Excel Sample Sheet 33587 | 05 Qc Analysis

Partial file snippet.

Sheet 1: Q1 - Q5

#
Country
Q1: Does your SAI have a:
a. Quality control system in place?

Q2: What is the scope of your SAI’s quality control and quality assurance systems?
Q3: What is the regulatory framework (law, guideline, procedure, standardized forms, ISSAI) that regulates the quality control system in your SAI?

Q4: In terms of organizational structure and level of responsibilities related to the quality control system: a) What is the organizational structure of the unit(s) devoted to such system within your SAI? (Please, attach your SAI’s organizational chart, if available.)
Q4: In terms of organizational structure and level of responsibilities related to the quality control system: b) What procedures has your SAI used to implement a clear assignment of authority and responsibilities level (hierarchical scheme) to its personnel?
Q5: To which extent could your SAI implement “ISSAI 40 – Quality Control for SAIs” and “ISSAI 1220 – Quality Control for an Audit of Financial Statements” considering its mandate, structure, risks and the kind of work that it does? If it is not possible, what quality control measures has your SAI implemented?

Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment

1
Afganistan
YES

YES

Supreme Audit Office (SAO) Afghanistan has put in place a quality control mechanism as per the ISSAI 40 Quality Control for the SAIs, which are reflected in all stages of the audit process as per the relevant ISSAIs, in strategic planning and implementation, HR management subject to national requirements, code of conduct and ethical requirements as per ISSAI 30 Code of Ethics, etc.A separate Internal Audit & Quality Control (IA&QC) Directorate headed by a Director functions directly under the Auditor General, which is responsible for internal audit of the directorates / departments of the SAO as well as for quality assurance review of the works and reports of the audit parties. The quality control and quality assurance is aimed at covering the institutional processes. Internal audit function is being further strengthened. SAO has undergone SAI-PMF assessment in 2016-17. It is also covered under the World Bank’s PEFA Assessment.
Reflected in all stages of the audit processes and institutional processes.
ISSAI 40 Quality Control for SAIs (SAO’s Quality Control Manual/Guidelines).ISSAI 30 Code of Ethics (SAO’s Code of Ethics). SAI-PMF and PEFA frameworks for assessments. Quality control procedure is applied at planning, implementation and reporting stages
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
A separate Internal Audit and Quality Control Directorate headed by a Director and directly reporting to the Auditor General. It includes Quality Control Dept. and Internal Audit Dept. as well. Organizational Chart at Annex-1.
Directly reporting to the highest level of authority.
The Auditor General and Dy. Auditors General are appointed by the President and work as per provisions of the Audit Law.All directors are appointed by the Civil Service Commission (Presidential Order) and report to the Auditor General/Dy. Auditor General.All Department heads, Audit staff and managers are tied to reporting hierarchy as per the Civil Service (Tashkeel) structure. The directorate headed by a director and reporting to Auditor General has two departments of IA and QC with two separate heads. They are organised as per the Civil Service norms of the country called Tashkeel.
Auditors General are appointed by the President. All directors are appointed by the Civil Service Commission. The directorate headed by a director and reporting to Auditor General has two departments of IA and QC with two separate heads.
SAO is implementing ISSAI 40 for its audit process and management (SAO’s Quality Control Manual).At present, SAO engages in two sets of financial audit engagements, (i) audit of the national Government’s annual financial accounts called Qatia Accounts, and (ii) audit of World Bank’s grants projects financial statements (about 40 projects annually). For the these audits, the quality control as per ISSAI 40 as well as ISSAI 1220 mutatis mutandis are applied. The responsibility of quality control of Qatia accounts audit is with a specially designated Qatia Audit Commission and the responsibility for quality control and assurance for the World Bank’s grants projects is with the audit teams and designated quality assurance reviewer who is part of the external consultancy firm with the help of which SAO undertake the project audits.
ISSAI 40, ISSAI 1220 are implemented.

2
Argentina

3
Australia
YES

YES

Scope: A system of quality control under ASQC 1 is to provide the ANAO with reasonable assurance that:* The ANAO complies with the ANAO standards, including relevant ethical requirements, and applicable legal and regulatory requirements; and * Reports issued by the ANAO are appropriate in the circumstances.A sound quality framework supports delivery of high-quality audit work and enables the Auditor-General to have confidence in the opinions and conclusions in reports prepared for the Parliament. A key element of the ANAO Quality Assurance Framework is monitoring of compliance with policies and procedures that comprise the system of quality control. The monitoring system comprises internal and external quality assurance reviews of the ANAO’s audit and other assurance engagements. Reflection of the ANAO’s institutional processes: The ANAO’s quality control and quality assurance systems are embedded in the ANAO’s institutional processes. The ANAO has policies and procedures to promote an internal culture based on the recognition that quality is essential in performing engagements.
Reflected in all stages of the audit processes and institutional processes.
The ANAO is established under the Auditor-General Act 1997 (the Act). Section 24 of the Act requires the Auditor-General to set auditing standards that are to be complied with by persons performing functions under the Act. The ANAO Auditing Standards set under this provision incorporate standards issued by the Auditing and Assurance Standards Board (AUASB) and relevant auditing and assurance standards issued by standard-setting bodies other than the AUASB as appropriate. Specific to Quality Control, this includes ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and other Financial Information, other Assurance Engagements and Related Services Engagements (ASQC 1).
establishment law and standards issued by professional bodies(as well as policies and manuals)
See organisational chart on ANAO website: https://www.anao.gov.au/about/australian-national-audit-office . The maintenance of the ANAO’s quality control system is the responsibility of the Professional Services and Relationships Group (PSRG).
Directly reporting to the highest level of authority.
Assignment of authority and responsibility is outlined in the ANAO’s audit manual, in the chapters for leadership responsibilities for quality and monitoring quality control policy and procedures.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
As the ISSAIs are largely consistent with ASQC 1, the ANAO could implement the ISSAIs for quality control. It is also possible that, as the Auditor-General determines the ANAO standards, the ANAO could adopt the ISSAIs as the ANAO auditing standards.
ISSAI 40 is implemented.

4
Azerbijan
YES

YES

New Law of the Republic of Azerbaijan on Chamber of Accounts envisages that the Chamber of Accounts shall conduct monitoring activities in order to determine the status of fulfilment of decisions by the Board of the Chamber of Accounts (Article 25). The new Law envisages establishment of internal control sector to ensure quality control.
new law to establish intrnal control for quality control. Or work is in progress to establish quality control policies and manual.
The Law of the Republic of Azerbaijan on Chamber of Accounts, regulatory acts envisage control over implementation of Board decisions. Internal control sector is intended in new structure.
establishment law and standards issued by professional bodies(as well as policies and manuals)
The structure of the Chamber of Accounts was reviewed in 2018 and Internal Control sector was established.
New eatablishment
Auditor, Structural division, Department, Audit team
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
not answered Q5
not answered

5
Bahrain
YES

The qu+G8:G11ality control and quality assurance systems cover the whole institutional processes, as follows:1) Quality Control:NAO Bahrain adopted and implemented several levels of quality control processes as per the following:- Establishing a working environment that encourages professionalism and competency. - Having an approved strategy that includes initiatives focusing on quality. -The executive management emphasis on quality in every step of the audit.- Audit Procedures Manuals that were prepared based on INTOSAI pronouncements and other legal requirements.- Several levels of work review that are specified clearly in procedures manuals and approved job discerptions of each audit team member.-Supporting the technical staff to get professional certifications such as (CPA, ACCA, CMA & CIA) and ensure the continuous professional learning for all NAO Staff. - Implementing audit automation software which incorporates various quality control measures, such multi-level reviews, tasks logs, checklists... etc. -Implementing a process of reviewing draft audit reports by a committee consisting of executives from each branch of audit, to ensure reports quality before preparing the final draft report.- The NAO professional code of conduct is in-progress as part of NAO Strategy (2016-2019).
Reflected in all stages of the audit processes and institutional processes.
1) NAO Law: include general requirements for staffing and other conditions to ensure independence and professional due care, which contribute to enhance the overall quality of NAO work.2) Audit Procedures Manuals: prepared based on INTOSAI pronouncements and other legal requirements and they specify in details every step of the audit process.3) HR Policy: details the professional responsibilities of every staff member in NAO.4) Organizational Structure and Job Descriptions: ensure the implementation of several review level, with detailed responsibilities and task of each level.
establishment law and standards issued by professional bodies(as well as policies and manuals)
There is no designated unit for Quality Control in organizational structure.However, quality is controlled through a very detailed output review process by the following levels:- Audtiors / Senior Auditors (work preparers).- Supervisors (detailed work review).- Manager (detailed work review).- Director (detailed work and report review).- Assistant Auditor General (detailed review of audit reports).- Deputy Auditor General (detailed review of audit reports).- Auditor General (Review of audit reports).
No designated unit but it is controlled through work processes
Organizational Structure, Job Descriptions, Audit Procedures Manuals, Audit plan of each assignment
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
The majority of ISSAI 40 and ISSAI 1220 requiremnets are applicable to NAO Bahrain, excluding the following:- The issues of engagements acceptance and client’s continuity as the NAO engagements and auditees are determined by law and other legal requirements.- The confidentiality aspects of some audit assignments might pose some restrictions on Quality Assurance and Monitoring and/or Peer Reviews.
ISSAI 40, ISSAI 1220 are implemented.

2) Quality Assurance: - The Administrative Audit Directorate used one of the Big 4 audit firms to review policies, procedures and the full audit cycle of the directorate’s work. -NAO Bahrain has introduced a strategic initiative to implement effective Quality Assurance System as part of NAO Strategy (2016-2019), which will cover the following aspects:1) Issuing the Quality Assurance Charter.2) Produce Quality Assurance procedures manuals.3) Perform period Quality Assurance assignments.The work in this initiative is in-progress.

Quality assurance: one of the big 4 audit firms. Strategic initiative to implement effective Quality Assurance System as part of strategy.

6
Belgium
YES

Quality control is applicable for our core processes: audit processes (financial audit, performance audit, compliance audit) – which count for 95 % of our core processes - as well as some non-audit tasks imposed by law (e.g. political representatives and senior officials have to file a list of mandates and a declaration of assets to the Belgian Court of Audit, the list of mandates is published by the Court of Audit). These do indeed reflect the institutional processes carried out by the Belgian Court of Audit.
Reflected in all stages of the audit processes and institutional processes.
The Court of Audit Act, the Court’s rules of procedure and its staff regulations contain some basic rules with quality control relevance. For our audit processes we use the ISSAI and ISA (for financial auditing), as well as the Court’s audit and procedural manuals, as a framework. To make the ISSAI’s accessible for our Dutch-speaking staff members we made a Dutch translation of ISSAIs level 1 to 3.We are currently elaborating a more structured and documented system of quality management, for which we use ISO 9001 as framework. For this we use the documents from the International Organization for Standardization (ISO 9001, but also ISO 9000 and ISO 9004). Our vision on quality is written down in a document that is called “Quality management system of the Court of Audit. Position paper.” (available in Dutch and in French)
establishment law and standards issued by professional bodies(as well as policies and manuals) and Iso certificate.
Since this year we have put in place a structure to implement a quality management system, in accordance with ISO 9001:1) a steering committee, consisting of two councilors and all (ten) directors. This ensures the involvement of top management. 2) a quality department (which currently consists of one person but will soon be reinforced with a second person). 3) ten quality coordinators (one in each direction) (they will devote about 10 % of their time to quality). 4) in the next months we will also call on an external consultant to guide us to ISO 9001 certification.
Directly reporting to the highest level of authority.
The responsibility of audit supervisors and directors, regarding quality, is included in the job descriptions in our staff regulations and also in our Procedural manual on thematic audits.There are separate job descriptions for the quality department and the quality coordinators.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
We prefer to use ISO 9001 as a framework, which is compatible with ISSAI 40, because :1) it is certifiable by independent external auditors. 2) ISO 9001 is more up to date with the latest insights about quality.
Applying consistent quality standards.

7
Belize
YES

Not Answered

SAI Belize quality control includes the entire process, planning, executing and reporting. The planning and executing are monitored by the Team Leaders and Quality Control. Approval of the planning and Audit Logic Matrix (ALM) are done by a team appointed by the head of SAI. At the reporting stage the reports are further process by Quality Control prior to dispatching.
Reflrcted in all stages of the audit
Our Audit manual documents the processes from audit planning, execution and reporting. This is complemented with standardized forms such as audit completion checklist that ensure all processes were complied with. In addition the use of ISSAI 40.
establishment law and standards issued by professional bodies(as well as policies and manuals)
7 Supervisors of Audit – Audit Teams are reporting to 2 Supervisors of Audit – QC
No designated unit but it is controlled through work processes
This responsibility is delegated to 2 senior officers with relevant audit experience and communicated to personnel via senior staff meetings.
responsibility is delegated to senior officers with relevant audit experience
SAI Audit Manual will be aligned with ISSAI 40 and 1220.
ISSAI 40, ISSAI 1220 are implemented.

8
Butan
YES

YES

Quality control is engrained in all aspects of the institutional activities. There are specific quality control measures for auditing and other functions of the SAI which is governed through various policies, rules and regulations. Quality assurance is carried out by a division that is independent of the functional divisions. Research and Quality Assurance Division (RQAD)ensures that quality control policies, procedures and practices are adequate and are operating effectively. The division is relatively new in its functioning as a Quality Assurance reviewer and is governed by the Quality Assurance Policy (Draft).Quality control reflects the institutional process in totality whereas the Quality Assurance, for now, only works towards providing reasonable assurance on the quality control aspects of auditing i.e. Financial, Performance and Compliance.
Reflrcted in all stages of the audit processes and institutional processes.
The following laws define the quality control system: 1. Bhutan Civil Service Regulations: For all controls relating to Human Resource
2. Financial Rules and Regulations: For all matters concerning Finance of the RAA
3. Financial Audit Manual: For quality control of financial auditing
4. Performance Audit Guidelines: For quality control of Performance auditing
5. Compliance Audit Guidelines: For quality Control of compliance auditing
6. Auditor General’s Standing Instructions: For ethical behavior and conduct of the auditors. There are also other rules like Code of conduct ethics and secrecy, style guide, executive orders and other manuals that provide necessary quality control system in the Royal Audit Authority.

establishment law and standards issued by professional bodies(as well as policies and manuals)
http://www.bhutanaudit.gov.bt/audit-cnt/raa-files/raa_new_organogram.PNG
New eatablishment
Every level of staff is provided with a specific role and terms of reference. This enables both the supervisors and subordinates with clear terms on their responsibilities and their subsequent supervisors.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Adapted from the Financial Audit Manual of the IDI, the Financial Audit Manual of the RAA follows the same principle and applies all quality controls as provided by the ISSAIs. Bhutan being one of the first countries to adopt the ISSAIs, the audits also follow the same guidelines provided and the quality control procedures and practices are tested to check the compliance to the relevant ISSAIs.
ISSAI 40, ISSAI 1220 are implemented.

9
Botswana
YES

YES

The Quality control system constitute country laws and regulations, policies and procedures, ISSAIs, and ICBF. This system is applicable to both audit and corporate services division.The Quality assurance system is part of the quality control system that involves monitoring both the implementation and the adequacy of the quality control system. The QA system reviews both the audit and the support/corporate divisions so it covers the entire SAI.
Reflected in all stages of the audit processes and institutional processes.
The Public Audit Act of 2012 in Section 18 stipulates that the Auditor-General shall adopt standards, manuals, code of ethics and other tools necessary for implementing the auditing standards. And that the Auditor-General shall carry out his or her activities in accordance with the standards, manuals or code of ethics adopted and ensure that staff and other persons undertaking any audit function comply with these standards, manuals or code of ethics. The SAI has adopted ISSAIs as the standards to be followed.It further states that the Auditor-General shall be responsible for implementing a quality control system to ensure that auditing standards, manuals or code of ethics are complied with in the audit work, including quality assurance mechanisms ensuring that the standards and the control systems are suitable and are applied consistently.
establishment law and standards issued by professional bodies(as well as policies and manuals)
The structure is attached as a separate document: reporting to Senior Assisstant Auditor General (under the Auditor General)
Not Directly reporting to the highest level of authority.
There are job profiles indicating the responsibility for each position and the competencies required for the position
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
The SAI uses a quality control policy, quality assurance manual, Government policies and procedures, The ICBF framework is also used by the SAI as a tool to help implement ISSA 40 and ISSAI 1220
ISSAI 40, ISSAI 1220 are implemented.

10
Bulgaria
YES

same answr to Q3
Reflrcted in all stages of the audit processes and institutional processes.
Considering also the answer of Q 2, main documents are National Audit Office Act, Institutional strategy for the period 2018-2022, Audit Manual. 1. Since 2017 BNAO decide to apply new overall approach regarding QC and QA. We started with simultaneous preparation of two major documents – Institutional strategy for the period 2018-2022 and a Concept for QC and QA. 2. Strategy preparation was based on IDI Strategic planning handbook which means that all important aspects of SAI activity were taken into consideration. Also we considered and included in the Institutional strategy for the period 2018-2022 all elements of system of QC according to ISSAI 40. 3. All interesting findings and ideas regarding QC and QA defined in the process of Concept for QC and QA were integrated in Institutional strategy for the period 2018-2022 and separate Concept for QC and QA is not necessary and will not be prepared.4. To sum up, we apply ISSAI philosophy and understand and apply QC and QA as all-SAI and all-activity process. We will follow the steps outlined in Institutional strategy for the period 2018-2022 to build QC system.
establishment law and standards issued by professional bodies(as well as policies and manuals)
All the units within BNAO are devoted to one or more aspects of QC system. BNAO has audit directorates . http://www.bulnao.government.bg/en/articles/download/11591/organigrama-od-2016-en.pdf) and administrative directorates (http://www.bulnao.government.bg/en/articles/download/10296/Organigrama_admin_en.doc).
No designated unit but it is controlled through work processes
A number of internal documents contain authority and responsibilities - Institutional strategy for the period 2018-2022, Audit Manual, Rules and Procedures of BNAO etc.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Considering also the answer of Q 2, we believe we apply ISSAI 40 and ISSAI 1220 to full extent. However, there is a room for improvement - identified areas for improvements and measures planned in accordance with Institutional strategy for the period 2018-2022.
ISSAI 40, ISSAI 1220 are implemented.

11
Canada

12
Chile
NO

EFS has controls in the audit process, mainly backed by the Audit System, SICA.Additionally, it is possible to indicate that work is being done on the preparation of a quality control policy and manual.
new law to establish intrnal control for quality control. Or work is in progress to establish quality control policies and manual.
Currently, the Audit Division works on a quality policy and manual. This SAI approved the creation of the Quality Unit (March 2019).
new law to establish intrnal control for quality control. Or work is in progress to establish quality control policies and manual.
This SAI approved the creation of the Quality Unit (March 2019).
New eatablishment
This SAI approved the creation of the Quality Unit (March 2019). We work on it.
New eatablishment
We work on the implementation of a Quality System, we created a quality policy.Recently the CGR is beginning to develop financial audits.
In the process of implementing ISSAIs

13
Colombia
YES

The system of internal control and Quality Management - SCIGC has scope in the macroprocesses of the entity and its respective processes, in all the dependencies of its central and decentralized level, in all the products of its mission processes whose destiny is the Citizenship and / or the Congress of the Republic. (Organizational Resolution 0659 of June 14 of 2018 - article 1 - paragraph
Reflected in all stages of the audit processes and institutional processes.
The regulation of the Internal Control and Quality Management System - SCIGC of the Comptroller General of the Republic, is established in the following administrative acts:Resolution 527 of 2016: regulates the SCIGC. Among other issues, it establishes the roles and respective responsibilities in relation to the system and objectives of the system. Resolution 640 of 2017: modifies resolution 527 of 2016. Resolution 642 of 2017: modifies resolutions 527 of 2016 and 640 of 2017. Resolution 659 of 2018: modifies resolutions 527 of 2016 and 640 of 2017. Resolution 012 of 2017 that adopted "The principles, foundations and general aspects for audits", based on the ISSAI 100.
establishment law and standards issued by professional bodies(as well as policies and manuals)
In accordance with the resolutions that regulate the system, related in the response of point 3, the SCIGC governance scheme includes:The Directorate of SCIGC is in charge of the Comptroller General of the Republic.The General Coordination of the SICGC in charge of the institutional Committee of coordination of internal control and quality management. The SCIGC Administration in charge of the Director of the Planning Office.Leaders of the Macroprocesses. Executors of the processes. Links of the SCIGC in all the dependencies.Office of Internal Control in charge of the independent evaluation of the operation of the SCIGC.The SCIGC regulation establishes the relationship between the organizational structure of the SAI and the macroprocess map.Regarding the auditor process in resolution 012 of 2017 "The principles, foundations and general aspects for audits", the "Administration and Roles of the Auditing Process" is included in number 3 and in number 6 the "Quality control of the audit".Note: The organization chart of the SAI Colombia is attached to this document.
Not Directly reporting to the highest level of authority.
It is based on the organizational structure and functions established by Decree Law 267 of 2000 and its regulatory amendments.There is a specific manual of job functions and competencies for public jobs in the global office of the Comptroller General of the Republic.In the procedures that develop the relevant activities of the institutional processes, which are published in the SCIGC application, step by step is established with the respective responsible parties.Audits have roles and responsibilities for all personnel involved in an audit, in resolution 012 of 2017
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Both the ISSAI 40 and the ISSAI 1220 are fully applicable in the SAI of Colombia. In each of the Guidelines adopted for financial audit, compliance audit and performance audit, the respective quality plan is considered. However, the support of INTOSAI is important to strengthen quality control and implement quality assurance.
ISSAI 40, ISSAI 1220 are implemented.

14
Costa Rica
YES

YES

The scope corresponds to the audit process (includes the compliance, operational and financial audit procedures). The System also includes other additional processes and procedures that are executed by the SAI.
Reflected in all stages of the audit processes and institutional processes.
There is a General Manual of Comprehensive Inspection (MAGEFI) that includes all the macroprocesses, processes and procedures of the SAI.The MAGAFI contains the subsequent audit, which includes the procedures for each of the three types of audits that are executed (Financial, compliance and performance).Each procedure includes the phases, quality criteria, tools and control points that must be met by the audit teams.Each procedure is self-evaluated annually for the review of compliance with the quality management system.Additionally, the audit procedures( It includes the quality criteria and tools necessary for the development of the tasks that comprise it) have a periodic external evaluation to verify compliance with INTOSAI standards and their application.
establishment law and standards issued by professional bodies(as well as policies and manuals)
The Control Areas are the units in charge of executing the three audit procedures. Therefore, the first front of quality management is given internally in the Control Areas and in the work teams. A second level of quality control is given through the position of Technical Assistant (Supervision) that controls compliance with quality tools and tools, in addition to authorizing the continuation of audits at each control point formally established in the procedure. There is also an area of Technical Secretariat, external to the areas of oversight, which designs and manages quality (compliance with standards, continuous improvement and innovation) and leads the self-assessment and external evaluation of the audit.At the institutional level, there is a Corporate Governance unit that leads the institutional quality management system, which includes other processes and procedures in addition to the subsequent audit, for example, organizational design y continuous improvement.Finally, there is an Institutional Internal Audit that selectively audits the processes executed by the SAI.
No designated unit but it is controlled through work processes
There are three basic instruments. In the first place, the General Manual of Comprehensive Inspection (MAGEFI) is the general instrument that regulates the macroprocesses, processes and procedures of the SAI. From this process and procedures are derived, each of which contains the phases, instruments, tools, quality criteria and control points, which must be applied by the audit teams, by the Technical Assistants. Second, there is the SAI's Organic Regulation, which is the normative instrument that assigns responsibilities (Leadership and participation) to each Division and Area of the SAI according to the processes and procedures established in the MAGEFI. Finally, at the level of professional, supervisory and managerial roles, the Position Profiles Manual and the Competencies Manual determine the responsibilities of each person who interacts within each audit procedure.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
The quality control system of the SAI was designed and built based on the regulations of INTOSAI. The audit procedures have been adapted to meet the requirements of the ISSAI 40 and ISSAI 1220 for the case of the financial audit.
ISSAI 40, ISSAI 1220 are implemented.

