public accounting and performed for a specific client, or
2. The work is clerical and repetitive and requires no professional judgment and is supervised.

The standard includes a requirement for firms to establish policies and procedures to meet applicable CPE requirements of the AICPA and regulatory agencies, such as state boards of accountancy and the U.S. General Accounting office. However, these standards do not change existing CPE requirements.

It is the firm’s judgment that decides whether an individual is a professional subject to the CPE requirements; however, peer reviewers should question decisions that appear to be unreasonable.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: A pre-issuance or post-issuance review is a set of procedures that include review of engagement documentation, reports, and clients’ financial statements.  A pre-issuance or post-issuance review may be considered part of the firm’s monitoring procedures if performed by a qualified management-level individual not directly associated with the performance of the engagement (or by a qualified person under his or her direction.) Management-level individuals include:

• All owners of the firm.
• Individuals within the firm with a managerial position, as the AICPA Code of Professional Conduct defines a managerial position.

Pre- or post-engagement review procedures may also be considered inspection procedures if the following conditions are met: The procedures are sufficiently comprehensive to permit the reviewer to assess compliance with all applicable professional standards. Findings that indicate the need for improved compliance with or design of the firm’s QC system are periodically summarized, documented, and communicated to the person responsible for the oversight of the system. Management responsible for the system determines, on a timely basis, the systemic causes of findings that indicate improvements are needed and takes the appropriate action necessary in response to the findings. The firm implements, communicates to affected personnel, and monitors corrective action on a timely basis.

A pre-issuance or post-engagement review by the person with final engagement responsibility cannot be considered a monitoring procedure. However, see the next section for the exception to this general rule as it may apply to a small firm with respect to a post-issuance review.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: A quality control document (QCD) is the expression of a firm's quality control policies and procedures in written form.

A firm is not required to have a written QCD, but as the size of a firm increases, the ability to effectively and consistently communicate the firm's policies and procedures becomes increasingly difficult without a written document.

In its simplest form, a QCD can be a copy of the quality control policies and procedures questionnaire that is prepared for the external peer reviewer.  A more typical format is a manual which outlines the firm's specific policies and procedures as they relate to the five elements of quality control.  

Sample QCD for a regional/local firm or sole practitioner with no staff.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: The standard broadly defines a system of quality control as a "process to provide the firm with reasonable assurance that its personnel comply with applicable professional standards and the firm’s standards of quality."

1. A QC system includes the firm’s organizational structure and the policies adopted and procedures established.
2. The firm’s QC system should be appropriately comprehensive and suitably designed, although the nature, extent and formality of a system will vary from firm to firm.
3. Factors that affect the nature and design of policies and procedures include: the firm’s size, the number of offices, the degree of authority allowed its personnel and its offices, the knowledge and experience of its personnel, the nature and complexity of the firm’s practice, and appropriate cost-benefit considerations.
4. Variance in an individual’s performance and understanding of professional standards or the firm’s quality control policies and procedures can reduce the effectiveness of the firm’s system.

A system of quality control consists of 5 elements of quality control

The concept of "reasonable assurance" within a system of quality control means that no system can be designed to guarantee error-free performance. This inherent limitation recognizes that individuals perform within a system of quality control. As such, variance in an individual’s performance and understanding of professional standards or the firm’s standards can reduce the effectiveness of an otherwise strong system of quality control. Accordingly, a deficiency in an individual engagement does not, in and of itself, indicate that the firm’s overall system is insufficient to meet the standard of reasonable assurance.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: A Report Acceptance Body (RAB) is the formally designated group, usually at the state CPA society, that formally approves AICPA PRP peer review reports. The AICPA also delegates to this group the authority to require firms to undergo additional monitoring, if appropriate. A RAB also exercises routine oversight over its reviewers.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: This type of review applies only to firms that perform compilations that omit substantially all disclosures. There is one exception to this general rule. If the firm compiles financial statements that include, as referred in the SSARSs, "selected information - substantially all disclosures required are not included," then the firm must undergo an engagement review. At its option, a firm required to have only a report review, may elect to have either a system review or an engagement review.

