What is it?
CSQM 1 deals with a firm’s responsibility for designing and implementing a system of quality management (SOQM) moving from a policies-based approach to a risk-based approach. Your firm will be required to customize the design, implementation and operation of its SOQM based on the nature, circumstances of your firm and the engagements it performs.
CSQM 1 comprises of eight interrelated components that deal with key aspects of the system of quality management. These are:
- Risk Assessment Process
- Governance & Leadership
- Relevant Ethical Requirements
- Acceptance & Continuance
- Engagement Performance
- Resources (HR, Technological, Intellectual)
- Information & Communication
- Monitoring and Remediation Process
Component 1: Risk Assessment Process
CSQM 1 requires the firm to determine a risk assessment process. The purpose of the risk assessment process is to establish quality objectives (What are you trying to achieve?), to identify and assess quality risks (What can go wrong?) and to design and implement responses (What are you going to do about it?).
Component 2-7: “Operating” Components
These are the components that support the operation of the SQM and enable operation of other components. The quality objectives are laid out in each of these components and upon which the risk assessment process is applied.
Component 8: Monitoring and Remediation Process
Your SQM has been designed and implemented, but it is working? The monitoring and remediation process will answer that question as well as help you identify the root cause of an issue if something is not working.
Evaluating the SQM
An evaluation of the SQM is required to be undertaken at least annually at a point in time. Included in the evaluation process is a requirement to perform cyclical file inspections. The evaluation process includes considering the severity and pervasiveness of identified deficiencies and whether remedial actions have been designed and implemented.
When is it effective?
Your firm is required to design and implementation of the SQM by December 15, 2022 for audit, review and other assurance engagements (December 15, 2023 for other related services). The evaluation of the SQM is required to be performed within the year following (by December 15, 2023 and December 15, 2024 respectively).
Who is responsible?
The standard requires the firm to assign roles related to individual with ultimate responsibility and accountability as well as an individual with operational responsibility. Other roles are to be assigned as needed.
Where do I start?
You have started by signing up for the Path to Implementation: CSQM 1 Workshop. You are now on your way to designing and implementing your system of quality management. Next steps include:
- Read the standard.
- Finalize the assignment of roles and responsibilities (Lesson 1.2)
- Watch the overview video (Lesson 1.3)
- Set up the SQM Toolkit Database (Section 2)
- Conduct your preliminary risk identification for your Firm (Section 3)
- Get ready for the in-person workshop (Section 4)