Brasilia June Compliance Audit Subcommittee (CAS) Presentation to the PSC Steering Committee

Brasilia June CAS plan according to PSC Progress Report 2008 Purpose to finalize the development of Compliance Audit Guidelines A complete set of guidelines exposed to the INTOSAI community after being presented to PSC in October and GB in November 2008, consisting of: –ISSAI 4000 and 4100 for first time exposure –ISSAI 4200 (previously 4100) for re-exposure Subsequently present a complete set for approval to PSC and GB 2009 Present the complete set for endorsement at INCOSAI 2010

Brasilia June Short update of CAS project status Exposure Drafts of ISSAIs approved by PSC in October and presented to GB in November 2008 Exposure process within INTOSAI by 1 February 2009 –Comments received from 23 SAIs and the FAS secretariat Adjusted ISSAIs approved by CAS in March 2009 Presented for approval as endorsement versions to PSC in Brasilia in June 2009 The current status is in accordance with the progress plan presented in the PSC report 2008

Brasilia June ISSAI 4000 General introduction to compliance audit Presents An overall view of compliance audit, and of ISSAIs 4100 and 4200 written from the different perspectives of compliance audit performed separately from, or related to, the audit of financial statements Authority of the guidelines Diversity in organizing and reporting on compliance audit Relationship to other auditing standards

Brasilia June ISSAI 4100 Compliance audit performed separately from the audit of financial statements The subject matters may vary considerably from audit to audit ISSAI 4100 introduces reasonable vs. limited assurance, but the scope goes beyond the use of the “assurance” concept: –The guidelines apply to auditing tasks where the purpose is to obtain sufficient appropriate evidence to support the findings. The conclusion may be expressed in a formalized statement of assurance or in a more elaborated form The reports may be either short-form or long-form reports

Brasilia June ISSAI 4200 Compliance audit related to the audit of financial statements Based on reasonable assurance –in line with the ISA approach on audit of financial statements, leading to reporting in the form of an opinion May on an exceptional basis be applied, as appropriate, to limited assurance reviews Sufficiently flexible to allow for combining a reasonable assurance audit of the financial statements with a limited assurance review on compliance Providing examples of various reporting combinations, clearly stating the auditor’s different responsibilities on reasonable assurance audit vs. limited review Reports on compliance may be either short-form, as in the form of an opinion, or long-form

Brasilia June Court of Accounts issues ISSAIs are intended to be relevant for compliance audit in SAIs representing both the Auditor General system and the Court of Accounts system Do not cover particularities related to the judgement part of compliance auditing in SAIs of the Court type The CAS meeting in March 2009 decided to initiate a further exploration of Court of Accounts issues, to be continued after 2010

Brasilia June Further CAS work beyond 2010 According to the CAS meeting in March 2009, CAS should be engaged in: –The implementation of the compliance audit guidelines throughout the INTOSAI community –The maintenance of the guidelines related to issues such as: limited vs. reasonable assurance materiality applied to compliance subject matters monitoring of developments in relevant auditing standards The meeting emphasized the need of further guidance on limited assurance compared to reasonable assurance, to be considered after 2010