PSC INTOSAI Professional Standards Committee. Response to comments received on the revised Framework of INTOSAI Professional Pronouncements

Transcription

1 PSC INTOSAI Professional Standards Committee Response to comments received on the revised Framework of INTOSAI Professional Pronouncements

2 SAI Australia *1* SAI Azerbaijan The Australian National Audit Office (ANAO) welcomes the opportunity to comment on the draft proposal for the revision of the INTOSAI Framework of Professional Pronouncements (the Framework). I would like to express the ANAO s support for the seven key changes to the framework described in the draft proposal. We believe that the proposed structure of the Professional Pronouncements will assist Supreme Audit Institutions to understand their responsibilities and the respective roles of different pronouncements within the Framework. We also consider that this will assist INTOSAI to further develop drafting requirements for pronouncements that are responsive to their function in the framework. To further strengthen the proposal, ANAO recommends that the INTOSAI Professional Standards Committee (the Committee) considers clarifying how the existing General Auditing Guidelines in the ISSAI 1000 to 4999 series would fit into the proposed Framework. This could be achieved by a document mapping the existing ISSAIs to the proposed structure. If any of the existing General Auditing Guidelines are intended to become Auditing Guidance under the revised structure, we consider that the Committee should clarify whether any requirement or shall paragraphs would continue to be mandatory. I would also like to take the opportunity to acknowledge the work of the Committee in enhancing the Framework. The proposed structure is logical and will continue to be effective in allowing Supreme Audit Institutions to flexibly adopt the ISSAI standards in a manner appropriate to their jurisdiction. I m writing on behalf of the Chamber of Accounts of the Republic of Azerbaijan regarding FIPP s proposals on INTOSAI Framework of Professional Pronouncements. Please be aware the Chamber has no comments concerning Document on The Revised INTOSAI Framework of Professional Pronouncements FIPP thanks the SAI of Australia for its comments Taking into account the comments received, few modifications to the IFPP have been made. Please refer to the IFPP proposal document and Overview of ITC comments for more details. FIPP s proposed Strategic Development Plan clarifies the classification criteria and lays out a roadmap for the migration process for incorporating the existing ISSAIs into IFPP, by following the due process FIPP thanks the SAI of Azerbaijan for its comments. 2/41

3 SAI Bahrain *2* *3* and expresses the readiness to support fully these innovations. Please find below National Audit Office Comments on the IS- SAI Framework. 1. IFPP is complicated, we suggest in simplifying it. 2. The IFPP shows no clear relation between the three groups (INTOSAI Principles, ISSAI, INTOSAI Guidance). FIPP thanks the SAI of Bahrain for its comments FIPP will work towards the greatest possible level of simplicity Noted. Clear links between the different levels/types of document will be ensured during the migration process and also through the revised numbering system. *4* 3. It seems that the Framework has been mostly revised based on the current/existing four levels of ISSAIs standards, without reviewing the need of all the current standards. Therefore all standards (More than 80 ISSAIs) have been transferred to the IFPP. Each existing ISSAI will be reviewed, including a review of its continued necessity as part of the migration to the revised framework *5* 4. We suggest to shift SAI organizational requirements SAI level from ISSAI group to INTOSAI Principles group. Please see response to comment *1* (SAI Australia) *6* *7* 5. We suggest to look over the following parts of the IFPP: a. Competency standards b. Competency guidance c. other guidance 6. The draft paper states that one of the improvements of the current framework will "reflect the need to reduce the As suggested by SAI Bahrain and comments received from other SAIs, FIPP has looked into these parts relating to pronouncements on Competency, and clearly marked them as space reserved for future development, and have clarified their position with regard to ISSAI compliance. Refer to the IFPP proposal document and Overview on ITC comments Noted. One of FIPP s aims is to ensure greater clarity as to which standards have to 3/41

4 number of ISSAIs that have to be implemented". And while the reduction and revision of INTOSAI GOVs is clearly explained in the document, the methodology of reducing the number of ISSAIs is not clearly stated, thus making it unclear to understand the details of applying the abovementioned key change. be adhered to in order to claim ISSAI compliance. *8* *9* 7. The components and classification within the second part of INTOSAI Principles (Core Principles) might need further clarification, for instance, does it include the current ISSAI10 to ISSAI40? and is ISSAI10 (Mexico Declaration) classified within the first part (Founding Principles) or the second part? 8. The components and classification within the first part of audit standards in the revised framework (SAI Organizational Requirements) might need more clarification as well. For instance, how is it distinguished from the founding principles which have some SAI organizational elements? and whether any current pronouncements would be classified within this category (which could serve as an example of the pronouncements that fit within this category)? Agreed. FIPP considers that Founding Principles have historical significance and are aspirational in nature, which can be used as a reference to establish SAIs mandates. The core principles establish high level prerequisites for professional functioning of SAIs. Hence, both founding principles and core principles have an overarching significance for the IFPP framework, and are thus at the highest level in the revised framework. Agreed. Please refer to preceding comments *10* 9. The IFPP diagram show that a Competency Standard will be added in addition to Auditing Standard, but the Competence is already covered by (ISSAI 30 chapter 5: Competence). So is that mean they will move it from level 2 (Prerequisites for the Functioning of Supreme Audit Institutions) to level 3 (Fundamental Auditing Principles)? FIPP is aware that competency is covered to some extent in the present ISSAIs 30 and 100. In the current ISSAI framework, ISSAI 100 establishes important linkages with levels 1 and 2 respectively. The competency standards, principles and guidelines which will draw from and elaborate from the ISSAIs mentioned above have 4/41

