Implementation Guide for

Audit Quality Maturity Model

Version 1.0 (AQMM v1.0)

Implementation Guide for Audit Quality Maturity Model – Version 1.0 (AQMM v1.0)
ISBN : 978-93-0000-00-0

July | 2021 | P0000 (New) Center For Audit Quality

Implementation Guide for Audit
Quality Maturity Model –
Version 1.0 (AQMM v1.0)

Centre for Audit Quality

The Institute of Chartered Accountants of India
(Set up by an Act of Parliament)
New Delhi
© The Institute of Chartered Accountants of India
All rights reserved. No part of this publication may be reproduced, stored in a
retrieval system, or transmitted, in any form, or by any means, electronic
mechanical, photocopying, recording, or otherwise, without prior permission,
in writing, from the publisher.
DISCLAIMER:
The views expressed in this material are those of author(s). The Institute of
Chartered Accountants of India (ICAI) may not necessarily subscribe to the
views expressed by the author(s). The information in this material has been
contributed by various authors based on their expertise and research. While
every effort has been made to keep the information cited in this material error
free, the Institute or its officers do not take the responsibility for any
typographical or clerical error which may have crept in while compiling the
information provided in this material. There are no warranties/claims for
ready use of this material as this material is for educational purpose. The
information provided in this material are subject to changes in technology,
business and regulatory environment. Hence, members are advised to apply
this using professional judgement. All copyrights are acknowledged. Use of
specific hardware/software in the material is not an endorsement by ICAI.

First Edition : Feb, 2022

Committee/Department : Centre for Audit Quality, ICAI
E-mail : caq@icai.in
Website : http://www.icai.org
ISBN : 978-93-90668-68-7

Typeset by : Elite-Art, New Delhi-110002

Published by : The Publication Department on behalf of the
Institute of Chartered Accountants of India,
ICAI Bhawan, Post Box No. 7100,
Indraprastha Marg, New Delhi - 110 002.
Printed by : Sahitya Bhawan Publications, Hospital
Road, Agra - 282 003.
 Foreword
Audit Quality is a very important aspect of the Chartered Accountancy
Profession. With the changing business dynamics and in the advanced digital
era, auditors today need to reinvent themselves and use technologies like
Robotic Process Automation and Data Analytics, like force and speed
multipliers. They would need to continuously upskill themselves and invest in
their people. There are a variety of factors that will contribute to the success
of the auditor but none is more omnipresent than independence.

Professional skepticism should survive personal and professional barriers

and focus should be not only on ‘audit what is there’ and also on ‘audit what
is not there’. Today ‘independent elements’ in those charged with
governance of an entity are under increased scrutiny and would be a good
ally for the auditor.
Audit quality is a complex subject and no analysis of it has achieved
universal recognition. Audit quality cannot be measured so the judgement of
audit quality can be highly subjective. At a macro level, all this can be
achieved when there is awareness about audit quality, key stakeholders are
encouraged to explore ways to improve audit quality, and greater dialogue is
facilitated between the key stakeholders.
Even though the bird’s eye view of an audit firm’s overall audit quality is
important, what is relevant is the worm’s eye view of the quality of the
engagement. The Audit Quality Maturity Model (AQMM) is an amalgamation
of a well-researched set of Audit Quality Indicators (AQIs), which will not only
help firms to arrive at their current maturity level but will also provide a
mechanism to help and guide the members to specifically improve upon their
audit quality.

I am happy that the AQMM v1.0 released by the Centre for Audit Quality of
ICAI will provide a model that will help in creating demand for audit quality
and protect the interests of all stakeholders.
I compliment CA. Durgesh Kumar Kabra, Convenor, CA. Shriniwas Y. Joshi,
Deputy Convenor, CA. (Dr.) Debashis Mitra, Vice President and other
members of the Centre for Audit Quality for bringing out this Implementation
Guide to assist the members in enhancing their audit quality.
I am confident that the members and other stakeholders would find the
Implementation Guide highly useful in their audit journey.

CA. Nihar N. Jambusaria

President, ICAI
Place: New Delhi
Date: Feb, 2022

iv
 Preface
Audit quality is the hallmark of the audit profession. It is very essential to
perform an audit of high quality to create trust in the external stakehol ders
and users of the financial information. Today business organizations,
industry, and the Government rely upon the assurance given by the
Chartered Accountants for sound financial accounting, reporting, and
effective financial management. Chartered Accountants with their strong
expertise render high-quality services that ultimately benefit the economy.
So how can one spot audit quality? It can be seen at the engagement, firm
and national level. Audit Quality indicators are taken as a whole to help Audit
Committees, Auditors and Investors to evaluate the job of their auditors. At a
firm level, the AQIs could include the tone at the top which may be gauged
based on an independent survey of firm personnel, firm’s independence
policies, Investment in people, process and technology, Relationship
between audit quality and financial reporting quality. At the engagement
level, Alignment of auditor compensation to audit quality, Allocation of hours
to risk areas, timely reporting of internal control weaknesses and going
concern issues in the auditor’s report, Internal quality review and Peer review
findings, etc. The firm should have the ability to consistently deliver high -
quality services and engagements on time and within budget.
The AQMM v1.0 has been developed after deep international research on
systems to enhance audit quality and widespread outreach activities have
been conducted across India. This capacity-building measure of ICAI will
significantly empower the firms to be able to improve their audit quality. The
AQIs should raise more questions, bring about competition between audit
firms and create market demand for audit quality.
We would like to profusely thank all the members of the Group constituted to
help develop the Audit Quality Maturity Model – Version 1.0, viz., CA. Aniket
Sunil Talati, CCM, CA. G. Sekar, CCM, CA. M P Vijay Kumar, CCM, CA.
Prakash Sharma, CCM, CA. (Dr.) Sanjeev Kumar Singhal, CCM, CA. Amarjit
Chopra, Past President, CA. Nilesh Vikamsey, Past President, CA. Archana
Bhutani, CA. Manish Sampat, CA. P. R. Ramesh, CA. Rajani Kesari, CA.
Rakesh Rathi, Ms. Ritika Bhatia, Principal Director (Commercial), Office of
the CAG, CA. Shailesh Haribhakti, CA. Sushil Agarwal, CA. Vikas Kasat, and
CA. Vikas Pansari for their dedication and support. We would especially like
to thank CA. (Dr.) Debashis Mitra, Vice President, ICAI for his able
leadership as Convenor of the Group to help develop Audit Quality Maturity
Model – Version 1.0.
We would also like to thank all members of the Centre for Audit Quality -
CA. Nihar N Jambusaria, President, ICAI (Ex-officio member), CA. (Dr.)
Debashis Mitra, Vice President, ICAI (Ex-officio member), CA. Atul Kumar
Gupta, CA. Nandkishore Chidamber Hegde, CA. G. Sekar, CA. Prakash
Sharma, CA. Satish Kumar Gupta, CA. (Dr.) Sanjeev Kumar Singhal and the
special invitees to the CAQ - CA. T.V. Mohandas Pai, Chairman, Aarin
Capital Partners, Ms. Ritika Bhatia, Principal Director (Commercial), Office of
C&AG and Mr. Atma Sah, Joint Director, Ministry of Corporate Affairs.
We are extremely thankful to CA. Nihar N. Jambusaria, President, ICAI and
CA. Atul Kumar Gupta, Past President for taking the visionary step of setting
up the Special Purpose Directorate - Centre for Audit Quality (CAQ) and for
supporting the activities of the Centre for Audit Quality.
We also wish to thank CA. Ambalika Singh, Secretary, CAQ and other office
staff for their efforts in developing the Implementation Guide. We are sure
that the Implementation Guide would be an essential tool for the capacity
building of our members.

CA. Durgesh Kumar Kabra CA. Shriniwas Yeshwant Joshi

Convenor, Deputy Convenor,
Centre for Audit Quality Centre for Audit Quality

Place: New Delhi

Date: Feb, 2022

vi
 Introduction
The Institute of Chartered Accountants of India
The Institute of Chartered Accountants of India (ICAI) is a statutory body
established by an Act of Parliament, viz., The Chartered Accountants Act,
1949 (Act No. XXXVIII of 1949) for regulating the profession of Chartered
Accountancy in the country. ICAI is the second largest professional body of
Chartered Accountants in the world, with a strong tradition of service to the
Indian economy in the public interest.
Over a period of time, ICAI has achieved recognition as a premier accounting
body not only in the country but also globally, for maintaining the highest
standards in technical, ethical areas and for sustaining stringent examination
and education standards. Since 1949, the Chartered Accountancy profession
in India has grown leaps and bounds in terms of:
• Members and student base.
• Regulate the profession of Accountancy
• Education and Examination of Chartered Accountancy Course
• Continuing Professional Education of Members
• Conducting Post Qualification Courses
• Formulation of Accounting Standards
• Prescription of Standard Auditing Procedures
• Laying down of Ethical Standards
• Monitoring Quality through Peer Review
• Ensuring Standards of performance of Members
• Exercise Disciplinary Jurisdiction
• Financial Reporting Review
• Input on Policy matters to Government
Centre for Audit Quality
The purpose of an independent audit is to provide confidence to the users of
audited financial statements in the quality of financial reports, in particular
their reliability. Improving audit quality and the consistency of audit execution
is essential to maintain confidence in the independent assurance, provided
by the auditors.
In this regard, ICAI decided to open Centre for Audit Quality at ICAI’s
Centre of Excellence, Jaipur which would enable the Institute to have a
more angular discussion on the qualitative aspects of the audit function and
to provide a conducive environment for doing research projects in the field.

viii
 Composition of the Centre for Audit
Quality 2021-22
Council Members
Convenor
CA. Durgesh Kumar Kabra
Deputy Convenor
CA. Shriniwas Yeshwant Joshi
CA. Nihar Niranjan Jambusaria, President, ICAI (Ex-officio member)
CA. (Dr.) Debashis Mitra, Vice-President, ICAI (Ex-officio member)
CA. Atul Kumar Gupta, Past President ICAI
CA. Nandkishore Chidamber Hegde
CA. G. Sekar
CA. Prakash Sharma
CA. Satish Kumar Gupta
CA. (Dr.) Sanjeev Kumar Singhal
Government Nominee
Ms. Ritika Bhatia, Principal Director (Commercial), Office of C&AG
Mr. Atma Sah, Joint Director, Ministry of Corporate Affairs
Special Invitees
CA. T.V. Mohandas Pai, Chairman, Aarin Capital Partners
Secretary, CAQ
CA. Ambalika Singh
Members of office
CA. Renu Jonwal
CA. Tripti Singh
 AQMM Version 1.0
Introduction
Audit Quality is a verb and cannot be easily measured. The need of the hour
is to more away from the traditional approach of enforced regulation to a
modern self-compliant model for our firms. This maturity model will make
the firm future ready.
The maturity of an organization depends on the basis on which it functions as
a whole and the individual activities that sum up. Various factors need to be
evaluated by the firm to understand the level of maturity that they have
achieved in their area of practice. The objective of this Evaluation Matrix is
for firms to be able to self-evaluate their current level of Audit Maturity,
identify areas where competencies are good/lacking and then develop a road
map for upgrading to a higher level of maturity.
The level of scores applies to each section and not to any one section
alone. The audit quality is a derivation of the knowledge, training, experience
and ethics of the members of the firm. This model aims at proving a self-
evaluation matrix for members/firms the current level of maturity, identify
areas for development and plan for achieving higher level of maturity by
enhancing the overall quality of attestation functions.

The adoption of Audit tools should significantly help firms improve their level
of maturity. Adoption of robotics process automation and Data Analytics can
help act as force and speed multipliers for the firm. The firm should aim to
adopt to these new age technologies while undertaking their audit
engagements.

Disclaimer
“Implementation Guide for Audit Quality Maturity Model – Version 1.0 (AQMM
v1.0)” has to be used ONLY for self-evaluation by audit firms of their audit
quality maturity level and taking steps to move up the maturity model.
The results of the self-evaluation conducted should NOT be
published/displayed in any form/manner, until issuance of guidance in this
regard by the ICAI, otherwise, it may be deemed to be a violation of the Code
of Ethics of the Institute of Chartered Accountants of India. However, after
the end of a recommendatory phase, it may be made available on a
specific request basis after adhering to guidance issued by the ICAI in
this regard.
 Applicability of Audit Quality Maturity
Model - Version 1.0 (AQMM v1.0)
The AQMM v1.0 is recommendatory initially and after 1 year the Council
will review the date from which it would become mandatory.
Firms auditing the following entities are covered in AQMM v1.0:
(a) A listed entity; or
(b) Banks other than co-operative banks (except multi-state co-operative
banks); or
(c) Insurance Companies
However, firms doing only branch audits are not covered.
‘Auditing’ in the afore-mentioned paragraph is intended to apply to statutory
audits.
In the Council meeting held on 9th of January, 2021 it was decided that both
the Peer Review Board and the Centre for Audit Quality (CAQ) would need to
develop an ecosystem that is acceptable to both and such a collaborative
approach would have the advantage of the CAQ developing the quality
standards and Peer Review Board testing the said standards. When the
AQMM becomes mandatory, the self-assessment rating exercise of the firm
would be subject to testing by the Peer Review Board.
 AQMM Version 1.0
Section Categorisation
AQMM Version 1.0 comprises a questionnaire that enables firms to rate their
current level of audit maturity, identify areas where competencies are strong
or lacking, and then develop a road map for achieving a higher level of aud it
maturity. AQMM Version 1.0 includes the following dimensions of audit
maturity organized into three sections:
a) Practice Management –Operation
b) Human Resource Management
c) Practice Management-Strategic/Functional

Firm Maturity Rating

Section Reference Total Possible Points

Section 1. Practice Management – Operation 280

Section 2. Human Resource Management 240

Section 3. Practice Management- 80

Strategic/Functional

Total 600

Basis: Up to 25% in each section Level 1 Firm

Above 25% to 50% in each section Level 2 Firm
Above 50% to 75% in each section Level 3 Firm
Above 75% in each section Level 4 Firm

Interpreting the Results

Level 1 - Indicates that the firm is very nascent -will have to take immediate
steps to upgrade its competency or will be left lagging.
Level 2 - Indicates firm has made some progress -will have to fine-tune
further to reach the highest level of competency.
Level 3 - Indicates firm has made substantial progress -will have to fine-tune
further to reach the highest level of competency.
Level 4 - Indicates firms that have made significant adoption of standards
and procedures - Should focus on optimizing further.

xiv
 Implementation Guide
The Audit Quality Maturity Model – Version 1.0 (AQMM v1.0) is a cross-
functional evaluation model for practicing firms covering engagement teams,
firm leadership, IT helpdesks, human resources team, administration
department, legal cell and the management information systems of the firm.
It is a unifying force for having all hands-on deck to help steer the firm from
the brown waters of unplanned audits to the blue waters of being globally
recognized for audit quality.
Competency dimensions mentioned in each Section are targeted to enable
firms to assess their current audit competency for moving to the next level.
To assist professional audit firms to achieve various competency dimensions,
the implementation guide to the AQMM v 1.0 has been issued in the form of
implementation clues. These clues are practical based and are a sort of
handholding for small and medium firms. The Implementation Clues given in
this guide are generic and are minimum requirements under each domain.
The firm is, however, free to adopt other comparable best practices.
The firm would need to develop a Management Information System (MIS) to
be able to collate data from each engagement and do the heavy lifting of
arriving at the average to determine whether it makes it into the ‘yes’ or ‘no’
criteria for being awarded a score respective for an audit quality indicator.
The investment that the firms will make will reap rich dividends to the firm in
the form of improved decision making with respect to its triumvirate
performance in operations, human resources and strategy, all of which
enhance audit quality.
The Yes/No criteria in many instances talk of ‘availability’ and ‘use’ of
standard formats of checklists and engagement documentation. The
firm should allocate 100% of the score (until otherwise specifically
mentioned) for actual implementation and use of the standard formats
of documentation/policies.
Further, the names of some websites have been included as an example to
help the firms. These examples are only illustrative in nature and are not
meant for promoting/ recommending any particular website, and the list is
based on market research conducted by the authors while drafting the clues.
This Implementation Guide is prepared to assist the Professional Accounting
Firms (Firms) in the implementation of the AQMM v1.0 for self-assessing
their audit maturity level. This AQMM needs to be filled in for each firm in a
network even if the firms in the network follow the same SQC, HR and
operational practices, because questions specific to partners will apply only
to the firms where such partners are partners. Completion of this AQMM
requires exercise of professional judgement. Audit firms are required to
maintain documentation justifying the judgement underlying the scores
considered.
Audit firms may complete this AQMM as soon as practicable based on this
Implementation Guide to assess their current standing and plan steps for
enhancement of their maturity as envisaged in the AQMM. Audit firms should
maintain supporting documents to support their scores which should be
made available to inspection teams in case of any inspection.

xvi
 AQMM v 1.0 Road Map for Moving Up
the Next Level of Maturity
Step 1: Benchmarking Benchmark the current maturity
level of the firm by completing the
AQMM v1.0, and document a list of
specific aspects that the Firm is
currently lacking, and which needs
to be initiated to move to the next
level of the Maturity model.
Step 2: Planning Initiatives Convert the initiative to be taken
into an action plan- with timelines
quarterly/annual.
Step 3: Identifying resources and Identify a small cross-functional
execution plan team to own the execution of the
plan, with a leader and make the
execution of the plan, an important
part of the Key Result Areas/KPI of
this team. Define accountability for
reporting progress and challenges
in implementation.
Step 4: Assessing progress Assess the progress by re-
evaluating against the AQMM v1.0
and re-visit the execution plan half-
yearly.
Step 5: Perform a peer review/ The firm may have its AQMM
voluntarily reviewed by an external
review by an external firm /
firm or a peer review or internal
internal inspection, if necessary
inspection and assess the position
at periodical intervals. It is
recommended to perform peer
review on a regular basis by
external firms or at the time when
the firm ascends to the next level.
 Contents
Foreword ............................................................................................................. iii
Preface ................................................................................................................. v
Introduction......................................................................................................... vii
Composition of the Centre for Audit Quality 2021-22 .......................................... ix
AQMM Version 1.0 ............................................................................................... x
Applicability of Audit Quality Maturity Model - Version 1.0 (AQMM v1.0) ........... xii
AQMM Version 1.0 ............................................................................................ xiii
Implementation Guide ........................................................................................ xv
AQMM v1.0 Road Map for Moving Up the Next Level of Maturity .................... xvii
1. Practice Management - Operation .......................................................... 1
1.1 Practice Areas of the firm ................................................................ 1
1.2 Work Flow – Practice Manuals........................................................ 3
1.3 Quality Review Manuals or Audit Tool .......................................... 11
1.4 Service Delivery – Effort monitoring .............................................. 22
1.5 Quality Control for engagements .................................................. 25
1.6 Benchmarking of service delivery ................................................. 37
1.7 Client Sensitisation........................................................................ 41
1.8 Technology Adoption .................................................................... 43
1.9 Revenue, Budgeting and Pricing................................................... 49
2. Human Resource Management ............................................................ 52
2.1 Resource Planning & Monitoring as per the firm’s policy .............. 52
2.2 Employee Training and Development ........................................... 55
2.3 Resources Turnover and Compensation Management................. 62
 2.4 Qualification Skill Set of employees and use of Experts ............... 72
2.5 Performance evaluation measures carried out by the firm (KPI’s) 74
3. Practice Management – Strategic/Functional ..................................... 83
3.1 Practice Management ................................................................... 83
3.2 Infrastructure – Physical & Others ................................................ 85
3.3 Practice Credentials ...................................................................... 91
 Section 1
Practice Management - Operation
1.1 Practice Areas of the firm
How to score your firm?
Competency Basis Score Criteria Score Max
Basis Scores
1 Practice Management – Operation

1.1. Practice Areas of the Firm

I Revenue from audit i. Minimum revenue of (i) 50% to 8

and assurance 50% of the total 75% –
services. revenue from audit 5
and assurance Points
services such as (ii) Above
statutory audit, tax 75% –
audit, internal audit, 8
GST audit, Forensic Points
audit, Sustainability
audit, social audit,
etc., is considered
specialisation, when
consistently
witnessed for a
period of 3 years.
(Exception applies
only in case of
acquisition of
another firm or a
group of
professionals).

