Presentation is loading. Please wait.

Presentation is loading. Please wait.

INTRODUCTION TO Compliance audit METHODOLGY and CAM

Published byAmandine Bessette Modified over 5 years ago

Similar presentations

Presentation on theme: "INTRODUCTION TO Compliance audit METHODOLGY and CAM"— Presentation transcript:

1 INTRODUCTION TO Compliance audit METHODOLGY and CAM
2018 Train the trainer workshop Pretoria, 5-16 February 2018

2 Compliance Audit Methodology
Compliance or non-compliance with § Developed methodology for standalone compliance audits According to ISSAI 100, 400 and 4000 SAI mandate important Requires mind-shift from regularity audit methodology

3

4 Compliance aspect from ISSAI 1250
Compliance in financial auditing is described in ISSAI 1250 par. 10 that the objectives of the audit are: (a) To obtain sufficient appropriate audit evidence regarding compliance with the provisions of those laws and regulations generally recognised to have a direct effect on the determination of material amounts and disclosures in the financial statements (b) To perform specified audit procedures to help identify instances of non-compliance with other laws and regulations that may have a material effect on the financial statements (c) To respond appropriately to non-compliance or suspected non-compliance with laws and regulations identified during the audit.

5 Compliance Audit Definition
The independent assessment of whether a given subject matter is in compliance with applicable authorities identified as criteria. ISSAI 400/12

6 Objective of Compliance Audit
To provide intended user(s) with information on whether the audited public entities follow parliamentary decisions, laws, legislative acts, policy, established codes and agreed upon terms Relevant authorities governing the subject matter to be audited Authorities are sources of audit criteria, (regardless of the source) auditor performs the audit and forms a conclusion with the selected level of assurance, in accordance with the requirements in ISSAI 4000

7 2. Key concepts of Compliance Audit
Authorities and criteria Subject matter and subject matter information Assurance Compliance audit Three parties

8 Key Concepts in Compliance Audit
What is going to be audited (the subject matter) The sources for the criteria (authorities) How you assess the subject matter using criteria Who are the parties involved in the audit (three parties model) What assurance you are providing as an auditor (limited or reasonable) Determine type of engagement (direct reporting or attestation)

9 Subject Matter Subject matter refers to the information, condition or activity that is measured or evaluated against suitable criteria to the circumstances of the audit It can be activities, financial transactions, or information

10 2.1 Subject matter and subject matter information
Subject matter, ref. page 8 Subject matter information, ref. 9 and textbox with example The subject matter information refers to the outcome of evaluating or measuring the subject matter against the criteria. It can take many forms and have different characteristics depending on the audit objective and audit scope. In an attestation engagement, where the auditor attest that the given subject matter information is correct; the audit criteria are implicitly given by the presentation of the subject matter information. In these cases, you need to identify relevant audit criteria to draw conclusions on correctness of criteria implicitly given in the subject matter information by the responsible party.

11 Three Parties in public sector auditing
Responsible party Intended user Auditor The intended user(s) may be legislative or oversight bodies, those charged with governance, the public prosecutor, media, the general public and donors. Responsible Party The responsible party is responsible for the subject matter or subject matter information is the executive branch of central or local government and/or its underlying hierarchy of public officials and entities responsible for the management of public funds and/or the exercise of authority under the control of the legislature Auditor aims to obtain sufficient and appropriate audit evidence in order to arrive at a conclusion

12 Authorities-Criteria
Regularity Propriety Assessment of compliance with formal criteria, such as authorising legislation, regulations issued under framework legislation and other relevant laws, regulations and agreements, budgetary laws. Where formal criteria are absent or there are shortcomings in the legislation, audits may examine compliance with the general principles governing sound financial management and the conduct of public officials.

