Compliance Audit iCAT ISSAI Implementation Handbook. 141027 GT-2... · 2014-10-28 · Supporting...
Transcript of Compliance Audit iCAT ISSAI Implementation Handbook. 141027 GT-2... · 2014-10-28 · Supporting...
Supporting SAIs in implementing ISSAIs
Compliance Audit iCAT
Md. Shofiqul Islam Programme Manager
INTOSAI Development Initiative (IDI)
28 October 2014
1
ISSAI Implementation Handbook
Supporting SAIs in implementing ISSAIs
3i Programme Objective
Current Situation
ISSAI based audit practice
Support SAIs in developing countries in implementing ISSAIs
Level 2, 3 and 4 ( Financial, Performance &
Compliance Audit)
2
Supporting SAIs in implementing ISSAIs
3i Products for Compliance Audit
• iCAT (ISSAI Compliance Assessment Tool)
• ISSAI Implementation Handbook
• ISSAI certification programmes
• Community portal
• ISSAI based audit
3
Supporting SAIs in implementing ISSAIs
iCAT (ISSAI Compliance Assessment Tool)
4
iCAT Guidance
Supporting SAIs in implementing ISSAIs
iCAT
1 . The tool
• Map the practice to requirement
• Evidence based assessment of extent to which requirement is met
• Reasons for not meeting the requirements
2. Guidance
5
Supporting SAIs in implementing ISSAIs
iCATs
• It is Not an evaluation tool, but a mapping tool to identify detailed needs at level 4
• Created by a product development team in cooperation with Compliance Audit Subcommittee.
• Revised in 2014 to include Level 3
6
Supporting SAIs in implementing ISSAIs
Elements of CA iCAT
• Requirements
– Main
– Sub
• Reference of ISSAI
• Evidence for Compliance with Standards
• Reasons of non-compliance
• Reference documents
7
Supporting SAIs in implementing ISSAIs
Format of the iCAT
ISSAI Requirement
ISSAI Reference
Status of Compliance With Standards
Reasons for non compliance
Reference Document
Contains the ISSAI requirement in a brief form.
References the ISSAI requirement to the ISSAI.
Four options are available for status of compliance
Met
Partially Met
Not met
Not applicable
When the status of compliance is not met or partially met, the reasons for non compliance.
Mention the specific document, provision, system through which the SAI complies with the ISSAI requirement.
8
Supporting SAIs in implementing ISSAIs
Assessing Compliance
• Met
• Partially met
• Not met
• Not Applicable
9
Supporting SAIs in implementing ISSAIs
Challenges
• Identification of requirements
• Brevity of standards
• Scale used for assessment
• Implementation of ISSAIs
– Standard – methodology - audit practice - QA
10
Supporting SAIs in implementing ISSAIs
Mapping with Requirement - Example
• Requirement:
The auditor evaluates whether the evidence obtained is sufficient and appropriate so as to reduce audit risk to an acceptably low level.
11
Supporting SAIs in implementing ISSAIs
Example
• Main question: Determine whether the SAI has identified how the audit risk will be managed?
– in an audit manual, management decree, or other form of policy document
• Assessment: Partially met
• Justification of Assessment: Mentioned in guidelines – insufficient direction
12
Supporting SAIs in implementing ISSAIs
Example
Implementation Mechanism
• Main question: Question how the auditors ensure that the evidence they have gathered is sufficient and appropriate to reduce the audit risk. What procedures exist?
• Assessment: Partially met
• Justification of Assessment: No process is described. All activities are judgmental.
13
Supporting SAIs in implementing ISSAIs
Example
Documentation • Main questions: Assess whether the
evaluation of evidence is documented.
• Assessment: Partially met
• Justification of Assessment: As required by the National Audit Standards, the process of audit and all evidence should be documented., but in practice, this is not followed.
14
Supporting SAIs in implementing ISSAIs
Things to consider while doing iCAT
• iCAT should ...
– observe actions, not only compliance to legislation or manuals
– identify causes of the gaps
• iCAT should be conducted by: – A competent team with managerial position
– Broad-based consultative approach with cross section of staff
– Interview internal stakeholders and auditors
– External assistance can be utilized
15
Supporting SAIs in implementing ISSAIs
CA ISSAI Implementation Handbook
• Not manual
• How question
• CA Handbook
– Provides guidance and illustration
for setting up ISSAI based CA
audit practice
– Case study for conducting CA.
– SAI can use the handbook to facilitate the implementation of CA ISSAIs.
16
Supporting SAIs in implementing ISSAIs
1: Introduction and Basic Elements of Compliance Auditing
2: Main concepts of compliance audit 3: Planning and Designing a Compliance
Audit 4: Gathering Audit Evidence 5: Evaluating Evidence and Forming
Conclusion 6: Documentation and Communication 7: Reporting a compliance audit 8: Implementation Strategies for
compliance audit ISSAIs Case study
17
CA ISSAI Implementation Handbook
Supporting SAIs in implementing ISSAIs
Strategic consideration for SAIs
Implementing ISSAIs at Level 3 and Level 4
18
Supporting SAIs in implementing ISSAIs
SWOT analysis to determine implementation stratey.
19
Supporting SAIs in implementing ISSAIs
3i Community Portal
www.idicommunity.org
iCAT – English, Spanish and Arabic ISSAI Implementation Handbook For Compliance Audit
20
Supporting SAIs in implementing ISSAIs
ISSAI Certification Programme on Compliance Audit
• Ecourse on iCATs • Ecourse on Implementing Compliance Audit ISSAIs • Workshops on Facilitating ISSAI Implementation • PSC- IDI Certification
21
Supporting SAIs in implementing ISSAIs
ISSAI Facilitators, Mentors, Experts
9 participants, 7 certified.
Country
1 Albania
2 Bosnia & Herzegovina
3 Kazakhstan
4 Moldova
5 Turkey - 4
6 Ukraine
22
ISSAI Mentor – SAI Lithuania
ISSAI Experts- SAI Norway
Supporting SAIs in implementing ISSAIs
Way Forward
• Maintenance of products
• Update based on the development of ISSAIs
• Feedback to CAS based on the programme experience
• Whitepaper on professional development in INTOSAI
23
Supporting SAIs in implementing ISSAIs
Thank you!
www.idi.no
www.idicommunity.org
24