Like an engagement review, a report review provides no opinion on the reviewed firm's system of quality control. Therefore the reviewer does express an opinion on the firm's compliance with its own quality control policies and procedures or with AICPA quality control standards.

At the conclusion of the report review, the reviewer gives the firm a report that lists comments and recommendations, if any, based on whether the financial statements and the related accountant's reports appear to conform with the requirements of professional standards in all material respects. The report is not identified as unmodified, modified, and adverse, and there is no separate letter of comments or letter of response as might be the case with system and engagement reviews. An authorized member of the reviewed firm must sign the report acknowledging that there are no disagreements on significant matters, and that the firm agrees to correct all matters that are commented upon within the report.

Documents to send to the reviewer: For each engagement selected for review, the reviewed firm should submit the following:

• A copy of the financial statements and the accountant's report. The client's name may be deleted and, if that is done, the engagement should be assigned a code number by the firm. The firm should retain a record of those code numbers to facilitate responding to any questions by the reviewer in the course of the review.
• A completed "Engagement Questionnaire" (PRP §7100.13) for each engagement selected for review.
• Engagement letter for SSARS No. 8 compilations, if any were selected.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: [Note: SECPS peer review are no longer performed as of January 1, 2004. See Center for Public Company Audit Firms.]  SECPS peer reviews were nearly identical in their objectives to  the AICPA Peer Review Program system reviews with some exceptions. The principle exceptions were:

• Firm that performs SEC audit engagements were required to belong to the SEC Practice Section (SECPS) of the American Institute of Certified Public Accountants.
• An SECPS peer review tested for compliance with SECPS membership requirements.
• SECPS peer reviews were approved by the AICPA SECPS Peer Review Committee and subject to oversight by the Public Oversight Committee. 
• SECPS peer review report formats were different
• Firms' peer review report and letter of comments were included in a public file.
• SECPS peer reviewers were required to be members of SECPS firms.

Top of definitions   A-E   F-J   K-P   Q-Z

Definition: System reviews apply to firms that performs engagements under:

• Statements on Auditing Standards (SASs)
• Government Auditing Standards (the yellow book), issued by the U.S. General Accounting Office, or
• Examinations of prospective financial information under the Statements on Standards for Attestation Engagements (SSAEs)

A system review is generally performed every three years and is intended to provide the reviewer with a reasonable basis for expressing an opinion whether, for the year under review, the reviewed firm:

• Has designed its system of quality control for its accounting and auditing practice in accordance with AICPA quality control standards.
• Is complying with its quality control policies and procedures in a way that will provide the firm with reasonable assurance of conforming with professional standards.

A system review includes the issuance of a separate report, letter of comments (if applicable), letter of response (if applicable), technical review, committee acceptance, and monitoring actions (if considered appropriate.) 

Top of definitions   A-E   F-J   K-P   Q-Z

Definition:  A system deficiency is a condition within a firm's system of quality control that increases the firm’s risk that it may depart from professional standards in some material respect and not detect that departure on a timely basis. Like conditions that you might find in a client’s internal control structure, systemic weaknesses in a CPA firm’s quality control system can exist in the:

• Design of policies and procedures or
• Application and execution of policies and procedures.

The presence of an engagement deficiency does not automatically correlate to the existence of a systemic deficiency because engagement deficiencies can occur as the result of isolated human error.

Correcting a systemic deficiency first involves identifying the underlying weakness in a quality control policy. This weakness can be the in the design of the policy or procedure or in the firm's compliance with it.  It can also result from an individual's understanding or application of a particular QC procedure.

Top of definitions   A-E   F-J   K-P   Q-Z

Peer Review Guide > Glossary of Quality Control and Peer Review Terms

Copyright © 1997-2002, Duane Reyhl, CPA
Updated: May 28, 2006