15
Croatia
YES

YES

SAI's pays attention to the quality of work in order to improve audit performance and results. Quality control gives reasonable assurance that during the audit processes all major issues are covered and that audit results reflect the actual situation in all important matters. Quality is an integral part of the audit process in terms of compliance with generally accepted auditing standards and in terms of applying the work methodology. Quality control of audit work is monitored at each phase of the audit process. For these reasons, the quality control is established in the main phases of the audit process: planning phase, implementation phase and reporting phase. In addition to undertaking quality control procedures during the audit process, quality control procedures after the audit completion are applied. Monitoring provide reasonable assurance that procedures related to the system of quality control are relevant and effective.
Reflected in all stages of the audit
Framework that establishes the quality control and quality assurance system in the SAO of the Republic of Croatia is defined by the State Audit Office Act, ISSAI standards, Code of professional ethics for state auditors, internal regulations and procedures. In addition, there is Financial audit manual, EU funds audit manual, Performance audit manual and Direction of auditor general on how to write audit reports. For specific areas of audit and certain groups of auditees there are guidelines and instructions (such as auditing of universities and institutions of higher education, then audit of political parties, audit of tourist boards, audit of internal control systems, etc.).
establishment law and standards issued by professional bodies(as well as policies and manuals)
The quality control is established in the main phases of the audit process: planning phase, implementation phase and reporting phase. The main process of control refers to auditing, and is carried out by departments that are responsible for certain types of audit and auditees. For each type of audit there are specific work procedures.
No designated unit but it is controlled through work processes
In order to increase the quality of work and to determine the responsibilities of participants in each of the work processes, SAO has established three groups of processes: the management process, the main process and the support processes. Afterwards, procedures and rules are established as prerequisites for good quality of work and behavior in accordance with ethical principles. State Audit Office Act and internal regulations of the SAO define responsibilities of Auditor general, Deputy and Assistants of auditor general in the matter of quality of work. Responsibilities and assignments of all employees are stated in internal acts. Also, the SAO has defined mission and values that promote and encourage the culture of high quality of work of all employees.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
SAI can implement ISSAI 40 - Quality Control for SAI’a regarding its mandate, structure, risks and audits performed.
ISSAI 40 is implemented.

16
Cyprus
YES

YES

Both the quality control and quality assurance systems cover all audit work carried out by our Office.
Reflected in all stages of the audit
Our Office has adopted the ISSAIs as the framework within which its work is performed, therefore ISSAIs 40 and 1220 are applicable in the case of quality control procedures.On the basis of these standards, a provision for the review of audit work and draft audit reports by senior staff has been added to internal guidelines (Auditing Guideline no.4).
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
According to established procedures, Senior Audit Officers (in charge of Sections/audit teams) are responsible for the review of working papers and draft audit reports upon completion of the audit. The reviewed audit reports are then submitted to Senior Principal Auditors or Directors of Audit for final review. The final audit reports are approved by the Auditor General before issue.Please see attached organizational chart.
No designated unit but it is controlled through work processes
The Schemes of Service (formal job descriptions issued as secondary legislation) of each level in the hierarchy, from Senior Audit Officers to Directors of Audit, provide for the supervision of the work performed by lower levels of staff and the review of draft audit reports.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
No particular restrictions are faced by our Office in the implementation of the above standards in terms of its mandate or structure. A fairly recent development has been the outsourcing of audit work to external contractors, for which relevant quality control arrangements are still to be developed (please also see answer to question 20 below).
ISSAI 40, ISSAI 1220 are implemented.

17
Czech Republic
YES

YES

a) The quality management system is fully in place for audit and related activities (on-going supervision, follow-up, methodological assistance).b) Self-assessment in the form of PMF in 2015, assurance of quality performed by SAI Slovakia.The Follow-up Action Plan has set tasks for improvement, the form of an additional independent review of the SAO according to ISSAI 40 will be decided in 2022.c) The SAO has established the Internal Audit Department, which carries out audits according to the annual plan approved by the SAO President.
Reflected in all stages of the audit
Regulatory framework for the quality assurance of the audit activity: Act No. 166/1993 Coll., on the SAO, Auditing Standards of the SAO, SAO Code of Ethics, SAO President Directive No. 104 on Audit and related activities, methodical materials.Regulatory framework regulating the activity of the Internal Audit Department: Act No. 320/2001 Coll., on Financial audit in public administration, including the implementing Decree No. 416/2004 Coll. and the International Professional Practices Framework of Internal Audit.
establishment law and standards issued by professional bodies(as well as policies and manuals)
See the attached organizational chart:Highlighted yellow - continuous surveillance. Highlighted green - continuous surveillance in form of comments, follow-up, methodological assistance, Internal audit.
Not Directly reporting to the highest level of authority.
The procedures follow the Act No. 166/1993 Coll.,the SAO's Organizational Chart and the Directive No. 104
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
ISSAI 40 - implemented in the procedures set out in Directive No. 104. ISSAI 1220 - not relevant, the SAO is not required to audit financial statements of any accounting entity
ISSAI 40 is implemented.

18
Denmark
YES

Rigsrevisionen follows 7 “Standarder for Offentlig Revision” (Standards for public-sector auditing), also know as SOR 1-7. Regarding quality control, we more specifically follow SOR-2, which defines the systems of quality control of Rigsrevisionen. These standards are reflected in all processes carried out by Rigsrevisionen
Reflected in all stages of the audit processes and institutional processes.
The SOR 1-7 are based on the agreed ISSAI-standards, in this case, SOR2 is based on ISSAI 40/140.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
Rigsrevisionen does not have a specific unit dealing with quality control – instead the responsibilities are distributed amongst the personnel in each office – The organizational chart can be seen here: http://uk.rigsrevisionen.dk/about-us/organisation/
No designated unit but it is controlled through work processes
The SOR-2 clearly specifies the responsibilities regarding quality control :1. The auditor general has the general responsibility for quality control and for the distinction of the responsibilities amongst other leadership levels.2. The leadership (cf. organizational chart) are responsible for systems of quality control regarding the completion of audits that the employees should follow.3.The leadership assigns a responsible head of office as responsible for each audit and the adherence to SOR.4. Leaders on all levels in the organization, should strive to develop a culture of clear employee co-responsibility for each task. Each audit-team should to some extent be held responsible for auditing according to the SOR 1-7.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
As the SOR2 is based on ISSAI (1)40, and SOR4 is based on ISSAI 200 we have already. implemented these standards to a large extent, although not without difficulties.
ISSAI 40, ISSAI 1220 are implemented.

19
Dom Rep
YES

The quality Control system carried out by SAI is reflected in all the institutional processes related to the following elements: responsibility of the members of the SAIS plenary on the quality of the processes, ethics requirements, Audits to all entities receiving and executing public funds, selection, evaluation and hiring of suitable personnel, execution of audits and other tests, monitoring and monitoring.
Reflrcted in major stages of the audit processes and institutional processes.
The quality control system carried out by the Chamber of Auditors is initially established in law No. 10-04 of the Chamber of Audit of the Dominican Republic, as well as in its regulations and audit guides
establishment law and standards issued by professional bodies(as well as policies and manuals)
The SAI quality control system intervenes: The full membership, the Audit Committee, the auditing Director, the quality Control division, the audit execution managers, the audit supervisors
Directly reporting to the highest level of authority.
Law No. 10-04 of the Chamber of Accounts of the Dominican Republic attributes to the President of the body, as the maximum responsible for the quality of all the audit work (ART. 20). Each position has a job description, which specifies the responsibilities of each charge, as well as the quality Control Guide and the Audit Supervision guide.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
The mandate of the EFS allows to apply in its entirety all the elements required by the ISSAI 40, however, in relation to the "Reference framework for a quality control system for SAIS, Element C. 3) Acceptance and continuation “It must be understood in the appropriate context for the Chamber of Auditors, which has the power to audit all public funds managed by public institutions and servers without prior authorization. Your pre-acceptance analysis should be understood as the risk assessment or the weighting done by the camera when selecting a specific institution to be audited, when you prepare the annual audit Plan (such as the budget allocated to the institution, Periods that have not been audited, among other criteria).
ISSAI 40 is implemented.risk assessment or risk based audit is done when selecting a specific institution to be audited, or when preparing the annual audit Plan

20
ECA
YES

YES

We have a comprehensive quality control system covering audit-related processes, as well as a complementary quality assurance system. All quality control arrangements are overseen by a recently created Audit Quality Control Committee (AQCC). In particular, it decided to take a wider strategic approach to QA, and adopted a three-year plan aiming to perform in 2017-2019: - an assessment of compliance of ECA financial, compliance and performance audit practices and procedures with detailed level ISSAIs using the ICATs, as well as
- an assessment using SAI PMF as a tool, covering, along with the audit, other institutional processes.

Reflected in all stages of the audit processes and institutional processes.
ECA quality control system is based on ISSAI 40 and ISQC1. It is described in the ECA rules of procedure and its implementing rules, further explained in our Vademecum of General Audit Procedures (VGAP), and complemented by specific documents relating to quality control framework both at general level and at individual chamber level.
establishment law and standards issued by professional bodies(as well as policies and manuals)
An organization chart is attached herewith. Supervision and review during the audit process takes place in audit chambers. It starts at the level of head of task, through management team (as decided for a specific audit task) with ultimate responsibility borne by the reporting member. EQCR occurs at two stages during the execution of an audit: on the draft planning document and the draft report. The review is split between the chambers and AQCC. Monitoring (quality assurance) is carried out by a dedicated team within the AQCC.
No designated unit but it is controlled through work processes
Documents setting out responsibilities related to quality control system have been produced at various levels:- ECA-level documents, such as implementing rules of the rules of procedure, and a more specific document on allocation of resources and roles and responsibilities in the context of the 2016 ECA reform, - Documents produced at the level of AQCC (or its predecessor); Documents produced at chamber level, eg on chamber specific arrangements for EQCR.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
In 2013, ECA performed an ISSAI GAP analysis which yielded a very positive result. Of 54 requirements of ISSAI 40, 47 were classified as covered, two were partially covered and five were not applicable. Remedial action was taken in respect of the partially covered requirements.
ISSAI 40 is implemented.

21
Egupt
YES

YES

The scope of quality control within the SAI appears in a group of policies and procedures developed in order to ensure that the SAI and its members are committed to relevant professional standards and legal and regulatory requirements and that SAI's audit reports are appropriate to existing conditions and that audit work is performed in high quality and all the time.- The quality assurance is maintained about in evaluating the design of quality control process and its outcomes (reports) and this evaluation is undertaken by a independent Central Administration audit work called Central department for technical inspection and Quality Control to assure that the reports and the auditing policies implies with the required international standards and good international practices also the quality assurance scope helps to assure that Quality Control an assurance are applied to all the institutional processes carried out by the SAI.
Reflected in all stages of the audit processes and institutional processes.
The regulatory framework that controls the quality control system is as follows:Law : Take into account compliance with constitution and law provisions that govern the SAI mandate and ensures its independence and the relevant regulating governing laws in audited entities and the extent of compliance to such laws.Procedure: To what extent the application of the performance quality standards including pre audit planning before actual examination (program) and that audit work is complying with regulations and laws governing the examination and drafting of audit remarks and reporting ... etc audit process. Unified Standard forms: Is the standard forms applied by ASA upon performing audit process including the standard forms used in performance evaluation beside standardized forms provided by the accounting and auditing standards.ISSAI: According to ISSAI 40 on general framework of Quality control in SAIs, all ASA audit work should apply quality control process and also all international Standards on quality assurance.
establishment law and standards issued by professional bodies(as well as policies and manuals)
The organizational structure of the Central Administration of Technical Inspection and Quality Control the assigned unit to implement quality control system is as follows: It is directly operating under the supervision of the ASA President, headed by the ASA Deputy his mandate is to monitor and assures the quality of all ASA departments concerning audit & legal work (legal audit, account audit, personnel, performance evaluation) mandate performed by the SAI.
Directly reporting to the highest level of authority.
Auditors and comptrollers assigned to perform audit are responsible for verifying soundness of the financial statements content. Higher ranks of audit managers have the right of guidance, supervision and verification of the extent of how the auditor's observations comply with the professional standards which is reported to audited entities comply.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
ASA is committed to implement all International standards for Supreme audit institutions (ISSAIs) issued by the International Organization of Supreme Audit Institutions (INTOSAI), where the ASA has also issued Egyptian auditing standards by the ASA President resolution no. 1300 for the year 2008 dated 30-6-2008 which are inconsistence with ISSAIs auditing standards among which is standard no. 220 on quality control.
ISSAI 40, ISSAI 1220 are implemented.

