ISQM 1 – Ten Tips for Smaller Audit Firms

by | Jun 18, 2026 | Blog, News

The ISQM 1 regime is now fully in place since its initial roll out in 2021. Every Irish audit firm will need an ISQM-compliant System of Quality Management (‘SOQM’).

Many firms have already prepared their ISQM 1 policy statement (called the Statement of Quality Management or SoQM), but have you reviewed yours in accordance with the standard on an annual basis since its initial implementation.

Our ISQM TOOLKIT is the answer to your needs and is available to purchase now for immediate download to help you. Click here for more details.

Regulators are looking for clear evidence of progress with the application of the standard and especially with evidence of root cause analysis (RCA).

Here are our top ten tips to helping you get your SOQM across the finish line:

  1. Read the ISQM. There’s really no way around this!

We’d recommend you also get hold of the IAASM Implementation Guide, which is genuinely helpful – although be warned; this is for the international version of the ISQM and doesn’t include the additional quality responses added to the Irish standard by the Irish Audit & Accounting Supervisory Authority (IAASA).

  1. Assess your current approach to audit quality. Firms have various audit quality policies and procedures already in place. While we want to stress that you shouldn’t simply ‘bolt on’ ISQM to your existing approach, it’s helpful to get a clear insight into what’s happening now (e.g., by taking a look with a critical eye at your existing procedures and matching them to the requirements of our ISQM Toolkit).

This may mean gathering various documents (like staff appraisals, CPD plans and IES 8), clarifying existing arrangements with the rest of the audit team and organising your thoughts.

  1. Find out what your team thinks about your current approach. Chances are, you and your team already have sound insights into what’s working well and what isn’t, and some honest feedback may be painful but is essential to making progress.

John McCarthy Consulting Ltd. (working in conjunction with our colleagues in Apex Professional Consulting Ltd.) has produced the ISQM TOOLKIT for the Republic of Ireland. It comes with a unique team questionnaire that can help you to gather anonymous feedback including suggestions for tackling problem areas.

  1. Start with leadership and governance issues. For most if not all small firms, a critical success factor for ISQM compliance is the degree of support from partners, especially managing partners within firms.

Whether your firm is a sole practitioner or a larger firm, ISQM 1 challenges senior leadership to demonstrate genuine commitment to audit quality, recognising that this may not always align with a firm’s commercial strategy or its leaders’ priorities. You need to identify and deal with those conflicts, if present. You’ll also need to consider how much of the SOQM can be delegated to others and how the firm’s leadership will demonstrate that they bear ultimate responsibility for its success.

5. Don’t dismiss the appointment stage. Many firms assign consideration of (re)appointment to junior audit staff who lack the judgement to assess ethical threats and to apply the right safeguards. Accepting a client relationship or engagement inappropriately removes any chance to achieve a quality audit.

6. Be honest about priorities. Many firms say that they’re committed to audit quality, but a cursory scrutiny about how much of the firm’s time and money is spent in supporting and developing high quality audit may suggest otherwise. ISQM 1 demands that firms allocate enough resource to recruit and develop audit teams, supply them with appropriate tools (including hardware and software) and allow them the time to conduct audits thoroughly. You’ll also need to assess the quality risks of over-relying on external training providers, file reviewers or providers of methodology or IT tools.

7. Refocus on prevention rather than cure. In the past, many audit firms have relied on regular cold file reviews to ensure their quality is up to scratch. Whilst such reviews will still play a key role, firms need to consider how to avoid audit defects altogether. For many audit partners, this may mean reducing the amount of time spent in review, and increasing the time spent in directing and supervising audits whilst in progress. Better prepared and managed teams should produce better audit files that need less review and remediation.

8. Plan your monitoring as you go. As you set out your SOQM, make sure that every element is trackable and assign responsibility for monitoring to specific individuals, with clear instructions about how they should check progress and how they must record this. This should make the ‘monitoring and remediation’ part of the process much less burdensome. Don’t leave it all until the end!

9. Get familiar with Root Cause Analysis (‘RCA’). This is a tool that has increased in profile of late, and while RCA can be sophisticated, it needn’t always be so. The aim is to identify systemic defects that, if corrected, will prevent problems from recurring. Don’t be afraid of asking ‘why did X happen’ multiple times when a quality problem is spotted, until the roots are uncovered.

10. Consider external support. Whilst it’s possible to implement ISQM 1 without any other support, especially if you use a good transition tool you may find that getting the assistance of a specialist can be hugely valuable, even if just as a sounding board.

If you need assistance with implementation, or have any questions please contact John by e-mail john@jmcc.ie.

The ISQM TOOLKIT is available here to purchase now for immediate download.

All the templates on our website have had a refresh as of June 2026 and the letters of engagement have had new paragraphs added for:

  • the potential use of artificial intelligence and machine learning on client assignments;
  • along with auto enrolment for payroll assignments.

There is a bulk discount (five templates for the price of four) for purchases of five or more templates when purchased in a single transaction.

If you need an up-to-date engagement letter, there is a search bar near the bottom of our home page (www.jmcc.ie) to quickly look up the item you need. More details see here.

 

For those of you still in the process of ISQM 1 implementation, please see our ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please call or e-mail John McCarthy FCA or e-mail him at john@jmcc.ie.

We typically tailor our training and brainstorming sessions to suit each firm’s unique requirements.

Publications:

 

All the templates on our website have had a refresh as of June 2026 and the letters of engagement have had new paragraphs added for:

  • the potential use of artificial intelligence and machine learning on client assignments;
  • along with auto enrolment for payroll assignments.

There is a bulk discount (five templates for the price of four) for purchases of five or more templates when purchased in a single transaction.

If you need an up-to-date engagement letter, there is a search bar near the bottom of our home page (www.jmcc.ie) to quickly look up the item you need. More details see here.

For those of you still in the process of reviewing your ISQM 1 implementation, please see our ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please call or e-mail John McCarthy FCA or e-mail him at john@jmcc.ie.

We typically tailor our training and brainstorming sessions to suit each firm’s unique requirements.

Publications: