Regulatory Assessments

For each individual file selected, CPAB asks the engagement team to prepare a profile outlining key metrics including the names of senior engagement team members, specialists used, the hours charged etc. It also identifies key engagement deliverables. The engagement profile is usually given to CPAB two weeks prior to the file inspection and provides the inspector an opportunity to get familiar with the RI and its issues prior to the initial meeting with the engagement team. The inspector will review publicly available information such as the financial statements and Management's Discussion and Analysis, as well as any file-specific information identified in or attached to the profile.

The file inspection typically begins with a meeting between the CPAB inspection and engagement teams. This provides CPAB with additional background on the audit engagement and includes a high-level discussion of the audit approach to the focus areas.

It is important to note that CPAB does not inspect the entire audit file (not a cover to cover review). Usually, inspectors consider between two and four focus areas as a basis for assessing the quality of audit work in a selected file. These areas are generally material high-risk financial statement items requiring more complex estimates and judgments (e.g., impairment of long-lived assets, fair values of financial instruments, provision for warranties etc.) by RI management and which present the most challenge to the engagement team. The inspection of an individual focus area covers the various stages of the audit process: planning, evaluation and reliance on internal controls, execution, evaluation of results, financial statement presentation and disclosure, and reporting to the audit committee. Core areas such as materiality, risk assessment and fraud are also reviewed for each file.

The consistent execution of quality audits requires both a strong system of quality management and a firm culture that demonstrates a commitment to quality including reinforcing the importance of the profession’s public interest responsibility. Firm leadership must dedicate enough resources to ensure robust systems of quality management are designed and implemented that comply with the new quality management standards.

Our continued focus on a firm’s system of quality management, including firm implementation of the new quality management standards, considers the nature and circumstances of the firm and its public company audit engagements. CPAB’s 2022-2024 strategic plan recognizes the importance of firm culture and includes a commitment to advance a quality-driven culture across auditors of Canada’s public companies. An effective culture emphasizes doing the right thing — all the time, putting the public interests first. The system of quality management is not a separate activity within the firm but is the integration of a culture that demonstrates a commitment to quality.

Click here to access the October 2022 publication System of quality management call to action: Strengthening audit quality, a communication to all audit firms registered with CPAB. This document provided more detail on the importance of culture to a firm’s system of quality management, preliminary observations on the implementation of the new quality management standards and an example to illustrate the iterative nature of a firm’s system of quality management.

CPAB’s audit quality assessment program includes an evaluation of the effectiveness of the system of quality management at the annually inspected audit firms.

Before an inspector drafts a significant inspection finding, they confirm with the engagement team that CPAB has been provided all available audit evidence. This ensures that the inspector has all the facts before making a conclusion. The inspector also consults with other CPAB staff with expertise in the area in question, as appropriate, and then discusses the proposed finding with the inspection team leader.

Once the inspection team determines that a significant inspection finding has been identified, it is referred to a panel of CPA members of CPAB’s leadership team and senior inspection team leaders for review. This serves as a quality control check and is intended to ensure consistent treatment of similar findings across all inspections. Once it is agreed that the matter is a significant inspection finding, the inspector documents the finding in writing in an Engagement Findings Report (EFR). The EFR is then reviewed and approved by the team leader and CPAB inspection leadership and presented to the engagement team.

CPAB usually expects to receive a firm's written response to a significant inspection finding within 10 business days.

In most cases, CPAB requires the engagement team to perform more audit work in the current year, to be satisfied there is not a material error in the financial statements that requires restatement. The engagement team must also provide CPAB with evidence and the results of the additional audit work undertaken. If it is decided that a restatement is necessary, CPAB requires the audit firm to advise the RI, including its audit committee. The inspection team follows up to make sure the restatement has occurred. In other cases, the disposition might require the engagement team to add considerable evidence to the audit file of the audit work that was performed but not evidenced in the audit file. Frequently, CPAB's dispositions will also require changes to the firm's audit approach going forward.

It is important to note that the audit firm is required to implement CPAB's recommendations and must do so in a timely manner. Failure to comply could lead to disciplinary action.

At the end of the firm inspection, CPAB meets with firm leadership to discuss the overall inspection results, then issues its inspection report (a private communication between CPAB and the firm). The inspection report includes a summary of findings and recommendations to improve audit quality.

Each firm shares their file-specific significant inspection findings, and CPAB's public inspections report, with their clients' audit committees as per their participation in the Protocol for Audit Firm Communication of CPAB Inspection Findings with Audit Committees (Protocol). The public report includes common inspections findings and questions for audit committee consideration to encourage more robust discussions among management, the firm and audit committees and to support audit committees in their oversight responsibilities.

The audit firm must implement the recommendations to CPAB's satisfaction within a prescribed period, which is typically no more than 180 days.

If a Participating Audit Firm (Firm) has not addressed the weaknesses, deficiencies, or recommendations identified in a final inspection report to the satisfaction of CPAB, or has not made a submission to CPAB in accordance with CPAB Rule 414 (remediation of weakness or deficiencies identified in the inspection report), CPAB may make public on its website the relevant portions of the final inspection report that deal with the weaknesses, deficiencies or recommendations that have not been addressed to CPAB’s satisfaction within the required timeline.

Once CPAB determines that a significant weakness, deficiency, or recommendation has not been adequately addressed, the matter will be referred to the Enforcement Screening Panel to determine if an extension of time should be provided for remediation, or if formal notice of publication should be issued. Once formal notification of CPAB’s intention to publish under Rule 416 is received by the Firm, it will have the ability to contest the publication by filing a petition for a review proceeding under Rule 603.

Publications made pursuant to CPAB Rule 416 authorize CPAB to make public on its website the relevant portions of a Firm’s inspection report recommendations with which they failed to comply to CPAB’s satisfaction within the required timeline. In accordance with the CPAB Rules and in the interest of ensuring Firms comply with recommendations designed to protect the investing public, these notices will remain public until the Firm provides CPAB with evidence of satisfactory implementation.

Publications under Rule 416 commenced as of January 1, 2023.

What is the Protocol?

The Protocol sets out how audit firms communicate CPAB’s inspection findings to audit committees. Please see the Protocol for more details.

How does the Protocol work?

Under the Protocol, audit firms provide the audit committees of all their reporting issuer clients with CPAB's annual audit quality assessment report. The annual audit quality assessment report highlights CPAB's common findings across its inspections in a given year, as well as recommendations to improve audit quality.

If CPAB inspects a reporting issuer's audit file that year, the audit firm will also provide that reporting issuer's audit committee with significant findings, if any, specific to a reporting issuer's audit file inspection. The significant inspection findings are written by CPAB and include the audit firm’s response to ensure a fair and balanced communication to the audit committee. Audit committee members receiving the information should ensure it remains confidential. The audit firm will confirm to CPAB that the specific inspection findings have been communicated to the audit committee.

Which audit firms are participating in the Protocol?

An audit firm’s participation in the Protocol is voluntary. Click here to access a list of audit firms participating in the Protocol.

Click here to access a list of Canadian audits firms that are not participating in the Protocol.