What does a reference to the ISSAIs mean?
The audit reports of a Supreme Audit Institution may report the results of a single audit (for example an audit of the financial statements of an entity for a certain year) or the results of a number of audits (for example a report to Parliament on audits carried out by the SAI in a certain year).
ISSAI 100 defines that audit reports may refer to the ISSAIs in the following way: … We conducted our audit[s] in accordance with the International Standards of Supreme Audit Institutions (ISSAIs)…
This means that the auditor claims to have observed all requirements in the ISSAIs that are relevant to the individual audits covered by the statement. Dependent on the objective of the individual audits, these will be defined by the financial audit standards ISSAIs 2200-2815 (the ISAs), the performance audit standard (ISSAI 3000) and/or the compliance audit standard (ISSAI 4000).
In order to enhance transparency, the statement may further specify which of these ISSAIs the auditor has considered relevant and applied. This may be done by adding the following phrase: The audit[s] was [were] based on the ISSAI[s] xxx [number and name of the ISSAI or range of ISSAIs].
The financial audit standards, performance audit standards, and compliance audit standards require that the individual audit be subject to a system of quality control and a code of ethics established by the SAI. A reference to the ISSAIs, therefore, also implies that the SAI complies with the relevant organizational requirements in ISSAI 130 and 140.
Alternatively, a SAI audit report may include a reference of the following form: …we conducted our audit in accordance with [standards], which are based on [or consistent with] the ISSAI 100 Fundamental Principles of Public-Sector Auditing and other relevant principles of the International Standards of Supreme Audit Institutions (ISSAI).
This form of reference is used in case the auditing standards applied in the audit or audits differ from the financial audit standards ISSAIs 2200-2815 (the ISAs), the performance audit standard (ISSAI 3000) and/or the compliance audit standard (ISSAI 4000). Instead, the auditing report refers to the fact that the auditing standards applied in the audit are either based on or consistent with fundamental principles of public-sector auditing defined by ISSAI 100 as well as the relevant auditing principles of ISSAI 200, 300 and/or 400.
The reference, therefore, reflects that the ISSAI 100 – Fundamental auditing principles provides a common basis for the ISSAIs as well as any other auditing standards developed or adopted by SAIs in response to their individual mandates and national circumstances.
A SAI may only declare that the standards it has developed or adopted are based on or consistent with the ISSAI 100 if the standards fully comply with all relevant principles in ISSAI 100, 200, 300 and 400. Such declarations may not only be made in the individual audit reports but can also be communicated by the SAI through other means of communication.