Audit Quality Control Preliminary draft

Similar documents
Coordination and Cooperation between SAIs and Internal Auditors in the Public Sector

PRINCIPLES AND GOOD PRACTICES

Fundamental Principles of Public-Sector Auditing

Fundamental Principles of Financial Auditing

Fundamental Principles of Compliance Auditing

Fundamental Principles of Performance Auditing

Compliance Audit Standard EXPOSURE DRAFT ISSAI 4000 I N T O S A I. Please send your comments before 19 September 2015 to:

Exposure draft. Guidelines on IT Audit. February 2016 ISSAI 5300 I N T O S A I. Please send your comments before 25 May 2016 to:

QUAๆASSURANCE IN FINANCIAL AUDITING

ISSAI Planning an Audit of Financial Statements. Financial Audit Guideline

Guidelines for Internal Control Standards for the Public Sector

Code of Ethics. and. Auditing Standards I N T O S A I

APES 320 Quality Control for Firms

GUIDANCE ON PERFORMING AUDITS ON BEHALF OF THE AGSA

Guidelines on Best Practice for the Audit of Privatisations

Together. Pacific Association of Supreme Audit Institutions. Quality Assurance Guidelines

ISSAI Modifications to the Opinion in the Independent Auditor s Report. Financial Audit Guideline

Guidance for Conducting a Public Debt Audit The Use of Substantive Tests in Financial Audits

(Effective as of December 15, 2009) CONTENTS

ISSAI Audit Evidence Specific Considerations for Selected Items. Financial Audit Guideline

Implementing the International Standards for Supreme Audit Institutions (ISSAIs): Strategic considerations

Standards and guidelines for performance auditing based on INTOSAI s Auditing Standards and practical experience

How To Ensure That A Quality Control System Is Working Properly

INTERNAL AUDIT CHARTER AND TERMS OF REFERENCE

INTERNATIONAL STANDARD ON AUDITING 220 QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

MACQUARIE TELECOM GROUP LIMITED AUDIT COMMITTEE CHARTER

COMPLIANCE FRAMEWORK AND REPORTING GUIDELINES

Guidance for Reporting on the Effectiveness of Internal Controls: SAI Experiences In Implementing and Evaluating Internal Controls

STRATEGIC PLANNING A Handbook for Supreme Audit Institutions

Assist Members in developing their own national arrangements through being able to draw on and hence benefit from the experience of other members;

The audit of disaster risk reduction

Internal Audit Charter

Audit and Risk Committee Charter. Knosys Limited ACN (Company)

ICMA Private Wealth Management Charter of Quality

OFFICE OF THE CONTROLLER AND AUDITOR-GENERAL Te Mana Arotake THE RELATIONSHIP BETWEEN INTERNAL AND EXTERNAL AUDIT IN THE PUBLIC SECTOR

EXTERNAL PEER REVIEW OF GENERAL INSURANCE LIABILITY VALUATIONS

CORPORATE PERFORMANCE MANAGEMENT GUIDELINE

Practice Note. 10 (Revised) October 2010 AUDIT OF FINANCIAL STATEMENTS OF PUBLIC SECTOR BODIES IN THE UNITED KINGDOM

Internal Regulation of BONUS Baltic Organisations Network for Funding Science EEIG

INTERNAL AUDIT FRAMEWORK

INTERNATIONAL STANDARD ON AUDITING 230 AUDIT DOCUMENTATION CONTENTS

Hunter Hall International Limited


Graduate Project Engineer

GUIDELINES FOR THE CONDUCT OF PERFORMANCE AUDITS

Performance audit,how & why?

Competence Requirements for Audit Professionals

Quality Assurance Checklist

How To Write A Government Accountability Report

A Guide to Corporate Governance for QFC Authorised Firms

ISA 620, Using the Work of an Auditor s Expert. Proposed ISA 500 (Redrafted), Considering the Relevance and Reliability of Audit Evidence

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 200

august09 tpp Internal Audit and Risk Management Policy for the NSW Public Sector OFFICE OF FINANCIAL MANAGEMENT Policy & Guidelines Paper

1.1 Terms of Reference Y P N Comments/Areas for Improvement

Application of King III Corporate Governance Principles

Corporate Records Management Policy

EUROPEAN COMMISSION Directorate General Internal Market and Services. CAPITAL AND COMPANIES Audit and Credit Rating Agencies

(Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS

APES 325 Risk Management for Firms

Information Governance Strategy & Policy

How To Comply With The Law Of The Firm

INTERNATIONAL STANDARD ON AUDITING 260 COMMUNICATION WITH THOSE CHARGED WITH GOVERNANCE CONTENTS

Application of King III Corporate Governance Principles

AUDIT COMMITTEE BEST PRACTICES CHECKLIST

Consultation: Auditing and ethical standards

Auditing ERP systems without specific CAATs

Institutional Capacity Building Framework. Guideline

Infratil Limited - Board Charter. 1. Interpretation. 1.1 In this Charter:

BIBLIOGRAPHY OF CONGRESS 2013

Financial Management Framework >> Overview Diagram

Statement of Guidance

Developing an Implementation Plan

University of Stirling. Records Management Strategy I. Introduction

COLIN STREET DAY SURGERY GOVERNING BODY CHARTER

Client Skills: Skills required by Government as the Construction Industry Client

How To Manage A Board In The Kandijan Germany

Rolls Royce s Corporate Governance ADOPTED BY RESOLUTION OF THE BOARD OF ROLLS ROYCE HOLDINGS PLC ON 16 JANUARY 2015

Audit, Risk Management and Compliance Committee Charter

Guideline on Best Practice for the Audit of Risk in Public/Private Partnership (PPP)

POSITION DESCRIPTION, PERFORMANCE MEASURES AND TARGETS

GAO. Government Auditing Standards: Implementation Tool

Risk Management Committee Charter

1.2 The conduct of the Board is also governed by the Company's Constitution (Constitution).

Legal Aid Ontario. Complex Case Rate (CCR) policy

GUIDANCE NOTE ON THE CONCEPT OF RELIANCE

South Australia Police POSITION INFORMATION DOCUMENT

CHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT

Council Policy. Records & Information Management

Board Charter. May 2014

West Midlands Police and Crime Commissioner Records Management Policy 1 Contents

Solvency Assessment and Management: Pillar II Sub Committee Governance Task Group Discussion Document 81 (v 3)

PERFORMANCE AUDIT MANUAL

INTERNATIONAL STANDARD ON AUDITING 200 OBJECTIVE AND GENERAL PRINCIPLES GOVERNING AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

LafargeHolcim Ltd. Finance & Audit Committee Charter Review date: July 28, 2015

CORPORATE GOVERNANCE - BOARD CHARTER PART A DEFINING GOVERNANCE ROLES

Management of Business Support Service Contracts

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

Board Charter. HCF Life Insurance Company Pty Ltd (ACN ) (the Company )

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

About ACCA. Global infrastructure

Transcription:

ISSAI 40 The International Standards of Supreme Audit Institutions, ISSAI, are issued by the International Organization of Supreme Audit Institutions, INTOSAI. For more information visit www.issai.org I N T O S A I Audit Quality Control Preliminary draft

INTOSAI Professional Standards Committee PSC-Secretariat Rigsrevisionen Landgreven 4 P.O. Box 9009 1022 Copenhagen K Denmark Tel.:+45 3392 8400 Fax:+45 3311 0415 E-mail: info@rigsrevisionen.dk I N T O S A I EXPERIENTIA MUTUA EXPERIENTIA MUTUA OMNIBUS PRODEST OMNIBUS PRODEST INTOSAI General Secretariat - RECHNUNGSHOF (Austrian Court of Audit) DAMPFSCHIFFSTRASSE 2 A-1033 VIENNA AUSTRIA Tel.: ++43 (1) 711 71 Fax: ++43 (1) 718 09 69 E-MAIL: intosai@rechnungshof.gv.at; WORLD WIDE WEB: http://www.intosai.org

1 Introduction The purpose of this document is to provide guidance for SAIs in relation to establishing and maintaining an appropriate system of quality control which covers all audit and other assurance work performed by each SAI. This document is designed to provide complementary guidance to, and should be read in conjunction with, the International Standard on Quality Control ISQC-1, Quality Control for Firms that perform Audits and Reviews of financial statements and other Assurance and Related Services Engagements. ISQC-1 (redrafted) is effective as of 15 December 2009. This guidance is designed to minimise duplication with the material contained in ISQC-1. This document forms an integral part of the other International Standards of Supreme Audit Institutions (ISSAIs) and the guidance within this document is intended to be used in conjunction with those standards. SAIs operate under different mandates and models and the size of SAIs vary around the world. This guidance may not be equally applicable to all SAIs, but is intended to lead SAIs towards a common goal of audit quality. 2 Focus of these guidelines By recognising and building on the International Standard on Quality Control ISQC-1, these guidelines establish an overall code for audit quality within SAIs. This guidance is designed to apply to the system of quality control covering all the work carried out by SAIs, including financial audits, compliance audits and performance audits. These guidelines, which are focussed on the organisational aspects of audit quality operating across each SAI, are designed to complement the guidance developed in respect of audit quality at an individual engagement level (e.g. an individual financial audit, compliance audit or performance audit). Guidance on quality control at an individual engagement level can be found in: ISSAI 1000 2999 (Financial Audit Guidelines)