5 been identified has an area for future development under IFPP, and will also take into account The competency framework being developed by the Task Group on INTOSAI Auditor Certification. SAI BOTSWANA COMMENTS ON THE INTOSAI FRAMEWORK OF PROFESSIONAL PRONOUNCEMENTS SAI BOTSWANA Key Change 1 The use of the word Pronouncements in the Revised INTOSAI Framework of Professional Pronouncements (IFPP) is well encompassing and consistent with the proposed rearrangement of the Framework, which besides the standards also include two other groups of documents namely the INTOSAI principles ( INTOSAI P) and the Auditing Guidance (GUID). The narrative explaining the nature and purpose of these documents is simple and precise. Key Change 2 The ISSAI brand clearly captures the definition, scope and relevance of the standards. The brand is also consistent and comparable with other Frameworks used for a similar purpose, particularly the ISA upon which the development of the ISSAI is based. Key Change 3 The mandate of SAIs is to audit the public sector therefore only the documents that set out requirements to support the fundamentals of public sector auditing, which assists SAIs to effectively pursue their mandate. Key Change 4 Other documents may be included to enhance the quality of information and provide a bigger picture and further illustrate the strategic intention of the pronouncement. The inclusion or link is also necessary to improve reference to other relevant FIPP thanks the SAI of Botswana for its comments and notes its concerns regarding the difficulty in implementing ISSAIs. 5/41

6 information. However, there should be a clear explanation of their nature, relevance and relationship to mandatory standards. SAI Bulgaria SAI Czech Republic Key Change 5 The endeavour to apply the current number of ISSAIs has been a challenge owing to their volume and requirements, and this has impacted negatively on the implementation process particularly for SAIs that lack adequate numbers of professional staff. It is desirable to work with a lesser number and volume of standards. However, a balance has to be maintained to ensure that quality is not compromised for the sake of comfort. The BNAO approves of and supports the initiative to develop a revised INTOSAI Framework for Professional Pronouncements - IFPP. The seven key changes, while taking into account the achieved so far, provide a more modern approach for meeting the objectives and the expectations from the INTOSAI professional standards framework. The IFPP will allow for a clear distinction to be made between standards and other categories of pronouncements guidance, good practice, etc. The diagram provides a good visualization of the proposed changes and of the nature and hierarchy of the different kinds of pronouncements. Thank you for sending us the draft of the framework of the Forum for INTOSAI Professional Pronouncements. We appreciate your effort very much. I would like to inform you that our Supreme Audit Office of the Czech Republic finds this document relevant as regards the plans and intentions of the FIPP. We think that the seven key changes are formed clearly and we have no objections to their wording. We welcome the intention to reduce the number of ISSAIs as mentioned in point 5 of the document. Also, we think that the scheme is comprehensible and it clearly shows the differences between standards and other catego- FIPP thanks the SAI of Bulgaria for its comments. FIPP thanks the SAI of the Czech Republic for its comments. 6/41

7 ries. SAI ESTONIA EUROSAI SAI FINLAND *11* We wish you good luck in your future work and we are looking forward to our next cooperation. Thank you for distributing the ISSAI Framework for commenting. The NAO of Estonia has no comments on the document. Thank you for inviting us to comment on the revised INTOSAI Framework of PP. We believe that the 7 changes you proposed will definitely improve the current framework and will make ISSAI compliance easier for INTOSAI community. We also highly appreciate how clear and concise the paper is and we hope that simplicity and clarity continue guiding the process. We think that the objectives of the paper have been achieved successfully. In particular, the division in standards and other documents makes the proposed structure clearer than the present is. As for the format and quality requirements of the future documents, supplementary information is needed and may be provided when the renewal of the framework will be started. We also found the division into INTOSAI framework and ISSAI standards well justifiable. It is good that the ISSAIs has been separated clearly as a separate entity. This will also clarify what part of the framework must be complied in order to tell that the audit has been conducted in compliance with the standards. It is also useful to distinguish the INTOSAI competency framework as a separate entity. This subparagraph of the framework is likely to develop in the future and it is good that its importance has been emphasized by raising it as a separate element. FIPP thanks the SAI of Estonia for its comments. FIPP thanks EUROSAI for its comments. FIPP thanks the SAI of Finland for its comments. See response to comment *10* above (SAI Bahrain). 7/41