22
Estonia
YES

YES

Both quality control & quality assurance system cover the works which require procedural steps named in our law (requests for information, collection of explanations and/or inspections) and will end with a public result (report, letter, article etc). Internal reports, support services etc are usually not an objects of quality control.
Reflected in all stages of the audit
Some steps are regulated by law (for example, the official answer to report from auditee). Majority of procedures are regulated by our offices’ Audit Manual and other internal guidelines
establishment law and standards issued by professional bodies(as well as policies and manuals)
The NAOE divides into three structural units: the Audit Department that carries out financial, compliance and performance audits; the Analysis Department whose main outputs are reviews and special works; and the Development and Administrative Service, which supports the departments of principal activities as well as the Auditor General in the performance of their functions. They all have their own role in QC system.
No designated unit but it is controlled through work processes
Some of the responsibilities are marked in law, some regulated in audit manual and also by job descriptions.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Regarding the internal guidelines and requirements, all material requirements are followed. In practice it might depend on interpretation of some principles, though.
ISSAI 40, ISSAI 1220 are implemented.

23
Fiji
YES

YES

SAI Fiji’s scope of quality control and quality assurance system covers leadership, ethical requirements, acceptance and continuance of audit engagements, human resources, engagement performance and monitoring. They do reflect the institutional processes carried out by the SAI.
Reflected in all stages of the audit processes and institutional processes.
1)Leadership - SAI Fiji has a system whereby a Policy and Procedures Guideline (PPG) is issued by the AG for staff regarding policies and procedures for quality controls. It is mandatory for staff to adhere to these.2) Ethical Requirements – Conflict of Interest Policy, Conflict of Interest Declaration, Code of Ethics Declaration and Conclusion Form (for very audit).3) Acceptance & Continuation– Competency Matrix Form. 4) Human Resources – Recruitment and Selection Policy, Leave Policy, etc. 5)Engagement Performance – Adopted the ISSAI based Financial Audit Manual and Performance Audit Manual from AFROSAI-E, Audit Completion Checklist.6) Monitoring – Quality Assurance Policy, Quality Assurance Manual
establishment law and standards issued by professional bodies(as well as policies and manuals)
A two member Quality Assurance team which reports directly to the AG, and is independent of all the audits conducted by the SAI.
No designated unit but it is directly reporting to the highest level of authority.
· For the QA team specific job descriptions, and individual work plans are developed.• To achieve quality control, specific KPI’s are incorporated in individuals work plans of Audit Team. • Quality Assurance finding database in maintained for reference and educational purpose.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
· There is no restriction on our SAI to implement ISSAI 40 and ISSAI 1220. Our quality assurance manual is fully in compliance with ISSAI’s. • There are specific checklists developed which are incompliance with ISSAI’s to maintain quality control.
ISSAI 40, ISSAI 1220 are implemented.

24
Georgia
YES

YES

The Audit Quality Control process consists of the systems and practices designed to ensure that the SAO issues reports that are in accordance with applicable standards and legislation. The effectiveness of Audit Quality Control systems is monitored by pre-issuance (hot) and post audit (cold) reviews.Audit Quality Assurance provides independent assurance to the Auditor General that the audit quality control systems and practices at the SAO are effective. Audit quality is one of the 5 strategic goals of the SAO outlined in its 2018-2022 strategy.
Reflected in all stages of the audit
All of SAOG methodologies and procedures regarding Quality Control System are based on ISQC 1 and ISSAIs. These require among other things elaboration of policies and procedures designed to provide SAOG with reasonable assurance that engagements are performed in accordance with professional standards and applicable legal and regulatory requirements, and that the organization or the engagement partner issues reports that are appropriate in the circumstances.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
There are 3 levels of Quality Control System:• Audit Team Leader’s level;• Head of Department’s level;• Quality Control Reviewer’s level under supervision of Audit Quality Assurance Department,
designated unit but it is not directly reporting to the highest level of authority.
1. Team Leader - Key responsibilities:• Quality control of findings, whether there are adequate evidence relevant to the results and whether these cover the high risk zones;• Check out the work done by each member of the group. 2. Head of Department – Key responsibilities:• Checks the work done by the first level of control;• Checks whether audit was carried out in accordance with the scope, Strategic and Audit Plan and whether it achieved the goals set out;3. Under supervision of Audit Quality Assurance Department, Quality Control Reviewers – Key responsibilities:• Checks the work done by the first and second levels of control;• Checks compliance of the works performed at each stage of the audit with ISSAI’s
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
SAO Georgia comply with all basic requirements of ISSAI 40 and ISSAI 1220. In order to achieve all requirements listed in these ISSAI’s, has developed and implemented respective methodologies, policies, manuals and procedures, described in our answers to the following questions of this questionnaire.
ISSAI 40, ISSAI 1220 are implemented.

25
Greece
NO
At present, the HCA partially complies with the ISSAIs concerning the Quality control system of its general auditing procedures. To be adopted.
NO
At present, the HCA partlally complies with the ISSAIs concerning Quality assurance system of its general auditing procedures. To be established.
At present, the HCA partially complies with the ISSAIs concerning Quality Control and Assurance systems of its general auditing procedures. Upon adoption of the aforementioned “new HCA regulation”, the HCA is expected to establish quality control and quality assurance systems partly reflecting its institutional processes.
new law to establish intrnal control for quality control. Or work is in progress to establish quality control policies and manual.
Given its nature as a Supreme Financial Court and the external auditor for public expenditure and accounts, the HCA has a robust legal and regulatory framework, defined in the Greek Constitution and an extensive legislation. Furthermore, the HCA’s “Audit Manual” (see below under point 6), in accordance with the ISSAIs, provides for guidelines and standardized forms regarding the audit planning and procedure as well as the documentation and reporting on ex-post audits.
establishment law and standards issued by professional bodies(as well as policies and manuals)
not answered
new law to establish intrnal control for quality control.
At present, the implemented legal framework does not provide for an effective and efficient hierarchical scheme as far as auditors are concerned. (The opposite is the case for the HCA judicial section, which is strictly based on hierarchy and the members’ responsibilities are explicitely delineated).However, upon adoption of the aforementioned “new HCA regulation”, the Court is expected to establish procedures that clearly and unequivocally assign authority and responsibilities to auditing and administrative personnel.
new law to establish intrnal control for quality control.
At present “ISSAI 40 gap analysis tool” can be useful to the extent that the SAI can estimate its gaps on 6 key principles on quality control, identify the significance of the gap, recommend actions to resolve the problems and then follow up as part of an annual plan and other evaluations. Such analysis has not yet been applied by the HCA.“ISSAI 1220 – Quality Control for an Audit of Financial Statements” stresses the significance of a clearly articulated Code of Ethics (ISSAI 30), a System of Quality Control and Role of Engagement Team, expected to be partially fulfilled on the basis of the “the new HCA regulation”) and Engagement Performance meaning Direction, Supervision and Performance. Direction and Supervision are exhaustively defined, whereas Performance is still to be formally estimated and communicated within the SAI.
In the process of implementing ISSAIs

26
Guatemala

not english

27
Honduras
NO

The Quality Control System of the Tribunal Superior de Cuestas of Honduras (TSC) is in the process of implementation.The Quality Control system aims to provide the TSC with reasonable assurance that:a) The entity and its personnel comply with the professional standards and the legal and regulatory requirements that apply; Yb) The reports issued by the auditing entity or by the directors of the work are appropriate to the circumstances.The Quality Control System that will be developed will apply to:a) Sector managers, department heads, auditors or non-auditors.b) All TSC personnel, team members and other employees.c) Collaborating personnel in the scope of their collaboration, and in any case regarding the requirements of ethics and independence, and work execution.d) Specialists or independent experts, who participate in assignments, external consultants or other personnel with the ability to influence the results of the work.e) External reviewers of quality review of the order in monitoring inspectors.f) All the people who participate in some way in the development of the internal or external audit activity that can influence the final result of the work.
Reflected in all stages of the audit processes and institutional processes.
Quality Control Manual, will ensure compliance with the quality control policies, (ISSAI 40) implementing appropriate procedures, and in its case an application record that records the evidence obtained and the conclusions adopted. Financial Audit Manual, promotes best international practices for financial audits. Adapting the methodology of the ISSAI standards to their local needs, within the framework of applicable financial information, as well as other information responsibilities. Performance Audit Manual, establishes the activities and procedures for conducting an audit according to ISSAI, provides a framework, general principles and elements of the performance audit.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals

Directly reporting to the highest level of authority.
In 2017, the Tribunal Superior de Cuentas of Honduras negotiated before the Congress of the Republic a series of reforms to its organizational structure, among which was the creation of the Evaluation and Quality Control Management, whose main function is "to evaluate reports and guarantee the quality control of the same before being sent to the president of the court "said reform came into force in May 2017
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Currently, the Tribunal Superior de Cuentas of Honduras is in the process of implementing ISSAI 40 and is developing a strategy to implement ISSAI 1220 in its audits.
In the process of implementing ISSAIs

28
Hungary
YES

YES

The State Audit Office of Hungary (SAO) transformed the whole process of its audits in 2012, which has been continuously improved since then. The whole audit process has been divided into 7 well-separated phases. Each phase has a manager responsible for implementation and a manager for supervision. The performance of the whole process is monitored by an independent department. For the clear segregation of the responsibilities, each phase is closed with a control point and the acceptance of a document of pre-defined structure.
Reflected in all stages of the audit
1. Amendment of the Act on the SAO (2011) - Audited entities are obliged to produce an action plan in connection with the findings of SAO, and these actions are checked by the SAO in the frames of follow-up audits. (There is no room for audits without consequences any more).2. SAO’s strategy (2016) and renewed sub-strategies (2018) - The organisation increases the state of being organised at all areas and keeping legality in mind, it operates the quality management system that is supported by its quality assurance activities and up-to-date regulation.3. SAO document titled ‘Basic principles of quality-managed operation at SAO’ (2012) – On the basis of ISSAI 40, SAO compiled the list of basic principles regulating its quality-managed operation. 4. SAO’s quality management guide (updated regularly) – A guide to the practical aspects of SAO’s quality management prepared and updated by the Quality Management and Monitoring Unit (QMMU).
establishment law and standards issued by professional bodies(as well as policies and manuals)
designated unit but it is not directly reporting to the highest level of authority.
SAO’s Rules of Organisation and Operation as well as the electronic managerial instructions assigning tasks (~job descriptions) make clear distinctions of authority and responsibility.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
SAO is highly committed to the implementation of relevant INTOSAI standards and has compiled the basic principles regulating its quality-managed operation and its quality management guide on the basis of ISSAI 40.
ISSAI 40 is implemented.

