1 / 33

ISSAI 400

ISSAI 400. Fundamental Principles of Compliance Audit Compliance Audit Subcommittee Vilnius, Lithuania 19th-20th of September 2012. Mona Paulsrud, CAS harmonization team. ISSAI 400 presentation. The approach of the CAS harmonization team to ISSAI 400

ahartman
Download Presentation

ISSAI 400

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ISSAI 400 Fundamental PrinciplesofCompliance Audit ComplianceAuditSubcommittee Vilnius, Lithuania 19th-20th of September 2012 Mona Paulsrud, CAS harmonization team

  2. ISSAI 400 presentation • The approachofthe CAS harmonization team to ISSAI 400 • Structure and contentsof ISSAI 400

  3. CAS’ contribution to thedevelopmentofpublicsectorauditing

  4. The purpose and authorityofISSAI 400 ISSAI 400 PrinciplesofComplianceAudit ISSAI 4000 ComplianceAudit Guidelines 4100 4200

  5. AIM OF ISSAI 400 To provide a coherent, highlevelframeworkofComplianceAudit in thepublicsector, coveringboth ISSAI 4100 and ISSAI 4200.

  6. CAS’ approach in developing ISSAI 400 • Financial audit – the cradle of the audit profession and audit theory • Defines basic concepts and terminology of auditing

  7. ComplianceAudit – The extendedperspective

  8. CAS’ strategy in developingISSAI 400 • Builduponexistingcontents and terminologyofthe ISSAI 4000 series • Create a coherent story ofComplianceAudit • High, genericlevelofconcepts and principles • Dual approach – updated IFAC terminology

  9. ISSAI 400 – Basic structure • Introduction • Purpose and authorityof ISSAI 400 • The nature ofComplianceAudit} Story of CA • Elements ofComplianceAudit} Audittheory • PrinciplesofComplianceAudit} Requirements • Makingreference to theISSAIs

  10. The nature ofCompliance Audit The independentasessmentofwhether a particularsubject matter is in compliancewithestablishedcriteria.

  11. The nature ofComplianceAudit Originsof cash flow in thepublicsectorarethedecisions and premisesofthelegislature.

  12. Public sectorcontextofthe SAI AUTHORITIES AUTHORITIES AUTHORITIES ComplianceAudit

  13. The elements ofComplianceAudit SAI ISSAI 4100 or ISSAI 4200?

  14. Authorities and criteria AUTHORITIES CRITERIA

  15. SUBJECT MATTER Underlying subject matterSubject matter information

  16. The threepartiesofCompliance Audit THE LEGISLATURE THE GOVERNMENT THE SAI

  17. Assurance in Compliance Audit

  18. Forms ofreporting • Long form reporting • Short form reporting • Findings • Opinions & various forms ofconclusions

  19. VariationsofCompliance Audit SUBJECT MATTER ASSURANCE APPROACH FORMS OF REPORTING AUDIT EVIDENCE

  20. The elements ofComplianceAudit SAI ISSAI 4100 or ISSAI 4200?

  21. PrinciplesofComplianceAudit Principles: at thelevelof an individualaudit

  22. PrinciplesofComplianceAudit Principles = «shouldstatments» Able to fit all variationsofComplianceAudit. To be translatedinto «shall statements» whenlevel 4 is to be used as authoritative standards.

  23. PRINCIPLES TO BE APPLIED IN CONDUCTING A COMPLIANCE AUDIT • General principles: to be considered prior to comencement and at more thanonepointthroughouttheauditprocess 2. Principlesrelated to theauditprocess: related to steps in theauditprocessitself

  24. General principles • Legal basis • Ethics and independence • Qualitycontrol • Audit team management and skills • Audit risk • Materiality • Professional judgment and skeptisim • Documentation • Communication

  25. Auditteam management and skills … includes an understanding of and practical experience of the type of audit being undertaken; an understanding of the applicable standards and authorities; an understanding of the entity’s legal basis and operations; and the ability and experience to exercise professional judgement. ISSAI 400 para. 54

  26. Audit risk Audit risk in Compliance Audit covers both attestation and direct engagements. inherent risk - control risk -detection risk The degree to which these components are relevant to the audit is affected by the nature of the subject matter, whether the audit is performed as a reasonable assurance or limited assurance audit and whether it is a direct or an attestation engagement. ISSAI 400 para. 56

  27. Materiality

  28. Materiality Materiality in Compliance Audit consists of both quantitative and qualitative factors. … An essential part of determining materiality is to consider the importance of compliance for the intended users and the consequences of potential or identified instances of non-compliance. ISSAI 400 para. 58

  29. Principlesrelated to theauditprocess 1. Planning and designing a complianceaudit • Subject matter and criteria • Auditscope • Understandingtheentity • Risk assessment • Understaning internalcontrol and controlenvironment • Risk offraud • Auditstrategy and audit plan 2. Gatheringauditevidence 3. Evaluatingauditevidence, concluding and reporting • Evaluatingauditevidence and forming conclusions • Reporting • Follow up

  30. Planning and designing a complianceaudit 1. Subject matter and criteria

  31. Gatheringauditevidence Sufficient and appropriateauditevidence.

  32. Evaluatingauditevidence, concludingand reporting

More Related