Ii Does the firm have a i. Scoring based on For Yes – 4 4

vision and mission Presence and Points
statement? Does it implementation or For No – 0
address Forward not. Answers: Point
looking practice Yes/No
statements/Plans?
Total 12
Implementation Guide for Audit Quality Maturity Model – Version 1.0

It is to be noted that although the AQMM v1.0 is itself applicable to firms

performing a statutory audit of specified entities, this framework provides
impetus to the firms which are having specialization in the field of audit
including statutory audit, tax audit, internal audit, GST audit, Forensic audit,
sustainability audit, social audit, etc. The firm would assess specialization
based on revenue earned from the audit and assurance areas of a firm. It
may be argued that a firm with hypothetically only one client and that too a
listed entity may qualify for eight points, but for the entire panorama of firms,
this would hypothetically again speaking be a minuscule phenomenon that
would be ironed out easily over time.
An audit firm may have different practice areas such as Accounting, Auditing,
and Taxation etc. However, some audit firms may have specialization in one
area or the other.
(i) Revenue from Audit and Assurance Services
The firm would be collating certain revenue information, such as revenues by
service line (e.g., audit, tax, consulting, and other). For example, an audit
firm in which most revenues are generated from audit services (such as
statutory audit, tax audit, internal audit, GST audit, Forensic audit,
sustainability audit, social audit etc.) should be considered as a specialized
firm. The bands of 50 to 75% revenue from audit attract 5 points and more
than 75% revenue from audit attracts 8 points.
Note: The above criteria shall not be applicable in the case of
acquisition of another firm or group of professionals.
(ii) Vision and Mission Statement of the Firm
. The tone at the top is very important as it sets forth the firm’s culture and
values. The vision and mission statement of the firm helps to unite all the
firm’s workforce into a committed team in which each team member can see
his or her goal and eventual outcome of well-planned work. The firm
personnel should be firmly rooted in ethics, knowledge, training and practical
experience.
The vision statement may have a 5-year term plan which sees the firm
progressing from one step to another. The vision statement should have a
medium to long term perspective. In the present times only professional
ethics, independence and greater use of technology and dialogue with client
management and those charged with governance will stand an auditor in
good stead.

2
 Practice Management - Operation

The mission statement could stress quality or ethics or best in class

reporting. The mission is what is most important for a firm to achieve. It is
what is ‘material’ to the firm and a firm would judge itself based on this
materiality threshold.
The firm gets 1 point for having a Vision and Mission statement and 3
points for actually implementing the same.

1.2 Work Flow – Practice Manuals

How to score your firm?
Competency Basis Score Criteria Score Max
Basis Scores
1.2. Work Flow - Practice Manuals
i. Presence of Audit Scoring based on For Yes – 8 8
manuals containing Presence or Not. Points
the firm's Answers: Yes/No For No – 0
methodology that Point
ensures compliance
with auditing
standards and
implementation
thereof.
ii. Availability of Scoring based on For Yes – 8 8
standard formats Presence or Not. Points
relevant for audit Answers: Yes/No For No – 0
quality like - Point
- Letter of
Engagement
- Representation
letter
- Significant
working papers
- Reports and
implementation
thereof.
Total 16

(i) Presence of Audit Manual

The presence of Audit manuals containing the firm's methodology that is

3
Implementation Guide for Audit Quality Maturity Model – Version 1.0

updated and current ensures compliance with auditing standards and

implementation thereof. The adoption of audit manual could be in physical or
electronic mode and will award 8 scoring points for the availability of a
current and updated manual.
An Audit manual is a written document that lays out the policies and
procedures that a firm must follow while conducting an audit. Audit
methodologies are the sets of processes to comply with the standards on
auditing and improve the overall quality of service. There are four stages in
an audit methodology- starting from preliminary risk assessment, followed by
planning, control and substantive testing, ending with assessment and
communication of audit findings, and relevant and reliable reporting.
However, these phases cannot exist in the absence of well-documented and
well-communicated audit policies and procedures, which make up the audit
manual. The Audit manual should join all the dots from the client and
engagement acceptance to the closing meeting with the client.
A well-documented audit manual outlines the authority and scope of the audit
function. There are various auditing standards in place, alongside the
guidance notes prescribed by the ICAI. Documenting the requirements of the
auditing standards constitutes effective quality assurance practice. The audit
manual will act as a cohesive guide to promote consistency, stability,
continuity, acceptable performance standards, and act as a means of
coordinating the efforts of audit staff effectively.
Although an audit manual is an extensive compilation of resource material
intended to be used by audit staff, a well-developed and appropriately
communicated audit manual can:
1. Serve as a guide to those responsible for audit activities
2. Represent a key benchmark by which audit can be measured
3. Be a reference for undertaking an audit assignment
4. Aid in making effective decisions
5. Assist in undertaking staff appraisals, training, and development
6. Enhance quality of service and staff productivity
7. Assist in clarifying audit issues and audit staff job routines
Not to mention when faced with the Peer Review Board, the first item the

4
 Practice Management - Operation

peer reviewer will ask for is information to help him or her understand the
firm's audit function. In such cases, an audit manual can be a lifesaver.
Contents of the Audit Manual
In many firms, the content already exists and would only require a dedicated
effort to bring it all together into one centralized policies and procedures
manual, with regular review and maintenance. An audit manual typically is
divided into below-mentioned sections:
• The Audit Profession, its advantages, limitations, quality of good
auditor, various type of audit and related material on pronouncements
of ICAI like, The Auditing and Assurance Standards, Accounting
Standards, Guidance notes and Statements.
• Scope of audits and modifications as per the requirement of statute,
phases and function of audits.
• Implementation of standards of quality control and other regulatory
requirements in the case of LLPs.
• Organization structure and set up of master audit plan to be followed
in each audit with required modifications.
• Audit procedures and techniques covering audit process, audit
software, engagement planning, audit fieldwork, audit reporting, audit
effectiveness questionnaire, follow-up information, operational
auditing, IT systems auditing, and fraud auditing and investigation.
• Audit staff resources, which describes staff levels, job descriptions,
article training and development, transfers, contractual staffs and use
of other resources.
• Audit Administration comprises staff meetings, intranet, acquiring
routine and capital items, department's budget and monthly
performance reports, annual reporting, staffing and management
surveys, and benchmarking and key performance indicators.
• Reference Material Acronyms; glossary; control risk and resources;
audit manual maintenance; and audit library.
This is just an illustrative list, an audit manual with this basic information can
prove to become a powerful tool for a high-quality sustainable and well-
respected audit function.

5
Implementation Guide for Audit Quality Maturity Model – Version 1.0

An audit manual should be kept constantly updated. Staying current and

making necessary changes should form part of follow-up processes with
respect to change in the environment in which the firm exists. An outdated or
obsolete audit manual will not bring the desired results as expected by the
Audit Quality Maturity Model – Version 1.0.
(ii) Standardized formats for relevant documents
The scoring will be determined on the presence and implementation of below
mentioned standardized formats and the firm will be awarded 8 points:
─ Letter of Engagement (LOE)
─ Representation letter
─ Significant working papers
─ Reports
The said formats should be easily made available to all members of the firm
either through email or better still by being hosted on an easily accessible
folder for standard formats.
Letter of Engagement (LOE)
The ICAI has approved the illustrative format of the engagement letter, also
known as LOE – Letter of Engagement, issued by Auditing and Assurance
Standard boards for audit of Financial Statements under the Companies Act,
2013 and the Rules thereunder, in its council meeting held on November
2014. These illustrative formats had been added to Appendix 1 ‘Examples of
an Audit Engagement Letter’ of Standard on Auditing (SA) 210 Agreeing the
Terms of Audit Engagements, issued by ICAI. Each firm is expected to take
references from the same or can draft their format on similar lines.
Representation Letters
SA – 580 Written Representations, vastly covers the management
representation letter and the illustrative format of the representation letter
has been provided in the appendix of the material issued by ICAI. The firm is
advised to either follow the same or develop its own on similar guidelines.
However, a standard format must be used.
Significant work papers
The audit work papers constitute two types of files- Permanent and Current.
The following are the list of contents that forms part of a good quality audit

6
 Practice Management - Operation

file:
Permanent File
Following should constitute contents of the permanent file, apart from the
above two letters.
1. Correspondence from the retiring auditor
2. Copies of Memorandum and Articles of Association in case of
corporate entities or partnership agreement in case of partnership firm
or. Act, Regulation, by-laws, trust deeds, as applicable under which
the entity functions.
3. Documentation of background and organization structure of the entity
being audited.
a. Nature and history of the business
b. Profile of ownership
c. Registered office details
d. Management structure including organization chart. Industry
specification the reference to client's size, economic factors
affecting the industry, seasonal fluctuations and demands.
e. Facility locations, plant capacity, owned or leased, age, capital
expenditures budget, etc.
f. Products specifying diverse range along with classification.
g. Purchase details, main suppliers, policies
h. Inventory norms, inventory levels during the last five years and
related ratios
i. Sales details including exports, main customers, methods of
distribution, pricing policies, credit policy.
j. Personnel showing numbers, analyses by departments or
function, method of remuneration, contracts, union agreements,
HR policy.
k. Significant audit observations of the past.
l. Statistical information showing 5 years comparison of
performance indicators (major accounting ratios) vis-à-vis

7
Implementation Guide for Audit Quality Maturity Model – Version 1.0

industry statistics.
4. Systems (For larger audits this section could be held on a separate
file)
Information contents: -
a. Details of methods of accounting including cost accounting,
flowcharts
b. Specimens of accounting documents, code structure and list of
accounting records
c. EDP - systems security, source code security, authorization and
backup policy.
5. Group structure consisting of subsidiaries, joint ventures, associates
etc.
6. List of professional advisors like bankers, auditors, solicitors,
investment analysts, Registrars and Credit Rating Agencies.
7. Details of other client information of a permanent nature
It is recommended to have a permanent file to be kept as a separate file or
part of the current audit file in a separate section such that it can be carried
forward to subsequent years.

Current File
The Auditor firm should document the following with respect to every audit
being conducted by it:
1. Preliminary understanding of the client business and entity achieved
through preliminary overall analytical analysis of the financial
statements and discussion with management
2. Risk assessment and mapping of the risks to an appropriate response
3. Planning Materiality based on financial metrics which are material to
the users of the financial statements
4. Audit Plan
a. Planning programme
b. Time and cost summary

8
 Practice Management - Operation

c. Briefing notes
d. Copy of planning letter to client
e. Points carried forward from previous year
5. Documentation of Audit items which are of utmost significance and
processes used for deriving sufficient and appropriate audit evidence
includes:
a. Lead Schedules
b. Audit programme
c. List of significant accounts, class of transactions and strategy of
control and substantive testing
d. Detailed working paper and conclusion, it comprises
documentation of test of controls and where relevant test of
details
e. Audit queries raised and explanations received thereto
f. Third-Party confirmation sent and received or alternative
substantive audit procedures performed in absence of
confirmations
g. Weakness or deficiency identified, and letter of material
weakness sent to the client.
6. Audit work papers
a. Schedules
b. Trial Balances
c. Cross-reference to audit work performed
d. Linking the audit work papers with figures flowing from the trial
balance and leading to the lead schedules and signed financial
statements
e. Work done notes should be included in the working paper.
For example, the objective of the work may be documented as “To
enhance our understanding that the xxxxx assertions of xxxxxxxxxxx
are not materially misstated”. After the objective is set out, the work
done note should be detailed, followed by the findings and

9
 Implementation Guide for Audit Quality Maturity Model – Version 1.0

conclusions. Errors identified should throw up control issues- whether

it is a deficiency in the design or operative effectiveness. Material
weaknesses in internal controls should be communicated to
management and those charged with governance.
7. Key Audit Observations and internal control findings etc.
8. Extract of a meeting of strategic importance like directors meeting,
members meeting, risk function, legal function, audit committee
meeting, investment and other board committee meetings.
9. Industry reports published by regulators like RBI and performance
indicators collected that have bearing on nature, timing and extent of
substantive testing performed by the auditor.
10. Evidence of performance of Engagement Quality Control Review in
accordance with SA 200 and SQC 1.
11. Audit Report and financial statements, including drafts thereof, as
applicable.
12. Contracts, Agreements, and Minutes
a. Lease Agreements, photocopies/extracts of the same
b. Title Deeds inspected by Auditors.
c. Minutes of compliance significance e.g., director’ meeting,
members’ meeting
d. Related party details and other important matters.
e. Minutes of meetings of the risk assessment function of the
client
f. Minutes of meetings of the legal function of the client if any
13. Documentation of background and organization structure of the entity
being audited
a. Annual Client and Engagement Acceptance/ Continuance
check
b. Signed Engagement Letter
c. Determination of audit fees based on time and expense
estimate

10
 Practice Management - Operation

d. Management Representation Letter

e. Bank Confirmations
f. Significant Debtor and Creditor Confirmation
g. Legal opinions taken
h. Signed financial statements
i. Copy of Audited Financial Statement for previous years if it
exists.
j. Study and evaluation of internal controls related to an
accounting system.

Audit Reports
SA 700 Forming an Opinion and Reporting on Financial Statements issued
by Auditing and Assurance Standards Boards, lays down the format and
items to be covered while forming an independent audit opinion. Every
practicing organization is required to adhere to the same. The Appendix had
been attached to the material issued by the ICAI and can be easily referred
to. Also reporting with respect to CARO rules shall be made as per the
applicability and format specified in the Companies Act, 2013.

1.3 Quality Review Manuals or Audit Tool

How to score your firm?
Competency Basis Score Criteria Score Max
Basis Scores
1.3. Quality Review Manuals or Audit Tool
i. Usage of Client Scoring based on For Yes – 4 4
Acceptance/engagem Presence or Not. Yes/No Points
ent acceptance Answers For No – 0
checklists and Point
adequate
documentation
thereof.
ii. Evaluation of Scoring based on For Yes – 4 4
Independence for all Presence or Not. Yes/No Points
engagements Answers For No – 0

11
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Max

Basis Scores
(partners, managers, Point
staff, trainees) based
on the extent
required. The firm
must identify self-
interest threat,
familiarity threat,
intimidation threat,
self- review threat,
advocacy threat and
conflict of interest.
iii. Does the Firm Scoring based on For Yes – 4 4
maintain and use the Presence or Not. Yes/No Points
engagement Answers For No – 0
withdrawal/ rejection Point
policy, templates,
etc.?
iv. Availability and use of Scoring based on For Yes – 4 4
standard checklists in Presence or Not. Yes/No Points
performance of an Answers For No – 0
Audit for Compliance Point
with Accounting and
Auditing Standards.
v. Availability and use of Scoring based on For Yes – 4 4
standard formats for Presence or Not. Yes/No Points
audit documentation Answers For No – 0
of Business Point
Understanding,
Sampling basis,
Materiality
determination, Data
analysis, and Control
Evaluation.
vi. Are the documents Scoring based on For Yes – 4 4
related to Quality Presence or Not. Yes/No Points
Control mentioned Answers For No – 0
from (i) to (v) above Point
reviewed and updated
on a frequent basis
(say annually) or with
each change in the

12
 Practice Management - Operation

Competency Basis Score Criteria Score Max

Basis Scores
respective regulation
or statute and
remedial action
taken?
Total 24

Quality Review Manual

The quality review manual deals with a firm’s responsibilities to review its
system of quality control for audits and reviews of financial statements, and
other assurance and related services engagements. This manual is
established to ensure that necessary controls are in place and the same has
been properly implemented, monitored and potential ways of strengthening,
improving and enlarging the controls are identified. This Manual is to be read
in conjunction with the requirements of the related Regulations, the Code of
Ethics and other relevant pronouncements of the Institute. The objective of
the Quality review manual is that a firm is required to maintain a system of
quality control to provide it with reasonable assurance that (a) the firm and its
personnel comply with the professional standards and applicable legal and
regulatory requirements and (b) the reports or certificates issued by the firm
or engagement partners are appropriate in the circumstances.
The nature and extent of a firm’s quality control policies and procedures to
comply with this Manual will depend on several factors such as the size and
nature of its practice, operating characteristics, geographic dispersion of the
organization. Accordingly, the policies and procedures adopted by individual
audit firms vary, so also the extent of their documentation.
Audit Tools
There are many Audit Tools available which can be used by audit firms to
maintain the quality of audit. Audit tools and training on those tools go hand
in hand. They require time and money. It depends on the audit firms how
they make use of these audit tools effectively and efficiently.
(i) Engagement and Client acceptance/ Continuation
An evaluation of prospective clients and a review, on an ongoing basis, of
existing clients should be conducted annually. The decision of acceptance
should be reviewed periodically for recurring client engagement. The integrity

13
Implementation Guide for Audit Quality Maturity Model – Version 1.0

of management and those charged with governance should be reviewed from

multiple sources like the Electoral database, MCA website, data.gov.in and
other data warehouses.
Before agreeing to the engagement, a firm must ensure that it has the
requisite talent to take on the job i.e., the engagement team has appropriate
competencies as well as the required industry knowledge. The firm should
use the standard checklists and have adequate documentation of the Client
and engagement acceptance/ continuation.

