All firms that perform accounting or attest engagements must have their new quality management system in place by Dec. 15, 2025. These new standards require firms to develop quality objectives around eight components. Because every firm is different — from the clients they serve to the processes and procedures they already have in place — the AICPA practice aids warn that a copy-and-paste approach won't work.
Many firms try to use their existing quality control document as a starting point, but we've found many odd things in the QCDs of the firms we've worked with. For example, one firm's QCD said they would avoid employee benefit plan audits, but they've been doing those audits for years. Another firm's document said its mission, vision and values statement was to be posted throughout the firm, but we were unable to find any of these posters.
Many times, it seems the QCD is something a firm decided they would strive for, but after hitting "Save" on the document, they rarely went back to see what was still in it.
(Read more: "
We also find that firms get bogged down when they start at the wrong place. Instead of starting with determining what the firm currently does to achieve quality to help define quality objectives for each of the components, they start by considering risk, likelihood, and magnitude of risk events. This rapidly becomes overwhelming as firms try to create processes to address every kind of risk event they can imagine. This is like starting an audit without finishing planning, a process that is unfortunately far more common than we like to admit.
However, when we guide firms through first creating a custom set of quality objectives, this narrows the possible universe of risk events to those most likely to occur, making it much simpler to identify and evaluate the risk, likelihood, and magnitude of future risk events, and to design remediation processes. With a well-designed QMS, the likelihood of a risk event should be low; if a risk event were to occur, the magnitude of the event will vary.
How to develop quality objectives
We recommend a thoughtful and holistic approach to developing your firm's quality objectives. This approach considers all the characteristics of your firm: Both the traits that your firm shares with all audit firms and the traits that make your firm unique.
This holistic approach will ultimately refine your firm's ability to provide value and will inevitably enhance profitability. The resulting QMS is also easier to update as your firm grows, making it a guiding document for the firm.
As we described in a
To build out the quality objectives, you need to first understand what the requirements are in the standard and then build out objectives that follow the SMART approach. Next, your firm needs to create the policies and procedures that will support those objectives. The final step is to establish methods to track and support the achievement of those objectives.
The eight components of your QMS are not independent but create an interactive system to reduce the risk of quality failures. The overarching goal of this process is to establish a culture of quality with actions that support that culture.
How one accounting firm created its objectives
As an example, let's look at the "Acceptance and Continuation of Client Relationships and Specific Engagements" component. This aspect of quality requires greater attention from many firms. In particular, let's zero in on Sec. 31(a)ii of SQMS 1:
"31. The firm should establish the following quality objectives that address the acceptance and continuance of client relationships and specific engagements:
"a. Judgments by the firm about whether to accept or continue a client relationship or specific engagement are appropriate based on the following:
"ii. The firm's ability to perform the engagement in accordance with professional standards and applicable legal and regulatory requirements."
Here is an excerpt from the document outlining the quality objectives for acceptance and continuance from one of the clients we collaborated with:
"1. Judgments on Acceptance and Continuance:
- Firm's Capability and Compliance: Decisions on accepting or continuing client relationships or engagements will consider the firm's ability to perform in accordance with professional standards and legal requirements. This involves assessing the firm's competencies, resources, and the specific needs of the engagement. Specific industries serviced by the firm will be reviewed annually, with changes made as needed."
This objective expands on the requirement from the standard by describing in general terms the assessments required to accept or continue a particular engagement, including the requirement that the firm intends to service only clients in specific industries. It also specifies that the list of industries is to be reviewed annually.
Now let's look at the policies and procedures this firm developed to support this section of their quality objective:
"Capability and compliance
"Decisions to accept or continue a client relationship or specific engagement will consider the firm's ability to perform the engagement in accordance with professional standards and applicable legal and regulatory requirements. This includes assessing the firm's competencies, resources, and the specific needs of the engagement to ensure compliance and quality.
"Upon assessing the firms' competencies and capabilities, the firm has established the following industry sectors as key niches:
- Construction contractors
- Manufacturing/Distribution
- Food and beverage
- Logistics/Transportation
- NFP/Government (no single audits)
- EBP (other than DB and ESOPs plans)
"Based upon the firm's risk assessment process, the firm has determined the following:
- Services we will not perform:
- SOC
- PCAOB (or other public company engagements)
- Single Audits
- Direct examinations
- Industries we will not service
- Banking/Financial institutions
- Auto dealerships
- Broker/Dealers
"The Director of Audit and Assurance is responsible for deciding whether the firm should provide services in other industry niches on a case-by-case basis during the proposal process. The above list of niche industries will be reviewed and updated on an annual basis."
By spelling out the industry sectors the firm will and will not work in, as well as the services the firm will not perform, the firm has a measurement system to screen out potential clients and engagements that would be a poor fit. Some firms are even using their newly created QMS as a reason to disengage from poor-fit clients.
Choosing areas the firm will work in has cascading effects. It's far easier to develop and maintain industry expertise in a handful of areas than to be a jack of all trades. The better a firm is in a particular area, the faster the work can be completed, and the more profitable that work becomes.
Additionally, having deep familiarity with specific industries adds significant client value by providing better insights into potential risks in their clients' operations. Delving into unfamiliar industries and novel services tends to drive up costs and elevates the risk of missing something important.
This also reaches into governance and leadership, one of the other eight quality components. Leaders can't arbitrarily choose a new business connection. New clients must fit the skill sets and competencies of the firm. The firm leadership now must make deliberate decisions on entering new industries.
As the final step, this section of the firm's QMS also includes a matrix for measuring, tracking, and responding to quality risk events. For example, a new client acceptance form must be filled out and approved by a shareholder prior to sending out an engagement letter. This form is to be maintained in the engagement binder. If this process is not addressed promptly, this can lead to the occurrence of a risk event. When risk events occur, the firm must conduct a root cause analysis and develop a remediation plan to reduce the likelihood of the risk event happening again.
Developing your firm's QMS is more complex than changing the name of your QCD. Every firm will have a different set of quality objectives. These components are not in a silo but interact to drive the holistic goal of having the right emphasis on quality to serve your clients successfully, to protect the public interest, and to be profitable.