8 *12* We are particularly satisfied that the INTOSAI-GOV documents are to be reviewed. As pointed out in the paper, even if the INTOSAI GOVs include a lot of valuable information they also contain parts that should not be included in the auditing standards (or in the INTOSAI framework) as at present. SAI GERMANY SAI HUNGARY Thank you very much for inviting us to comment on the revised INTOSAI Framework of Professional Pronouncements! In our opinion, the FIPP s proposal meets its purpose to improve credibility, make the framework authoritative and enhance technical quality excellently. We therefore have no comments on the document submitted on 17 June The State Audit Office of Hungary considers enhancing the practical utilisation of international audit standards and strengthening their authoritative character as its important task. Bearing that in mind, we provide our comments on the draft proposal on the revised INTOSAI framework as follows: FIPP takes note of the wide - and diverging comments received on the INTOSAI-GOVs. After consideration of the comments received, the IFPP has been modified and the category of INTOSAI-GOVs is not retained separately but merged with the category of Guidelines on specific subjects into the new category designated as GUIDs. FIPP thanks the SAI of Germany for its comments. FIPP thanks the SAI of Hungary for its comments. *13* *14* In our opinion, the draft proposal offers adequate response to the challenges in the current framework of ISSAIs, although we suggest considering our following comments: We think that it is of utmost importance that the new framework should support effectively the implementation and the use of ISSAI standards in different ways (as set out in the principles of ISSAI 100) and thus the auditors work, respecting the differences that exist in the mandate and operation of SAIs. The structural interrelation of standards at different levels based on the principles of SAIs independence should ensure flexibility and enhance the adaptation to the changing audit environment, as well as the possibility to use the standards as a basis on which SAIs can establish their own standards. Competency principles and standards are planned to be ac- Agreed. INTOSAI s Framework of Professional Pronouncements is being designed to accommodate differing mandates. As a result of comments received, FIPP rec- 8/41

9 IIA commodated among ISSAIs too, as set out in the draft proposal. The development of INTOSAI standards regarding auditors competency might support the professionalism of SAIs but this work should take into consideration the differences of the legal systems (in particular the educational systems) and resources available for SAIs. This makes it necessary to formulate these requirements in general terms, or not to present them among ISSAIs at all. Hopefully our comments might contribute to the efficiency of the future changes in the framework of ISSAIs. On behalf of more than 185,000 global members of The Institute of Internal Auditors (IIA), I am pleased to provide our observations and comments on INTOSAI s revised Framework of Professional Pronouncements (IFPP). The IIA values its relationship with INTOSAI, including the formal Memorandum of Understanding that we have with the Professional Standards Committee and the opportunity to support its work through representation and participation on some of its key subcommittees. We applaud the work of the FIPP and the resulting seven key changes proposed for the current framework. The naming of the framework and its parts serves to clarify and enforce important distinctions while maintaining the International Standards of Supreme Audit Institutions (ISSAI) brand, which is widely respected especially among Supreme Audit Institutions. In particular, the disaggregation of existing components into principles, standards and mandatory and non-mandatory guidance is both logical and consistent with the motivations of these revisions. As well, it is highly reflective of the approach taken by IIS in order international Professional Practices Framework (IPPF). In our view, it is very important that the framework be truly comprehensive, and this is achieved through the pre-eminence afforded ISSAI 100 and through the inclusion of, or links to, all standards, principles and guidance, irrespective of which committee bears the responsibility for developing and maintaining them. Housing all INTOSAI prom- ognizes that, for various reasons, it will be better to modify the framework so that any future competency principles and standards (requirements) are outside the ISSAIs and thus not a requirement for ISSAI compliance. The issue of competency will be considered as part FIPP s Strategic Development Plan (SDP) and Due Process. FIPP thanks the IIA for its comments 9/41

10 ulgated standards and guidance under one common and comprehensive framework will be a very positive step forward. *15* IDI One of the stated goals of the proposed revisions is the reduction of the number of ISSAIs. It is our opinion that the volume of ISSAIs should not be an overriding concern. The need for any given standard must be judged from the context of professional practice, sufficiency, completeness, and what should be considered as truly mandatory. Taken as a whole, we believe that the changes proposed successfully address the eight challenges highlighted in the exposure document. On occasion, we have experienced confusion when reviewing ISSAIs that combine standards that are mandatory and guidance that is not. The separation of these elements will be a considerable enhancement towards their comprehensibility and utility. The suggested color-coding is a useful aid, but more significant is the need for distinctive content and structure for each of the elements. We support the intention to develop a competency framework that is clearly aligned with the framework and we believe the new structure amply accommodates this goal. We further concur that the INTOSAI Gov documents require careful consideration as they collectively cover a broader purpose than ISSAIs and contain much of that is of value, some of which may fall outside of the framework. We recognize that there is much work ahead arising from the planned changes and it is important that this is duly recognized and supported. It is likely that thought will need to be given to some recalibration of governance structures and the appropriate channeling of resources to achieve the intended changes in the next three years. We are willing to support this process through our continued engagement with INTOSAI. At the IDI we are delighted to see a revised framework for professional pronouncements. We commend the FIPP for their In its proposal (fourth bullet on page2), FIPP clearly distinguishes between mandatory standards (i.e. those standards that have to be implemented if the SAI wishes to assert compliance with the ISSAIs and nonmandatory guidance. This explicitly precludes the possibility of having mandatory guidance in the INTOSAI Framework. FIPP thanks the IDI for its comments 10/41

