Compliance Audit icat. ISSAI Implementation Handbook. Md. Shofiqul Islam Programme Manager INTOSAI Development Initiative (IDI) 28 October 2014

Size: px

Start display at page:

Download "Compliance Audit icat. ISSAI Implementation Handbook. Md. Shofiqul Islam Programme Manager INTOSAI Development Initiative (IDI) 28 October 2014"

Simon Lucas
5 years ago
Views:

1 Compliance Audit icat ISSAI Implementation Handbook Md. Shofiqul Islam Programme Manager INTOSAI Development Initiative (IDI) 28 October

2 3i Programme Objective Current Situation ISSAI based audit practice Support SAIs in developing countries in implementing ISSAIs Level 2, 3 and 4 ( Financial, Performance & Compliance Audit) 2

3 3i Products for Compliance Audit icat (ISSAI Compliance Assessment Tool) ISSAI Implementation Handbook ISSAI certification programmes Community portal ISSAI based audit 3

4 icat (ISSAI Compliance Assessment Tool) icat Guidance 4

5 icat 1. The tool Map the practice to requirement Evidence based assessment of extent to which requirement is met Reasons for not meeting the requirements 2. Guidance 5

6 icats It is Not an evaluation tool, but a mapping tool to identify detailed needs at level 4 Created by a product development team in cooperation with Compliance Audit Subcommittee. Revised in 2014 to include Level 3 6

7 Elements of CA icat Requirements Main Sub Reference of ISSAI Evidence for Compliance with Standards Reasons of non-compliance Reference documents 7

8 Format of the icat ISSAI Requirement ISSAI Reference Status of Compliance With Standards Reasons for non compliance Reference Document Contains the ISSAI requirement in a brief form. References the ISSAI requirement to the ISSAI. Four options are available for status of compliance Met Partially Met Not met Not applicable When the status of compliance is not met or partially met, the reasons for non compliance. Mention the specific document, provision, system through which the SAI complies with the ISSAI requirement. 8

9 Assessing Compliance Met Partially met Not met Not Applicable 9

10 Challenges Identification of requirements Brevity of standards Scale used for assessment Implementation of ISSAIs Standard methodology - audit practice - QA 10

11 Mapping with Requirement - Example Requirement: The auditor evaluates whether the evidence obtained is sufficient and appropriate so as to reduce audit risk to an acceptably low level. 11

12 Example Main question: Determine whether the SAI has identified how the audit risk will be managed? in an audit manual, management decree, or other form of policy document Assessment: Partially met Justification of Assessment: Mentioned in guidelines insufficient direction 12

13 Example Implementation Mechanism Main question: Question how the auditors ensure that the evidence they have gathered is sufficient and appropriate to reduce the audit risk. What procedures exist? Assessment: Partially met Justification of Assessment: No process is described. All activities are judgmental. 13

14 Example Documentation Main questions: Assess whether the evaluation of evidence is documented. Assessment: Partially met Justification of Assessment: As required by the National Audit Standards, the process of audit and all evidence should be documented., but in practice, this is not followed. 14

15 Things to consider while doing icat icat should... observe actions, not only compliance to legislation or manuals identify causes of the gaps icat should be conducted by: A competent team with managerial position Broad-based consultative approach with cross section of staff Interview internal stakeholders and auditors External assistance can be utilized 15

16 Not manual CA ISSAI Implementation Handbook How question CA Handbook Provides guidance and illustration for setting up ISSAI based CA audit practice Case study for conducting CA. SAI can use the handbook to facilitate the implementation of CA ISSAIs. 16

1: Introduction and Basic Elements of Compliance Auditing 2: Main concepts of compliance audit 3: Planning and Designing a Compliance Audit 4: Gathering Audit Evidence 5: Evaluating Evidence

17 1: Introduction and Basic Elements of Compliance Auditing 2: Main concepts of compliance audit 3: Planning and Designing a Compliance Audit 4: Gathering Audit Evidence 5: Evaluating Evidence and Forming Conclusion 6: Documentation and Communication 7: Reporting a compliance audit 8: Implementation Strategies for compliance audit ISSAIs Case study CA ISSAI Implementation Handbook 17

18 Strategic consideration for SAIs Implementing ISSAIs at Level 3 and Level 4 18

19 SWOT analysis to determine implementation stratey. 19

20 3i Community Portal icat English, Spanish and Arabic ISSAI Implementation Handbook For Compliance Audit 20

21 ISSAI Certification Programme on Compliance Audit Ecourse on icats Ecourse on Implementing Compliance Audit ISSAIs Workshops on Facilitating ISSAI Implementation PSC- IDI Certification 21

22 ISSAI Facilitators, Mentors, Experts 9 participants, 7 certified. Country 1 Albania 2 Bosnia & Herzegovina 3 Kazakhstan 4 Moldova 5 Turkey Ukraine ISSAI Experts- SAI Norway ISSAI Mentor SAI Lithuania 22

23 Way Forward Maintenance of products Update based on the development of ISSAIs Feedback to CAS based on the programme experience Whitepaper on professional development in INTOSAI 23

24 Thank you!