14
 Practice Management - Operation

(ii) Evaluation of Independence for all engagements and

Identification of various threats to the firms
The evaluation of Independence must be carried out for all engagements and
it should be carried out for all partners, managers, staff and others in the
Engagement Team and also the EQCR and specialists involved in the audit.
Some firms could have stricter independence rules where all employees of
the firm need to be independent of the client of the firm even when they are
not client-facing. This would depend on the firm’s policies but as a minimum,
the client-facing staff needs to be independent of the audit client.
It is a prerequisite for the audit firms to evaluate that they are accepting the
audits as an independent auditor and performing their duties without any
biases that they may be unintentionally carrying. The auditor must both be
and appear to be independent. The judgements of the individuals must be
free from all economic, financial and other relationships. Acceptance of
expensive gifts by firm personnel from the clients is not acceptable.
Independence shall be maintained during both:
(a) The engagement period; and
(b) The period covered by the financial statements.
The engagement period starts when the audit team begins to perform the
audit. The engagement period ends when the audit report is issued. When
the engagement is recurring in nature, it ends at the later of the notification
by either party that the professional relationship has ended or the issuance of
the final audit report. Where the audit client is a statutory audit client under
the Companies Act, 2013, the engagement period shall be determined in
accordance with the provisions of Section 139 of the Companies Act, 2013.
If an entity becomes an audit client during or after the period covered by the
financial statements on which the firm will express an opinion, the firm shall
determine whether any threats to independence are created by: (a) Financial
or business relationships with the audit client during or after the period
covered by the financial statements but before accepting the audit
engagement; or (b) Previous services provided to the audit client by the firm
or a network firm.
The firm must identify threats to the engagement if any before accepting the
new client relationship. Threats to independence are created if a non-
assurance service was provided to an audit client during, or after the period

15
Implementation Guide for Audit Quality Maturity Model – Version 1.0

covered by the financial statements, but before the audit team begins to
perform the audit, and the service would not be permitted during the
engagement period.
Subject to compliance with the requirements of Section 144 of the
Companies Act, 2013, where applicable, examples of actions that might be
safeguards to address such threats include:
▪ Using professionals who are not audit team members to perform the
service.
▪ Having an appropriate reviewer review the audit and non-assurance
work as appropriate.
▪ Engaging another firm outside of the network to evaluate the results of
the non- assurance service or having another firm outside of the
network re-perform the non-assurance service to the extent necessary
to enable the other firm to take responsibility for the service.
Threats to compliance with the fundamental principles fall into one or more of
the following categories:
(a) Self-interest Threat
It is the threat that a financial or other interest will inappropriately influence a
professional accountant’s judgment or behavior. It occurs when an auditing
firm and its partners could benefit from a financial interest in an audit client. It
could be (i) direct financial interest or materially significant indirect financial
interest in the client, loan or guarantee to or from the concerned client, (ii)
undue dependence on a client’s fees which leads to concerns about losing
the audit engagement, (iii) Close business relationship with an audit client (v)
contingent fee for the audit engagement etc.
(b) Self-review threat
It is the threat that a professional accountant will not appropriately evaluate
the results of a previous judgment made; or an activity performed by the
accountant, or by another individual within the accountant’s firm or employing
organization, on which the accountant will rely when forming a judgment as
part of performing a current activity. It may occur when the audit team
member was previously a director or a senior employee of the client and
concluded or reached any judgement having a review during the current
period. These threats come into play when the auditor of the engagement

16
 Practice Management - Operation

team was previously appointed at a client’s place as a senior employee or a

director.
Self-review threat can also arise when a firm has performed say an
accounting advisory and also performed an audit, albeit with different
partners but having the same reviewer for both the advisory and audit
engagements. The firms may argue that for the advisory assignment the
accounting policy choices were clarified and presented to the management
and those charged with governance and the final accounting policy choice
was made by the management/ those charged with governance. However,
for want of technical resources, the review of the accounting advisory
assignment and the engagement quality review of the audit assignment was
done by one individual partner. This practice leads to circular referencing and
should be avoided entirely.
(c) Advocacy Threat
It is the threat that a professional accountant will promote a client’s or
employing organization’s position to the point that the accountant’s objectivity
is compromised.
(d) Familiarity threat
It is the threat that due to a long or close relationship with a client, or
employing organization, a professional accountant will be too sympathetic to
their interests or too accepting of their work. This threat occurs when auditors
form a relationship with the client and they end up being too sympathetic to
the client’s interest. This threat can occur in many ways like acceptance of
gifts from the client or former partner of the audit firm being a director or
senior employee of the client, etc.
(e) Intimidation Threat
It is the threat that a professional accountant will be deterred from acting
objectively because of actual or perceived pressures, including attempts to
exercise undue influence over the accountant. For example, an auditor might
be put under undue pressure or threat that will influence his independence
and objectivity to complete the engagement without any bias. In times like
these, the auditor should communicate in writing to those charged with
governance in a timely fashion and highlight the issues being faced in
execution of the engagement.

17
Implementation Guide for Audit Quality Maturity Model – Version 1.0

(f) Conflicts of Interest

A conflict of interest creates threats to compliance with the principle of
objectivity and might create threats to compliance with the other fundamental
principles. Such threats might be created when:
(a) A professional accountant undertakes a professional activity related to
a particular matter for two or more parties whose interests concerning
that matter conflict; or
(b) The interest of a professional accountant concerning a particular
matter and the interests of a party for whom the accountant
undertakes a professional activity related to that matter conflict. A
party might include an employing organization, a vendor, a customer,
a lender, a shareholder, or another party.
Before agreeing to the engagement terms for the audit engagement, one
must evaluate potential conflicts of interest.
As required by SQC 1, at least annually, the firm should obtain written
confirmation of compliance with its policies and procedures on independence
from all firm personnel required to be independent in terms of the
requirements of the Code.
(iii) Does the Firm maintain and use Engagement withdrawal/
rejection policy, templates, etc.
For an audit firm, it may be important to maintain and use the policy
regarding various client engagement or withdrawal from engagement as it
may provide an indication about the profile of the companies for which an
audit firm provides audit services. It also provides clarity about the
parameters on which an audit firm accepting a new client or rejecting the old
one.
By choosing ethical clients, the audit firm would succeed significantly in
maintaining a high audit quality status.

18
 Practice Management - Operation

(iv) Availability and use of standard checklists in performance of an

audit for compliance with accounting and auditing standards
Checklists are the most important part while performing the assurance
engagement. The audit firm or the assurance partner may maintain the same
based on the industry or nature of the business for which the assurance
services are being rendered, as applicable/ relevant. The checklist helps in
the performance of an Audit which checks for Compliance with Accounting
and Auditing Standards. Checklists are the most important part while
performing the assurance engagement.
(v) Availability and use of standard formats for audit documentation
As per the Standard on Auditing (SA) 230 “Audit Documentation” lays down
the basic principle of audit documentation. Audit documentation refers to the
record of the procedures performed, relevant audit evidence obtained, and
conclusions reached by the auditor. As timely audit documentation is
important for assurance engagement it is also important to have a standard
format for those documents. An audit firm should maintain and use a set of
standard formats for the documentation of the ongoing audit that must
include the following :
(a) Business understanding – An audit firm should follow the standard
format for documenting the nature and understanding of the business.
A good understanding of the business and its environment helps the
auditor to identify the risks being faced by an organization. The firm
should have a standard audit documentation format which helps
capture the legal, economic, financial, political, social, supply chain,
customers, competitors, structural aspect of the entity to get a 360-
degree view of the organization.
Most importantly this documentation should be done in a timely
manner.
(b) Audit sampling – The application of audit procedures to less than
100% of items within a population of audit relevance such that all
sampling units have a chance of selection in order to provide the
auditor with a reasonable basis on which to draw conclusions about
the entire population.
(c) Materiality Determined – The materiality concept applies in both
quantitative and qualitative measures. It is determined based on what

19
Implementation Guide for Audit Quality Maturity Model – Version 1.0

could potentially impact the decisions of users. Materiality threshold

themselves may change because of misstatements which impact the
very base they are based upon- say revenue.
Materiality helps to pick and set aside the misstatements that can
impact the economic decisions of the users of the financial statements.
Does the auditor’s job end with the identification and extrapolation of
potential misstatement in the financial statements? The answer is No.
Errors could throw up control issues and it should be deliberated with
management and those charged with governance whether the error is
due to a defect in design or due to lack of operative effectiveness.
A standard format should be used for documentation of materiality and
it should be updated during the audit. The Summary of audit
adjustments should also carry the materiality thresholds.
(d) Substantive analytical procedures – Substantive analytical
procedures provide appropriate audit evidence but need to be
complemented with the sufficiency of audit evidence. The overall
analytical procedures can be performed at the planning meeting stage
and reasons for deviations may be recorded. These should be tested
through substantive procedures which test the analytical arguments.
Hence the term ‘substantive analytical’ procedure. A set of standard
formats for analyzing the data gathered may be made available within
the firm and to every engagement partner of the firm.
(e) Control Evaluation –. Section 143(3)(i) of the Companies Act, 2013
mandates auditor’s reporting on the adequacy and operating
effectiveness on internal financial controls in respect of the financial
statements of all companies, other than certain exempt companies.
The firm should have standard formats for documenting the
walkthrough of a class of transactions and its related controls. The
documentation format should document the ‘what could go wrongs’
identified by a firm and the controls that the firm has in place for
mitigating those risks of ‘what could go wrongs.
The control should be documented as a ‘preventive’/ ‘detective’
control/ IT general/ IT application-level control and whether it is a
manual or an automated one. If the design of the control meets the
passing mark the auditor should test the control for its operative
effectiveness. The documentation of the control evaluation should also

20
 Practice Management - Operation

document the findings and conclusion for determining the strategy of

substantive testing.

(vi) Are the Quality control-related documents mentioned from (i) to

(v) above reviewed and updated on a frequent basis (say
annually) or with each change in the respective regulation or
statute and remediation action taken?
The firm needs to keep its quality control-related standard document formats
updated, at least annually or whenever there is a change in regulation or
statute. The said formats should be easily made available to all members of
the firm either through email or better still by being hosted on an easily
accessible folder for standard formats. The firm should take remediation
action in case it falters on the usage of the audit quality manual or use of an
audit tool.
The scores in relation to the questions in this topic will be distributed equally
between availability and implementation. Scores for availability and
implementation should be awarded only if the material relevant to the topic is
fully available and implemented. No score should be awarded if either the
availability or implementation is partial.

21
Implementation Guide for Audit Quality Maturity Model – Version 1.0

1.4 Service Delivery – Effort monitoring

How to score your firm?
Competency Basis Score Criteria Score Max
Basis Scores
1.4 Service Delivery - Effort monitoring
i. Does the firm carry Scoring based on For Yes – 4 4
out a Capacity Presence or Not. Yes/No Points
planning for each Answers For No – 0
engagement? Point
ii. Is a process of Scoring based on For Yes – 4 4
Budgeting & Planning Presence or Not. Yes/No Points
of efforts required Answers For No – 0
maintained Point
(hours/days/ weeks)?
iii. Are Budget vs Actual Scoring based on % of Up to 10% – 20
analysis of time and engagements in which the 0 Point
effort spent carried compliance with budget More than
out to identify the vs actual is carried out 10% and up
costing and pricing? to 30% – 4
Points
More than
30% and up
to 50% – 8
Points
More than
50% and up
to 70% – 12
Points
More than
70% and up
to 90% – 16
Points
More than
90% – 20
Points

22
 Practice Management - Operation

Competency Basis Score Criteria Score Max

Basis Scores
iv. Does the firm deploy Scoring based on For Yes – 8 8
technology for Presence or Not. Yes/No Points
monitoring efforts Answers For No – 0
spent - Utilisation of Point
tools to track each
activity (similar to
Project management -
Say timesheets, task
management, etc.)?
Total 36

(i) Capacity Planning

Capacity planning is a process to allocate proper audit staff by the
engagement partners based on nature, time and extent of audit procedures
estimated as required for the audit. It is very important to create a budget for
time, cost and resources and recording any deviation from the same in the
files for conducting a good quality audit. Any under or over estimation in
planning the capacity will result in inefficiency in the audit process. Hence, it
is advised to do proper capacity planning to facilitate high-quality audit
reports.
(ii) Process of Budgeting & Planning of efforts
Determination of nature, timing and extent of audit procedures is very likely
to depend on the nature of the audit risks. The firm may create a budget for
the estimation of the time required to successfully conduct the audit.
Personnel tend to perform well when they have timelines assigned to the
task they are undertaking. So, there may be a system in place for creating
such budgets in terms of hours/days/weeks for a firm to score a point to
qualify as a good quality audit firm. The budget could typically capture the
hours that would be spent by various levels of employees and by the partner
based on the risk-based audit strategy expected for the engagement. The
charge-out rates as per the firm guidelines should be captured. Again, these
rates should be easily accessible to the firm personnel so that errors and
wishful thinking are avoided.
The firm should have an MIS system in place which would collate the track
record of each engagement.

23
Implementation Guide for Audit Quality Maturity Model – Version 1.0

(iii) Are Budget vs Actual analysis of time and effort spent carried out
to identify the costing and pricing?
Firms must have a system in place to ensure that the timesheets are
submitted weekly or fortnightly so that client chargeable hours can be
captured on a timely basis and billings done to the client based on the work
completed. Timely submission of timesheets could be built into the
performance appraisal of the firm’s employees and partners to ensure
healthy MIS reporting.
Reporting to the manager or engagement partner must be done by audit
team members if material deviations from the budget are found. Timely
interactions with management should be held in such cases to identify areas
where the firm can improve its planning and performance or where the client
can improve. All significant deviations from budgeted time, cost, or staff
requirements should be fully described in files. These findings significantly
help the firm become more efficient with their resources’ time and effort.
Scores allocated to this requirement signifies the importance of having this
system of control in place within the organization, and the firm which applies
this technique in more than 90% of its engagements get a score of 20 points.
(iv) Deployment of technology to monitor the efforts spent
Does the firm deploy technology for monitoring efforts spent - Utilisation of
tools to track each activity (like Project management - Say timesheets, task
management, etc.)? DCMM Version 2.0 may be referred to arrive at the
technical maturity of the firm.
Firms should implement a system of recording automated dates and
timesheets to ensure proper assessment and keep track of the work done by
the audit staff. It just not helps in monitoring audit as it progresses but acts
as a personnel appraisal tool too. A firm should promote the regular filing of
timesheets by the audit staff and employees as well for better internal control
checks.
This score is awarded if the engagement partner and engagement manager
use technology for monitoring the staff efforts.

24
 Practice Management - Operation

1.5 Quality Control for engagements

How to score your firm?
Competency Basis Score Criteria Score Basis Max
Scor
es
1.5 Quality Control for engagements
i. Does the firm have a Scoring based on For Yes – 8 8
Quality review for all Presence or Not. Yes/No Points
listed audit Answers For No – 0
engagements as per Point
para 60 of the SQC-1 ?
Is there a document of
time spent for review
of all engagements?
ii. Total engagements Scoring based on % of Up to 10% – 0 20
having concluded to be quality review with overall Point
satisfactory as per engagements of the same More than
quality review vs No. of nature. 10% and up to
engagements quality 30% – 4
reviewed. Points
More than
30% and up to
50% – 8
Points
More than
50% and up to
70% – 12
Points
More than
70% and up to
90% – 16
Points
More than
90% – 20
Points
iii. No. of engagements Scoring based on % of 10% to 30% – 20
without findings by engagement meeting 4 Points
ICAI, Committees of quality review standards More than
ICAI and regulators with overall engagements 30% and up to

25
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Basis Max

Scor
es
that require significant of the same nature. The 50% – 8
improvements. percentage of Points
engagements meeting More than
quality review standards 50% and up to
would be based on 70% – 12
findings vis-à-vis the Points
selection and not findings More than
vis-à-vis the total number 70% and up to
of engagements. The 90% – 16
point-based system would Points
be based on significant
More than
findings alone and
90% – 20
recommendatory findings
Points
would serve as a
roadmap for
improvement.
iv. Documentation of the Scoring based on For the 12
firm in accordance with Presence or Not (Yes/No presence of
SQC 1. Answers) in the below documentation
mentioned areas: in the critical
(a) Leadership areas of
responsibilities for Ethical
quality within the requirements,
firm Acceptance
and
(b) Ethical
continuance of
requirements
client
(c) Acceptance and relationships
continuance of and specific
client relationships engagements,
and specific and
engagements
Engagement
(d) Human resources performance –
(e) Engagement 6
performance Points
(f) Monitoring For the
presence of
documentation
in the areas of
Leadership

26
 Practice Management - Operation

Competency Basis Score Criteria Score Basis Max

Scor
es
responsibilities
for quality
within the firm,
Human
resources, and
Monitoring – 6
Points
v. Does the firm have Scoring based on For Yes – 8 8
Accounting and Presence or Not. Yes/No Points
Auditing Resources in Answers For No – 0
the form of soft copies Point
of archives Q&As, firm
thought leadership, a
dedicated/ Shared
Technical desk?
vi. Is appropriate time Scoring based on For Yes – 12 12
spent on Presence or Not. Yes/No Points
understanding the Answers For No – 0
business, risk Point
assessment and
planning an
engagement?
Have risks been
mitigated through
performance of audit
procedures?
Total 80
The audit firm should establish a system of quality control designed to
provide it with reasonable assurance that the firm and its personnel comply
with professional standards and regulatory and legal requirements and that
reports which have been issued by the firm or engagement partner(s) are
appropriate in the circumstances. Standard on Quality Control (SQC) 1
Quality Control for Firms that Perform Audits and Reviews of Historical
Financial Information, and Other Assurance and Related Services
Engagements applies to all firms.
(i) Does the firm have a Quality review for all listed audit
engagements as per para 60 of SQC-1? Is there a document of
time spent for review of all Engagements?