11 vision of streamlining the framework and segregating standards from guidance. This will go a long way in addressing some of the confusion that SAIs face regarding implementation and compliance with standards. Since the IDI has been engaged with supporting implementation since 2012, many of our comments and suggestions recorded below are from the perspective of implementation. In commenting on the framework we have also commented on both classification and need for content revision within individual ISSAIs. *16* *17* INTOSAI Principles (INTOSAI-P) We agree with the classification of ISSAI 1, 10, 12 under IN- TOSAI principles. However, we are of the view that both ISSAI 10 and ISSAI 12 have elements that need to be reflected under SAI organizational requirements. e.g. ability to publish reports is an organizational requirement as far as auditing standards are concerned. Similarly having an effective stakeholder engagement is an organizational requirement. Since its adoption ISSAI 12 has become a driving force for the work that we do and support provided to SAIs. In our view ISSAI 12 on Value and Benefits should contain only those principles that define SAI outcomes and impact. Any principles that refer to SAI capacity need to be separated out. The concept of auditing in public interest and what this means is at the core of the value that SAIs deliver. As such this needs to be suitably incorporated in ISSAI 12. UN s Sustainable development goals is another concept that needs to be incorporated in ISSAI 12. Auditing Standards ( ISSAIs) SAI Organisational Requirements (SAI Level) The classification criteria states that meeting the requirements at organizational level is a pre condition for claiming ISSAI compliance. If this is the case then the compliance requirements in ISSAI 100 would need to be revised as they currently refer only to the audit engagement. In response to the comments received, the IFPP has been modified. The classification criteria have been further fine-tuned to make a distinction between the overarching INTOSAI Principles (INTOSAI-P), the International Standards of Supreme Audit Institutions (ISSAIs) and the supporting INTOSAI Guidance (GUID) Comments regarding IS- SAI 12 will be examined as part of the migration plan. As part of drawing up its proposal for the INTOSAI strategic development plan, FIPP will analyze the actions necessary to implement the new IFPP and the priorities to be accorded to these actions. It will also consider whether ISSAI 100 should be given further prominence in the red box, above 11/41

12 SAI organizational requirements IDI raises valid points about the inclusion of organizational level requirements in ISSAI 100. FIPP will reflect this in the next version of its proposal ISSAI 100, paragraph 35 establishes the requisite organisational requirements. However, better clarity on this linkage will be brought out as part of the mapping exercise to be undertaken by FIPP *18* *19* *20* *21* We also wonder if it would be possible for a SAI to claim audit compliance in individual audits without claiming such compliance at an organization wide level. e.g. SAIs may conduct individual pilot audits/cooperative that are ISSAI compliant, but may still need to work with their organizational systems for quality and implementation of code of ethics. The revised ISSAI 30 speaks to both SAI level and individual level ethical requirements. According to its placement in this classification ISSAI 30 should contain only the SAI level requirements. Does this mean that ISSAI 30 will be then be revised immediately after the approval of the revised version at INCOSAI 2016? We currently miss ISSAI 20 in the examples. Assuming that it will be placed at this level, we would recommend the same consideration be applied to ISSAI 20. ISSAI 40 currently contains ISQC 1 key principles, key principles as adapted for SAIs and application guidance. When IS- FIPP considers that organisational requirements set out in the standards must be met to claim compliance, but will seek to clarify this further The flexibility that may be required by the SAI to claim compliance to ISSAIs should be within the scope suggested in ISSAI 100, paragraph 8. The revised framework has been designed to clearly indicate the pronouncements that must be complied with to achieve ISSAI compliance. As part of drawing up its proposal for the strategic development plan, FIPP will consider whether further work needs to be done in the area of organizational requirements Noted Noted 12/41

13 SAI 40 is placed at SAI organizational requirements level there is a need to review it in terms of determining what should be kept as requirements and what needs to be moved as guidance. *22* *23* *24* Fundamental Principles of Public Sector Auditing (engagement level ) Since ISSAI 100 defines audits done by SAIs, this may also be the appropriate place to speak of auditing in public interest and how the three audit methodologies achieve this principle. We would also recommend that the definitions of the three audit methodologies be elaborated to include the envisaged outcomes of the methodology. There is currently much confusion on the use of the terms adoption, implementation, compliance in terms of ISSAIs. We believe that it is necessary to clarify these terms. In our experience during the 3i programme, we have not come across an SAI that fully complies with all applicable requirements. However, all the SAIs that we have worked with have shown strong will to implement ISSAIs and have taken many initiatives in that direction. Since ISSAI implementation is a long-term vision, SAIs that are in the process of implementation need an option that lies somewhere between zero compliance and full compliance. This need is especially acute in case of SAIs that do not have national standards to fall back on. We therefore recommend that ISSAI 100 provides an option for SAIs that are in the implementation process to say that they have used ISSAIs (specifying the ISSAIs or requirements used and those not used). Audit Principles and Audit Standards We agree with the suggestion of placing the practice notes under guidance. In the absence of practice notes only the ISAs remain. Can these then be referred to as ISSAIs? The revised ISSAI 3000 and 4000 incorporate all the requirements reflected in ISSAI 300 and ISSAI 400. In case of financial audit, with the practice notes transferred under guidance, Noted FIPP considers that this issue is beyond its immediate terms of reference. However, it notes that a number of projects are under preparation (such as the FAS preconditions project) that may begin to address the issue raised by IDI AS FIPP clarifies the guidance on claiming ISSAI compliance, it will give further consideration to how SAIs in the implementation process might explain this to users of their reports After further examination, FIPP considers that it is appropriate to maintain application material that explains the requirements at the level of the standards. FIPP considers that the practice notes (largely) explain the application of the ISAs in the public sector 13/41