13

14 Criteria Criteria are the benchmarks deriving from authorities, which are used to evaluate the subject matter consistently and reasonably (ISSAI 400/31), For example if the subject matter is the procurement of medical equipment within a department in Ministry of Health, the authorities can be laws concerning procurement, health laws regulating procurement within the area etc. The criteria can be a specific paragraph in a law regulating the way an entity is supposed to procure medical equipment. Criteria can be specific or more general, and may be drawn from various sources, including laws, regulations, standards, sound principles and best practices. Ref. page 10

15 Criteria deriving from Authorities
The Legislature AUTHORITIES The Executive AUTHORITIES The Entity AUTHORITIES Compliance Audit Criteria

16 Characteristics of Criteria
Relevant Reliable Complete Useful Neutral Criteria Comparable Acceptable Available Understandable

17 Characteristics of criteria
Suitable audit criteria either regularity or propriety, exhibit the following characteristics, ref. explanations on page 10-11 The relative importance of each of the above characteristics when assessing the suitability of criteria to a particular subject matter is a matter of professional judgment. The suitability of criteria is not affected by the level of assurance, that is, if criteria are unsuitable for a reasonable assurance engagement, they are also unsuitable for a limited assurance engagement, and vice versa. Once suitable criteria have been identified based on the characteristics set out above, they then must be appropriately operationalized for the particular circumstances of each audit so as to be able to reach meaningful conclusion(s) and understandable for the intended user.

18 Reasonable assurance is high but not absolute assurance.
Assurance in CA Reasonable Assurance Reasonable assurance is high but not absolute assurance. The audit conclusion is expressed positively, conveying that, in the auditor's opinion, the subject matter is or is not compliant in all material respects with the applicable criteria. Limited Assurance When providing limited assurance, the audit conclusion states that, based on the procedures performed, nothing has come to the auditor’s attention to cause the auditor to believe that the subject matter is not in compliance with the applicable criteria. Ref. ISSAI 4000/33-36

19 Attestation engagement and Direct reporting engagement
Attestation engagements In attestation engagements the responsible party measures the subject matter against the criteria and presents the subject matter information, on which the auditor then gathers sufficient and appropriate audit evidence. Direct reporting engagement In direct reporting engagements it is the auditor who measures or evaluates the subject matter against the criteria. The auditor selects the subject matter and criteria, taking into consideration risk and materiality. Ref. ISSAI 4000/37-39

20 Levels of assurance and engagement types
Direct reporting engagement Attestation engagement Reasonable assurance Conclusion Conclusion/ Opinion Limited assurance

21 Principles of Compliance Audit

22 3. General Principles and requirements of Compliance Auditing
3.1 Professional judgment and scepticism, p. 15 3.2 Quality Control, p. 16 3.3 Audit team management and skills, p. 17 3.4 Audit Risk, p.17 In compliance audit, you need to assess both the risk and materiality.

23 Principles of CA: Risk Audit Risk
Relevant in both attestation engagement and direct reporting engagements Audit Risk Auditor's findings or conclusions - will be incorrect in the circumstances of the audit Auditors’ awareness of the possible or known risks of the work envisaged Developing approaches to addressing those risks in planning and conducting the compliance audit

24 Principles of CA: Materiality
What is the Significance of Materiality? Apply professional judgment Consider the importance of compliance Applied throughout the audit In determining when a transaction, information, or impact of an event is material in an engagement For the intended users and the consequences of potential or identified instances of non-compliance In planning and performing the audit, and in evaluating evidence, and in forming the conclusion/opinion

25 3. General Principles and requirements of Compliance Auditing
3.5 What is Materiality, 18 Concept of materiality in compliance audit is different from the traditional thinking in financial audits. The concept of materiality recognises that some matters, either individually or in the aggregate, are relatively important, and in compliance audit we relate this to whether an instance of non-compliance is material. In this regard, you need to answer one of the most important questions and that is how material would that instance of non-compliance be to the intended users of the compliance audit report and how would this affect their decisions based on it.

