1 / 112

Cristina Breden Director Romanian Court of Accounts

INTOSAI’s SDP 2.3 Project “ Using ISSAIs in accordance with the SAI’s mandate and carrying out combined audits ”. Cristina Breden Director Romanian Court of Accounts. Project objectives and s pecific considerations.

lotus
Download Presentation

Cristina Breden Director Romanian Court of Accounts

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. INTOSAI’s SDP 2.3 Project “Using ISSAIs in accordance with the SAI’s mandate and carrying out combined audits” Cristina Breden Director Romanian Court of Accounts

  2. Project objectives and specific considerations The guidance on the strategic decisions of an SAI needs to take on the basis of its mandate and other legislative requirements before it applies the ISSAIs(cf. ISSAI 100) will consider the issues of SAIs on deciding: which auditing standards are applicable, which engagements will be conducted and how they will be prioritised in order to respond to the requirements in their mandate and other legislative requirements. Recognising the fact that some SAIs function as court of auditors, most of them having jurisdictional functions, guidance will consider the specificities of these SAIs’ mandates too. While developing the guidelines, suggestions and comments will be sought from: Professional Standards Committee, Performance Audit Subcommittee, Financial Audit and Accounting Subcommittee, Subcommittee on Internal Control Standards Capacity Building Committee Knowledge Sharing Committee, member SAIs of CAS, INTOSAI Regional Groups, INTOSAI’s Development Initiative Forum of SAIs with Jurisdictional Functions.

  3. Duration of the project and the project team Duration: 35 months (February 1, 2018 to December 31, 2020) The project is carried out jointly by three subcommittees under Professional Standards Committee (PSC): Compliance Audit Subcommittee (leader of the working group), Financial Audit and Accounting Subcommittee Performance Audit Subcommittee Project team members are SAIs from: Romania (team leader), Brazil, China, European Court of Auditors, Hungary, Tunisia and, in addition, IDI.

  4. Explanation of the need for the project According to ISSAI 100/7, the Fundamental Auditing Principles can be used to establish authoritative standards in three ways: 1) as a basis on which SAIs can develop standards; 2) as a basis for the adoption of consistent national standards; 3) as a basis for adoption of the General Auditing Guidelines as standards. But the principles in no way override national laws, regulations or mandates or prevent SAIs from carrying out investigations, reviews or other engagements which are not specifically covered by the existing ISSAIs. The XX INCOSAI’s declaration called upon its members and other interested parties: ”to implement the ISSAIs in accordance with their mandate and national legislation and regulations”. The mandate defines the different types of audits and engagements an SAI may carry out and ISSAIs need to be implemented accordingly. Some SAIs might have to comply with other legislative requirements as well. This may involve combined audits (cf. ISSAI 100/23). ISSAI 100/16 states that “An SAI may make strategic decisions in order to respond to the requirements in its mandate and other legislative requirements. Such decisions may include which auditing standards are applicable, which engagements will be conducted and how they will be prioritised”.

  5. Explanation of the need for the project There is a lack of clarity in the provisions of some standards and also some inconsistencies between the provisions of different standards: The ISSAI 4200 has been withdrawn at the 2016 INCOSAI which raises the question whether there is a need for new guidance on combined audits to replace this. ISSAI 100/21 states that: “The objectives of any given audit will determine which standards apply.” It is not very clear whether one should apply a different standard for each objective of an audit or only one standard according to the primary objective of that audit. ISSAI 300 states that:“the primary objective of the audit should guide the auditors as to which standards to apply” . ISSAI 400 says “auditors should use their professional judgement to decide whether performance or compliance is the primary focus of the audit, and whether to apply the ISSAIs on performance auditing, compliance auditing or both.” ISSAIs 300 and 400 are thus almost fully consistent with one another, the difference being “or both” in ISSAI 400. The new ISSAI 4000 deals with various aspects of fraud (risk of fraud, considerations related to the reporting of suspected unlawful acts) without making any mention of ISSAI 1240The auditor’s responsibility relating to fraud in an audit of financial statements. This raises the question which of these ISSAIs should be applied by SAIs who conduct different types of audits simultaneously (financial audit and compliance audit, and even performance audit). Paragraph P5 of the Practice Note to ISSAI 1250 Consideration of Laws and Regulations in an Audit of Financial Statements) currently has the following: “… These additional responsibilities, and related audit and reporting objectives, are dealt with in the INTOSAI Compliance Audit Guidelines (ISSAI 4000 and 4200). Public sector auditors with such additional responsibilities consider ISSAIs 4000 and 4200.”, the new ISSAI 4000 Compliance audit standardsis completely silent on the existence of ISSAI 1250. This is a potential source of confusion, as it is not very clear what type of compliance engagement is not covered by ISSAI 1250. Therealso seems to be a need to clarify INTOSAI’s position in comparison with IFAC’s definitions of limited assurance and reasonable assurance.

  6. Explanation of the need for the project 2. At the moment there is no practical guidance for combined audits 3. Some SAIs are required to report on the reliability of performance data produced by management. As this data is typically produced as a result of a statutory or regulatory requirement, the examination of its reliability might be considered as compliance auditing.

  7. Liaison with other INTOSAI SDP projects The project will include liaison with the 1.2, 1.3 and 2.1 project teams. SDP projects: 1.2 ”A more principles-based and future-proof ISSAI 200”, 1.3 ”Consolidate and improve INTOSAI practice notes to ISSAIs” and 2.1 ”Provide guidance on financial auditing” may well produce elements relevant to this project.

