ISSAI 4000: Issues coming - PowerPoint Presentation

Slide1

ISSAI 4000:Issues coming out of the maintenance groups

Mona PaulsrudCAS meeting, Oslo17th of September 2014

1

Slide2

Work ahead2

December

2014:

ISSAI 4000 draft for

comments

in PSC

steering

committee

May 2015:

ISSAI 4000

exposure

draft to

the

PSC

steering committee

August-

O

ctober

2015:ISSAI 4000 exposure period

May 2016:ISSAI 4000 endorsement version to the PSC steering committee

October

2016:

ISSAI 4000

endorsement

at INCOSAI,

Abu Dhabi

Slide3

Further process on ISSAI 4000 draft15th of October: Deadline for comments and proposals on language and style31st

of October: Deadaline for comments and proposals on

substance and contents3

Slide4

Prerequisites from ISSAI 100/400Process oriented approachRisk based auditingProfessional judgement & skepticismCovering the variety

of compliance audit practices across INTOSAIBoth

direct reporting and attestation engagements

4

Slide5

Compliance Audit Subject Matters

Slide6

…the authorities which govern them“Relevant acts or resolutions of the legislature or other statutory instruments, directions and guidance issued by public sector bodies with powers provided for in statute, with which the audited entity is expected to comply.”

6

Slide7

Authorities - the sources of audit criteria

Authorities

Criteria

Slide8

Narrowing down the audit scope..

Slide9

Authorities in two forms9

GREY ZONE OF INTERPRETATION

Slide10

How to draw the line..REGULARITYThe concept that the subject matter is in accordance with authorizing legislation, regulations issued under governing legislation and other relevant legal documents which lay down the rules and procedures to be adhered to by the audited entity which provide a legal framework within which the subject matter is being exercised, and these are properly sanctioned.PROPRIETY

General principles of sound public sector financial management and conduct of public sector officials.10

Slide11

Issues raisedDoes the spirit or intention of laws and regulations belong to regularity or propriety?A code of conduct

or ethics – would it belong to regularity or propriety?Are

fraud risks generally linked to breach of

propriety?11

Slide12

Assurance

Slide13

AssuranceIntended users wish to be confident about the reliability and relevance of the information which they use as the basis for taking decisions. Audits therefore provide information based on sufficient and appropriate evidence, and auditors should perform procedures to reduce or manage the risk of reaching inappropriate conclusions. The level of assurance that can be provided to the intended user should be communicated in a transparent way.

However, due to inherent limitations, audits can never provide absolute assurance. ISSAI 100 paragraph 31

Slide14

The core of assurance

Is

the

audit

evidence

obtained

sufficient

and

appropriate

so as to

reduce

the audit

risk to an acceptably low level?

Reconsidering

:

Slide15

Communicating assuranceDepending on the audit and the users’ needs, assurance can be communicated - through opinions and conclusions which explicitly convey the level of assurance.ISSAI 100 para. 3215

Slide16

Opinion and conclusion – what is the difference?The conclusion is a statement of the auditor covering the audit scope on the basis of the findings assessed against the criteria and conveying explicitly the level of assurance of the audit.NEW ISSAI 4000 para. 158 - 160

An opinion is a statment of the auditor expressed in a standardized form of a clear written expression of modification or unmodification.NEW ISSAI 4000 para. 161-166

16

Slide17

Issues raisedIs an opinion only relevant in attestation engagements? – NOIs an opinion only given in relation to the financial statements? – NO

Can an opinion only be given on quantitative subject matters?

- NO

17

Slide18

Opinion and conclusion – what is the difference?“The conclusion may be expressed as an elaborate answer to specific audit questions or take the form of a clear written statement of opinion on compliance, often in addition to the opinion on the financial statements. While an opinion is common in attestation engagements, the answering of specific audit questions is more often used in direct reporting engagements.”NEW ISSAI 4000 para. 160

18

Slide19

Opinion and conclusion – what is the difference?“Where an opinion is provided the auditor states whether it is unmodified or has been modified on the basis of the evaluation of materiality and pervasiveness. Delivering an opinion would normally require a more elaborate audit strategy and approach that encompasses a tangible population covered both by quantitative and qualitative sampling during the audit.”NEW ISSAI 4000 para. 163

19

Slide20

Opinion and conclusion – what is the difference?20

Opinion

ISSAI 4000 para. 158 - 160

ISSAI 4000 para.

161- 166

ISSAI 4000 para.

137-141

Slide21

Audit sampling21

Slide22

ISSAI 4000 – in need of further elaboration?MaterialityReasonable and limited assuranceAudit scopeSubject matter and criteria in relation

to direct reporting and attestation engagementsUnderstanding the

entity22

Slide23

ISSAI 4000 – in need of further elaboration? (continuing)Control environment/ intrenal controlsRisk of non complianceDocumentationCombinations

of compliance with financial and/or performance auditing

23

Slide24

ISSAI 4000 – the need for further elaborations?Prioritizations and further work of the committee.

24