27
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Quality Review aims to assess the quality of all the audits of the financial
statements of listed entities. Quality Review is directed towards the
evaluation of audit quality and adherence to various statutory and other
regulatory requirements. The time spent report of the firm personnel should
allocate the time spent on the engagement to the engagement chargeable
code so that the cost of the engagement can be tracked properly and
completely and matched with the revenue from the engagement.
Engagement quality control reviewer could be a partner, other people in the
firm, suitably qualified external person, or a team made up of such
individuals, with sufficient and appropriate experience and authority to
objectively evaluate, before the report is issued, the significant judgments the
engagement team made and the conclusions they reached in formulating the
report. However, in case the review is done by a team of individuals, such a
team should be headed by a member of ICAI.
(ii) Total engagements having conducted to be satisfactory as per
quality review vs No. of engagements quality reviewed
This question relates to quality review during internal inspections and
external agencies inspection and not quality review by EQCR. Based on the
conclusions drawn from the quality review, preliminary or final reports shall
be issued by the reviewer, either in internal or external agencies inspection.
A satisfactory report shall indicate that the audit has been conducted in the
manner that ensures the quality of service rendered. However, the reviewer
may qualify the report if he is of the opinion that the audit is not being
conducted in the manner that ensures the quality of services rendered.
A sample of Audit Engagements across audits of listed entities, banks,
insurance companies, multistate cooperative banks, should be quality
reviewed as per the Auditing Standard 220 – Quality Control for an Audit of
financial Statements. Out of this population of ‘qualifying engagements’, a
higher percentage of engagements quality reviewed will attract more scores.
However, the engagements not only need to be quality reviewed but
they need to achieve a ‘satisfactory’ rating.
‘Satisfactory’ report is intended to refer to a quality review report with no
significant deficiencies identified in the audit and a rating of 4 or 5 out of a
scale of 5. There could be a letter issued to the firm highlighting various
areas of improvement but if overall the reviewer states ‘satisfactory’ then the
engagement would qualify for the tally.
Engagement Documentation is very crucial for a good quality audit.

28
 Practice Management - Operation

What is not documented is not considered done. The firm should

establish policies and procedures for engagement teams to complete the
assembly of final engagement files on a timely basis after the engagement
reports have been finalized. Law or regulation may prescribe the time limits
by which the assembly of final engagement files for specific types of
engagement should be completed. Where no such time limits are prescribed
in law or regulation, the firm establishes time limits appropriate to the nature
of the engagements that reflect the need to complete the assembly of final
engagement files on a timely basis. In the case of an audit, for example,
such a time limit is ordinarily not more than 60 days after the date of the
auditor’s report.
The firm should establish policies and procedures designed to maintain the
confidentiality, safe custody, integrity, accessibility and retrievability of
engagement documentation.
The firm should establish policies and procedures for the retention of
engagement documentation for a period sufficient to meet the needs of the
firm or as required by law or regulation.
The scoring shall be based on the percentage of engagements quality
reviewed versus the total number of engagements of the same nature and
have concluded to be ‘satisfactory’. The firm will earn 20 points if more than
90% of the ‘qualifying engagements’ that are quality reviewed as
‘satisfactory’.
(iii) Number of engagements without findings by ICAI, Committees of
ICAI and regulators that require significant improvements
This parameter provides scoring to the firm when there are several
engagements without findings that require significant improvements on the
part of the firm. A firm gets 20 points if the threshold of more than 90%
engagements qualifies without significant improvement advisory being issued
by ICAI, its committees or any regulator.

(iv) Documentation of the firm in accordance with SQC 1

The documentation system of quality control of the firm should be in
accordance with the SQC 1. The nature of the policies and procedures
developed by individual firms to comply with SQC 1 will depend on various
factors such as the size and operating characteristics of the firm, and

29
Implementation Guide for Audit Quality Maturity Model – Version 1.0

whether it is part of a network. For the presence of documentation in the

critical areas of Ethical requirements, Acceptance and continuance of client
relationships and specific engagements, and Engagement performance the
firm gets 6 points. For the presence of documentation in the areas of
Leadership responsibilities for quality within the firm, Human resources, and
monitoring the firm gets 6 points.
Ethical Requirements
The firm should establish policies and procedures designed to provide it with
reasonable assurance that the firm and its personnel comply with relevant
ethical requirements. The fundamental principle of professional ethics
includes Integrity, Objectivity, Professional competence and due care,
Confidentiality and Professional behavior. The Code of Ethics includes a
conceptual approach to independence for assurance engagements, including
aspects such as threats to independence, accepted safeguards and the
public interest.
Acceptance and Continuance of Client Relationship and specific
Engagements
The firm should establish policies and procedures for the acceptance and
continuance of client relationships and specific engagements, designed to
provide it with reasonable assurance that it will undertake or continue
relationships and engagements only where it:
(a) Has considered the integrity of the client and does not have
information that would lead it to conclude that the client lacks integrity;
(b) Is competent to perform the engagement and has the capabilities, time
and resources to do so; and
(c) Can comply with the ethical requirements.
The firm should obtain such information as it considers necessary in the
circumstances before accepting an engagement with a new client, when
deciding whether to continue an existing engagement and when considering
acceptance of a new engagement with an existing client. Where issues have
been identified, and the firm decides to accept or continue the client
relationship or a specific engagement, it should document how the issues
were resolved.
With regard to the integrity of a client, matters that the firm considers include,

30
 Practice Management - Operation

for example:
• The identity and business reputation of the client’s principal owners,
key management, related parties and those charged with its
governance.
• The nature of the client’s operations, including its business practices.
• Information concerning the attitude of the client’s principal owners, key
management and those charged with its governance towards such
matters as an aggressive interpretation of accounting standards and
the internal control environment.
• Whether the client is aggressively concerned with maintaining the
firm’s fees as low as possible.
• Indications of an inappropriate limitation in the scope of work.
• Indications that the client might be involved in money laundering or
other criminal activities.
• The reasons for the proposed appointment of the firm and non-
reappointment of the previous firm.
• The extent of knowledge a firm will have regarding the integrity of a
client will generally grow within the context of an ongoing relationship
with that client.
Information on such matters that the firm obtains may come from, for
example:
• Communications with existing or previous providers of professional
accountancy services to the client in accordance with the Code, and
discussions with other third parties.
• Inquiry of other firm personnel or third parties such as bankers, legal
counsel and industry peers.
• Background searches of relevant databases.
In considering whether the firm has the capabilities, competence, time and
resources to undertake a new engagement from a new or an existing client,
the firm reviews the specific requirements of the engagement and existing
partner and staff profiles at all relevant levels. Matters the firm considers
include whether:
• Firm personnel have knowledge of relevant industries or subject

31
Implementation Guide for Audit Quality Maturity Model – Version 1.0

matters;
• Firm personnel have experience with relevant regulatory or reporting
requirements, or the ability to gain the necessary skills and knowledge
effectively;
• The firm has sufficient personnel with the necessary capabilities and
competence;
• Experts are available if needed;
• Individuals meeting the criteria and eligibility requirements to perform
engagement quality control review are available, where applicable;
and
• The firm would be able to complete the engagement within the
reporting deadline.
The firm also considers whether accepting an engagement from a new or an
existing client may give rise to an actual or perceived conflict of interest.
Where a potential conflict is identified, the firm considers whether it is
appropriate to accept the engagement.
Where the firm obtains the information that would have caused it to decline
an engagement if that information had been available earlier, policies and
procedures on the continuance of the engagement and the client relationship
should include consideration of:
(a) The professional and legal responsibilities that apply to the
circumstances, including whether there is a requirement for the firm to
report to the person or persons who made the appointment or, in some
cases, to regulatory authorities; and
(b) The possibility of withdrawing from the engagement or both the
engagement and the client relationship.
The documentation should include significant issues, consultations,
conclusions and the basis for the conclusions.
Engagement performance
The firm should establish policies and procedures designed to provide it with
reasonable assurance that engagements are performed in accordance with
professional standards and regulatory and legal and SQC 1 requirements,
and that the firm or the engagement partner issues reports that are

32
 Practice Management - Operation

appropriate in the circumstances. A firm seeks to establish consistency in the

quality of engagement performance through its policies and procedures. This
is often accomplished through written or electronic manuals, software tools or
other forms of standardized documentation, and industry or subject matter-
specific guidance materials.
Matters addressed include the following:
• How engagement teams are briefed on the engagement to obtain an
understanding of the objectives of their work.
• Processes for complying with applicable engagement standards.
• Processes of engagement supervision, staff training and coaching.
• Methods of reviewing the work performed, the significant judgments
made and the form of the report being issued.
• Appropriate documentation of the work performed and of the timing
and extent of the review.
• Processes to keep all policies and procedures current.
The firm should establish policies and procedures designed to provide it with
reasonable assurance that:
(a) Appropriate consultation takes place on difficult or contentious
matters;
(b) Sufficient resources are available to enable appropriate consultation to
take place;
(c) The nature and scope of such consultations are documented; and
(d) Conclusions resulting from consultations are documented and
implemented.
The firm should establish policies and procedures for dealing with and
resolving differences of opinion within the engagement team, with those
consulted and, where applicable, between the engagement partner and the
engagement quality control reviewer. Conclusions reached should be
documented and implemented.

Leadership responsibilities for quality within the firm

The firm should establish policies and procedures designed to promote an

33
Implementation Guide for Audit Quality Maturity Model – Version 1.0

internal culture based on the recognition that quality is essential in

performing engagements. Such policies and procedures should require the
firm’s chief executive officer (or equivalent) or, if appropriate, the firm’s
managing partners (or equivalent), to assume ultimate responsibility for the
firm’s system of quality control.
The leadership of the firm influences its internal culture. The promotion of a
quality-oriented internal culture depends on clear, consistent and frequent
actions and messages from all levels of the firm’s management emphasizing
the firm’s quality control policies and procedures, and the requirement to:
(a) Perform work that complies with professional standards and regulatory
and legal requirements; and
(b) Issue reports that are appropriate in the circumstances.
Any person or persons assigned operational responsibility for the firm’s
quality control system by the firm’s chief executive officer or managing board
of partners should have sufficient and appropriate experience and ability, and
the necessary authority, to assume that responsibility.
Human Resources
The firm should establish policies and procedures designed to provide it with
reasonable assurance that it has sufficient personnel with the capabilities,
competence, and commitment to ethical principles necessary to perform its
engagements in accordance with professional standards and regulatory and
legal requirements and to enable the firm or engagement partners to issue
reports that are appropriate in the circumstances.
The firm should also assign appropriate staff with the necessary capabilities,
competence and time to perform engagements in accordance with
professional standards and regulatory and legal requirements, and to enable
the firm or engagement partners to issue reports that are appropriate in the
circumstances.
Monitoring
The firm should establish policies and procedures designed to provide it with
reasonable assurance that the policies and procedures relating to the system
of quality control are relevant, adequate, operating effectively and complied
with in practice. Such policies and procedures should include an ongoing
consideration and evaluation of the firm’s system of quality control, including
a periodic inspection of a selection of completed engagements.

34
 Practice Management - Operation

(v) Does the firm have Accounting and Auditing Resources in the
form of soft copies of archives Q&As, firm thought leadership or a
dedicated/ Shared Technical desk?
For providing an effective assurance service the engagement firm should
have quality reference resources available to perform the engagement task.
These resources should preferably be available on a centralized server or
cloud so that the firm’s personnel may access them from a client site.
Soft copies of archives questions and answers
It may include the relevant documents and the issues which arose during the
audit and were resolved, and the methods used for conducting the assurance
engagements. Firms can have these resources in the form of Questions and
Answers so that it would get easier to understand the queries raised and how
they were resolved.
Firm Thought Leadership
The firm should mine its knowledge and experience in the form of sector-
specific publications or write their impact assessment about the new
accounting and auditing and assurance standards. The experienced partners
of the firm may be able to significantly contribute to the industry through this
thought leadership and help increase their client base, which may in return
help the firm to enter markets and sectors and have an even deeper insight
into the nature of various businesses or industry. Credentials always help in
an audit pitch. These insights immensely help the firm personnel during the
audit work – be it the impact of a new standard issued but not yet effective or
in understanding a business or entity and doing a risk assessment.
Dedicated/ Shared Technical desk
These days assurance services are being provided with the help of
technology and computers. For conducting effective accounting and
assurance services every firm requires physical resources like a technical
desk. However, this depends on the firm that they have a dedicated technical
desk for the engagement team or using the shared technical desk.

(vi) Is appropriate time spent on understanding the business, risk

assessment and planning an engagement? How have risks been
mitigated through the performance of audit procedures?

35
Implementation Guide for Audit Quality Maturity Model – Version 1.0

For ensuring the effectiveness of the quality audit one must spend requisite
time on the understanding of the business, the types of controls and risk
associated and plan an audit engagement to complete it within a time frame.
The engagement team should undertake an understanding of the entity and
its environment, including the entity’s internal control.
The auditor shall obtain an understanding of the following:
(a) Relevant industry, regulatory, and other external factors including the
applicable financial reporting framework.
(b) The nature of the entity, including:
(i) its operations;
(ii) its ownership and governance structures;
(iii) the types of investments that the entity is making and plans to
make, including investments in special-purpose entities; and
(iv) the way that the entity is structured and how it is financed;
to enable the auditor to understand the classes of transactions,
account balances, and disclosures to be expected in the financial
statements.
(c) The entity’s selection and application of accounting policies, including
the reasons for changes thereto.
(d) The auditor shall evaluate whether the entity’s accounting policies are
appropriate for its business and consistent with the applicable financial
reporting framework and accounting policies used in the relevant
industry.
(e) The entity’s objectives and strategies, and those related business risks
that may result in risks of material misstatement.
(f) The measurement and review of the entity’s financial performance.
The auditor shall obtain an understanding of whether the entity has a process
for:
(a) Identifying business risks relevant to financial reporting objectives;
(b) Estimating the significance of the risks;
(c) Assessing the likelihood of their occurrence; and

36
 Practice Management - Operation

(d) Deciding about actions to address those risks

If the entity has established such a process (referred to hereafter as the
‘entity’s risk assessment process’), the auditor shall obtain an understanding
of it, and the results thereof.
Risk assessment procedures include identification and assessment of the
risk of material misstatement whether due to fraud or error. The audit
approach that should be followed by an auditor is a risk-based audit strategy.
The auditor needs to exercise significant judgment while analyzing the risks
an organization faces and while aggregating and disaggregating risks for a
group audit. What is even more important than identifying the risks is
mapping them to an appropriate response. Auditors and Audit committees
should be in dialogue over this matter.
If control risk or fraud risk is perceived to be high then the substantive audit
procedures may need to be extended to bring audit risk to an acceptable
level. Planning an engagement helps an auditor to focus on the critical areas
of the audit and perform the required task.
Hence, it is important for an engagement partner/team to devote enough time
so that quality of audit can be maintained while executing the engagement
without any hurdles. The firms should establish guidance on expectation on
engagement partner hours based on size of the engagement and the risk
assessed. The quality reviewer should review the time spent by the partner
on the engagement and assess whether it is appropriate and as per the
minimum thresholds laid down by the firm’s policy manual.
The firm scores if appropriate time is spent as per the guidance and at the
right stage on understanding the business, risk assessment and planning an
engagement.
1.6 Benchmarking of service delivery
How to score your firm?
Competency Basis Score Criteria Score Max
Basis Scores
i. Does the firm follow/ Scoring based on For Yes – 4 4
implement Standard Presence or Not. Yes/No Points
delivery methodology – Answers For No – 0
the adoption of audit Point
manuals, adherence to

37
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Max

Basis Scores
practice standards and
tools?
ii The number of statutory Negative Scoring based Less than 0
. audit engagements re- on % 5% – 0
worked (filing errors, Point
information insufficiency, More than
wrong interpretation of 5% to 15%:
provisions, etc.). (-1) Point
More than
15% to
30%: (-2)
Points
More than
30% to
50%: (-3)
Points
More than
50%:
(-4) Points
iii Number of client Negative Scoring based Less than 0
. disputes (other than fees on % of clients 5% – 0
disputes) and how they Point
are addressed. More than
5% to 15%:
(-1) Point
More than
15% to
30%: (-2)
Points
More than
30% to
50%: (-3)
Points
More than
50%:
(-4) Points
iv Is the timing of audit Scoring based on For Yes – 12
. interactions with Presence or Not. Yes/No 12 Points
management planned in Answers For No – 0