  8. Survey The survey will also enquire whether there is any need for guidance: on combined financial and compliance audits. If so, this needs to be aligned with ISSAIs 100, 200 and 400. on combined compliance and performance audits. If so, this needs to be aligned with ISSAIs 100, 300 and 400. on the consistency of different ISSAIs, such as ISSAI 1240 (The auditor’s responsibility relating to fraud in an audit of financial statements) with ISSAI 4000, on the applicable standards for SAIs in different circumstances, such as: SAIs which have to consider compliance with laws and regulations in different audits (ISSAI 1250 and ISSAI 4000), or SAIs which, as a result of a statutory or regulatory requirement, have to report on the reliability of performance data produced by management.

  9. Survey The initial needs assessment for the project proposal started with a survey of a sample of SAIs to enquire: what are the provisions of their mandate and if there are any other legal requirements they have to comply with? how do they implement the standards in compliance with the SAI’s mandate and the national legislation and other regulations they have to comply with? do they carry out combined audits or audits that combine elements from different audit types, how is this done and how do they decide which standards are the most appropriate in the circumstances? what problems do they encounter? and the solutions found.

  10. Survey The survey will also enquire whether there is any need for guidance: on combined financial and compliance audits. If so, this needs to be aligned with ISSAIs 100, 200 and 400. on combined compliance and performance audits. If so, this needs to be aligned with ISSAIs 100, 300 and 400. on the consistency of different ISSAIs, such as ISSAI 1240 (The auditor’s responsibility relating to fraud in an audit of financial statements) with ISSAI 4000, on the applicable standards for SAIs in different circumstances, such as: SAIs which have to consider compliance with laws and regulations in different audits (ISSAI 1250 and ISSAI 4000), or SAIs which, as a result of a statutory or regulatory requirement, have to report on the reliability of performance data produced by management. The assessment will establish a clear link between the theory (as outlined in the ISSAIs) and current practice (what auditors are actually doing as part of the audit engagement). It may be considered if any benchmarks or best practice can be drawn from the survey results.

  11. Preliminary results of the Survey

  12. SAIs which sent their responses to the survey: Asia: Afghanistan, Azerbaijan, Bahrain, China, Iraq, Japan, Kuwait, Malaysia, Maldives, Palestine, Qatar, Thailand, UAE. NorthAmerica:Canada, USA. Central and South America: Brazil, Ecuador, Mexico. Africa: Cameroon. Europe:Croatia, Cyprus, Denmark, ECA, Estonia, France, Greece, Iceland, Latvia, Lithuania, Romania, Slovenia, Switzerland, Turkey.

  13. SAIs which implemented the ISSAIs 23 SAIs YES: Afghanistan, Azerbaijan ,Bahrain, Brazil,Cyprus, Croatia, Denmark, ECA, Estonia, France, Greece, Iceland, Iraq, Latvia, Lithuania, Maldives, Malaysia, Palestine, Slovenia, Switzerland, Thailand, Turkey, UAE NO: - SAI Qatar – is in the process of developing new methodologies and procedures which will take into consideration the ISSAIs. 8 SAIs national standards: Canada, Cameroon, China, Japan, Kuwait, Mexico, Romania, USA.

  14. Didn’t answer: SAI Kuwait SAI Japan- We do not directly utilize ISSAIs as our Auditing Standards because ISSAIs provide an auditing system which is different from Japanese auditing system such as the assurance-type financial audit. However, our Auditing Standards correspond to all the main provisions of ISSAIs applicable to the auditing system in Japan. SAI Latvia - selectively

  15. No answer: SAI Kuwait SAI Switzerland: as a basis on which it developed its own standards and as a basis for the adoption of consistent national standards

  16. No answer: SAI Kuwait SAI Latvia: developed its audit methodology based on ISSAI level 3 and ISSAI level 4.

  17. The way SAIs implemented ISSAIs in compliance with legal mandate

  18. The way SAIs implemented ISSAIs in compliance with legal mandate

  19. The way SAIs implemented ISSAIs in compliance with legal mandate

  20. The way SAIs implemented ISSAIs in compliance with legal mandate

  21. Not answered: SAI Kuwait

  22. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  23. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  24. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  25. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  26. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  27. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  28. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  29. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  30. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  31. The way that the type of audits carried out by responding SAIs are influenced by SAIs mandate

  32. The way that responding SAIs are carrying out combined audits and how they decide which standards are the most appropriate in the circumstances

  33. The way that responding SAIs are carrying out combined audits and how they decide which standards are the most appropriate in the circumstances

  34. The way that responding SAIs are carrying out combined audits and how they decide which standards are the most appropriate in the circumstances

  35. The way that responding SAIs are carrying out combined audits and how they decide which standards are the most appropriate in the circumstances

  36. The way that responding SAIs are carrying out combined audits and how they decide which standards are the most appropriate in the circumstances

  37. The way that responding SAIs are carrying out combined audits and how they decide which standards are the most appropriate in the circumstances

  38. The way that responding SAIs are carrying out combined audits and how they decide which standards are the most appropriate in the circumstances

  39. The way that responding SAIs are carrying out combined audits and how they decide which standards are the most appropriate in the circumstances Not answered: SAI Azerbaijan, SAI Kuwait

  40. Not answered: SAI Kuwait

  41. Problems encountered by SAIs when deciding which standards are the most appropriate in certain circumstances

  42. Problems encountered by SAIs when deciding which standards are the most appropriate in certain circumstances

  43. Solutions identified by SAIs in deciding on which standards are the most appropriate in certain circumstances (some of the answers given by SAIs)

More Related