29
Italy
YES

The Corte dei conti does not have a specific quality control nor an assurance department, as (i) the audit functions of the Corte dei conti are carried out by judges and (ii) the audit reports are approved by the plenum of each Chamber.
In this regard, please note that according to Article 104 of the Italian Constitution, judges are autonomous and independent from any other State power. Thestatus of judge entails integrity, independence and objectivity. The judges of the Corte dei conti carry out their audit activityin the public interest, honestly and avoiding any undue influence. They maintain a professional behaviour and protect information and secrets, while taking into account the need for transparency and accountability.
This specificstatus ensures the highest quality of audit reports and the highest quality level of investigations and judgments, it guarantees that audit activities are always carried out in accordance with laws, regulations and proceedings established by law.
The judges of the Corte dei conti have their own Code of Ethics approved in 2006. It is disseminated among all its judges and it is published (answer to question no. 10).

Reflected in all stages of the audit
The Corte dei conti does not have a specific quality control nor an assurance department, as (i) the audit functions of the Corte dei conti are carried out by judges and (ii) the audit reports are approved by the plenum of each Chamber.
In this regard, please note that according to Article 104 of the Italian Constitution, judges are autonomous and independent from any other State power. Thestatus of judge entails integrity, independence and objectivity. The judges of the Corte dei conti carry out their audit activityin the public interest, honestly and avoiding any undue influence. They maintain a professional behaviour and protect information and secrets, while taking into account the need for transparency and accountability.
This specificstatus ensures the highest quality of audit reports and the highest quality level of investigations and judgments, it guarantees that audit activities are always carried out in accordance with laws, regulations and proceedings established by law.
The judges of the Corte dei conti have their own Code of Ethics approved in 2006. It is disseminated among all its judges and it is published (answer to question no. 10).

establishment law and standards issued by professional bodies(as well as policies and manuals)
The Corte dei conti does not have a specific quality control nor an assurance department, as (i) the audit functions of the Corte dei conti are carried out by judges and (ii) the audit reports are approved by the plenum of each Chamber.
In this regard, please note that according to Article 104 of the Italian Constitution, judges are autonomous and independent from any other State power. Thestatus of judge entails integrity, independence and objectivity. The judges of the Corte dei conti carry out their audit activityin the public interest, honestly and avoiding any undue influence. They maintain a professional behaviour and protect information and secrets, while taking into account the need for transparency and accountability.
This specificstatus ensures the highest quality of audit reports and the highest quality level of investigations and judgments, it guarantees that audit activities are always carried out in accordance with laws, regulations and proceedings established by law.
The judges of the Corte dei conti have their own Code of Ethics approved in 2006. It is disseminated among all its judges and it is published (answer to question no. 10).

No designated unit but it is controlled through work processes
The Corte dei conti does not have a specific quality control nor an assurance department, as (i) the audit functions of the Corte dei conti are carried out by judges and (ii) the audit reports are approved by the plenum of each Chamber.
In this regard, please note that according to Article 104 of the Italian Constitution, judges are autonomous and independent from any other State power. Thestatus of judge entails integrity, independence and objectivity. The judges of the Corte dei conti carry out their audit activityin the public interest, honestly and avoiding any undue influence. They maintain a professional behaviour and protect information and secrets, while taking into account the need for transparency and accountability.
This specificstatus ensures the highest quality of audit reports and the highest quality level of investigations and judgments, it guarantees that audit activities are always carried out in accordance with laws, regulations and proceedings established by law.
The judges of the Corte dei conti have their own Code of Ethics approved in 2006. It is disseminated among all its judges and it is published (answer to question no. 10).

resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
The Corte dei conti does not have a specific quality control nor an assurance department, as (i) the audit functions of the Corte dei conti are carried out by judges and (ii) the audit reports are approved by the plenum of each Chamber.
In this regard, please note that according to Article 104 of the Italian Constitution, judges are autonomous and independent from any other State power. Thestatus of judge entails integrity, independence and objectivity. The judges of the Corte dei conti carry out their audit activityin the public interest, honestly and avoiding any undue influence. They maintain a professional behaviour and protect information and secrets, while taking into account the need for transparency and accountability.
This specificstatus ensures the highest quality of audit reports and the highest quality level of investigations and judgments, it guarantees that audit activities are always carried out in accordance with laws, regulations and proceedings established by law.
The judges of the Corte dei conti have their own Code of Ethics approved in 2006. It is disseminated among all its judges and it is published (answer to question no. 10).

not answered

30
Japan

31
Jordan
YES

YES

· Procedures and policies designed and applied to the work carried out in the Audit Bureau based on best professional practices. Regulatory procedures designed to carry out regulatory tasks based on international auditing standards and INTOSAI standards and best practices. Code of Ethics in the Audit Bureau. Policies and foundations concerned with providing the necessary resources for the Audit Bureau to perform his functions as mandated by law. Policies and procedures for the rehabilitation and training of the employees in the Audit Bureau, and the provision of sufficient qualified employees to perform the tasks assigned to the Bureau. Designing and applying audit methodologies to implement regulatory tasks in accordance with the risk approach and based on INTOSAI standards. Policies and procedures related to the supervision of the implementation of the regulatory tasks, and review the work carried out and the conclusions of the regulatory tasks team, in order to ensure the quality of the completed operations and regulatory outputs.a Directorate for the development of institutional performance and quality assurance, in which the Directorate reviews and verifies the implementation of the regulatory tasks based on the audit methodologies, policies and procedures designed and approved, it also evaluates the policies and procedures designed and applied in Audit Bureau, and provide reports on the improvement of certain stores, both at the level of regulatory tasks and the level of policies and procedures applied in the Audit Bureau, as well as the provision of advisory services. Policies and foundations designed to communicate with stakeholders.The Audit Bureau Strategic Plan for the years (2016-2020).Procedures for preparing reports, sending them to the competent authorities and developing follow-up policies.
Reflected in all stages of the audit processes and institutional processes.
The Audit Bureau Law No. (28) Of 1952 and its amendments. The Administrative Regulation of the Audit Bureau No. (187) Of 2017 . The audit guidelines issued by the Audit Bureau (Financial and Compliance Audit Guideline, Performance Audit Guideline, Environmental Audit Guideline, Performance Indicators Audit Guideline, Public Debt Audit Guideline, Integrity and Anti-Corruption Assessment Guideline, Control and Audit Quality Assurance Guideline). The audit methodology and procedures adopted and applied in the implementation of regulatory tasks based on INTOSAI standards.
establishment law and standards issued by professional bodies(as well as policies and manuals)
The administrative management system of the Audit Bureau, put the Directorate of the institutional performance development and quality assurance within the same level of the main directorates in the Audit Bureau, where the structure of the Directorate includes the availability of a department for the of institutional performance development , and a department of quality assurance.
designated unit but it is not directly reporting to the highest level of authority.
There is a separation between authority and responsibility, where the management of the Audit Bureau develop the strategic plan and the general policies of the Audit Bureau, determines the main objectives and the activities that must be implemented in order to achieve these objectives and performance indicators related thereto, and design policies and procedures for the execution of the duties of the Audit Bureau according to its mandate, and the directorates and field units conduct the work assigned to them based on the policies and procedures designed by the Audit Bureau.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
The Audit Bureau implements the standard (40) by establishing and complying with a quality control system to provide the administration of the Audit Bureau with a reasonable assurance about the compliance of the Audit Bureau and its employees with the professional standards, applicable legal and regulatory requirements, and the adequacy of the regulatory reports issued.The Audit Bureau, through the Directorate of Quality Assurance, provide assurance to the management of the Audit Bureau on the implementation of the regulatory tasks based on the procedures, policies and methodologies approved by the administration of the Audit Bureau, and the extent of its compliance with the relevant professional standards where the quality assurance review reports of the regulatory tasks Implemented, Institutional performance development reports on areas needing improvement and what are the procedures for their improvement and development.
ISSAI 40 is implemented.

32
Kazachstan
YES

Not Answered

Quality control is carried out at all stages of audits as well as the assessment is carried out until the complete implementation of the relevant materials.
Reflected in all stages of the audit
The Quality control system in our SAI is regulated by the Constitution of the Republic of Kazakhstan, the Law of the Republic of Kazakhstan dated 12 November, 2015 No.392-V, the Rules on Conducting the External State Audit and Financial Control dated 30 November, 2015 No.17-НҚ, Statute on the Accounts Committee for Control over Execution of the Republican Budget approved by the Decree of the President of the Republic of Kazakhstan dated 5 August, 2002 No.917, the Regulation of the Accounts Committee, the Procedural Standard of the External State Audit and Financial Control on Carrying out Quality Control by the External State Audit and Financial Control Bodies dated 31 March, 2016 No.5- НҚ, the Methodological Guidelines on Applying Procedural Standard of the external state audit and financial control on Carrying out Quality Control by the External State Audit and Financial Control Bodies dated 15 June, 2016 No.101- НҚ, Statute of the Department dated 31 July 2018 No.124- НҚ.
establishment law and standards issued by professional bodies(as well as policies and manuals)
The organizational structure and total staff of the Department for Assessment and Quality Control is identified by the staffing table. The Department consists of:1) Sector for Quality Control;2) Sector for Аssessment of Public Audit Authorities’ Activity
designated unit but it is not directly reporting to the highest level of authority.
The Regulation. The Statute of the Department, and job description
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
To revise the structure, mandate
To revise the structure, mandate

33
Kuwait
YES

YES

The Quality Assurance Department has been established to ensure quality in all stages of the audit and in the evidence and control products by activating the audit quality system in the practice of supervisory work. The SAI has issued several specialized professional guides (such as Quality Management System in Auditing and Audit Ethics Manual) Moral behavior to maintain high standards of professionalism, transparency and promotion of quality culture and moral environment.
Reflected in all stages of the audit and some institutional aspects
The Quality Assurance Department was established by the decision of the Head of the Audit Bureau No. (22) For the year 2017. The Audit Bureau monitors the quality of the audit reports through the Quality Assurance Department, which follows the head of the SAI directly within the organizational structure to ensure its independence.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
The department is referred to the president of the SAI.
Directly reporting to the highest level of authority.
Legal framework (laws, regulations, guidelines) which is available to all employees and it contain rules and responsibilities of regular assignments.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Quality assurance management is modern and updates the guide to quality inspection system in accordance with international quality standards and providing staff to meet the requirements of these standards.
In the process of implementing ISSAIs

