Agenda Item II CAS X Vilnius ISSAI 400 Presentation
Transcript of Agenda Item II CAS X Vilnius ISSAI 400 Presentation
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
1/33
ISSAI 400
Fundamental Principles of
Compliance Audit
Compliance Audit Subcommittee
Vilnius, Lithuania
19th-20th of September 2012
Mona Paulsrud, CAS harmonization team
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
2/33
ISSAI 400 presentation
1. The approach of the CAS harmonization team
to ISSAI 400
2. Structure and contents of ISSAI 400
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
3/33
CAS contribution to the
developmentof public sector auditing
http://localhost/var/www/apps/conversion/tmp/scratch_4//upload.wikimedia.org/wikipedia/commons/0/00/Roman_bridge_at_Cangas_1_com.jpg -
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
4/33
The purpose and authority of
ISSAI 400
ISSAI 400 Principles of Compliance Audit
ISSAI 4000 Compliance Audit Guidelines
4100
4200
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
5/33
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
6/33
AIM OF ISSAI 400
To provide a coherent, high level framework of
Compliance Audit in the public sector, covering
both ISSAI 4100 and ISSAI 4200.
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
7/33
CAS approach in developing ISSAI 400
Financial audit the
cradle of the audit
profession and audit
theory
Defines basic concepts
and terminology of
auditing
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
8/33
Compliance Audit
The extended perspective
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
9/33
CAS strategy in developing ISSAI 400
Build upon existing contents and terminology
of the ISSAI 4000 series
Create a coherent story of Compliance Audit
High, generic level of concepts and principles
Dual approach updated IFAC terminology
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
10/33
ISSAI 400 Basic structure
1. Introduction
2. Purpose and authority of ISSAI 400
3. The nature of Compliance Audit} Story of CA
4. Elements of Compliance Audit }Audit theory
5. Principles of Compliance Audit } Requirements
6. Making reference to the ISSAIs
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
11/33
The nature of Compliance Audit
The independent asessment of whether a particular
subject matter is in compliance with established criteria.
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
12/33
The nature of Compliance Audit
Origins of cash flow in the public sector are the
decisions and premises of the legislature.
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
13/33
Public sector context of the SAI
Compliance Audit
THE LEGISTALURE
THE EXECUTIVE
THE ENTITY
AUTHORITIES
AUTHORITIES
AUTHORITIES
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
14/33
The elements of Compliance Audit
ISSAI 4100 or ISSAI 4200?
Authorities
Subject matter
The three partiesSAI
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
15/33
Authorities and criteria
AUTHORITIES
CRITERIA
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
16/33
SUBJECT MATTER
Underlying subject matter Subject matter information
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
17/33
17
INTENDEDUSER
PRACTITIONER
ELEMENTS
OF AN AUDIT
RESPONSIBLEPARTY
THE
LEGISLATURE
THE
GOVERNMENTTHE SAI
The three parties of Compliance Audit
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
18/33
Assurance in Compliance Audit
Attest engagements
Direct reporting
audits
Forms of
assurance
Reasonable
assurance
Limited assurance
Levels ofassurance
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
19/33
Forms of reporting
Long form reporting
Short form reporting
Findings
Opinions & various forms of conclusions
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
20/33
Variations of Compliance Audit
SUBJECT
MATTER
FORMS OF
REPORTING
ASSURANCE
APPROACH
AUDIT
EVIDENCE
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
21/33
The elements of Compliance Audit
ISSAI 4100 or ISSAI 4200?
Authorities
Subject matter
The three partiesSAI
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
22/33
Principles of Compliance Audit
Principles: at the level of an individual audit
PlanningGatheringevidence
Concludingand reporting
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
23/33
Principles of Compliance Audit
Principles = should statments
Able to fit all variations of Compliance Audit.
To be translated into shall statements when
level 4 is to be used as authoritative standards.
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
24/33
PRINCIPLES TO BE APPLIED IN
CONDUCTING A COMPLIANCE AUDIT
1. General principles:
to be considered prior to comencement and at more than
one point throughout the audit process
2. Principles related to the audit process:
related to steps in the audit process itself
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
25/33
General principles
1. Legal basis
2. Ethics and independence
3. Quality control
4. Audit team management and skills5. Audit risk
6. Materiality
7. Professional judgment and skeptisim
8. Documentation
9. Communication
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
26/33
Audit team management and skills
includes an understanding of and practical
experience of the type of audit being undertaken; an
understanding of the applicable standards andauthorities; an understanding ofthe entitys legal basis
and operations; and the ability and experience to
exercise professional judgement.
ISSAI 400 para. 54
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
27/33
Audit risk
Audit risk in Compliance Audit covers both attestation
and direct engagements.
inherent risk - control risk - detection risk
The degree to which these components are relevant to
the audit is affected by the nature of the subject matter,whether the audit is performed as a reasonable
assurance or limited assurance audit and whether it is a
direct or an attestation engagement.
ISSAI 400 para. 56
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
28/33
Materiality
Value
ContextNature
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
29/33
Materiality
Materiality in Compliance Audit consists of both
quantitative and qualitative factors.
An essential part of determining materiality is to
consider the importance of compliance for the intended
users and the consequences of potential or identified
instances of non-compliance.
ISSAI 400 para. 58
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
30/33
Principles related to the audit process
1. Planning and designing a compliance audit Subject matter and criteria
Audit scope
Understanding the entity
Risk assessment
Understaning internal control and control environment
Risk of fraud
Audit strategy and audit plan
2. Gathering audit evidence
3. Evaluating audit evidence, concluding and reporting Evaluating audit evidence and forming conclusions
Reporting
Follow up
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
31/33
Planning and designing a compliance audit
5. Internalcontrol and
controlenvironment
6. Risk offraud
7. Auditstrategyand plan
2. Auditscope
3. Understandingthe entity
4. Riskassessment
1. Subject matter and criteria
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
32/33
Gathering audit evidence
Sufficient and appropriate audit evidence.
-
7/27/2019 Agenda Item II CAS X Vilnius ISSAI 400 Presentation
33/33
Evaluating audit evidence, concluding
and reporting
Evaluating
audit evidenceand forming
conclusions
Reporting Follow up