26 4. Overall Compliance Audit Planning
4.1 Overall Compliance Audit Plans, p Preapring Annual Overall Compliance Audit Plans 4.3 Audit review process, p. 23

27 Determine Subject Matter
The subject matter should be determined and prioritized at SAI level in the Annual overall Audit Plan CA is a riskbased audit and only high risk audits and/or for significant areas should be carried out

28 SAI MANDATES Discussion

29

30 THANK YOU

31 CONTACT US

Download ppt "INTRODUCTION TO Compliance audit METHODOLGY and CAM"

Similar presentations

Learning Objectives LO1 Describe the role of professional judgment in achieving the overall objectives of the independent auditor in conducting an audit.

Learning Objectives LO1 Describe the role of professional judgment in achieving the overall objectives of the independent auditor in conducting an audit.
Additional Assurance Services: Other Information

Additional Assurance Services: Other Information
Financial Statements Audit

Financial Statements Audit
Dd. This learning session will help the auditor: Design audit objectives understand why audit criteria are used in performance audits; learn how to develop.

Dd. This learning session will help the auditor: Design audit objectives understand why audit criteria are used in performance audits; learn how to develop.
Development of internal control: methodology and responsibility

Development of internal control: methodology and responsibility
Discussion on SA-500 – AUDIT EVIDENCE

Discussion on SA-500 – AUDIT EVIDENCE
International Ethics Standards Board for Accountants Internal Audit Bob Franchini Paris June 2010 1.

International Ethics Standards Board for Accountants Internal Audit Bob Franchini Paris June
1 ACC 3303: AUDITING 2 Assurance Services ?? Need for Assurance ? Illustration using an Audit Engagement as an example.

1 ACC 3303: AUDITING 2 Assurance Services ?? Need for Assurance ? Illustration using an Audit Engagement as an example.
INTOSAI Compliance Audit Guidelines (ISSAI )

INTOSAI Compliance Audit Guidelines (ISSAI )
9.401 Auditing Chapter 1 Introduction. Definition of Auditing The accumulation and evaluation The accumulation and evaluation Of evidence about information.

9.401 Auditing Chapter 1 Introduction. Definition of Auditing The accumulation and evaluation The accumulation and evaluation Of evidence about information.
Auditing A Risk-Based Approach To Conducting A Quality Audit

Auditing A Risk-Based Approach To Conducting A Quality Audit
Mª ANGELA JIMENEZ 1 UNIT 4. EXTERNAL AUDIT BASIS CONCEPTS.

Mª ANGELA JIMENEZ 1 UNIT 4. EXTERNAL AUDIT BASIS CONCEPTS.
Purpose of the Standards

Purpose of the Standards
What are the challenges of implementing ISSAIs in NAO of Estonia? Krista Zibo Audit manager of Financial Audit Department Meeting of Experts of SAIs of.

What are the challenges of implementing ISSAIs in NAO of Estonia? Krista Zibo Audit manager of Financial Audit Department Meeting of Experts of SAIs of.
Page 1 Presentation to the Portfolio Committee on Tourism 21 July 2010 An overview of the External Audit Process and Types of Audits.

Page 1 Presentation to the Portfolio Committee on Tourism 21 July 2010 An overview of the External Audit Process and Types of Audits.
Learning Objectives LO1 Describe the association framework. LO2 Determine whether a PA is associated with financial statements. LO3 Describe the three.

Learning Objectives LO1 Describe the association framework. LO2 Determine whether a PA is associated with financial statements. LO3 Describe the three.
GENERAL TYPES OF AUDIT REPORTS

GENERAL TYPES OF AUDIT REPORTS
Reports on Audited Financial Statements

Reports on Audited Financial Statements
Harmonization project The long and winding road to level 3…

Harmonization project The long and winding road to level 3…
ISSAI 4000: Issues coming out of the maintenance groups Mona Paulsrud CAS meeting, Oslo 17th of September 2014 1.

ISSAI 4000: Issues coming out of the maintenance groups Mona Paulsrud CAS meeting, Oslo 17th of September

Similar presentations

Ads by Google