7 Steps of Quality Management

7 Steps of Quality Management

The 2024 Yellow Book lays out new rules for a system of quality management for government audits. This summary of Chapter 5 will help jumpstart your journey to compliance.

Assign Roles

Plan on filling two roles right away:

1. A senior-level official is responsible for the quality control management process overall; and
2. One or more staff to take on operational responsibility for the six quality objectives, risks and responses.

You will also need a monitor and a peer reviewer.

Set Quality Objectives

Define what you want the quality management system to do within six specific areas:

1. Governance and leadership;
2. Independence, ethical and legal requirements;
3. Acceptance of engagements;
4. Engagement performance;
5. Resources; and
6. Information and communication

Assess Risk

What would failing to achieve the quality objectives look like? Spell it out and then rank those scary possible consequences for likelihood and impact. GAGAS goes into great detail about factors to consider as you rate risk in sections 5.34-5.39.

Mitigate Risks

For the higher risk items, plan on taking action, developing a policy or implementing a procedure to safeguard you and your team from experiencing the risk. One of the possible safeguards is performing an engagement quality review (sections 5.139-5.153).

Monitor & Evaluate

Is your plan working? Make sure to set up a way to double-check that your efforts are succeeding. Monitoring is best done by an objective professional. At least once a year, the senior-level official evaluates the quality management system.

Fix What Isn’t Working

Did the monitor, engagement quality reviewer or senior-level official find something wrong with the quality of your audits or your quality management system? Make sure to resolve whatever it is quickly. A systemic flaw may prompt you to re-assess risk.

Peer Review

Every three years, an independent auditor from a peer audit organization will verify your monitoring process is working and you are creating high-quality work. The peer reviewer will conclude in writing whether your system of quality management passes or fails.

Want to dig into this further?

I invite you to attend the Yellow Book Standards for Performance Auditors course scheduled for March 7-8. This 8-hour live webinar highlights the crucial updates performance auditors need to know, including independence, CPE requirements, and the latest on quality control and peer review.