14 *25* *26* *27* only the ISAs remain. As such we are of the opinion that it would be better to have one level of auditing standards. We propose that current level 3 and 4 be merged for the respective audit streams so that is only one single level for standards. This will provide a single benchmark for SAI s to strive towards. SAIs can then have the option of complying with INTOSAI auditing standards or can use their own auditing standards that are aligned with INTOSAI auditing standards. The INTOSAI auditing standards can also be used by SAIs for developing their own auditing standards. Merging the two levels will not only streamline the standards but also provide a clear direction for implementation and moving towards compliance. In case of Compliance and Performance Audits, there may be a need to increase the number of requirements in order to define all elements of the audit practice required for compliance. e.g. requirements for quality need to be aligned to detail in ISSAI 40 requirements, requirements for documentation and risk assessment also need to be more detailed. We have also reflected on IT audit. While we agree that IT audit is not a separate methodology, we still feel the need to include IT considerations and requirements under the three audit methodologies. For example under the requirements on understanding the entity there could be an additional requirement the auditor shall obtain an understanding of the information system, including the related business processes of the entity. We do not see the need for providing for other engagements under audit standards. In our experience all SAI audit engagements can be categorized into the three audit streams. We recommend that the competency standards (ISSAI-C), also specify SAI organizational requirements, fundamental principles and individual competency standards for financial, performance and compliance audit. The distinction between competency principles and competency standards would not context, rather than providing guidance on how the ISAs should be applied in practice. Thus, it considers that, after a review of their content to extract any purely guidance material, the PNs should remain at the level of standards, rather than guidance. Noted By including other engagements, FIPP is trying to future-proof the framework. Noted. See response to comment *14* above (SAI Hungary) 14/41

15 be necessary. SAI INDONESIA *28* *29* First of all, we would like to congratulate INTOSAI Professional Standards Committee (PSC) and Forum for INTOSAI s Professional Pronouncements (FIPP) for successfully creating the new INTOSAI framework, The INTOSAI Framework of Professional Pronouncements (IFPP). We agree that FIPP has now reached its first important milestone by completing the draft proposal for an improved framework. We reviewed the draft proposal and considered the seven key changes and the distinctions between standards and other main categories of pronouncements. We observe that there are several issues that need to be considered for the improvement of the draft proposal, as following: The revised framework so called INTOSAI Framework of Professional Pronouncements reflects the fact that it includes documents other than ISSAIs (standards). However, there is no clear definition about pronouncement, principle, standard, and guidance. Hence, the document need to be added by footnote that will explain clear definitions about pronouncement, principle, standard, and guidance. The IFPP reflects the need to reduce the number ISSAIs that have to be implemented to achieve ISSAI compliance, thereby facilitate easier ISSAI implementation. We observe that the changes on the current framework would not only reduce the number of ISSAIs but also, most importantly, would harmonize the current framework by merging substantively several ISSAIs on the same topic or issues to be one compact and comprehensive ISSAI. This also helps many redundancy on ISSAIs that have similar topic or issue. The revised framework have embraced meaningful explanation to implement changes on the red diagram (Standards) and the blue diagram (Auditing Guidance). By contrast, the green diagram has not been provided about how to implement changes on INTOSAI Founding Principles and Core Principles. FIPP thanks the SAI of Indonesia for its comments In this context, the word pronouncement is used to cover the full range of principles, standards and guidance adopted by INTOSAI in accordance with its due process. Noted 15/41