[ISSAI 1220 provides guidance in respect of quality control procedures for audits of financial statements]; ISSAI 3000 3999 (Performance Audit Guidelines); ISSAI 4000 4999 (Compliance Audit Guidelines). 3 Overview of ISQC-1 ISQC-1 deals with a firm s responsibilities in relation to its system of quality control for audits and reviews of financial statements and other assurance work. In the public sector environment, firm equates to SAI. ISQC-1 sets out that the objective of the firm is to establish and maintain a system of quality control to provide it with reasonable assurance that: (a) the firm and its personnel comply with professional standards and regulatory and legal requirements; and (b) reports issued by the firm or engagement partners, are appropriate in the circumstances 1. [ Engagement partner and firm should be read as referring to their public sector equivalents within the SAI environment]. 4 What is a system of quality control? This document uses the quality control framework outlined in ISQC-1 and provides additional guidance on the issues of particular relevance in the public sector audit environment affecting an SAI s system of quality control: (a) (b) Leadership responsibilities for quality within the firm. Relevant ethical requirements. 1 ISQC-1, para 11

(c) (d) (e) (f) Acceptance and continuance of client relationships and specific engagements. Human resources. Engagement performance. Monitoring. The quality control framework contained in ISQC-1 is relevant to SAIs and therefore, where relevant, the requirements of ISQC-1 should be followed by SAIs when following this guidance. (a) Leadership responsibilities for quality within the firm ISQC-1 requires each firm to establish policies and procedures designed to promote an internal culture recognising that quality is essential in performing engagements 2. Particular considerations for SAIs The head of the SAI (e.g. the Auditor-General, President of Court of Account) should take overall responsibility for the SAI s system of quality control. The head of the SAI may delegate operational responsibility for the SAI s system of quality control to a person or persons with sufficient and appropriate experience and the authority to assume that responsibility. SAIs should strive to achieve a culture that recognises and rewards high quality work. This requires the SAI to have the right tone at the top which emphasises the importance of quality. The strategy of each SAI should recognise an overriding requirement for the SAI to achieve quality in its work so that political or economic considerations do not override the quality of work performed. 2 ISQC-1, para 18

(b) Relevant ethical requirements ISQC-1 requires each firm to establish polices and procedures designed to provide it with reasonable assurance that the firm and its personnel comply with relevant ethical requirements 3. Particular considerations for SAIs: SAIs should ensure policies and procedures are in place which reinforce the fundamental principles of professional ethics of: integrity; independence, objectivity and impartiality; professional secrecy; competence. (For more guidance refer to the INTOSAI Code of Ethics ISSAI 30). SAIs should ensure appropriate policies and procedures are in place to maintain independence of the head of the SAI, all personnel and all parties contracted to conduct work for the SAI. (For more guidance on independence of SAIs, refer to ISSAI 10 Mexico Declaration on SAI Independence and ISSAI 11 Guidelines and Good Practices Related to SAI Independence). SAIs should balance the desirability of auditor rotation with the legislative provisions that establish the statutory appointment and terms of office of the head of the SAI and, where relevant, particular personnel. (c) Acceptance and continuance of client relationships and specific engagements ISQC-1 requires each firm to establish policies and procedures for the acceptance and continuance of client relationships and specific engagements designed to provide the firm with 3 ISQC-1, para 20

reasonable assurance that it will only undertake or continue relationships and engagements where the firm: (a) (b) (c) is competent to perform the engagement and has the capabilities, including time and resources, to do so; can comply with relevant ethical requirements; and has considered the integrity of the client and does not have information that would lead it to conclude that the client lacks integrity 4. Particular considerations for SAIs SAIs policies and procedures should acknowledge that often the SAI has no discretion regarding the acceptance and continuance of client relationships and specific engagements. SAIs should ensure that risk management procedures are adequate to manage the risks of undertaking work which ordinarily would be declined. (d) Human resources ISQC-1 requires the firm to establish policies and procedures designed to provide it with reasonable assurance that it has sufficient personnel with the competence, capabilities and commitment to ethical principles necessary to: (a) (b) perform engagements in accordance with professional standards and regulatory and legal requirements; and enable the firm or engagement partners to issue reports that are appropriate in the circumstances 5. 4 ISQC-1, para 26 5 ISQC-1, para 29