34
Latvia
YES

YES

The Quality Management System (QMS) in the State Audit Office of Latvia (SAO) includes audit quality control and assurance components. The QMS reflect all institutional processes and is designed to ensure that every employee understands and works in compliance with regulatory measures, and is personally responsible for accomplishing his/her work duties and ensuring its quality. For example, the head of each structural unit is responsible for the qualitative performance of the duties and the management of the unit, compliance with the SAO’s requirements, identification of non-compliances in the working processes of the unit, and the introduction of operational improvements. Performance of the SAOs continuously assessed and reviewed.Audit quality control and assurance is the most crucial component of the QMS since auditing is the key business function of the SAO. In order to ensure quality and to make sure that the auditors carry out audits in accordance with international auditing standards and ethical norms, the SAO carries out audit quality control measures. Audit quality control measures are performed: 1) As ‘internal’ controls at several hierarchy levels within a structural unit responsible for the individual audit report:By Audit Team Leader, Head of Audit Sector (comprising a number of teams) and Director of Audit Department (comprising a number of Sectors). Said managers are responsible for compliance and quality of individual audit reports and perform ‘hot reviews’ during all stages of the audit, thus ensuring a timely identification of deviations and errors.2) As ‘external’ (to audit team and managers responsible for the individual audit) controls by several controllers: -By Audit and Methodology Department (for financial audit plans and reports); -By Expert Group composed of the most experienced SAO’s staff members being ‘external’ to individual audit team and it’s management (for performance and compliance audit plans and reports); and Inputs by the Audit and Methodology Department and Expert Group are focused on ensuring that ISSAIs, audit methodology is properly applied and the audit adds value. As a result, the recommendations for the clarification of audits and consequent improvement of the activities are provided. -By Legal Division (for compliance / performance audit plans, financial / compliance / performance audit reports and exclusively – with regard to legal issues).
Reflrcted in all stages of the audit processes and institutional processes.
The QMS in the SAO is described in the following documents:- QMS Manual - SAO’s strategy (medium-term policy document, which sets out the strategic goals, priorities and planned results of the SAO) - SAO Regulation (determining directions, functions, tasks, responsibilities, etc.)- Work Process Descriptions explaining and reflecting operations of the SAO’s (Operations of the SAO are ensured through seven core processes, for example, planning, performance of financial, compliance and performance audits, three management processes and thirteen supportive processes, for example, international cooperation, project management, human resources, communication, etc.)! Important: SAO’s internal rules, regulations and processes are intended for use of employees only, therefore, we will not be able to share them.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
QMS Expert (one position) is responsible for supervising and maintaining the overall QMS.For other units please see answer to the Question 2 (‘Audit level QA’ is organized by Audit and Methodology Department[Staff and Sector other than that involved in Quality control].For the processes, other than auditing (e.g. Strategic Planning, HRM, etc.), quality control is performed by heads of supporting structures, while quality assurance (‘institutional level QA’) is ensured by internal audit unit).
No designated unit but it is controlled through work processes
General assignment of authority and responsibilities level is set out in the Law on the State Audit Office; detailed set-up and information / reporting lines are further defined in internal regulations and processes (approved by the SAO’s Council).For example, the SAO’s Regulation defines the structure of the institution and subordination levels. The Regulation states that the SAO’s officials and employees act under a single hierarchic system and the Auditor General is the highest official in the Office. The SAO is a collegial institution governed by the Council. The Council consists of the Chairman and six members of the Council of the State Audit Office. Chairman of the Council is the Auditor General. Members of the Council simultaneously carry out duties of the Heads of Audit Departments.The Regulation also states that supporting structural units (chancellery, legal division, personnel division, international cooperation division and others) are directly subordinated to the Auditor General. The structure, functions and subordination level of each structural unit and its employees is defined in the corresponding unit’s regulations and detailed job descriptions of all employees.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
The State Audit Office has fully implemented ISSAI 1220 and complies with the principles set out in ISSAI 40*, while QMS overall follows the requirements of ISO 9001:2015.! (*ISSAI 40 brings a slight confusion regarding terminology, which will be hopefully eliminated during the IFPP revision exercise. Namely, -): - ISSAIs (e.g. 3000, 3100, 4000), which were updated well after adoption of the ISSAI 40, define ‘quality assurance’ as a separate (from quality control) process, which ‘allows audits to be independently assessed after their completion on a consistent basis against specific criteria.- The main purpose of a QA process is to monitor the SAI’s quality control system as designed and assess if the appropriate controls are in place and are working appropriately’.- The same understanding is built into the IDI PMF – a handbook for SAIs claiming to be considered as ‘ISSAI-compliant’. - While ISSAI 40 fails to refer to ‘quality assurance’, but places ‘monitoring’ (which is equivalent to ‘quality assurance’) under ‘quality control’.This is not only the question of correct formulation, this is also the question, how SAIs structure their processes and develop their organigrams. We expect that ISSAI 40 will be clarified; concepts ‘cleaned up’ and harmonized. And this could eventually be the occasion, where INTOSAI chooses not to fully follow IFAC’s ISQC 1, but use its own ‘quality assurance’ concept (as it is already described in ISSAI 3000, 3100 and 4000).
ISSAI 40, ISSAI 1220 are implemented.

Audit quality assurance measures (‘Audit level QA’) are performed at least once a year by assessing ‘closed’ audit files to get assurance that ISSAIs and methodologies are consistently and similarly applied by audit teams and identify the best auditing practice, and necessary improvements to internal processes and audit methodology. ‘Audit level QA’ is organized by Audit and Methodology Department[Staff and Sector other than that involved in Quality control].For the processes, other than auditing (e.g. Strategic Planning, HRM, etc.), quality control is performed by heads of supporting structures, while quality assurance (‘institutional level QA’) is ensured by internal audit unit.

35
Lithuania
YES

YES

NAOL has established institutional processes in accordance with ISO9001:2015. Audit process is one of the processes, and when audit quality assurance system is monitored and evaluated, it covers all the elements required by ISSAI 40 (e.g. human recourses).
Reflected in all stages of the audit processes and institutional processes.
The Manual on the Quality Assurance of Public Audits approved by the Order of the Auditor General. The aim of the Manual is to establish quality assurance procedures for the performed public audits to guarantee their quality and compliance with the applicable standards.The Manual sets out public audit quality assurance framework: it defines public audit process, public audit supervision and review mechanism during the audit and mechanism for monitoring quality assurance, it defines roles and responsibilities at all levels in the area of quality assurance and provides their hierarchical scheme, it also provides standardised questionnaire for external review during the audit and standardised questionnaire for completed audits.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
Audit Development Department is responsible for establishing, monitoring and evaluating the system of quality control of audits. Organisational chart can be accessed through the following link:https://www.vkontrole.lt/page_en.aspx?id=217
Not Directly reporting to the highest level of authority.
The Manual on the Quality Assurance of Public Audits defines the roles and responsibilities at all levels in the area of quality assurance. See more information on the Manual in the answer to Question 3.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
ISSAI 40 is implemented fully.
ISSAI 40 is implemented.

36
Netherland
YES

YES

Our Quality Control and Quality Assurance systems are focused on the NCA’s primary process: audit work. The systems cover all types of audits executed by the NCA. We have separate systems to safeguard the quality of supporting processes (or: non-audit work), like our procurement processes, financial management and human resources.The systems of Quality Control and Quality Assurance for our audit work consist of a number of components. The most important are:1) The quality of our staff: The principal safeguard for the quality of our products and processes is the quality of our people. That is why we invest in the recruitment of qualified staff and in the continuing professional development of our staff. At the time of their appointment, our staff either take an oath or make a solemn affirmation in accordance with the General Civil Service Regulations. All members of our staff are subject to a code of conduct. The code of conduct applies not just to the way in which our staff deal with each other, but also to their dealings with people from outside our organisation. Our code of conduct consists of ISSAI 30 and the Code of Conduct for the Civil Service in the Netherlands.2) Quality control in audit projects: Our audit teams bear prime responsibility for the quality of our products and processes. Together with the members of his or her team, the project manager in charge of an audit project is responsible for guaranteeing the quality of the audit process and product. Administrative responsibility is formally vested in the audit director, while the Court’s Board bears overall responsibility. The Secretary-General is responsible for ensuring that our system of quality management is adequate and works properly.
We safeguard the quality of our work by incorporating a number of mandatory steps in our audit process. The various steps have been laid down in our audit cycle, which consists of the various stages together making up the audit process. Each stage comes with its own internal guidelines, manuals and check lists. The audit team working on an audit are free to seek the advice of specialist Court staff, including on audit methods and techniques and on the use of visuals. If desired, additional quality controls can be built into audit projects. These include forming an internal and/or external focus group to debate the audit as it progresses. If necessary, the audit team may also call in the help of external experts.
A range of audit products are produced during the course of an audit, including a project proposal, a set of draft findings, an audit report or another type of product. Every audit product is subject to a set of quality criteria. These are based on the ISSAI and relate principally to the technical and strategic quality of the product, including its accessibility, relevance and reliability.3) Quality control reviews during the course of an audit: In 2009, we adopted a system of quality reviews of our Performance Audits to supplement the quality safeguards built into the audit process. We use these reviews to assess whether our audit products meet our quality criteria. The reviews are designed to help audit teams and audit directors in their work. They are performed by experienced colleagues who are not working on the project in question and are carried out on draft versions of the products before they are sent to the director and/or the Board for comment. Once the reviews have been performed, the audit teams and the responsible director have an opportunity to remedy any problems or discrepancies revealed by them. These reviews are sometimes referred to as ‘hot reviews’, because they are performed while the audit process is still ongoing. We intensified our system of quality reviews in 2015 so that every product is now checked by two people. In addition, random checks are performed of the evidence adduced in support of the findings and conclusions. Only in exceptional circumstances may an audit director ask the Secretary-General to exempt a given product from review; he or she must give good reasons for this. The Quality Control Coordinator coordinates the work of the internal pool of quality reviewers, monitors compliance with the mandatory system of quality reviews, and reports regularly about the results.Our annual Regularity Audit is subject to special quality control reviews during the audit-process, as well as a post-publication quality control review. These quality control reviews are also performed by experienced colleagues who are not working on the project in question. These reviews are also coordinated by a coordinator. 4) Quality Assurance: Since the end of 2014, our Quality Assurance unit has been responsible for monitoring and evaluating our quality management system, in terms of both its design and its operational effectiveness. The Quality Assurance unit does so by performing ‘cold reviews’, i.e. post-audit reviews. The units also arranges, and assists with, reviews by external experts and peer reviews by sister institutions from abroad. The overriding purpose of Quality Assurance at the Netherlands Court of Audit is to obtain information and enhance understanding. In other words, we wish to identify those areas in which our system is operating well and those areas in which there are problems; ascertain whether we are exposed to certain risks; and identify those areas in which improvements may be made. A further objective is to foster an internal quality debate and to ensure that the Court learns lessons from experiences.
The Quality Assurance Officer has an independent status and reports directly to the Secretary-General as the Court’s highest-ranking official. The Quality Assurance Officer prepares an annual plan and an annual report every year, both of which are submitted to the Secretary-General, the Court’s management team, the Board and the Audit Advisory Committee for comment prior to their internal publication.

Reflected in all stages of the audit
Our Quality Control and Quality Assurance systems are based on the ISSAI and on general principles of quality management.The set-up of our system is explained in our Quality Management Policy (currently under revision following a major restructuring of our organization in recent years). This policy is focused on the three “pillars” of our quality management system: the quality of our personnel, of our processes and our products. This policy contains references to the relevant ISSAI. As indicated in our answer to question 2 the various stages and steps of our audit process are visualized in our “audit cycle”. Each stage comes with its own instructions, internal guidelines, manuals and check lists. The ISSAI are incorporated in these documents. For example, we have manuals for specific types of audit, e.g. for our Performance Audit and Regularity Audit, a check list for writing good recommendations and guidelines that contain the quality criteria for the various audit products that are produced during the course of an audit. These quality criteria are based on the ISSAI and relate principally to the technical and strategic quality of the product. These criteria also form the basis of the quality control reviews that are performed during the audit process (we have explained the set-up of this system in more detail in our answer to question 2). The quality control reviewers use a standardized form to give their remarks.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
The Quality Assurance unit is positioned directly under the Secretary-General of the NCA. Together with the controllers they form the “Team Quality and Control”. As of 2018 the Quality Assurance unit consists of two persons. The Quality Control Reviews are executed by colleagues from the audit directorates on a part time and ad hoc basis (e.g. when a reviewer is needed). The reviews are coordinated by coordinators (one for Regularity Audit and one for Performance Audit), who also do this work on a part time basis.
Directly reporting to the highest level of authority.
The governance of the NCA has been written down in several documents that have been accorded by the Board. Furthermore we have an organizational chart and job descriptions. The instructions for each stage of the audit process contain information about the “actors” that have to play a role in each (mandatory) step and/or have a specific responsibility (for example to approve a draft report before it can go to the Board).
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
We strive to comply with the ISSAI. If we can’t comply we use an “explain”. An explanation is sometimes needed because of the specific nature of the control system in the Netherlands and our position in that system. Our national control system, and therefore the context in which we as an SAI have to operate, is different than in many countries. In the Netherlands each ministry has its own internal audit function that checks the financial statements and issues an opinion on these statements. In our Financial Audit work we rely for a great deal on the work done by these internal audit functions.
ISSAI 40, ISSAI 1220 are implemented.