38
 Practice Management - Operation

Competency Basis Score Criteria Score Max

Basis Scores
such a way that Point
integrates with the
auditor’s requirements
so that audit timelines
can be met? [Review
frequency of back-log,
engagement agreed
upon and not
commenced, WIP, etc.
(Excl. of client-side
delays)].
Total 16

(i) Does the firm follow/ implement Standard delivery methodology –

adoption of audit manuals, adherence to practice standards,
tools?
It is very much necessary that the audit manuals and other practice
standards, tools just not remain on the papers. The partners and senior audit
staff should make sure that there is compliance with these methodologies
within the organization. Service delivery should be conducted in a way that
promotes audit quality and the reputation of the firm. This can be achieved
only by implementing a standardized reporting structure and the firm should
make its employees understand how this mechanism contributes to
enhancing the audit quality and is responsive to the auditor’s role in the
industry.
An effective monitoring mechanism should exist in the firm to keep in check
the implementation of these delivery methodologies, else the whole idea of
making the audit manual in the first place will fail.
(ii) The number of statutory audit engagements re- worked (filing
errors, information insufficiency, wrong interpretation of
provisions, etc.)
Any work done to correct the defects is known as rework. A rework is often
the result of failure to meet one of the acceptance criteria of laws and
regulations or clients. Reworking increases the cost of non-conformance i.e.,
the total cost to the organization of failure to deliver a good quality service.
Being experts in the accountancy profession it is our duty and responsibility
to provide flawless reports. As the concept of benchmarking has points for

39
Implementation Guide for Audit Quality Maturity Model – Version 1.0

efficiency, it has negative marking for errors, information insufficiency, wrong

interpretation etc. while delivering the services. This section attracts negative
scoring and is a forward-looking mechanism for the firm. Rework and
restatement should be distinguished. A restatement may be required
because of a change in accounting policy or because of the introduction of a
new accounting standard. Rework is normally because of an error or
omission in the previously issued financial statements. Further audit firms
performing remediation actions based on results of inspections will not be
considered as rework.
(iii) Number of client disputes (other than fees disputes) and how they
are addressed
Only disagreements that result in legal disputes between the auditor and the
client are required to be scored under this clause after assessing the merits
of the arguments of the client.
This clause attracts negative marking which can go up to a negative 4 points.
(iv) Is the timing of audit interactions with management planned in
such a way that integrates with the auditor’s requirements so that
audit timelines can be met?
The timing of audit interactions with management should be planned in such
a way that it integrates with the auditor’s requirements so that audit timelines
can be met. The firm should review the frequency of backlog, engagement
agreed upon and not commenced, WIP, etc. (Excl. of client-side delays).
Professional standards require certain interactions which are very essential
for carrying out good quality audit services. This includes engagement
letters, independence letters among others, with management, those
charged with governance, and various other stakeholders, Planning meeting,
risk assessment dialogue, control testing, substantive analytical procedures
and issuing audit reports and material deficiencies in internal controls to
management and those charged with governance. The timely and effective
flow of dialogue between the audit firm and the client is very necessary to
complete the audit engagement on time. Communications directly affect the
audit timelines and there must be proper planning for doing the same.
Every engagement should be properly monitored and reviewed for any
backlogs. A firm should monitor whether there is timely identification of
potential issues, that may act as a threat to the timely execution of audit
procedures.

40
 Practice Management - Operation

1.7 Client Sensitisation

How to score your firm?
Competency Basis Score Criteria Score Max
Basis Scores
1.7 Client Sensitisation
i. Awareness meetings Scoring based on For Yes – 8 8
and Knowledge Presence or Not. Yes/No Points
dissemination Answers For No – 0
meetings/ Point
articles/document
sharing with clients
including:
1) Updating client on
audit issues,
formally-
effectiveness of
the process of
communication
with
management and
those charged
with
Governance;
2) Updating client
on changes in
accounting,
legal, audit
aspects, etc. with
client specific
impact; and
3) Follow through on
previous audit
observations and
updates to
management and
those charged
with
Governance.
ii. Monitoring planned Scoring based on For Yes – 8 8

41
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Max

Basis Scores
hours vs actual hours Presence or Not. Yes/No Points
across engagement; Answers For No – 0
the focus is on the Point
existence of a
monitoring
mechanism.
Total 16

(i) Awareness meetings and Knowledge dissemination meetings/

articles/document sharing with clients
An audit firm should have a quality of responsiveness for those clients to
whom various services have been provided. It is very much required for a
client to be aware of the aspects which relate to the audit engagement or any
other assurance services including: -
(a) Updating those charged with governance on audit issues formally in
writing for the process of communication to be effective;
(b) Updating the client on changes in accounting, legal, audit aspects, etc
with client-specific impact; and
(c) Follow through of previous audit observations and update to
management and those charged with Governance.
(ii) Monitoring planned hours vs actual hours across engagement;
the focus is on the existence of a monitoring mechanism
An audit firm may monitor the percentage of time (hours) spent vs budgeted
hours during various audit phases to assess the timeliness of audit
engagement. There would be stages of an audit that may take more time due
to the complexity involved. These could be the time spent by experienced
team members on risk assessment, planning meetings, key audit judgments
and conclusions. The monitoring will add to the experience of budgeting
better next time. This is a forward-looking AQI.
The focus should be on the monitoring mechanism which is important to
ensure the effectiveness of the system of quality control. The nature and
extent of monitoring procedures may vary given the nature and complexity of
a firm’s operations.

42
 Practice Management - Operation

1.8 Technology Adoption

How to score your firm?
Competency Basis Score Criteria Score Max
Basis Scores
1.8 Technology Adoption
(i) Technology adoption at
Office –
• Internal Scoring based on For Yes – 4 4
communication – Presence or Not. Yes/No Points
chats Answers For No – 0
Point
• Has the firm Scoring based on For Yes – 4 4
automated its Presence or Not. Yes/No Points
office with Answers For No – 0
automated Point
Attendance
System and
Leave
management?
• Project or activity Scoring based on For Yes – 4 4
management/ Presence or Not. Yes/No Points
Timesheet Answers For No – 0
management Point
• Digital storage of Scoring based on For Yes – 4 4
records (scan, Presence or Not. Yes/No Points
etc.) Answers For No – 0
Point
• Centralised Scoring based on For Yes – 4 4
server/ Cloud Presence or Not. Yes/No Points
Answers For No – 0
Point
• Digital Library Scoring based on For Yes – 4 4
(Own or ICAI) Presence or Not. Yes/No Points
Answers For No – 0
Point
• Client interaction Scoring based on For Yes – 4 4
(Alerts, updates, Presence or Not. Yes/No Points

43
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Max

Basis Scores
availability of Answers For No – 0
information in Point
website, etc.)
• Video Scoring based on For Yes – 4 4
conferencing Presence or Not. Yes/No Points
facilities adopted Answers For No – 0
Point
• Does the firm use Scoring based on For Yes – 4 4
only licensed Presence or Not. Yes/No Points
operating system, Answers For No – 0
software etc.? Point
• Own E-mail Scoring based on For Yes – 4 4
domains, E-mail Presence or Not. Yes/No Points
usage policies, Answers For No – 0
etc. Point
• Use of anti-virus Scoring based on For Yes – 4 4
and malware Presence or Not. Yes/No Points
protection tools Answers For No – 0
Point
• Data security, etc. Scoring based on For Yes – 4 4
Presence or Not. Yes/No Points
Answers For No – 0
Point
• Cyber security Scoring based on For Yes – 4 4
measures Presence or Not. Yes/No Points
Answers For No – 0
Point
ii. Awareness and Scoring based on For Yes – 12
Adoption of Presence or Not. Yes/No 12 Points
Technology for Service Answers For No – 0
delivery – Say, use of Point
Audit tools, usage of
analytical tools, use of
data visualisation tools
or adoption of an audit
tool.
Total 64

44
 Practice Management - Operation

(i) Technology adoption at offices

The one thing that all successful firms have in common is technology.
Technology in today’s scenario has become the backbone of every industry,
be it manufacturing or service industry. Not just for survival but an
organization uses technology to have a competitive advantage over its peers.
Following is the list of checklists, that organization may be maintained as
these practices at the office will lead to smooth and enhanced functioning of
the organization. Scoring is based on the presence of items mentioned in the
checklist in a binary Yes/ No pattern. For each Yes firm gets 4 points and 0
points for No.
(i) Internal communication – chats
The firm may implement an intranet-based Internal Communication tool. This
tool will strengthen the internal communication tool between co-workers and
act as a daily team-building exercise. With increased professional contact,
the employees would be able to help each other in real-time and can be
especially helpful during remote working.
Audit firms should consider confidentiality risk in respect of the information
shared in any communication tool before sharing such information in a
chatting tool.

(ii) Has the firm automated its office with automated Attendance
System and Leave management?
In the age of automation, Attendance and Leave management systems can
very easily be automated to ensure accurate time records and minimize the
time and errors involved in manual data entry. Real-time data also helps in
the appropriate and timely computation of payroll and actuarial expenses.
By using various software tools management generate accurate reports and
summaries on billable hours, absences, overworking etc. HR can greatly
benefit from identifying employees who have not panned any leaves for
months and help encourage the employees to take a break from work to
avoid burnout. These measures greatly improve the health, happiness and
well-being of the employee and lead to higher efficiency at the workplace.
(iii) Project or activity management/ Timesheet management

45
Implementation Guide for Audit Quality Maturity Model – Version 1.0

The firms should have a timesheet management system where timesheets

are filled in time so that the client billings can be made on time, which in turn
leads to a fluid working capital that yields more interest. Firms could build
this important housekeeping aspect into their appraisal systems, where an
employee gets a negative scoring in his or her appraisal if he or she misses
more than two timesheets in a year.
The timesheets may specify the hours spent on various areas of work so that
a quality reviewer can analyze whether sufficient and appropriate time was
spent on high-risk audit areas for instance. The system should also be able
to track the total hours for an engagement and this can help form a solid
base for computing audit fees for the next engagement with the client.
(iv) Digital storage of records (scan, etc.)
In today’s times, it is important to have digital storage of records as storing
physical records can eat up a lot of physical space. Having working papers in
soft copy and scanning hard copy documents like engagement letters will
lead to the optimal size of physical files which can easily be sent to a storage
facility. Digital records are easy to access and archiving helps keep them
secure.
(v) Centralised server/ Cloud
Keeping the data in one place either in a centralized server or using a cloud-
based architecture has several advantages. It is easier to manage both the
hardware and the data itself and have closer control on data protection,
version control and security. A monolithic set leads to better control of
hardware configuration, capacity and performance, etc. The firm would also
be able to maximize data integrity, minimize data redundancy, have easier
data portability, improve database administration and have several other
advantages.
Cloud computing has become a great solution for providing a flexible, on-
demand, and dynamically scalable computing infrastructure for many
applications. As more and more clients use cloud technology, embracing the
change will not only keep SMPs relevant, but also may bring new
international clients and business partners and attract young talent.
Administrative and in-house IT support costs will decrease and more so in
the case of cloud-based architecture, which requires no initial investment and
online services are updated and backed up automatically. It will improve

46
 Practice Management - Operation

flexibility as access to information will no longer be dependent on location.

Firms will be able to service their clients from any location, and it will also
allow for a more flexible working environment – remote working will become
much easier.
(vi) Digital Library (Own or ICAI)
Having a digital library individual to the firm or having the membership of a
digital library provided by ICAI (as and when made available) can have
multifold benefits. All members of the firm would be able to find answers to
their queries and help perform research on areas of accounting and auditing
that require significant judgement.

(vii) Client interaction (Alerts, updates, availability of information in

website, etc.)
A firm can add value to its client by sending an alert to its clients about
statutory due dates and keeping them abreast with important professional
updates. The alerts would be automated or sent manually.
(viii) Video conferencing facilities adopted
The use of video conferencing facilities will help lower the travel costs for the
firm, leading to higher margins. It will also allow more frequent meetings
when needed to review and monitor important audits. Above all, it will lead to
a huge saving of time and allow the firm’s resources to service multiple
geographies.
(ix) Does the firm use only licensed operating systems, software’s
etc.?
The use of licensed software is a sustainable practice as the use of
unauthorized software can lead to confiscation of data and stoppage of
operations.
(x) Own E-mail domains, E-mail usage policies, etc.
Data security is very crucial for clients maintaining client confidentiality and
the firm needs to have secure office email servers.
(xi) Use of anti-virus and malware protection tools
The firm should have the requisite firewalls and anti-virus software to protect
its data from hackers and malware attacks. This will lead to the smooth

47
Implementation Guide for Audit Quality Maturity Model – Version 1.0

functioning of the firm and prevent loss of confidential data which can lead to
defamation and legal issues.
(xii) Data security, etc.
The laptops of the firm should have end-to-end encryption so that even in
case of theft or loss of laptops, the data is secure and does not get into the
wrong hands. The system and email passwords should be changed at
regular intervals and there should be a system monitoring of the same.
(xiii) Cybersecurity measures
Unfortunately, cybersecurity breaches are not rare events, and audit firms
are not immune to this risk. Since auditors collect confidential data, it is
expected that cybersecurity breaches will impose high costs to audit firms.
These costs would reflect reputational damage and potential litigation.
The following are the five critical cybersecurity activities:
• Identify
• Protect
• Detect
• Respond
• Recover
(ii) Awareness and adoption of Technology for service delivery
Technology adoption in service delivery like the use of audit tools and
analytical tools attracts 12 points. The DCMM Version 2.0 may be referred to
arrive at the technical maturity of the firm.
Business transactions are getting more voluminous and complex and firms
need to address the risk of material misstatement and its response to those
risks. Audit and assurance services have undergone a lot of transformation in
the past few decades as there has been continuous advancement in the
traditional way of an audit. Client’s businesses are heavily dependent on
technology and among other things, technology is expected to facilitate audit
fieldwork by automating time-consuming manual and rote tasks. For
example, computer systems at accounting firms can now interface with an
audit client’s systems to transfer and compile data automatically. The audit
automation level has enhanced to such an extent that some firms are even
using drones to observe physical inventories.

48
 Practice Management - Operation

Implementation of Computer Assisted Auditing Tool (CAAT) software can be

used for collecting evidence from the client’s system. It also helps in
conducting the testing, new technology makes it possible for auditors to
analyze large amounts of a company’s financial data and test 100% of a
company’s transactions instead of testing only a sample. Sophisticated tools
enable auditors to perform advanced analytics to gain deeper insight into the
company’s operations.
Technological advances might, even more, move auditors toward a more
continuous auditing and monitoring model because they will be able to
access client data in a timely and more standardized format.
The usage of audit tools, data analytics tools and data visualization tools can
enhance the efficiency and effectiveness of the audit process. The use of
Robotics Process Automation (RPA) and Data Analytics act as force and
speed multipliers for auditors and helps arriving at relevant and reliable
reporting.
1.9 Revenue, Budgeting and Pricing
How to score your firm?
Competency Basis Score Criteria Score Max
Basis Scores
1.9 Revenue, Budgeting & Pricing
i. Whether the client Scoring based on For Yes –4 4
wise revenue is in Presence or Not. Yes/No Points
compliance with the Answers For No – 0
Code of Ethics Point
(currently fees from
one client should not
exceed 40% of total
revenue unless
safeguards are put in
place) and once the
deferred clauses of
Part A are
implemented this will
be reduced to 15%.
ii. Fee considerations Scoring based on Yes – 8 8
and scope of services Presence or Not. Yes/No Points
should not infringe Answers For No – 0

49
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Max

Basis Scores
upon the quality of Point
work and
documentation as
envisaged in SQC 1
under Leadership is
responsible for quality
within the firm.
iii. Adherence to a Scoring based on For up to 4
minimum scale of fees Presence or Not. Yes/No 50% of the
recommended by ICAI. Answers engagement
s- 2 Points
For More
than 50% of
the
engagement
s – 4 Points
For None –
0 Point
Total 16

(i) Whether the client wise revenue is in compliance with the Code of
Ethics
When the fee is generated from one client represent a large amount of the
total fees of that firm, the dependence on that client increases the concern
about losing the client and creates a self-interest or intimidation threat.
The revenue earned should be in compliance with the Code of Ethics and
fees from one client should not exceed more than 40% of the total revenue
unless safeguards as specified in the Code of Ethics are in place. However,
once the deferred clauses of part-A of the Code of Ethics are implemented
the fees from one client would need to reduce to 15% of total revenue.
(ii) Fee considerations and scope of services should not infringe
upon quality of work and documentation as envisaged in SQC 1
under leadership is responsible for quality within the firm.
A firm’s leadership is responsible for the quality within the firm and it is
required to recognize that the business strategy of the firm is subject to the
overriding requirement to achieve quality in all engagements that the firm

50
 Practice Management - Operation

performs. It is important for rewards, incentives and compensation should be

aligned with the audit quality objectives of the firm. A firm must ensure that
commercial considerations do not override the quality of work performed.
Even if a firm reduces fees from the previous auditor’s fees, a firm should
design its policies and procedures to demonstrate the firm’s commitment to
audit quality.
The fee working should not be a ‘back of the envelope’ working but a detailed
computation at the minimum, which lists out the key audit areas and maps
the time and charge-out rates of the preparers and reviewers of the audit
areas. The expense of the auditor’s expert should also be factored into the
fee consideration. The scope of services should not provide any conflict of
interest to the auditor.
(iii) Adherence to minimum scale of fees standards recommended by
ICAI
The Committee for Members in Practice of ICAI as a part of its commitment
to strengthening the practitioners has initiated the recommendatory scale of
fees for the professional assignments being performed by the members of
ICAI.
Hence, the fees charged by the firm for all its engagements must adhere to
the minimum scale of standard fees recommended by the ICAI.