Particular considerations for SAIs: SAIs should ensure that personnel and where relevant, contractors (e.g. from chartered accounting firms), have the collective competencies required to undertake the range of work of the SAI. SAIs should ensure an appropriate mix is struck between conducting work in house and contracting work to other parties (such as chartered accounting firms), which is designed to optimise audit quality. For example, SAIs should consider the nature of work to be contracted out based on those areas where the SAI s inhouse skills are not considered to be adequate. SAIs should ensure that Human Resources policies and procedures give appropriate emphasis to quality, technical competence and professional development. Such policies and procedures related to human resource issues include, for example: recruitment; performance evaluation; capabilities (including time to perform assignments); competence; career development; promotion; compensation; and the estimation of personnel needs. SAIs should ensure that staff and all parties contracted to work for the SAI have a good understanding of the public sector environment in which the SAI operates (e.g. a good understanding of the machinery of Government). SAIs should ensure that performance appraisals of staff and all parties contracted to work for the SAI reflect that quality is a key driver of performance assessment.

(e) Engagement performance ISQC-1 requires the firm to establish policies and procedures designed to provide it with reasonable assurance that engagements are performed in accordance with professional standards and regulatory and legal requirements, and that the firm or the engagement partner issue reports that are appropriate in the circumstances 6. Particular considerations for SAIs: SAIs should ensure appropriate policies and procedures (e.g. audit methodologies) are in place for conducting the range of work that is the responsibility of the SAI, including work which is contracted out. SAIs should ensure that applicable standards are followed on both pre-audits (prior to a transaction occurring) and post audits (after a transaction has occurred), and that any deviations are appropriately documented. SAIs should ensure appropriate quality control policies and procedures are in place in respect of each major product of the SAI/type of engagement (e.g. financial audits, performance audits, compliance audits). Where appropriate, the SAI should ensure consistency in quality across the range of work of the SAI. SAIs should ensure that where they are subject to specific procedures relating to rules of evidence, that such procedures are consistently followed. SAIs should ensure that all engagement documentation (e.g. audit work papers) is the property of the SAI, irrespective of whether the engagement has been conducted by SAI personnel or contracted out. SAIs should ensure appropriate principles of natural justice 7 are followed in respect of finalising report findings to ensure those parties affected by the SAI s reports have an opportunity to comment prior to the report being finalised. 6 ISQC-1, para 32 7 Also referred to as the principle of contradiction in ISSAI 4100, para 151

SAIs should ensure that in addition to any retention period for documentation outlined in professional standards and guidelines, that they meet any other specific requirements of them to retain documentation for longer periods. SAIs should balance the confidentiality of audit documentation with the need for transparency and accountability. As a general principle, when the audited entity has a statutory obligation to gather and retain certain information, requests from outside parties for such information are normally referred to the audited entity. (f) Monitoring ISQC-1 requires the firm to establish a monitoring process designed to provide it with reasonable assurance that the policies and procedures relating to the system of quality control are relevant, adequate and operating effectively 8. Particular considerations for SAIs SAIs should ensure that monitoring is carried out of key aspects of the SAI s system of quality control and of individual engagements (using personnel not involved in these engagements), covering the range of work conducted by the SAI, including work contracted out (e.g. to chartered accounting firms). SAIs should ensure the results of quality control reviews are reported to the head of the SAI in a timely manner. Where appropriate, SAIs should consider engaging another SAI to conduct an independent review of the system of quality control. 5 Summary The quality of work performed by SAIs around the world is directly related to the reputation and credibility of each SAI, and ultimately their ability to fulfil their respective mandates within each jurisdiction. 8 ISQC-1, para 48

A major challenge facing all SAIs is the consistent delivery of high quality audit and other assurance services. For a system of quality control to be effective, it needs to form a key part of the SAI s strategy, culture and detailed policies and procedures as outlined in this guidance (and in the underlying International Standard on Quality Control ISQC-1). In this way, quality is built into the production of the SAI s reports rather than being seen as an additional process once each report is produced.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information