Regulatory updates

International Standard on Auditing (ISA) 220 (Revised), Quality Management for an audit of financial statements is effective for audits of financial statements for periods beginning on or after 15 December 2022. It also applies to group audit engagements and is thus, closely aligned with ISA 600, Special Considerations – Audits of Group Financial Statements (Including the Work of Component Auditors). In this regard, the International Auditing and Assurance Standards Board (IAASB) recently released a fact sheet on ISA 220 (Revised) – Quality management and group audits: Highlighting certain aspects of interaction between ISA 220 (Revised) and ISA 600. The fact sheet focuses on the interaction between ISA 220 (Revised) and ISA 600. It also highlights certain provisions from the International Standard on Quality Management (ISQM) 1, Quality management for firms that perform audits or reviews of financial statements, or other assurance or related engagements which are relevant to the application of ISA 220 (Revised) to group audits.

To access the text of the fact sheet, please click here

Financial sector organisations, stock exchanges, depositories, mutual funds and other financial entities have been experiencing cyber incidents, growing rapidly in frequency and sophistication.

Further, given the persistence of these threats, many traditional approaches to risk management and governance that worked in the past may not be comprehensive enough to address the rapid changes in the threat environment.

In order to address these concerns, recently, SEBI vide a circular dated 22 February 2023 issued an advisory for SEBI REs regarding cybersecurity best practices (the advisory), wherein it has recommended the SEBI REs to implement the practices as suggested by the Financial Computer Security Incident Response Team (CSIRT-Fin). Some of the best practices discussed pertain to:

• Roles and responsibilities of Chief Information Security Officer (CISO)/designated officer,
• Measures against phishing attacks/websites,
• Measures for data protection and data breach,
• Log retention,
• Password policy/authentication mechanisms, etc.

To access the text of the advisory, please click here

On 6 March 2023, the International Auditing and Assurance Standards Board (IAASB) issued the Digital Technology Market Scan: Digital Assets (market scan). The market scan explores digital assets, with a focus on recent developments within the cryptocurrency market and its relevance for the audit and assurance ecosystem. It covers:

• What are digital assets and why are they important?
• The latest developments – including crypto audits under scrutiny, and
• Impact on IAASB.

To access the text of the market scan, please click here

This guidance on the application of the International Standard on Auditing for Audits of Financial Statements of Less Complex Entities, known as the ISA for LCE, will help users in determining the appropriate situations to use the standard. It will be particularly beneficial for legislative and regulatory authorities implementing the standard, firms developing related policies or procedures, and auditors determining whether the standard is appropriate to use for a specific engagement.

This guidance complements previously released resources, including videos, webinars, and the Auditor Reporting Supplemental Guidance. Later this year, the IAASB will also issue an adoption guide and a first-time implementation guide. Collectively, these materials provide a comprehensive toolkit for navigating adoption and implementation of the ISA for LCE.

To access the text of the publication, please click here