51
 Section 2
Human Resource Management
2.1 Resource Planning & Monitoring as per the firm’s
policy
How to score your firm?
Competency Basis Score Criteria Score Max
Basis Scores
2.1. Resource Planning & Monitoring as per the firm's policy
i. Does the firm have a Scoring based on For Yes – 4 4
process of Employee/ Presence or Not. Yes/No Points
Resource Planning Answers For No – 0
for the engagements Point
based on skill set
requirement,
experience, etc.?
ii. Methods/Tools used Scoring based on For Yes – 4 4
by the firm for Presence or Not. Yes/No Points
Resource Allocation Answers For No – 0
(use of spreadsheets, Point
work flow tools, etc.).
iii. Is there a method of Scoring based on For Yes – 4 4
tracking the employee Presence or Not. Yes/No Points
activity, to identity Answers For No – 0
resource productivity Point
(e.g., timesheet)?
iv. Does the firm Scoring based on For Yes – 8 8
maintain a minimum Presence or Not. Yes/No Points
Staff to Partner Ratio, Answers For No – 0
Partner to Manager, Point
Manager to Articles,
Client to Staff ratio,
etc.?
v. Does the firm monitor Scoring based on For Yes – 4 4
the Utilisation & Presence or Not. Yes/No Points
Realisation rate per Answers For No – 0
employee? Point
 Human Resource Management

Competency Basis Score Criteria Score Max

Basis Scores
vi. Does the firm Scoring based on For Yes – 4 4
document the Presence or Not. Yes/No Points
resource plan for Answers For No – 0
each engagement Point
and file it for
reference during the
engagement?
Total 28

Resource planning and monitoring is a process of determining how the

existing capacity should be utilized for optimum results. Resource planning
occurs at the various phases of the assurance engagement. A firm is
required to have a system to ensure continuous monitoring of the resources.
To strengthen the quality performance of a firm should have a policy for
resource planning and monitoring.
(i) Does the firm have a process of employee/ resource planning for
the engagements based on the skill set requirement, experience
etc.
Adequate expertise of the engagement team or partners in various fields is
required to ensure the timely completion of the assurance engagement. The
engagement team should have the requisite skills like understanding the
current audit practices and being up to date with the changes taking place in
the audit world. The firm should have a process for selecting the team having
the requisite experience and specific knowledge and skills for the
engagement performance.
(ii) Methods/Tools used by the firm for Resource Allocation (use of
spreadsheets, workflow tools, etc.)
An audit firm should have a process that describes the basis (using the firm's
tools and technical support) on which employees or resources have been
deployed to an assurance engagement.
Whenever a firm is allocating its employees/partners or resources to a
particular client, a document may be there containing all the details like:
• No. of partners having expertise in specific areas
• No. of employees having a set of skills or being subject matter experts

53
Implementation Guide for Audit Quality Maturity Model – Version 1.0

• Years of experience of an individual allocated to a client

• A chart showing the weekly allocation schedule for each resource and
the name of the manager and partner assigned to an engagement.
(iii) Is there a method for tracking the employee activity, to identify
resource productivity (e.g., timesheet)?
An employee’s productivity can be analyzed through his/her work
performance and the time utilized for such work. A skilled individual can
enhance the quality of an audit hence an audit team to be competent enough
to perform the audit effectively. If an audit firm has an experienced audit
team particularly in the specific industry, then issues that arose can be
resolved more quickly based on the experience.
After allocating resources to a particular audit engagement, it is important to
track the hours spent by the engagement team on significant areas of risk.
For tracking the employee's activity, a firm can use a timesheet whether
written or electronic where an employee must mention the time duration
spent on the different areas while doing the audit so that productivity and
efficiency can be identified. The data from the timesheets should be used as
an input for the percentage completion of the work assigned to the individual
and help identify whether the resource is available
This score is awarded if the Human resources department uses technology
for monitoring the staff efforts.
(iv) Does the firm maintain a Minimum Staff to Partner Ratio, Partner
to Manager, Manager to Articles, Client to Staff ratio etc.
An audit firm needs to maintain a minimum ratio for staff to partner, partner
to manager, manager to articles, client to staff, etc. The above-mentioned
ratios can be different for the different client engagements since it depends
on the size of the business of the client. The resource allocation should be
according to the client’s work requirement. The proportion of the audit to be
conducted by every individual should be identified as per their position.
Higher and more complex risk areas should be allocated to more senior
members of the audit team who possess the requisite CPE hours.

54
 Human Resource Management

(v) Does the firm monitor the Utilization and realization rate per
employee?
The human resource function of the firm needs to monitor the utilization and
realization rate per employee. Utilization is defined as the available time of
an employee that is devoted to a particular engagement work, expressed as
a percentage. An employee's utilization rate is a critical metric for an
organization to track. However, the realization rate is calculated by the
difference between what time has been invested and what percentage of that
time has resulted as productive hours. For example, if an employee records
eight hours per day but an output of six hours is achieved, then your
realization rate is only 75%.
Utilization of more than 100 percent is an indicator that either an employee is
working beyond office hours and maybe is either overburdened due to lack of
resources with the firm or the employee is inefficient. The realization rate
which is derived from the time charged to a chargeable time code would
depict a clearer picture of the efficiency of the resource. Hours may also be
spent on training. These metrics help HR draw a profile of the employee.
(vi) Does the firm document the resource plan for each engagement
and file it for reference during the engagement?
After capacity planning, the firm must document the resource plan for each
engagement. For each assurance engagement or service, it is essential to
document the process, which is followed, so that the same can be referred to
in the future. The same should apply to the documentation of the resource
plan. A firm must maintain a document of the resource plan and allocation for
every engagement which can also be used for future reference.
2.2 Employee Training and Development
How to score your firm?
Competency Basis Score Criteria Score Basis Max
Scores
2.2 Employee Training & Development
.
i. Does the firm have an Scoring based on For Yes – 4 4
employee training Presence or Not. Points
policy? Yes/No Answers For No – 0
Point

55
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Basis Max

Scores
ii. Number of Score based on an 60 hours per 24
Professional average number of year for junior-
Development hours per employee level: 2 Points
hours/days spent (Note: Measurement is for general
(Frequency) as a firm indicative - could be training and 6
– per employee. converted to points for
days/hours across the specialised
period as deemed fit for technical
the firm - based on training
size) 30 - 60 hours
per year for
mid- level: 2
Points for
general
training and 6
points for
specialised
technical
training
More than 30
hours for
partners: 2
Points for
general
training and 6
points for
specialised
technical
training
iii. Employees are Scoring based on Use of 8
equipped with Presence or Not. Analytical
technological skill sets Yes/No Answers Tools:
– AI, Blockchain, Audit For Yes – 8
& Data analytical tools, Points
etc. and sponsored by For No – 0
the firm to develop the Point
same:
1. Knowledge of
technological skill
sets will be more
relevant for large
audits (Like Audit

56
 Human Resource Management

Competency Basis Score Criteria Score Basis Max

Scores
Engagements of
Listed entity,
Banks other than
co-operative
banks (except
multi-state co-
operative banks)
and Insurance
Companies etc.).
Hence, the
question should
be relevant only
for such audit
engagements.
2. The audit Teams
should be aware
of Data Analytics
Tools and
comprehend the
results of the tools
to adjust the audit
strategy.
3. Technologies like
AI and blockchain
may be
considered as an
incremental factor
for differentiation
purposes, if the
firms are scored
at the same level.
iv. Whether the firm has a Scoring based on For Yes – 8 8
performance Presence or Not. Points
management culture Yes/No Answers For No – 0
that rewards high Point
performing employees
and those who
demonstrate high
levels of quality and
ethics?
Total 44

57
Implementation Guide for Audit Quality Maturity Model – Version 1.0

(i) Employee Training Policy

A firm should have a culture of promoting continuous professional
development among the employees, and for this purpose, there must be a
well-defined written document in the form of policy in the firm. Engagement
partners are responsible for coaching their teams and identify employee
development needs. Employees are responsible for seeking new learning
opportunities.
The training policy should lay out the types of training the firm personnel
need to seek for their performance appraisal and growth. Classification of
learning and growth training and prescribing training modules may relate to
the following:
• Technical Skills – IT skills, usage of audit tools and techniques
• Managerial Skills – This involves team building, project management
skills personality development, and leadership programs.
• Soft Skills – Business writing, communication skills, presentation skills,
negotiation skills and business etiquette skills are some examples
• Professional Certification – technical training certification courses are
run at many platforms on Ind AS, IFRS, US GAAP, IPSAS, Direct and
Indirect Taxes, Transfer Pricing, Valuation, International Taxation,
DISA and CISA certification by ICAI.
The training policy should specify the hours the firm personnel need to obtain
through web-based learning (WBL) or classroom instructor-led training. The
firm should impart training among the employees in the following forms:
• Formal Training Sessions
• On the job training
• E-learning
• Conferences/seminars/Webinars participation
• Rotation assignments
• Secondments within firm offices
• Training provided by Internal or External experts
• Employee coaching and mentoring
• Training of Articles

58
 Human Resource Management

As part of the continuous employee learning and development training,

arrangements for subscriptions or educational material can also be availed
wherever applicable. This provides all employees access to news, articles,
and other material that can help them become better at their works and keep
them updated with current changes happening in the surroundings.
Scoring shall be based on the presence of a written training policy within the
firm which is easily accessible to the firm personnel.
(ii) Number of Professional Development hours/days spent (Frequency)
as a firm – per employee
Professional Development hours shall be awarded to the profession based
on the number of hours devoted by them to attending training through
presentation or training class. The CPE calendar detailing the upcoming
training should be circulated to all firm personnel so that they may register
for the courses. CPE could be obtained through the firm’s training or ICAI’s
webinars and post qualification courses.
ICAI conducts courses to maintain Continuing Professional Education hours
and it is expected from the members to maintain at least the minimum CPE
hours requirement for keeping the membership and thus, avoid the penalty.
An organization can ideally use these CPE courses and check for its
compliances by the members alongside conducting their professional
development courses.
CPE is a mandatory requirement, which comes with 3 years reporting
requirement, applicable to all members (whether living in India or abroad,
whether holding COP or not).
The minimum professional development hours for scoring points are 60
hours for junior level, 30-60 hours for mid-level, and 30 hours at the partner
level. So, the shortfall can be covered either by taking extra courses crediting
professional development hours or the firm should organize training and
conferences within the firm to promote this culture of learning and growth.
Scoring shall be based on the average number of hours per employee
segregated into an average for juniors, mid-level and partner level. The firm’s
MIS would have a crucial role to play.
Soft skill training is recommended due to its inherent advantages and these
could be in-house or outsourced. The firm could also subscribe to a course

59
Implementation Guide for Audit Quality Maturity Model – Version 1.0

on ‘business etiquette’ on udemy.com, upwork.com, etc. This will not only

help the firm save money but also access top talent from across the globe
without the cost of the flight ticket.
The minimum hours needed for scoring a maximum of 24 points at the firm
level are:
• 60 hours per year for junior-level:
o 2 Points for general training and
o 6 Points for specialized technical training
• 30 - 60 hours per year for mid-level:
o 2 Points for general training and
o 6 Points for specialized technical training
• More than 30 hours for partners:
o 2 Points for general training and
o 6 Points for specialized technical training
(iii) Technical Skillsets of the Employees
Employees are equipped with technological skillsets – Artificial Intelligence
(AI), Blockchain, Audit & Data analytical tools, etc. and sponsored by the firm
to develop the same:
1. Knowledge of technological skill sets will be more relevant for large
audits (Audit Engagements of Listed entity, Banks other than co-
operative banks (except multi-state co-operative banks) and Insurance
Companies). Hence, the question should be relevant only for such
audit engagements.
2. The audit teams should be aware of Data Analytics Tools and
comprehend the results of the tools to adjust the audit strategy.
3. Technologies like AI and blockchain may be considered as incremental
factors for differentiation purposes if the firms are scored at the same
level.
Scoring shall be based upon the presence of use of Analytical tools for listed
entities, Banks other than co-operative banks (except multi-state co-
operative banks), and Insurance Companies' audit engagements.

60
 Human Resource Management

Keywords: Artificial Intelligence (AI), Blockchain, Audit & Data Analytical

Tools
• Artificial Intelligence: A system's liability to interpret external data
correctly, to learn from such data, and to use those learnings to
achieve specific goals and tasks through flexible adaptation.
• Blockchain: It is essentially a digital ledger of transactions that is
duplicated and distributed across the entire network of computer
systems on the blockchain. It is a system of recording financial
transactions that makes it difficult or impossible to cheat, hack or
change data and records in the system.
• Audit & Data Analytical Tools: The tools that are designed for the
analysis of complete sets of audit data to identify anomalies and
trends for further investigation, as well as to provide audit evidence.
This process allows analysis of the entire population of data, rather
than analysis of sample data and thus enables auditors to provide
reasonable assurance.
Large firms prefer developing these technologies in-house with the help of
system developers. It is advisable to do a thorough cost-benefit analysis,
before doing such developments.
Audit staff should be trained for using such data analytical tools instead of
doing the regular audit tasks manually. Proper and adequate awareness
among the audit staff is required concerning the use of data analytics and
their effect on comprehending the audit strategy. A firm will score points for
using the audit tools.
(iv) Whether the firm has a performance management culture that
rewards high performing employees and those who demonstrate
high levels of quality and ethics?
This component focuses on having a performance management culture that
rewards high-performing employees and those who demonstrate high levels
of quality and ethics by proper appreciation, coaching & evaluation.
There can be more than one means to promote a culture of appreciating
high-performance employees, some of them are listed below
o The employee of the month awards
o Feedback reports

61
Implementation Guide for Audit Quality Maturity Model – Version 1.0

o Client appreciation awards

o Monetary appreciation compensations
The team leaders and managers should provide action-oriented feedbacks
that help an employee to achieve their goals in a timely fashion.
Scoring shall be based on the presence of a culture of rewarding employees
with high quality and ethics.
2.3 Resources Turnover and Compensation
Management
How to score your firm?
Competency Basis Score Criteria Score Basis Max
Scores
2.3. Resources Turnover & Compensation Management
i. Does the Firm Scoring based on For Yes – 8 8
evaluate a team Presence or Not. Yes/No Points
composition overall to Answers For No – 0
build the Team Point
Strength - say,
Number of Managers,
Assistant Managers,
Paid Assistants,
Article Assistants,
Other Degree
holders?
ii. Does the firm Scoring based on For Yes – 8 8
maintain and monitor Presence or Not. Yes/No Points
the employee Answers For No – 0
turnover ratio and Point
identify measures to
keep it minimal?
iii. Qualified Scoring can be based on 10 and above 20
professionals retained the % of chartered – 20 Points
by the firm (resources accountants and articles 8 to 9 – 16
available to a available per partner Points
partner). 6 to 7 – 12
Points
4 to 5 – 8
Points

62
 Human Resource Management

Competency Basis Score Criteria Score Basis Max

Scores
Up to 3 – 4
Points
iv. Does the firm Scoring based on For Yes – 4 4
evaluate the Presence or Not. Yes/No Points
Employee relation Answers For No – 0
with the firm (No. of Point
Professionals vs. No.
of years employed
with firm) to identify
reasons for turnover if
any?
v. Statutory Scoring based on For Yes – 8 8
contributions Presence or Not. Yes/No Points
wherever applicable, Answers For No – 0
Health Insurance and Point
other benefits,
available in the firm
for staff members and
partners.
vi. Does the firm Scoring based on For Yes – 4 4
evaluate for which Presence or Not. Yes/No Points
kind of audits does it Answers For No – 0
have a revolving door Point
(between different
engagements) for
people below partner
level?
vii. Progress of people Scoring based on For Yes – 8 8
through an Presence or Not. Yes/No Points
established Answers For No – 0
framework and time Point
commitment of
Managers and
Partners –
Engagement level
review and overall
performance
evaluation and
rewards mechanism
for differentiated
performance levels.

63
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Basis Max

Scores
viii. Access and use of Scoring based on For Yes – 8 8
technology, Presence or Not. Yes/No Points
infrastructure, Answers For No – 0
methodology for Point
better enablement of
day-to-day work /
including favorable
remote working
policies.
ix. Coaching and Scoring based on For Yes – 8 8
mentoring program Presence or Not. Yes/No Points
investment, especially Answers For No – 0
for women colleagues Point
to enhance the
diversity of audit
leaders in the
profession.
x. Special policies to Scoring based on For Yes – 4 4
provide people time Presence or Not. Yes/No Points
to rejuvenate Answers For No – 0
especially after busy Point
audit seasons.
xi. Focused policies and Scoring based on For Yes – 8 8
support for staff well - Presence or Not. Yes/No Points
being, engagement Answers For No – 0
and communication. Point
xii. An established Scoring based on For Yes – 8 8
mechanism to listen Presence or Not. Yes/No Points
to people and their Answers For No – 0
views and Point
suggestions. Credible
Employee survey and
its outcome
demonstrate how well
people are taken care
of and heard.
xiii. Standards of Scoring based on For Yes – 4 4
recruiting people – Presence or Not. Yes/No Points
Assessment Answers For No – 0
methodology, Point

64
 Human Resource Management

Competency Basis Score Criteria Score Basis Max

Scores
evaluation of quality
and fitment to the job
and culture.
xiv. Are the employees of Scoring based on For Yes – 4 4
the firm compensated Presence or Not. Yes/No Points
as per a defined Answers For No – 0
approach where Point
salary is mapped to
the knowledge and
experience level of
the employee?
Total 104

Resource Turnover
Many firms today have revolving doors where employees leave within the
first six months of their work even before being confirmed. It is time
consuming and costly for a firm to frequently replace its talented resources
and it has become one of the big issues facing firms these days. To add to
that poaching of entire audit team in service verticals by a peer is also a
challenge and a professional continuity challenge. In today’s time, half the
battle is to find and hire top talent and the other half is retaining them. An
audit firm should seek out employee retention ideas that can motivate
employees to stay with the organization so that the resource turnover ratio
can be minimal.
Compensation Management
A resource in consideration of his/her work is provided with the salary,
compensation or incentive etc. Compensation management is a process to
determine the salary and incentive benefits received by each employee. A
firm should have a plan to manage compensation provided to the employees
and other resources. An audit firm having compensation policies and
procedures that are linked to the audit quality creates behavior that may lead
to improvement in audit quality. An employee who is rightly paid for his/her
skills would always feel motivated and energetic.

