Clarity and comfort: the importance of quality auditing — Financier Worldwide

Pressure on firms to get their auditing right will only increase going forward. In September 2020, the International Auditing and Assurance Standards Board approved a new and revised set of quality management standards for auditors which will come into force at the end of 2022.

According to Deloitte’s Global Audit Value Pulse Survey 2020, which canvassed the opinions of C-suite, finance and audit committee executives, investors, shareholders and board members across nine countries from a wide range of industries, audit is an integral part of the modern financial reporting ecosystem. Management, boards, regulators, standard setters, auditors and investors each have an important role to play. Ninety-eight percent of respondents agreed that an audit of a company’s financial statements allows them to trust and rely on those statements to some degree.

Benefits

Audits can bring clarity about the state of a business and provide reassurance to executives, investors, regulators and other stakeholders.

Quality audits are an important function for driving growth within organisations. They provide mechanisms to evaluate the efficiency of the business and help managers to identify whether applied strategies are delivering results. In the case of deviations, they may identify root causes so that corrective action can be taken. Compliance, process and product audits should be at the heart of any quality management strategy.

Quality auditing can generate significant value for companies; indeed, the insights gained from audits can be significant drivers for new revenue. The process can, for example: (i) improve the quality of the system as well as the quality of the product; (ii) assess the cost-effectiveness of quality systems; (iii) measure the effectiveness of quality programmes; (iv) increase productivity by making product output more uniform, reducing mistakes and cutting wastage of resources and manpower; and (iv) give employees the chance to report inadequacies in the interpretation of basic quality requirements.

Conducting an audit

There are steps companies should take to prepare for an ISO 9001 quality audit, as these actions can be integral to its success. To start, it is important to establish the criteria and scope of the audit, a process best carried out by a quality manager. Audit criteria should focus on risk areas and remain consistent across subsequent audits, as this will allow companies to simplify the process, analyse their performance comparatively and set baseline goals to achieve between audits.

Prior to the audit, companies should ensure they have a top-down understanding of ISO 9001 requirements. Doing so allows them to take corrective action if they fall short. A comprehensive review should highlight areas of improvement to prepare for ISO 9001 auditing. The more rigorous the internal audit, the more likely the company will achieve and maintain ISO 9001 certification. Senior managers should review and act on the results.

Quality audits can be carried out by either external advisers or internal personnel. An auditor should have the knowledge and skills in audit principles, procedures and techniques, organisational understanding, quality management systems and social interaction. They must be able to identify all relevant documentation, including policies and procedures necessary to evaluate systems and products, as well as compile a preliminary list of individuals to be interviewed.

Conducting an audit correctly is essential to demonstrate to the market that a company is QMS compliant. Companies should begin by creating a plan to guide execution of the audit. The plan should outline the scope, detail the processes and list the departments or products to be audited, as well as present all the activities in a timeline.

During the process, the auditor will collect relevant information, including via interviews with staff, to determine whether established standards and quality control procedures are being followed. Non-conformities – situations that have occurred which conflict with standardised processes and procedures – are registered at this stage. Depending on the findings, the scope of audit plans and checklists may be widened to conduct additional evaluation.

Post-audit review

Once the audit has been completed, the audit team reviews problem areas and determines recommendations for correcting quality problems. This information will be presented in an audit results report, which should be consulted in strategic meetings held by senior leaders. The report helps companies to evaluate the results of the audit, determine how to implement steps for improvement, track performance and quality levels, and promote any achievements.

Of course, audits are not always successful. Companies fail to achieve compliance for many reasons, including unsatisfactory documentation, lack of ISO understanding and poor enforcement strategies.

Moreover, achieving certification for an ISO 9001 quality management system is not a one-off exercise – it requires an ongoing series of connected audits and reviews to ensure that management systems are compliant with ISO standards. As such, once a quality management system has been implemented, it will need to be regularly audited in a rolling, three-year cycle to maintain ISO 9001 certification, much like other ISO management systems.

An evolving process

In the complex business environment, there is a growing desire for auditing to evolve further, not least due to the intense pressures created by the COVID-19 crisis. There are calls for auditing to provide real-time, relevant information, to keep pace as companies introduce innovations into their businesses and processes.

External auditing firms are responding to these demands with new advancements. Auditing technology is modernising to include data analytics, artificial intelligence, robotic process automation and machine learning. Utilising blockchain technology is another area of interest. Going forward, investment in network security and data functionality will need to increase.

According to the Deloitte survey, 94 percent of respondents said they are more confident in their financial statement audit process than they were five years ago, with 32 percent stating they are much more confident. Although progress has been made, heightened expectations, risk and complexity mean there is much more to do.

Assessing risk and achieving compliance are important functions for any company under normal circumstances, but in times of acute crisis, it is imperative that companies can provide an accurate snapshot of their financial performance and position. Auditing, including quality auditing, have a key role to play in this process.

© Financier Worldwide