37
NewZealand
YES

YES

Quality assurance over financial audits, performance audits (direct engagements) and engagements that result in reporting to Parliament. The monitoring of institutional aspects included where possible as part of these.
Reflected in all stages of the audit and some institutional aspects
Professional Engagement Standard 3 (PES 3 (Amended)) issued by the New Zealand Auditing and Assurance Standards Board.https://www.xrb.govt.nz/assurance-standards/professional-and-ethical-standards/pes-3/. The standard is based on ISQC 1. PES 3 (Amended) paragraph 12 (g) scopes in the OAG and firms appointed to carry out audits on the Auditor-General’s behalf.We are also comply with ISSAI 40 but assert compliance with PES 3 (Amended) as this is what the auditing firms in NZ use and are familiar with.
establishment law and standards issued by professional bodies(as well as policies and manuals)
The QA function reports to the Assistant Auditor General who reports to the Auditor-General.
Not Directly reporting to the highest level of authority.
Job descriptions and delegations
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Full compliance. Please note, SAI New Zealand appoints private accounting firms as well as its own business unit (Audit New Zealand) to perform audits on its behalf. Audit New Zealand is treated like any other private accounting firm the OAG uses. The aspects in question 6 below are monitored by the OAG QA function as well as the internal monitoring required by each firm
ISSAI 40, ISSAI 1220 are implemented.

38
Palestine
YES

YES

The quality control system at our SAI is consisting of 6 elements , from each element a part only is applied. Concerning quality assurance recently we have started reviewing the audit tasks and this is under the supervision of the National audit office of Sweden.
Reflected in all stages of the audit and some institutional aspects
*according to Law a clear item Of it shows that we have to follow The intosai standards in our work.*Guideline : we have a specific Guideline for reviewing The quality control Of The Audit tasks approved by The IDI , and we follow another Guideline issued by The ARabosai.*Procedure: a committee is formed by The president its main object is to make sure that The quality control is applied.I44 *Standardization forms: we have forms that attached with The IDI Guideline , these forms are adapted with The Palestinian envioronment.
establishment law and standards issued by professional bodies(as well as policies and manuals)
An amendment is done on the organizational chart of our SAI for a specific department of quality control will be added and it will be under the supervision of the internal audit unit.
New eatablishment
It will be under the supervision of the internal audit unit that supervised by the president himself.But currently it is followed by a committee that followed this work and report the results to the president.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
We implementparts of the ISSAi 40 . but for ISSAI 1220 we don’t implement it completely but we implement the parts of risks from it.
ISSAI 40 is implemented.risk assessment or risk based audit is done when selecting a specific institution to be audited, or when preparing the annual audit Plan

39
Papua New Guinea
YES

YES

PNG SAI’s quality control and quality assurance systems are based on the requirements of International Standards on Auditing (ISSAI 1220).
Reflected in all stages of the audit
TeamMate Audit System Settings and Policies.ISA Summaries of main requirements as PNG AGO Proposed Standards. They are supplemented with Practice Notes of the ISSAI Financial Guidelines.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
Each Audit Division is responsible for the quality control of the audit engagements. It starts with the management, Team leaders and the Team Members. All staff is involved in the quality control of audit engagements.
Not Directly reporting to the highest level of authority.
· PNG SAI’s Organisational Structure shows the responsibilities of staff from the bottom up. • Regular Top Management meetings on to disseminate specific responsibilities where needed. • Monthly Audit Divisional Meetings to discuss to disseminate information. • Weekly Audit Team Meetings or when required.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
PNG SAI has met most of the requirements in ISSAI 1220. The requirements have been summarized and used as a guide when setting up quality control and quality assurance measures.
ISSAI 1220 is implemented.

40
Peru
NO

Because the documents related to quality control in the SAI of Peru are under evaluation, as specified in question N° 1, the scope is not defined.
new law to establish intrnal control for quality control. Or work is in progress to establish quality control policies and manual.
As explained in questions 1 and 2, work is underway to define it.
new law to establish intrnal control for quality control. Or work is in progress to establish quality control policies and manual.
As explained in questions 1 and 2, work is underway to define it.
New eatablishment
As explained in questions 1 and 2, work is underway to define it.
new law to establish intrnal control for quality control.
Yes, it is possible to the extent that the Quality Control System had been previously implemented in our SAI as explained in question N° 1.
In the process of implementing ISSAIs

41
Philippines
YES

YES

For Quality Control: There are quality control mechanisms covering supervision and review of audit works as well as procedures for authorizing reports to be issued. However, the conduct of an engagement quality control review (EQCR) prior to the issuance of the audit report is not yet institutionalized.Current initiative:
For financial, compliance and performance audits, there is already a proposed policy to harmonize and complement the existing policies and procedures of the COA on quality control, in conformity with ISSAI 40 on Quality Control for SAIs.For Quality Assurance:
A number of initiatives have already been undertaken by the Commission on Audit (COA) to improve the quality of its constitutionally mandated services through the institutionalization of policies and procedures to keep at par with the good practices in the community of Supreme Audit Institutions (SAIs). This includes the adoption of COA policy on Quality Assurance, QA Review Handbook and the establishment of the Quality Assurance Office (QAO) in CY 2013 per COA Resolution No. 2013-014 dated June 28, 2013. The QAO is mandated to undertake quality assurance reviews on the adequacy of quality control systems of the Commission. The reviews cover both the audit engagement and institutional levels.

Reflected in all stages of the audit processes and institutional processes.
· COA Resolution No. 2013-006 dated 29 January 2013 provides the adoption of COA’s framework of Professional Standards based on the International Standards of Supreme Audit Institutions- INTOSAI framework of Professional Standards. • COA Resolution No. 2013-007 dated 29 January 2013 provides the adoption of the ISSAIs referred to as Philippine Public Sector Standards on Auditing (PPSSAs), including ISSAI 40 on Quality Control for the Commission on Audit and ISSAI 1220- Quality Control for an audit of Financial Statements . • COA Resolution No. 2018-011 dated 01 February 2018 renames the PPSSAs to ISSAIs.
establishment law and standards issued by professional bodies(as well as policies and manuals)
Under COA Resolution No 2018-002 dated 01 February 2018, the Internal Audit Charter of the COA is adopted and it includes the creation of a functional office named Internal Audit Office (IAO), the objectives of which include the evaluation of the COA’s controls and operations performance, among others.Under COA Resolution No. 2013-014, dated 28 June 2013, the Quality Assurance (QA) Policy and QA Handbook were adopted, including the creation of a Quality Assurance Office (QAO).
designated unit but it is not directly reporting to the highest level of authority.
The COA has issued several guidelines on the functions, duties and responsibilities of its auditors. The latest issuance was COA Memorandum No. 2016-023 dated November 14, 2016 which provides the guidelines on the Implementation of the Unified Audit Approach; It contains review and supervision responsibilities of COA auditors, namely: Directors, Supervising Auditors, and Audit Team Leaders.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Following the adoption of the ISSAIs by the COA which include ISSAIs 40 and 1220, COA is now in the process of developing manuals for financial, compliance and performance audits which are ISSAI-based.For financial and compliance audits, there are already proposed policies on the engagement quality control review (EQCR) to complement the existing policies and procedures of the COA on quality control, in conformity with ISSAI 40 on Quality Control for SAIs.For performance audit, the conduct of the EQCR was considered in the proposed Performance Audit Manual and this is to be performed by an Independent Referencer.
In the process of implementing ISSAIs

42
Poland
YES

YES

Quality control and quality assurance systems in our institution apply to the entire audit process starting from the strategic planning and copleteing with the follow-up.
Reflected in all stages of the audit
The procedure was introduced by the President's of the NIK order of 2014 and . includes both elements: quality control and quality assurance.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
The department of audit methodology and professional development is responsible for implementing and monitoring the functioning of the system.The team appointed by the President of the NIK consisting of the directors of several organizational units was responsible for supervising the implementation of the system.In addition, a quality leader was appointed in each unit (11 departments and 16 local units).
Directly reporting to the highest level of authority.
As part of the system, the hierarchy of management was defined for both individual audits and the entire planning process. Each audit included in the work plan is managed in the project mode, and the entire project is managed by a member of the top management in the rank of a vice President or President of SAI.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Our SAI has implemented the quality control principles set out in ISSAI 40 and ISQC 1.One of the important elements is the implementation of the Engagement Quality Control. Review mechanism for all relevant documents, in particular: preparation of a work plan, preparation of an audit program, preparation of a unit audit report and a combined audit report.
ISSAI 40 is implemented.

43
Qatar
YES

YES

The scope includes mainly:1) Proposing general policies, methodologies and standards to ensure Quality in the Bureau
2) Review the quality of audit works and outputs in accordance with quality standards and follow-up on the department’s recommendations
3) Participate in the development of the work regulations, policies and procedures in coordination with concerned administrative units of the Bureau

Reflected in all stages of the audit and some institutional aspects
1) Emiri Decree No. 7 of 2017 determines the structure of State Audit Bureau and mandate for each department. 2) INTOSAI standards. 3) Internal policies and procedures.
establishment law and standards issued by professional bodies(as well as policies and manuals)
Risk Management and Quality Assurance Department (R&MQ) consists of 2 sections namely 1) Risk Management 2) Quality Assurance. R&MQ reports directly to H.E. the President of the Bureau.
Directly reporting to the highest level of authority.
There are Job descriptions defined for each role within the Quality Assurance section in alignment with the hierarchy within the section
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
not answered
not answered

44
Seychelles
YES

YES

The quality control, maintenance and enhancement constitute the integral parts of the audit process in the SAI. Aspects relating to quality of audit output is well inbuilt in the SAI’s strategy, culture, policies and procedures. Though SAI does not have a specifically dedicated formal quality control and assurance systems (wing), due to its small size and so human resource constrains – total staff strength including administrative and support staff is 40 which otherwise is adequate for an island country having population under 100,000, it does ensure quality control and assurance mechanisms through close supervision, monitoring at each level, regular review meetings with audit staff where quality of audit output invariably remains on agenda coupled with scrutiny of audit findings at senior management levels and reporting thereof to ensure due observance of the auditing standards and securing quality. The works submitted by the audit teams include elaborate questionnaires addressing quality relating aspects and reflecting the institutional processes in the audit carried out at different stages which are thoroughly reviewed at the Audit Manager and Deputy Auditor General levels. Thus the auditing and its monitoring process do provide reasonable assurance that the SAI’s quality control related policies and procedures are relevant and adequate ensuring their effective operations.
Reflected in all stages of the audit
To regulate its audit process, the SAI is well equipped with the necessary Constitutional provisions entailing SAI’s functional autonomy, the Auditor General Act, 2010 duly empowers the SAI to operate and regulate the audit scope and procedures with needed independence. Operating under the umbrella of INTOSAI guidelines, the SAI is facilitated with AFROSAI-E’s earlier RAM and now CAM and FAM and participates in the skill up gradation programmes and trainings organized by different SAI bodies (AFROSAI-E etc) and individual SAIs (like India; China etc.) to keep its staff abreast with the developments and good practices in the field of auditing and accounting. SAI has formulated its own audit check lists and financial statements/ Accounts certification pre-requisites, undertakes the specific need based in-house capacity building measures. The SAI formulates its five year Strategic Plan, duly addressing quality related aspects, implemented through its Audit Programme and Implementation Strategy formulated for each audit cycle of a period of 12 months.
establishment law and standards issued by professional bodies(as well as policies and manuals)
As mentioned above, due to the small size of the SAI, an exclusively dedicated arm/structure in this regard is not feasible in the SAI. However, quality control and assurance procedures are well inbuilt into the SAI’s audit systems and procedures providing for review, including audit quality, up to the senior most level.
No designated unit but it is controlled through work processes
The SAI operates on a well-designed administrative hierarchy and operational structure (Organisational Chart may be referred to on SAI’s web site).Through the mechanism of close supervision by the team leader during the course of audits and monitoring by the Audit Manager in charge and later the process of reporting by audit teams and examination and scrutiny of their reports at senior management levels reinforces the quality control process in the audits undertaken.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
As has been stated above in reply to Questions 2 and 3 above, unlike other SAIs of large economies, a formal wing exclusively dedicated to quality control and assurance system is not feasible for the SAI, Seychelles due to its very limited total staff strength. However, the SAI does ensure quality control and assurance mechanisms well in built into the entire audit process. Through proper audit planning duly taking in to consideration associated risks and review of internal controls in the entity, close supervision, monitoring at each level, regular review meetings with audit staff to review quality of audit output and reporting thereof to ensure due observance of the auditing standards. The SAI has duly been discharging its responsibility, as assigned to it in the Constitutional mandate, in terms of timeliness in submission of audit reports to Parliament (National Assembly), audit coverage, topicality and relevance.
Applying consistent quality standards.