65
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Women- the next billion

The women workforce in firms struggles to make it beyond the mid-career
level due to lack of support or bias related to flexible working. Many firms do
not believe in remote working but the pandemic has turned this concept on
its head. Many women-chartered accountants witness a glass ceiling and
must move sideways to go up or sometimes their seat at the table is a high
chair.
Firm leadership should mentor women employees and coach them to
compete with the best and not be afraid to ask for flexibility. Women should
be mentored to rise to a high standard and the quality of work should
override all preconceived notions about not being to deliver on a high-
pressure assignment.
The firm should also encourage women to participate in the programs
organized by the Women Members Empowerment Committee of ICAI.
(i) Does the Firm evaluate a team composition overall to build the
Team Strength - say, Number of Managers, Assistant Managers,
Paid Assistants, Article Assistants, Other Degree holders?
An audit team requires the right individuals to perform the audit engagement
efficiently and most effectively. A partner or a team leader is responsible for
selecting skilled and experienced individuals according to the requirement for
the engagement. It is to be noted that a team may include managers,
assistant managers, paid assistants, article assistants and any other degree
holders whose opinion may be useful for the completion of the work. This
clause emphasizes the strength of the team and the necessary members to
perform the audit. It may depend on the nature and the size of the work. For
example, it is also possible that a team may include more managers rather
than articles or have more paid assistants and no articles.
(ii) Does the firm maintain and monitor the employee turnover ratio
and identify measures to keep it minimal?
A high employee turnover ratio signals that the employees are leaving their
job within a less time which leads to hiring new ones and provide training to
them. This increases the expenses of the firm.
A firm should maintain this employee turnover ratio at a minimum and
monitor it on a timely basis. The methods for keeping the employee turnover
ratio can be as follows:

66
 Human Resource Management

• Pay the deserving employees well

• Allowing remote working
• Promoting flexibility
• Optimize the hiring process
(iii) Qualified professionals retained by the firm (resources available
to a partner)
A partner ensuring the efficiency and timely completion of an assurance
engagement is required to have an adequate number of professionals to
work with him/her. Allocation of a qualified professional to the team manager
or partner shall depend on the adequate resources available with the firm.
Scoring shall be based upon the number of chartered Accountants available
per partner in a firm.
(iv) Does the firm evaluate the Employee relation with the firm (No. of
Professionals vs. No. of years employed with firm) to identify
reasons for turnover if any?
A healthy relationship between a firm and the employee is very important for
its success. Some employees fail to meet the organization’s expectations
due to indiscipline, absenteeism and slow working. Also, sometimes there is
a failure on the part of management concerning timely rewards, incentives
and fair treatment towards the capable individual. Hence an organization
must keep evaluating its relationship with employees, so that the employee
turnover ratio (if any), can be reduced to an acceptable level.
• Continuous interaction
• Keeping the employees informed so they can make the right decision
and remain productive
• Encourage employee feedback
(v) Statutory contributions wherever applicable, Health Insurance
and other benefits, available in the firm for staff members and
partners
Retaining an employee in a firm for a longer period is possible only when the
firm provides some benefits to the employee apart from their salaries and
incentive. Health insurance and pension scheme are some of the benefits
which a firm should make available for their staff members and partners or
other employees.

67
Implementation Guide for Audit Quality Maturity Model – Version 1.0

(vi) Does the firm evaluate for which kind of audits does it have a
revolving door (between different engagements) for people below
partner level?
A “Revolving Door” in the context of the Audit firms means that people joining
and leaving the organization quickly. The question arises that whether the
firm evaluates the audits which have a revolving door between different
engagements for the people below the partner level or not.
(vii) Progress of people through an established framework and time
commitment of Managers and Partners – Engagement level review
and overall performance evaluation and rewards mechanism for
differentiated performance levels
An organization can have different types of employees and everyone’s
performance level can never be the same. Some of them can be a high
performer and other can be lower performers.
Hence, to review the progress of every personnel a firm needs to implement
policies and procedures and evaluate the quality of every employee’s
performance. A firm is required to identify the criteria based on which overall
performance of an individual (including managers and partners) can be
evaluated, like:
• Technical Knowledge
• Analytical and judgmental abilities
• Communication skills
• Client Relations
• Leadership skills
• Time management or commitment.
A well-performing individual must be appreciated. Many firms have different
criteria to reward high performers. For example:
• Bonus
• Promotion to a higher designation
• Global work opportunities.

68
 Human Resource Management

(viii) Access and use of technology, infrastructure, methodology for

better enablement of day-to-day work/ including favorable remote
working policies
Better access and use of technology and infrastructure will positively result in
high performance of the employees and will provide effective day to day
working. These days every organization has their data on a cloud facility
which can be easily accessible to all the employees who are authorized for
such data access. A system that should be followed by everyone in the firm
for enhancing the day-to-day working.
Recently, the Covid-19 situation taught everyone that most of the work is
possible to be done remotely and there is less requirement to be in the office
regularly. An audit firm must understand that working remotely will reduce
everyday expenditure related to employees, whether it is rent, office
administration, telecommunication or electricity expense. It also provides
workplace flexibility to the employees and keeps them productive without
having them physically in the office.
(ix) Coaching and mentoring program investment, especially for
women colleagues to enhance the diversity of audit leaders in the
profession
One needs to understand that coaching programs and mentoring programs
are for enhancing the skills and performance of an employee. Trained
employees do not require much supervision as they are aware of how to
perform their job. A coaching program is also known as “on the job training”.
A manager assigns a certain job to employees, monitors their performance
and point out mistakes and provide a suggestion for the improvement. Those
managers handholding employee development are also called ‘buddies’ or
this work can also be done by the performance appraisal manager.
A firm should also encourage women colleagues for attending the coaching
programs or can organize some special coaching only for women so that
they can perform audits in better ways and will be able to enhance the
diversity in the profession by becoming audit leaders. The firm should put
gender diversity on the top of its agenda items as diversity brings varied
perspectives to work and helps a firm do its best. The output of the firm is a
well-balanced product that appeals to society and the stakeholders.

69
Implementation Guide for Audit Quality Maturity Model – Version 1.0

(x) Special policies to provide people time to rejuvenate especially

after busy audit seasons
Nowadays, when employees are always overloaded with work it is the
responsibility of a firm to have a special kind of policy that provides time to
employees to relax for some time after a busy period of audit and assurance
engagement. It looks like there is no need for these types of policies but it
may motivate employees to work more efficiently. On the other hand, a
happy employee is an asset to an organization or firm as he/she will have
more focus on work. Offsites may be organized for team building and
relaxation.
(xi) Focused policies and support for staff well-being, engagement
and communication
Employees are the key assets of any organization. The health status of an
employee directly affects his/her work behavior and performance. A firm
must ensure that firm's policies focus on the well-being of the employees and
do not discourage them from seeking necessary care for their health.
A firm should use effective communication for employee engagement and
create a supportive organizational culture. Borrowing cross-industry
intelligence, many corporate organizations provide a crèche facility to their
women employees as that helps them work more easily. Many firms provide
food and beverages within the office at a subsidized price. These measures
create immense goodwill and loyalty in the hearts and minds of the
employees.
(xii) An established mechanism to listen to people and their views and
suggestions.
Paying attention to the employees is becoming important. Nowadays
employers are required to listen to the views of their employees for the
growth of the firm as well as of the employees. A firm should allow well-
performing employees to suggest new ideas and their opinion for an
assurance engagement or any other services provided by the firm.
A firm can have a survey or suggestion box which can allow employees to
state the ongoing problems and suggest solutions regarding the same. A
credible employee survey and its outcome demonstrate how well people are
taken care of and heard and it only takes firm personnel about 10 minutes or
less to complete a survey form. Establishing this kind of mechanism may

70
 Human Resource Management

help employers to understand the things happening around the workplace

and ensure employees that they are being heard.
(xiii) Standards of recruiting people – Assessment methodology,
evaluation of quality and fitment to the job and culture
Recruiting the right candidate for the job is a very much difficult task. A firm
must have a methodology and criteria for identifying the fitment and selection
of a candidate should be done upon fulfilling the requisite criteria.
The evaluation techniques and standards for the evaluation of quality and
fitment to the job and culture are significant to any organization. A firm must
have policies regarding the standards and basis on which the evaluation can
be done for fitment to the job at the time of recruiting employees and whether
the candidates are adaptable to the organisational environment.
(xiv) Are the employees of the firm compensated as per a defined
approach where salary is mapped to the knowledge and
experience level of the employee?
The firm should link an employee’s compensation with his/her knowledge,
experience, ethics, skills and competencies. A firm providing remuneration as
per the knowledge and skills of employees will motivate the employees to
work in the same organization for the long term.
There is always a risk that employees may leave for better opportunities
which will lead to the employee turnover ratio being higher. Defined policies
and procedures related to compensation based on the knowledge and
experience may allow stakeholders to evaluate which audit firms create a
helpful environment to the performance of high-quality audits and for
retention of strong performers.
Hence a firm should follow an approach to pay their employees or resource
as per their eligibility, ethics, knowledge and experience.

71
Implementation Guide for Audit Quality Maturity Model – Version 1.0

2.4 Qualification Skill Set of employees and use of

Experts
How to score your firm?
Competency Basis Score Criteria Score Basis Max
Scores
2.4. Qualification Skill Set of employees and use of Experts
i. Number of Scoring based on the Upto 30% – 12
Professionally % of employees with 4 Points
qualified members necessary qualification More than
– ACA/FCA or skill sets - including 30% to 50%
If evaluation is partners – 8 Points
being done for a Above 50%
firm that primarily – 12 Points
offers Statutory and
Tax Audit Services
then only ACA /
FCA should be
considered for
evaluation
purposes.
ii. Post Qualification Where firms are not Applicable – 8
Certifications involved in any 8 Points
obtained from Information systems Not
professional bodies audit/engagements Applicable –
or similar with complex IT 0 Point
organisations systems should not be
(DISA, IP, etc.) rated for this
DISA and IP are competency.
courses that are
required in
Information System
Audits.
If qualified resource
is not available in
the firm, whether
the services of
expert are taken?

72
 Human Resource Management

Competency Basis Score Criteria Score Basis Max

Scores
Whether all
partners have
complied with CPE
requirements of
ICAI?
iii. Members with Scoring based on Upto 30% – 12
Specialisation Presence or Not. 4 Points
courses or Yes/No Answers 30% to 50%
Certifications – – 8 Points
(Ranking can be
Above 50%
based on newer
– 12 Points
areas or
international
qualification – say
Dip. IFRS or Firm
Ind AS / IFRS
Accreditation
Requirements,
etc.).
Total 32

(i) Number of Professionally qualified members – ACA/FCA

If an evaluation is being done for a firm that primarily offers Statutory and
Tax Audit Services then only ACA/FCA should be considered for evaluation
purposes. The scoring is based on the percentage of qualified chartered
accountant personnel compared to total employees and partners.
(ii) Post Qualification Certifications obtained from professional
bodies or similar organisations (DISA, IP, etc.). If a qualified
resource is not available in the firm, whether the services of an
expert are taken? Whether all partners have complied with CPE
requirements of ICAI?
DISA and IP are courses that are required in Information System Audits.
Firms that are not involved in any Information systems audit/engagements
with complex IT systems should not be rated for this competency. Firms
having resources who are certified as DISA, CISA or Insolvency professional

73
Implementation Guide for Audit Quality Maturity Model – Version 1.0

(IP) score on this point. If the firm does not have the qualified resources,
then the services of an expert should be taken. All partners should comply
with the CPE requirements of ICAI.
(iii) Members with Specialisation courses or Certifications
Ranking can be based on newer areas or international qualification – say,
Diploma in IFRS or Firm accreditation in Ind AS or IFRS. The post-
qualification specialization courses or certifications of ICAI also qualify for
scoring.
2.5 Performance evaluation measures carried out by the
firm (KPI’s)
How to score your firm?
Competency Basis Score Criteria Score Basis Max
Scores
2.5 Performance evaluation measures carried out by the firm (KPI’s)
i. Does the firm have Scoring based on For Yes – 8 8
written KPIs for Presence or Not. Points
performance Yes/No Answers For No – 0
evaluation of the firm Point
and partners?
ii. Method for Scoring based on For Yes – 8 8
measurement and Presence or Not. Points
evaluation as Yes/No Answers For No – 0
mentioned above (i) Point
are determined /
specific.
iii. There is a decided Scoring based on For Yes – 8 8
frequency for the Presence or Not. Points
evaluation and is Yes/No Answers For No – 0
consistently applied. Point
iv. Are engagement Scoring based on For Yes – 8 8
partners reviewed Presence or Not. Points
based on the review Yes/No Answers For No – 0
results of the Point
engagements of each
partner.
Total 32

74
 Human Resource Management

(i) KPIs for performance evaluation of firms and partners

There are certain objectives as prescribed in the auditing standards of ICAI,
that a practicing firm needs to be achieved by delivering quality audit and
assurance services. These key objectives articulate the ideal performance
results that the firm expects from its staff and partners. For measuring the
completion of the objectives, a Key Performance Indicator should be
developed by the practicing unit in the form of a well-defined and clearly
stated document.
The scoring is based upon the existence of a documented KPI measures- if
the firm does have one, it gets 8 points and when it does not have one, it
gets 0.
(ii) Method for measurement and evaluation to be specific.
“If you can’t measure it, you can’t improve it” – Peter Drucker.
As mentioned in (i) above, that there is a need to have a KPI document in
place for achieving the objectivity of audit and assurance services, but the
most crucial thing is to make the method for measurement and evaluation
very specific. It should not be vague, and clarity is present in all the Key
Performance Indicators. Every firm may have its performance indicator, and
it is accepted to be different and unique, but as a matter of good practice firm
may adopt (not necessarily all) the following illustrative most commonly used
KPI’s in the auditing and accounting profession.
1. Net Partner Score
2. Client Lifespan Value
3. Client Acquisition Cost
4. Human Resource Retention Ratio
5. Customer Churn Rate
6. Monthly Recurring Revenue
7. Average Revenue Per Client
8. Total Billable hours of partners to Fees generated ratio.
1 Net Partner Score This indicates the The net score
level of satisfaction would depend

75
Implementation Guide for Audit Quality Maturity Model – Version 1.0

and loyalty a client upon the feedback

derives from received from
consuming the clients based on
services of a partner their experience
of the firm. This can and satisfaction
be done by either a levels.
formal/informal
feedback session
from selective clients
or way of client
response to a survey /
questionnaire.
2 Client Lifespan Value This indicates the The higher the
total value that a Client Lifespan
client brings to the Value, the better it
firm over the entire is for the firm since
life of their longer
professional relationships
relationship. It is an generate more
important parameter work and the cost
because, there is of serve also
always a higher cost reduces over a
initially to service a period of time,
client in the formative since
years of the competencies are
relationship and these built.
costs can be
recouped from follow
up engagements from
the same client on a
repeated basis in
subsequent years. It
always costs less to
serve existing
professional
relationships than to
serve newly acquired

76
 Human Resource Management

ones.
3 Client Acquisition Cost Client acquisition cost Lower the cost
is the amount of incurred to the
money a firm spends number of new
to onboard a new clients added the
client. This is an better it is. At
aggregate of all costs times a firm may
associated with strategically target
converting prospects a big client or a
relationships into particular sector
billable clients. A firm (e.g., Startups)
of Chartered and may incur
Accountants is not specific cost like
allowed to incur training, building
marketing, infrastructure,
advertising, sales hardware and
promotion and other software
related costs of upgradations etc.
solicitating profession a firm may also
work, however there decide to have
could be some costs certain % for
directly linked to development cost
onboarding/acquiring to build up
a client like, traveling, capabilities,
initial presentations, scaling up etc. not
free advice etc. Such directly linked to
cost could also any client
include some acquisition.
opportunity cost that a
firm may incur to
acquire a new client.
4 Human Resource HR (Employee) Increasing
Retention Ratio retention indicates the employee
ability of the firm to retention has a
prevent employee direct impact on
turnover, or the firm’s
number of people performance,

77
Implementation Guide for Audit Quality Maturity Model – Version 1.0

leaving the firm during success and

a certain period. In profitability.
other words, more the
number of employees,
a firm is able to
retain/prevent from
leaving, more the
stability and
consistency in the
operations of the firm.
Employees leave
either due to internal
factors, like pay
scales, quality of
work, work pressures,
growth opportunities,
leadership etc. or due
to external factors like
sickness/health,
change of
geographical location,
personal/family issues
etc.

5 Customer Churn Rate Indicates the number Higher the rate

of times existing indicates a higher
clients are leaving number of clients
and replaced by new leaving the firm
clients. Customer and not using the
churn is the services of the
percentage of firm. This could be
customers that due to a number of
stopped using the factors, like not
services during a satisfied with the
particular period. This quality of service,
can be calculated by fee considerations,
dividing the number of timely delivery of

78
 Human Resource Management

customers a firm has services, meeting

lost during a period -- of deadline etc.
by the number of
customers the firm
had at the beginning
of that time period.
6 Monthly Recurring This indicates the Higher contribution
Revenue volume of repeated of recurring and
and recurring nature repeated nature of
of billing that forms billing to total
part of the regular monthly billing
monthly billing e.g. represents more
Retainership fees etc. stable, reliable and
predictable billing
pattern
7 Average Revenue Per This indicates the High the average
Client size, nature and revenue per client
quality of the client indicates a better
base as average realization rate
billing per client is a and thus
parameter. profitable.
However other
factors like time
spent on the client,
the risk involved in
engagement etc.
also need to be
kept in mind.
Higher
dependence on a
few selected
clients is also not
a very good
indicator, broader
the client base the
more de-risked
client profile a firm

79
Implementation Guide for Audit Quality Maturity Model – Version 1.0

has. However, it is
important to have
a balance of a
wider and broader
client base and
higher average
billing per client.
A better indicator
could also be
higher average
realizable rate per
hour/day.
8 Total Billable hours of This indicates the Lower the ratio of
partners to Fees ratio of billable hours billable hours
generated ratio. of a partner to the divided by Fees
total revenue generated
generated by him for indicates the
a particular period. efficacy a partner
Higher the billable to have a higher
hours of a partner, per hour/day
higher is his ability to realization rate.
increase the revenue
generated.
Many a times,
partners may have to
devote time on non-
billable work such as
administration, client
acquisition, customer
relationship, training,
proposals etc. non-
billable work may not
bring monetary
benefits (like revenue,
billing etc.) to a firm
but it definitely brings
intangible benefits to

80
 Human Resource Management

the firm.