16 It is intended that we need also to provide appropriate explanation on how the implementation on the green diagram because it will provide a clear understanding and an overarching scheme about the founding and core principles of INTOSAI. *30* *31* *32* In addition, ISSAI 100 on paragraph 7 mentions that ISSAI 100 establishes fundamental principles which are applicable to all public sector audit engagements, irrespective of their form or context. The principles in no way override national laws, regulations or mandates or prevent SAIs from carrying out investigations, reviews or other engagements which are not specifically covered by the existing ISSAIs. We observe that national laws, regulations or mandates need to be attributed as core principle in green diagram so that, in principle and practice, SAIs that by national laws, regulations or mandates have slightly different condition compared with the principles on the Founding and Core Principles would not be in position of politically and professionally different with those by national laws, regulations, or mandates have conformity with INTOSAI Founding and Core Principles. We observe the change on the INTOSAI framework demands many changes on current INTOSAI documents. Most importantly, ISSAI 100 foremost need to be adjusted. This becomes critical because we will update almost all ISSAIs due to changes on the framework whether in minor or in substance. Hence, this should be put as a challenge that need to added in the paper. We recognize the legitimacy of concerns in cases where national standards are being applied. There is a need to provide more clarity on the interpretation of paragraph 8 of ISSAI 100. Therefore we have proposed a future project which FIPP will undertake to address this issue We agree that a change in the framework demands changes in the current INTOSAI documents to ensure that they are consistent with ISSAI 100 which remains central in the new framework. *33* For example, refer to ISSAI 100 paragraph 7, INTOSAI recognizes three types of audits, financial audit, performance audit and compliance audit. In paragraph 23, it is mentioned that SAIs may carry out audits or other engagements on any subject of relevance to the responsibilities of management and those charged with governance and the appropriate use of public resources. However, in the development of audit world, there could be new type of By including other engagements, FIPP is trying to future-proof the framework. 16/41

17 SAI s audit or engagement that will be attributed in the future such as investigatives, reviews and agreed upon procedures. IFPP also have embraced this condition by creating new box (Other Engagements) in the new framework reserved for future development. This change, substantively, need adjustment on the ISSAI 100. *34* *35* *36* Another example is about paragraph 9 that states an SAI may declare that the standards it has developed or adopted are based on or are consistent with the Fundamental Auditing Principles only if the standards fully comply with all relevant principles. Conversely, it is conflicted with the statement on paragraph 7 that states the principles in no way override national laws, regulations or mandates or prevent SAIs from carrying out investigations, reviews or other engagements which are not specifically covered by the existing ISSAIs. There could be by national laws, regulations or mandates an SAI could not fully comply with the ISSAIs, so in this case, we need to adjust and harmonize the statements in ISSAI 100 for such issue. GAO Yellow Book and Indonesian SAI State Finance Audit Standard provide a linkage between auditing standards and competency standard. The explanation on current ISSAI framework about competency standard only could be find in the ISSAI 12 on The Value and Benefits of Supreme Audit Institutions making a difference to the lives of citizens. With the new framework that add competency standards in the IFPP, we observe that we need to consider to provide a linkage between auditing standards (Financial Audit, Performance Audit, Compliance Audit, Other Engagements) and competency standard in the new frameworks and standards. As an SAI that has been continuously growing for the last decade, the Audit Board of the Republic of Indonesia has experienced a series of capacity building efforts to better improve the quality of organization and system assisted by IN- TOSAI Development Initiative s (IDI). We observe that the in- This is not a conflicted situation relevant paragraphs of ISSAI 100 exist to prevent any such conflict arising. However, further clarification on ISSAI 100 will be taken up as a project, as mentioned at comment 21 above Noted. We note that there are elements of auditor competence also in ISSAI 100 (see, for example, paragraph 39) Regarding the issue of competency, see response to comments *6* (SAI Bahrain) and *14* (SAI Hungary) above Noted 17/41

18 stitutional capacity development is very crucial for an SAI to advance SAI maturity to be more professional, transparent, and accountable. By the spirit of the founding and core INTO- SAI principles, we believe that institutional capacity development for SAIs around the world could be considered as one of the pronouncements in the INTOSAI Framework of Professional Pronouncements that might help SAIs to build a standardized institutional capacity development to better reflect the spirit embraced in the founding and core INTOSAI principles. Lastly, we hope that all inputs above could enrich the improvement of the INTOSAI Framework of Professional Pronouncements. We also expect that the new framework will escalate the reputation of INTOSAI in the future as well as will enhance the credibility of INTOSAI s Professional Pronouncements, further the use of the ISSAIs as the authoritative standards for public sector auditing and provide relevant and practical guidelines for public sector auditors around the world. SAI IRELAND SAI JAPAN *37* We have no comments on your proposal concerning the ISSAI Framework from the chair of the Professional Standards Committee. The Board of Audit of Japan would like to comment as follows. We agree with the overall direction to make a clear distinction between the standards which are mandatory for ISSAI compliance and the non-mandatory guidance in order to enhance the credibility and quality of IFPP. While we value FIPPs efforts to clarify the core competency for SAIs, it would be too strict to set Competency Standards (IS- SAI-C) as mandatory standards for ISSAI compliance although we don t know the concrete contents of ISSAI-C which haven t been disclosed yet. It is natural that each SAI has its own capacity building systems in accordance with its environment including its national laws & regulations. In such diverse circumstances, it would not necessarily be the best approach for FIPP thanks the SAI of Ireland for its comments FIPP thanks the SAI of Japan for its comments The issue of competency will be considered as part FIPP s Strategic Development Plan (SDP) and Due Process. Also see response to comment *14* above (SAI Hungary) 18/41

