Let’s Start with the Peer Review Basics: What is a Peer Review and Why is it Required?
Peer review is a quality assurance process designed to evaluate a CPA firm’s adherence to professional standards in the accounting, auditing and attestation services it provides. It is required due to the significant public interest in ensuring the quality and reliability of these services.
Firms often find that undergoing peer review enhances the quality and effectiveness of their practices by identifying areas for improvement and refining their processes. Firms that provide services governed by the Statements on Auditing Standards (SASs), Statements on Standards for Accounting and Review Services (SSARS) or Statements on Standards for Attestation Engagements (SSAEs) are required to register with an approved Peer Review Administering Entity (AE) and undergo a peer review every three years.
The primary goal of the peer review process is to serve as an educational tool that fosters improvement and helps firms strengthen their practices. By identifying deficiencies and suggesting corrective actions, peer reviews ensure continuous quality improvement within the accounting profession. This process ultimately benefits both CPA firms and the clients they serve, reinforcing public confidence in the integrity of accounting and auditing services.
Peer reviews are categorized into one of two types:
- Engagement reviews: Firms that exclusively perform services under the SSARS or SSAEs. These reviews focus on evaluating specific individual engagements rather than the firm’s entire quality control system, providing a streamlined approach for firms with limited assurance activities. During an engagement review, the peer reviewer assesses whether a selection of completed engagements was conducted and reported in accordance with relevant professional standards. Additionally, the reviewer verifies that the firm and its practitioners hold the appropriate state licenses to perform their services, ensuring compliance with regulatory requirements.
- System reviews: Firms that perform engagements under SASs or Government Auditing Standards (GAS), examinations under SSAEs must have system reviews. The purpose of a system review is to determine whether a firm’s quality control system is both properly designed and operating effectively. Beyond evaluating whether engagements are performed in accordance with applicable professional standards, the review extends to core aspects of the firm’s operations, including leadership and tone at the top, human resources, relevant ethical requirements, engagement acceptance and continuance and monitoring activities. During the system review, the peer reviewer examines the firm’s quality control policies and procedures to ensure they are designed in line with professional quality control standards. The review process includes risk-based procedures tailored to the specific circumstances of the firm and includes staff interviews, verification of CPE and licensing, reviews of engagement acceptance and evaluation of staff performance.
Completed peer review packages for both types of review are submitted by the reviewer to the firm’s AE, which could be either the relevant state society or the AICPA National Peer Review Committee. For firms whose primary operations are in Minnesota or North Dakota, the MNCPA serves as their designated AE. After submission, the peer review package undergoes inspection by a technical reviewer at the AE to ensure the review meets professional requirements and complies with relevant standards. Once the review is complete, the package is forwarded to the AE’s Report Acceptance Body (RAB), which is responsible for providing final approval or adjudicating the results. This multi-step process ensures accountability, consistency and transparency in peer reviews, helping firms maintain compliance while strengthening the overall quality of their practices.
Looking at the Trends
During the 2025 peer review cycle, spanning from Sept. 1, 2024, through Aug. 31, 2025, the findings reflect consistently strong quality across the profession. However, there remains room for continued enhancement. The following sections provide a detailed breakdown of the results for engagement and system reviews in the past three years, alongside a broader overview of peer review outcomes across several years.
Engagement Reviews Results
| Year ended Aug. 31 |
Pass |
Pass with deficiencies |
Fail |
Total |
| 2025 |
43 (75%) |
10 (18%) | 4 (7%) |
57 |
| 2024 |
41 (87%) |
5 (11%) | 1 (2%) |
47 |
|
2023 |
65 (84%) | 10 (13%) | 2 (3%) |
77 |
Reviewers identified several critical areas of deficiencies, including:
- Accountant’s or Agreed Upon Procedures report did not include the most current language.
- Reports not in compliance with standards, including reports modified for special purpose framework.
- Missing or inadequate disclosures, with most common ones being revenue recognition, leases and investments.
- Inadequate documentation of expectations (reviews).
- Materiality not documented (reviews).
System Reviews Results
| Year ended Aug. 31 | Pass | Pass with deficiencies | Fail | Total |
| 2025 |
48 (94%) |
3 (6%) | 0 (0%) |
51 |
| 2024 |
50 (87%) |
6 (11%) | 2 (2%) |
58 |
| 2023 |
39 (91) |
3 (7%) | 1 (1%) |
43 |
Reviewers identified several critical areas of deficiencies, including:
- Documentation lacking or not performed in accordance with professional standards.
- Risk assessment:
- Not performed at the assertion level.
- No documentation of inherent risk when less than high.
- No assessment of information technology and linkage to risk assessment.
- No linkage between identified risks and audit procedures performed.
- Single audits lacking documentation in the following areas:
- Sampling.
- Major program determination.
- Compliance testing and internal control over compliance problems.
- No CPE or only partially obtained.
- ERISA audits: SOC reports did not document evaluations of complementary user controls.
- Ineffective monitoring procedures or no documentation of monitoring procedures.
Documentation
This will remain a key area of focus. If procedures are not formally documented in the workpapers, they are effectively considered “not done.” Workpapers should provide enough clarity and detail to allow an experienced third party to understand the firm’s decision-making process and the specific procedures performed to reach its conclusions.
Recommendations
To improve your firm’s system of quality control:
- Develop and implement a comprehensive quality management system by the Dec. 15, 2025, deadline. Ensure plans are in place for ongoing monitoring and remediation throughout the following year to maintain system effectiveness and drive continuous improvement.
- Include proper documentation in all engagements.
- Keep up to date on new accounting and assurance standards.
- Train personnel on current standards and industry changes.
- Perform regular internal inspections and reviews.
- Engage in ongoing professional education and development.
Stay prepared in navigating the rapid changes occurring in the business landscape and their influence on audit and attest procedures and documentation. Leverage leadership from organizations such as the MNCPA and AICPA to stay informed about evolving technologies, methodologies and professional requirements within the audit and attest fields. Additionally, the AICPA’s Center for Plain English Accounting serves as an invaluable resource, offering expert insights and practical guidance on the implementation of new standards.
Gavin Burnham, CPA, a principal with Olsen Thielen & Co., Ltd, is the MNCPA Peer Review Committee Chair and has been on the peer review committee in many capacities for 13 years. (This article was published in the MNCPA Footnote in the December 2025/January 2026 issue)