what is a system review?
What is a system review?
A System Review is the AICPA peer review required for CPA firms that issue audits. Its objective is to determine whether the firm’s system of quality management is designed, implemented, and operating effectively to provide reasonable assurance that engagements are performed and reported on in conformity with professional standards.
System Reviews apply to firms that perform audit engagements, including (but not limited to) audits of employee benefit plans, not‑for‑profit organizations, commercial entities, investment entities, real estate, construction, and Common Interest Realty Associations.
why firms receive a system review?
A System Review is required when a firm performs any audit‑level engagement under AICPA professional standards during the review period—for example, financial‑statement audits, audits under special‑purpose frameworks, or specialized industry audits. If the firm issues even one audit during the period, a System Review applies.
What the Reviewer Evaluates
During a System Review, the peer reviewer focuses on the design, implementation, and operation of your system of quality management and whether it supports conformity with professional standards in all material respects. Typical areas include:
Quality management documentation and risk assessment — quality objectives; identification and assessment of risks to quality; and the responses designed to address those risks.
Relevant ethical requirements and independence — how independence and ethics are established, monitored, and documented.
Acceptance and continuance — whether processes admit only engagements the firm can perform with quality.
Engagement performance — methodologies, tools/templates, firm library/professional literature, workpaper quality, and reporting.
Resources, competence, and CPE — staffing, supervision, and role‑appropriate learning (including industry‑specific training where relevant).
Monitoring and remediation — how the firm monitors its system, performs root‑cause analysis, and whether prior corrective actions or implementation plans from peer review were completed and effective.
To see the system operating in practice, the reviewer also selects a cross‑section of completed audits—across industries, partners, and, when applicable, offices—to evaluate whether engagements were performed and reported on in conformity with professional standards. Selection is risk‑based and representative of the firm’s practice.
outcome of a system review
At the conclusion of the review, the report will state one of three outcomes: Pass, Pass with Deficiencies, or Fail. When deficiencies are identified, the administering entity may require corrective actions and, where appropriate, follow‑ups to document remediation and compliance.
A firm that prepares early, documents monitoring and remediation, maintains current methodologies and CPE, and ensures its firm library is up‑to‑date typically experiences a smooth, constructive System Review.