19 SAIs to follow the unified standards about capacity building. Thus, we would suggest setting ISSAI-C as non-mandatory guidance. I greatly appreciate the PSC and FIPPs continued commitment and effort. SAI KUWAIT SAI LATVIA Dear colleagues, We would like to inform you that we don't have any comments. the State Audit Office of the Republic of Latvia has examined the draft framework and would like to raise your awareness regarding some of the proposed topics. FIPP thanks the SAI of Kuwait for its comments FIPP thanks the SAI of Latvia for its comments *38* *39* In the Annex 2 Classification Criteria for the INTOSAI Framework of Professional Pronouncements under the category number 8 (Financial Audit Standards) it is indicated that the corresponding standards are in conformity with the ISSAI audit principles included beforehand which bear a resemblance to and are related to the IPSAS standards. In the meantime the Supplementary Financial Audit Guidance materials i.e. Practice Notes in ISSAI 1200 to 1810 have been introduced with the purpose to serve as the guidance materials for implementation and adaption of the IPSAS standards according to the unique situation and needs of the public sector audit. Until this moment the implementation of the guidance of the practice notes held a fundamental role in the process of adapting the financial audit ISSAIs and implementing them in accordance with the needs and purpose of public sector auditing. We believe that exclusion of the practice notes from the ISSAI auditing standard category would significantly reduce the practical value of such notes. Thus we would kindly suggest evaluating the true effect of making the practical notes non-compulsory and reconsidering their following exclusion from the Financial Audit ISSAI category. (Joint response to comments *38* and *39*): FIPP considers that standards are supported by application material like Practice Notes that are relevant to ensure that the fundamental principles and requirements are understood and applied as relevant in the individual circumstances of the engagement. Thus, most of the practice notes, after review, are likely to be retained as application material under the ISSAI. See response to comment *24* above (IDI) 19/41

20 SAI LITHUANIA Dear Colleagues, We are writing to you regarding the request to comment on the proposal concerning the ISSAI Framework from the chair of the Professional Standards Committee. We support the proposed IFPP framework and have these additional suggestions to the proposed diagram, to make it more explicit: FIPP thanks the SAI of Lithuania for its comments *40* As long as ISSAIs addressing compulsory requirements for financial, performance and compliance audits are considered, we would like to see numbers of particular ISSAIs next to the corresponding box. For example: Financial Audit Principles (ISSAI 200), Financial Audit Standards (ISSAI ), Performance Audit Principles (ISSAI 300), Performance Audit standards (ISSAI ), etc. This is especially important for all the boxes in the red zone, where compulsory requirements for stating compliance to ISSAIs are listed. But also this is applicable to the blue-zone : Supplementary financial audit guidance (GUID ), Supplementary performance audit guidance (GUID ), etc. FIPP will consider a mapping exercise as part of the migration process. *41* We suggest to change numbering of Financial Audit Standards respectively: 1000 à2000, 1003 à2003, 1200 à2200, to show their subordination to ISSAI 200 Noted. FIPP will review the numbering of the INTOSAI pronouncements as part of its ongoing work *42* Seeing SAIs mandate in much broader perspective (not only as an audit body), we suggest that pronouncements not primarily intended for SAIs would have their place in the new IFPP too. Such pronouncements as INTOSAI-GOVs should be incorporated at the GUIDs level this level might have two FIPP considers that all pronouncements are primarily intended for SAIs, either at the SAI organisational level or at the engagement level. Therefore, INTOSAI-GOVs and a number of ISSAIs will need to be reviewed for 20/41

21 SAI MEXICO *43* *44* *45* sections: Auditing Guidance and Guidance for Public Sector. We agree that only requirements that are placed in the red-zone should be named as ISSAIs and the ones in the blue-zone GUIDs. We fully support the idea of enhancing the ISSAI 100 as the central standard for government auditing. We also agree in setting clearly the differences between standards for the SAI level and for the engagement level. In essence, we do agree with the terms of the proposal; however, there are some issues we would like to express: 1. The INTOSAI Framework of Professional Standards (IFPS), currently in force, was subject to approval by the INCOSAI in If it is changed, is it necessary to be submitted for endorsement of the XXII INCOSAI, in December 2016? 2. The IFPS is a paper (an official document) endorsed by an INCOSAI. All PSC s official documents have to be issued in light of the Due Process for INTOSAI Professional Standards (also known as just Due Process ). Should the IFPP be subject to the complete Due Process, including aspects such as formally requesting comments on the project and obtaining all necessary authorizations, ending with the INCOSAI endorsement? 3. It is not clear if the number classification is going to be maintained, or if the numbers themselves (i.e. ISSAI 100, IS- SAI 1000, etc.) are going to change. It seems that, at least inclusion in the IFPP to ensure that they address directly SAIs and/or auditors and to eliminate any redundancies or overlaps with other pronouncements FIPP thanks the SAI of Mexico for its comments Assuming the proposal to move towards the IFPP is endorsed by the 2016 Governing Board meeting, FIPP will work towards having the revised framework ready in time for the 2019 INCOSAI. In 2016 it will seek from the Governing Board/INCOSAI a decision in principle on the revised framework and, by implication, a mandate to migrate towards the revised framework, through a revised due process. In continuation of the response above, once the framework is approved in principle by the INCOSAI, the individual INTOSAI pronouncements will go through the revised due process FIPP will review the numbering of the INTO- SAI pronouncements as part of its ongoing work 21/41