Scoring shall be based upon the presence of such determined and specific
KPIs within the firm, 8 points will be awarded if it is present and 0 in case
not.
(iii) There is a decided frequency for the evaluation and is
consistently applied
The evaluation should have a specific frequency, like annually, semi-
annually, quarterly and there must exist a consistency between every
evaluation done, changes can be introduced but not without a proper
explanation or unreasonably. An evaluation that is done consistently with
regular frequency is always considered more precise than sporadically.
Scoring will be based on the presence of such a consistent and regular
frequency evaluation, 8 points will be awarded for yes as an answer and 0 in
case of absence.
(iv) Are engagement partners reviewed based on the review results of
the engagements of each partner
In an engagement quality review, the reviewer checks the significant
judgements made by the engagement team and the related conclusions
reached in forming the overall conclusion on the engagement and in
preparing the engagement report.
The engagement is led by the engagement partner and he/she is responsible
for taking key decisions related to it. So, if an engagement fails to pass the
quality review test, the review of the engagement partner’s performance and
competency should be done, to remediate any future instance of such cases
or to held accountable the one who was responsible for such audit quality.
Need to also review the quality of review conducted by the quality review
partner for its depth & robustness.
Scoring shall be based upon the presence of such a review process for the
engagement partners as a result of a review of engagement itself. 8 points
shall be awarded for the existence of such a system and 0 in case of not.
Partners may be reviewed on a rotation basis based on a selection criterion
established by the audit firm. It is possible that a partner may not be

81
Implementation Guide for Audit Quality Maturity Model – Version 1.0

reviewed in a year though part of the whole population considered for

selection.

82
 Section 3
Practice Management –
Strategic/Functional
3.1 Practice Management
How to score your firm?
Competency Basis Score Criteria Score Basis Max
Scores
3.1 Practice Management
Does the firm Manage
the following attributes
relating to Assurance
partners to maintain
the same at optimum
levels as deemed fit for
the respective
organisations?
i. Does the firm have a Scoring based on the For average 8
balanced mix of threshold of average partner
experienced and new experience of partners experience of
Assurance partners? partners > 5
years – 4
Points
For average
partner
experience of
partners > 10
years – 8
Points
ii. Is the firm compliant Scoring based on For Yes – 8 8
with the ICAI Code of Presence or Not. Points
Ethics, Companies Act Yes/No Answers For No – 0
2013 and other Point
regulatory
requirements in
relation to Professional
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Basis Max

Scores
Independence and
Conflict of Interest?
iii. Is there is a 'whistle Scoring based on For Yes – 4 4
blower' policy? Presence or Not. Points
Yes/No Answers For No – 0
Point
Total 20

(i) Does the firm have a balanced mix of experienced and new
Assurance partners?
An experienced Assurance partner is an asset to the firm as he/she can
perform their duties more efficiently within a time framework. There is a direct
relation between audit quality and experienced partners as an experienced
partner have a longer tenure in the organization which increases the client-
specific knowledge and hence result in improved audit quality. On the other
hand, experienced Assurance partners may become biased in their judgment
and decision making resulting in lower audit quality.
A new Assurance partner may bring different working techniques and high
motivation to work. A firm having a balanced mix of the same can make
unbiased decision making and improve the audit quality.
The scoring is based on having a balanced mix of experienced and new
Assurance partners. The firm earns more points for an average age mix
greater than 10 years.
(ii) Is the firm compliant with the ICAI Code of Ethics, Companies Act
2013 and other regulatory requirements in relation to Professional
Independence and Conflict of Interest?
The financial statements audited by the firms must be true and fair so that
stakeholders can rely on them and for that purpose, an auditor should be
truly independent.
The term ‘Professional Independence’ refers to the independence of mind
that permits to conclude opinion without professional judgment being
compromised. A firm should be able to perform its functions without having
any conflicts of interest with the client and management. Firms can do a self-
assessment of their professional independence for some audit engagements
or a group of professionals.

84
 Practice Management – Strategic/Functional

All firm personnel should be in compliance with the ICAI Code of Ethics,
Companies Act 2013 and other regulatory requirements in relation to
Professional Independence and Conflict of Interest. If there are matters of
interpretation that are under dispute, then the answer shall be ‘Yes’ until the
dispute is settled. In such instance, the matter under dispute would have in
any case been communicated to the client in the declaration provided by the
audit firm under Section 139 of the Companies Act, 2013.
(iii) Is there is a 'whistle blower' policy?
The term ‘whistle blower’ refers to a person who raises the alarm for a fraud,
scam, illegal activities and unethical practices within the firm. A policy may
provide rights to the employees to report any inappropriate activity within the
firm. Anonymous reporting may also be allowed within the firm and an email
id should be provided to the employees to report the matter. Some of the
benefits of having a ‘whistle blower’ policy have been mentioned below:
─ It helps to remove corruption
─ It helps an Employee to become more attentive about any violation of
the code of conduct.
─ It helps to report any illegal or unethical practice
The presence of the policy is necessary to identify any unseen threat to the
working environment.
3.2 Infrastructure – Physical & Others
How to score your firm?
Competency Basis Score Criteria Score Basis Max
Scores
3.2 Infrastructure – Branches in the same 8
Physical & Others city shall have only one
point, branches in
Metro and Tier -1 cities
shall have additional
points, team size per
branch shall have
additional points.
i. Number of Branches & Scoring based on Nos. Upto 3 – 2
Associates and Points
network firms and 4 to 7 – 4

85
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Basis Max

Scores
affiliates. Points
8 to 15 – 6
Points
More than 15
– 8 Points
ii. Are branch level Scoring based on Centralised – 8
activities Centralised/ whether policies are 8 Points
Decentralised in uniformly followed in Decentralised
accounting, Invoicing, the activities of – 4 Points
and Payroll accounting, invoicing,
processing. payroll processing
across all branches.
Complete automation is
not a mandate.
iii. Physical & Logical Scoring based on For Yes – 8 8
Security of Information Presence or Not. Points
are extended and Yes/No Answers For No – 0
implemented across Point
locations?
iv. Are there adequate DA Scoring based on For Yes – 12 12
tools and IT Presence or Not. Points
infrastructure available Yes/No Answers For No – 0
and are they being Point
used for the relevant
assignment?
v. Is the infrastructure Scoring based on For Yes – 12 12
adequate in terms of Presence or Not. Points
internet/intranet Yes/No Answers. For No – 0
network bandwidth/ Point
VPN/Wi-Fi etc. for
remote working?
Total 48

(i) Number of Branches & Associates and network firms and

affiliates
This considers the spread of the firm’s clientele and the firm’s presence
across the nation. Scoring shall be based on the number of branches &
associates and network firms and affiliates a firm has across the country.
Branches in the same city shall have only one point, branches in Metro and
Tier -1 cities shall have additional points, team size per branch shall have

86
 Practice Management – Strategic/Functional

additional points.
(ii) Are branch level activities centralised/decentralised in
accounting, Invoicing, and Payroll processing
Scoring based on whether policies are uniformly followed in the activities of
accounting, invoicing, payroll processing across all branches. Complete
automation is not a mandate. Under centralization, the decisions related to
accounting, invoicing and payroll processing are taken by the management of
the Head Office and the rest of the branches make sure that they are well
implemented and followed.
Where under decentralization every branch has its own set of policies and
procedures regarding these activities.
(iii) Physical & Logical Security of Information are extended and
implemented across locations?
There has to be physical and logical security of information extended and
implemented across all the locations where the firm has a branch office and
a decentralized mode of working exists.
Physical Security
Physical security prohibits the unauthorized access of facilities, IT resources,
equipment’s to protect them from threats and unwanted damages. Example
of some physical securities are as follows:
• CCTV surveillance
• Security guards
• Protective barriers
• Locks
• Access control
• Perimeter intrusion detection
• Deterrent systems
• Fire protection, etc.
The administration department of the firm and the firm personnel should be
trained to prevent tailgating by strangers. Tailgaters are people who follow
behind authorized personnel when he/ she opens an access door to an office

87
Implementation Guide for Audit Quality Maturity Model – Version 1.0

floor. Employees and security guards should be skeptical of such people who
do not carry firm access cards.
Logical Security
This comprises security safeguards for a firm with respect to its information
technology like user identification, password access, authenticating, access
right, and authority levels. These securities ensure that only a person with
desired user access and authority can perform functions on the network or
workstations. Authentication measures are most commonly used these days
in the cybersecurity space. Periodic review of all access control systems is
necessary.
An example of the authentication measure is as follows:
• Token authentication
• Biometric Measures
• PIN Authentication
• Passcode/Passwords
• User Profile Permissions
• Segmentations etc.
Scoring shall be determined by the presence of any or all above-mentioned
securities measures at all the locations where a firm has a place of working.
(iv) Are there adequate DA tools and IT infrastructure available and are
they being used for the relevant assignment?
Data analytics (DA) tool helps in optimizing as well as automating tasks that
are repetitive in nature, and if done with the help of DA tools can save time
and effort of the firm. IT infrastructure facilitates the smooth running of
operations as well as support to the DA tools and various other automated
tools, so they are a major driving force in the successful delivery of quality
services.
The firm has to make sure that there is adequate availability and use of DA
tools and IT infrastructure for relevant audit assignments. Scoring shall be
determined based on such availability, adequacy and use for the firm
engagements. The firm’s MIS would collate this data.
(v) Is the infrastructure adequate in terms of internet/intranet

88
 Practice Management – Strategic/Functional

network bandwidth/VPN/Wi-Fi etc. for remote working?

Network infrastructure provides network connectivity, communication,
operations and management of an enterprise network. The infrastructure has
to be adequate in terms of Bandwidth speed running through various modes
like LAN/WAN/VPN and Wi-fi for remote working.
Following are some bandwidth estimates as per research done by
www.business.org:

Internet speed Number of What you can do

(download) connected
users/devices
5 Mbps 1 or 2 Online browsing, research, email
25 Mbps 3 to 5 Large- file downloading, basic Wi-Fi,
business communication
75 Mbps 5 to 10 Video streaming, frequent file sharing,
numerous POS transactions
150 Mbps 10 to 15 Frequent cloud computing, video
conferencing, data backups
250 Mbps 15 to 20 Server hosting, seamless streaming
and conferencing
500 Mbps 20 to 30 Multiple-server hosting, constant cloud-
based computing, heavy online
backups
1 Gbps (1,000 30+ Extreme-speed operating for
Mbps) enterprise-ready offices with near-zero
interruptions

Please note these are just estimates, and if a firm has a more evident source
with respect to the adequacy same shall be considered sufficient for fulfilling
the scoring criteria. The goal is to provide a seamless flow of transactions
and communication within the organisation. Datacards may be provided to
employees working remotely from client locations of at least 5 Mbps internet
speed.
Scoring shall be based on presence of the adequate infrastructure promoting
network connectivity and 12 points shall be awarded for an affirmative

89
Implementation Guide for Audit Quality Maturity Model – Version 1.0

answer.

90
 Practice Management – Strategic/Functional

3.3 Practice Credentials

How to score your firm?
Competency Basis Score Criteria Score Basis Max
Scores
3.3 Practice Credentials
What are the
credentials of the firm
that distinguish the
firm or stands as
testimony to the quality
of the firm:
i. Is the firm ICAI Peer Scoring based on For Yes – 4 4
Review certified? Presence or Not. Points
Yes/No Answers For No – 0
Point
ii. Empanelment with RBI Scoring based on For Yes – 8 8
/ C&AG. Presence or Not. Points
Yes/No Answers For No – 0
Point
iii. Is there an advisory as Scoring based on For Yes – (-5) 0
well as a decision, to Presence or Not. Points
not allot work due to Yes/No Answers For No – 0
unsatisfactory Point
performance by the
CAG office?
iv. Have any Government Scoring based on For Yes – (- 0
Bodies/ Authorities Presence or Not. 10) Points
evaluated the Yes/No Answers For No – 0
performance of the Point
firm to the extent of
debarment/
blacklisting?
v. Any negative Scoring based on For Yes – (-5) 0
assessment in the Presence or Not. Points
report of the Quality Yes/No Answers For No – 0
Review Board? Point

91
Implementation Guide for Audit Quality Maturity Model – Version 1.0

Competency Basis Score Criteria Score Basis Max

Scores
vi. Has there been a case Scoring based on For Yes – (-5) 0
of professional Presence or Not. Points
misconduct on the part Yes/No Answers For No – 0
of a member of the Point
firm where he has
been proved guilty?
Total 12

The word “Credentials” means “a qualification, achievement, quality, or

aspect of a person's background, especially when used to indicate their
suitability for something.” Practice credentials act as a differentiating
parameter of a firm or in other words what makes a firm a testimony of
quality with respect to services delivered by them.
For negative scoring in this section, it is clarified that a firm will attract
negative scoring only once for a particular incident and that too under the
first clause of this section to which it is applied.
(i) Is the firm ICAI Peer Review certified?
Any practice unit can seek Suo-Moto peer review from the ICAI peer review
board, and after considering the report of the Reviewer, Peer Review Board
issues a Peer Review Certificate to the practice unit.
The Peer review certificate is well-accepted proof that the firm does have
quality in the services provided by them, and all the standards and ethics
involving the code of conduct have been followed.
This audit quality indicator is to encourage firms to get themselves reviewed
and have a culture of quality delivery of services within the entity.
(ii) Empanelment with RBI / C&AG
RBI and C&AG are the two most important regulatory bodies as they specify
the norms and eligibility criteria of Chartered Accountant Firms to get
selected as Statutory Auditor of Banks and Public Sector Undertakings.
Scoring shall be determined based on the CA firm’s empanelment with RBI /
C&AG.
In case, an audit firm, as part of its strategy has decided not to empanel with
these bodies then the score shall be zero and the total score for this question

92
 Practice Management – Strategic/Functional

shall also be zero so that it does not impact the % scored by the audit firm.
(iii) Is there an advisory as well as a decision, to not allot work due to
unsatisfactory performance by the CAG office?
There are certain norms laid down by C&AG regarding eligibility for a
Chartered Accountancy firm to be appointed as statutory auditor. All the
empaneled firms/LLPs are awarded points. The point score is based upon
the experience of the firm/LLP, the number of Chartered Accountant (CA)
partners and their association with the firm/LLP, and the number of CA
employees. It is a point-based method where after fulfilling the given criteria
points are awarded. In that context, there are 3 cases where there can be a
deduction of points as well as debarment from allotment of audits to the firm.
These are as follows:
• Refusal of Audit: In case, in the immediately preceding year, the
firm/LLP had refused the audit assigned to it by this office, for reasons
other than being disqualified to act as auditor of the assigned audit
under the provisions of any Act/statute or conditions issued by this
office etc. In case, the firm refuses the allotted audit for the second
time, the firm would not be empaneled from the subsequent year.
• Professional Misconduct: The sole-proprietor, partner/s and
employee/s who is/are held guilty of professional misconduct during
the previous year under the Chartered Accountants Act 1949. Apart
from deduction of points, the firm/LLP would not be given any credit for
the said Chartered Accountant(s).
• Unsatisfactory performance: In case the performance of the
firm/LLP was found unsatisfactory and the firm/LLP was issued an
advisory by this office to be more careful in the future in the
immediately preceding year.
If a firm falls under any of the above categories and a warning for future
years has been issued or a decision for non-allotment has been taken by the
C&AG, then the firm will attract a negative scoring of 5 points. If there are no
such decisions or advisory, no deductions shall be done.
(iv) Have any Government Bodies/ Authorities evaluated the
performance of the firm to the extent of debarment/ blacklisting?
The government bodies like NFRA have the power to debar the members/

93
Implementation Guide for Audit Quality Maturity Model – Version 1.0

firms from practicing, as a member of ICAI between 6 months to 10 years as

may be decided, where the matters of professional or other misconduct
committed is concerned. The Civil courts with the power entrusted in them
from Code or Criminal Procedure, 1908, can give similar decisions but the
timeline differs from case to case, if there is debarment for a lifetime, then no
point of AQMM arises in the first place.
All such firms which have been debarred/ blacklisted will attract a negative
scoring of 10 points from the total AQMM scoring, and no deduction shall
happen wherein no such blacklisting is done. If any such order passed is
under dispute or under appeal then both the scoring and the total score for
this question shall be zero.
(v) Any negative assessment in the report of the Quality Review
Board?
If a firm has a negative assessment by the quality review board of ICAI, then
the firm will attract a negative scoring of 5 points. If any such order passed is
under dispute or under appeal then both the scoring and the total score for
this question shall be zero.
(vi) Has there been a case of professional misconduct on the part of a
member of the firm where he has been proved guilty?
The First and Second schedule of The Chartered Accountants Act 1949, lays
down the clauses which amount to professional misconduct. If a member of
the firm is found guilty of such misconduct and there has been a decision
order passed with respect to the same, then the firm will attract a negative
score of 5 points. There shall be no such deductions when no such
misconducts exist. If any such order passed is under dispute or under appeal
then both the scoring and the total score for this question shall be zero.

94