22 for the Lima and Mexico Declarations, there will not be any classification number. *46* *47* *48* 4. Comments should be included in connection with the ongoing ISSAI s implementation efforts at the level of each SAI. For example, in Mexico, the IFPS (in force as of today) has been adapted for the public sector auditing at both, the three government levels, and also at the internal and external audit in governments. Another effect to express is related to the ongoing process of implementation with cooperation of IDI, including the translation and adaptation of the 3i Programme. There should be an urgent need to reflect the new classification in the implementation tools and, in other instances, in the national and subnational classifications, already adopted. Is there going to be a transitional period? 5. Governmental Auditing has been defined as a multidisciplinary professional activity. In it, different types of competencies can concur, such as accounting and auditing, law, economy, finance, etc. It might not be possible to consider, in general terms, the competency requirements, seen as standards. According to local necessities (legal, technical or otherwise), certification programmes can be established individually by each SAI. FIPP (and IDI) is aware of the potential issues arising from changes in the framework and will attempt to these into account in its ongoing work. See response to comments *6* (SAI Bahrain) and *14* (SAI Hungary).above *49* *50* 6. The distinction between INTOSAI founding principles and INTOSAI Core Principles should not be established. We suggest to classify both, the Lima and Mexico Declarations under the same name since both could be considered as founding principles and the core principles could comprise those contained in ISSAI If one of the aims of the new framework is to provide a clearer distinction between the words: standards, require- See response to comments *8* and *9* above (SAI Bahrain) Key terms will be defined in the document FIPP will prepare on the revised classifica- 22/41

23 ments, guidelines, principles and pronouncements, we recommend to include a glossary to clearly describe the difference between such words. Also, the possible effects of such words, after the corresponding translation, should be considered. This happens in the Spanish language since, sometimes, words can be used under several meanings tion criteria for the IFPP SAI MOLDOVA SAI MYANMAR SAI NETHERLANDS Following your request dated 17 June 2016, regarding the examination of the INTOSAI Professional Standards Framework, presented at the Copenhagen meeting on May 2016, the Court of Accounts of the Republic of Moldova informs you about the lack of objections on the submitted proposals, as well as that we encourage the initiative of the Forum for IN- TOSAI Professional Pronouncements (FIPP) concerning the revision of the ISSAI s. With regards to your mail dated 17th of June 2016 for comment on "The INTOSAI Framework of Professional Pronouncements", we would like to inform you that we have normally no comments on that framework after we went through the draft. First of all the Netherlands Court of Audit (NCA) would like to express its appreciation of the work performed by the Professional Standards Committee (PSC). Over the years the INTO- SAI standards have become of more and more importance for the audit work in the public sector worldwide, and also for the audit work in the Netherlands. Not only for ourselves as SAI in the Netherlands but also for the government internal audit service. The draft proposal for comments of the revised INTOSAI Framework for Professional Pronouncement clearly shows the good ambition and work performed by the PSC and Forum for the INTOSAI Professional Pronouncements (FIPP). Inspired by this work we are happy to be able to give some comments for possible further improvements. 1 Comments on the structure and the proposed key changes FIPP thanks the SAI of Moldova for its comments FIPP thanks the SAI of Myanmar for its comments FIPP thanks the SAI of the Netherlands for its comments 23/41

24 1.1 Motivation of the need to restructure the framework In its invitation for comments on the proposed framework (IFPP) the PSC mentioned that the experience and feedback of the process has shown the there is a need to improve the overall framework. *51* *52* In its cover document with which the new framework IFPP is presented the FIPP mentions that the FIPP was asked to consider and propose how the ISSAI Framework can be further developed by: providing clearer distinction between auditing standards, other standards (requirements), guidelines, best practice documents, etc. covering both auditing, ethics, independence and capacity development; and providing clearer directions on the format and quality requirements for each of these different categories of documents. We would like to suggest to elaborate a bit further on the need for the fundamental restructuring of the framework. Neither the cover letter or the proposal contain any further analysis of the apparently existing problems, except that a clearer distinction and clearer directions are needed. Therefore it is not very well possible to assess whether the activities that are presented in the proposal will tackle the problems. If the major purpose of the restructuring of the framework is to (see invitation to comment): 1. enhance credibility, 2. further the use of the ISSAIs as authoritative standards, and 3. to provide practical guidelines for public sector auditors around the world, then we believe that other, more communication-focused, activities would better suit this purpose. Any restructuring of the framework would in itself not significantly contribute to the achievement of the mentioned purpose. 1.2 Division between mandatory requirements and further FIPP recognizes the issue that SAI Netherlands is raising. However, restructuring the framework is only one element in enhancing the credibility of the ISSAIs and promoting their use as the authoritative standards for public sector audits. Other reforms, such as the revision of due process, will be of equal, if not greater, importance in this process. FIPP would refer the reader to PSC s evaluation of the INTOSAI standard setting process (available at for a full description of the issues and proposed solutions. 24/41