45
South Africa
YES

YES

Quality control system:All audit engagements are performed in accordance with the AG directive as required by the Public Audit Act. The directive determines the standards, to be applied in performing audit engagements as well as the nature, scope of such engagements. The relevant public sector principles from the ISSAIs are also adopted as asserted in the audit directive. The SAI has formally adopted an engagement performance policy which provides guidelines for the performance of all audit engagements. In order to achieve consistency in the quality of audit engagement performance, a public audit manual (PAM) provides guidance on the application of auditing standards and legislative requirements. PAM is supplemented by an audit software which further standardize the audit process. The engagement policy also requires that all engagement team members to adhere to the requirements of continuing professional development. Furthermore, the audit engagement policy stipulate supervision and review responsibilities on an audit engagement to ensure that audit quality is upheld. The PAM and the audit methodology is updated on an ongoing basis.The firm also has an EQCR guideline that’s in place and aligned to ISQC 1. The objective of the EQCR is to perform a quality review on significant judgements and significant risk components on an audit and provide an objective view whether the audit report is appropriate in its circumstances.The AGSA has also in recent years developed a process whereby pro-active reviews are performed on a sample of selected audit files. The objective of the reviews is to identify and fix audit quality issues prior to the audit report sign off date. The reviews are limited to certain areas on the audit file that pose an audit quality risk.Over and above the audit report that are issued per auditee, the AGSA on a bi annual basis also reports consolidated audit outcomes of the country through a general report. Quality control processes have been built into the process to ensure the credibility and integrity of these reports
Reflected in all stages of the audit processes and institutional processes.
The independence of the SAI is outlined in Section 188 of the Constitution of the Republic of South Africa, 1996 (The Constitution) and in Section 3 of the Public Audit Act, 2004 (Act No. 25 of 2004) (PAA).The establishment, role, powers, and duties of the SAI is Outlined in Section 188 of the Constitution and in Section 4 & Section 5 of the PAA. The SAIs’ audit methodology, PAM, is compliant with the International Standards on Auditing (ISA) as the audit standards adopted by the SAI. The relevant public sector principles from the ISSAIs are also adopted as asserted in the audit directive.
establishment law and standards issued by professional bodies(as well as policies and manuals)
The current structure of the QC unit is 15 staff members which include 10 QC reviewers that report to two Senior Managers. The two senior managers report to the Head of QC. The Head of QC reports to the National Leader : Audit Services for administrative reasons. The unit is structured into a monitoring function that oversee the firm and engagement level reviews as well as a support function that oversees the pro-active reviews.The quality assurance system is overseen by a governance structure by the Quality Control Assessment Committee (QCAC). The QCAC consist of the Auditor General, Deputy Auditor General, an external audit committee member and an external member with strong technical skills form academia/profession. All monitoring QC reports on completed engagements are submitted independently to this Committee annually for final consideration and assessment of the QC results of the individual engagement managers and consider the corrective action to be taken in respect of any quality concerns in AGSA.
designated unit but it is not directly reporting to the highest level of authority.
The SAI has job descriptions for each role within the SAI which stipulates the roles and responsibilities of the role. The recruitment policy specifies the recruitment, selection and placement of personnel within the SAI. The Acting policy provides guidelines for individuals that are acting on a temporary period on a position higher than the one the employee has for. The SAI has a performance management system which is used to enforce accountability and drive a culture of high performance and is outlined in the performance management policy. A disciplinary policy is also in place to ensure fair disciplinary action in the event of unacceptable conduct or behavior by employees.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
Please see processes above which are based on ISQC 1 and ISA 220 which also looks at the principles around ISSAI 40 and 1220.
ISSAI 40, ISSAI 1220 are implemented.

Quality assurance system : The Auditor-General has established policies and procedures designed to provide it with reasonable assurance that the system of quality control within the Auditor-General of South Africa (AGSA) is relevant, adequate and operating effectively and is complied with. Such polices and procedures include ongoing consideration and evaluation of the system of quality control, including a periodic inspection of a selection of completed engagements. This is achieved through annual reviews conducted by the Quality Control Unit. These reviews consist of firm-level/institutional level reviews and engagement level reviews. The reviews are performed with the objective of testing compliance to ISQC 1. The Quality Control Unit is primarily responsible for the compilation and maintenance of policies and procedures relating to the monitoring function of the system of quality control, communication of the monitoring results to the relevant structures within the AGSA and monitoring of subsequent remedial action processes. The monitoring of the AGSA quality control system is contained in the policy n Monitoring of QC compliance.

46
South Sudan
YES

YES

They do reflect the institutional processes of most of government (MDAs) that are covered by our audit annually.
Reflected in all stages of the audit and some institutional aspects
For our SAI Quality Control, the regulatory framework is ISSAI 40 Quality Control for a SAI, SAI Strategic plan, and Code of Ethics & Conduct.For Quality Control for an audit of financial statements, we follow ISA 1220, which is embedded in the audit programmes in the manual.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
The Unit reviews audit reports and forward to the Deputy Auditor General for 2nd review. The Auditor general is the 3rd and final reviewer.
Directly reporting to the highest level of authority.
Our SAI uses AFROSAI-R Regularity Audit Manual procedures in all assignments.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
not answered
not answered

47
Suriname

Not anewered

48
Switzerland
YES

YES

The quality control and assurance system focuses on the core business of our SAI, which is the supervision of the financial management of the Swiss Federal Administration. This reflects more than 90 % of our activities. Furthermore, the quality assurance system covers other important elements: 1) overall responsibility for the quality assurance system at top management level,
2) ethical requirements for all employees and 3) special attention to the acceptance and continuance of client relationships and special engagements.

Reflected in all stages of the audit and some institutional aspects
Within the scope of legal and constitutional provisions, the Swiss Federal Audit Office (SFAO) is independent and autonomous (INTOSAI Lima Declaration ISSAI 1, UN-Resolution A/66/209). It determines its own annual audit programme, based on risk analysis and on criteria featured in Article 5 of the Federal Auditing Act. The quality assurance system rests on the rules and guidelines edited in the Swiss Auditing Standards (EXPERTsuisse) and the ISA (ISQC 1). Furthermore, the quality requirements are based on the standards and requirements issued by INTOSAI, IFAC (International Federation of Accountants), the IIA, the IIA Chapter Switzerland (SVIR/ASAI), SEVAL (Swiss Evaluation Society), ISACA (Information Systems Audit and Control Association) and the Swiss Audit Supervision Authority (RAB).
establishment law and standards issued by professional bodies(as well as policies and manuals)
The Vice-Director, Head of the Competence Centres, is responsible for the quality control and assurance system. He delegates the execution of some tasks to his assistants or to specialists among the staff.The whole organization is devoted to applying and further developing the quality control and assurance system. The SFAO consists of two main sectors (see enclosed organizational chart): the mandate Sector employees conduct overall risk analyses to define the SFAO's audits for the annual programme. They are responsible for implementing the annual programme and monitor the implementation of report recommendations. The second sector, the Competence Centres, consists of 80 experts in financial, internal, IT, construction and procurement, project and organizational audits as well as evaluation and performance audits. They implement the SFAO's annual programme.
Not Directly reporting to the highest level of authority.
The authority and responsibilities levels are mainly assigned by task descriptions and processes descriptions, including responsibility charts. Changes are communicated in a timely manner (internal newsletters, staff meetings, toolboxes).
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
The SFAO has implemented ISSAI 1220 and ISSAI 40. The quality control and assurance system focuses on both financial and non-financial audits but includes the organizational prerequisites for a coverage of all institutional processes.
ISSAI 40, ISSAI 1220 are implemented.

49
Tajikistan
NO

Not anewered (Q2)
Not anewered
The Accounts Chambers of the Republic Tajikistan has not any sub-legal act refer to the regulation the quality control system.
has not any sub-legal act refer to the regulation the quality control system.
not answered
not answered
not answered Q4
not answered
The Accounts Chambers of the Republic Tajikistan has only statistic summary of the results of Audit.
not implemented

50
Tanzania
YES

YES

The scope of quality control and quality assurance system of National Audit Office is wide and covers all aspects of institutional processes. The aim is to achieve quality on all five domains as per AFROSAI-E Institutional Capacity Building Framework which includes: independence and legal framework, organisation and management, human resources, audit methodology and standards, and communication and stakeholder management.
Reflected in all stages of the audit processes and institutional processes.
The Public Audit Act and Public Audit Regulations specifies that the audits conducted by the Controller and Auditor General shall comply with all INTOSAI standards including ISSAI 40. These legislations include provisions which specify procedures to carry out an audit in order to ensure the quality of audit reports. For example: conducting entrance and exit meetings; seeking management comments on draft audit reports; etc.The National Audit Office has developed various audit manuals for different types of audits carried out by the SAI. These manuals explain the procedures to be followed in conducting the audit and include a section on the quality control processes.Also, the audit manuals has standardized working papers which include the working paper on quality control questionnaires which is supposed to be completed by every person who is assigned with the role of ‘reviewer’ in an audit engagement. This checklist is completed for every audit stage from planning to audit reporting.In addition, the National Audit Office has in place the Quality Control Handbook which details the procedures involved in the audit process to ensure quality is maintained. Also, the office has developed a Quality Assurance Policy which provides the procedures to be followed while carrying out quality assurance activities.Further, the National Audit Office complies with ISSAI 40 – Quality Control for SAIs and ISSAI 1220 – Quality Control for an Audit of Financial Statements.
establishment law and standards issued by professional bodies(as well as policies and manuals)
There are two units devoted to a system of quality control within the National Audit Office of Tanzania; (a) Technical Support Services Unit; and (b) Quality Assurance Unit.The Technical Support Services Unit is responsible for issuing manuals and other relevant guidelines for the audit which are in line with INTOSAI standards including audit circulars, themes, audit calendars, report templates, overall audit plans, client risk matrix, etc. Further, TSSU provides technical support in terms of interpretations to standards and methodologies used in auditing.The Quality Assurance Unit on the other hand is responsible for monitoring the system of quality control by carrying out hot and cold reviews and issuing recommendations to the management for improvement.
Directly reporting to the highest level of authority.
The authority and responsibilities of personnel is explained in the Job List Schedules. There are responsibilities for every level from junior auditors to the most senior auditors. The same responsibilities are included in the audit manuals. The responsibilities of audit team members for every audit project are specified and communicated.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
To a large extent the National Audit Office of Tanzania complies with ISSAI 40 and ISSAI 1220 in carrying out its various audits. So far there are no limitations to affect the SAI to comply with these standards.They are part and parcel of our audit procedures which are explained in the guidelines and audit manuals.
ISSAI 40, ISSAI 1220 are implemented.

51
Turkey
YES

YES

The quality control and assurance system covers financial, compliance and performance audits which correspond to core functions of TCA.
Reflected in all stages of the audit
The Code of Court of Accounts defines audit and administrative functions and duties of the Court, which also contain general requirements of quality control. More detailed and structured requirements for quality control are written in guidelines.Audit guidelines contain quality control process in detail while Audit Quality Management Guideline is complementary and in line with ISSAI 40. Regulation on Ethical Requirements for Auditors defines the rules and responsibilities of auditors on ethical requirements.Some standardized audit procedures are included in audit software in order to guide auditors and ensure quality of audits.Standardized forms are embedded into software to ensure timely submission and documentation of engagement and ultimately the quality.
establishment law and standards issued by professional bodies(as well as policies and manuals)
The management as a board prepares strategic audit plan relying on risk registers and establishes audit teams by managing human resources. During the planning, implementation and reporting the audit, team leader and head of audit department are involved in quality control. They review working papers and audit procedures to evaluate whether they are in conformity with audit manual and related audit standards. Draft reports are reviewed by Report Assessment Commissions comprised of principal auditors not involved in the audit in order to be impartial. After receiving the response of audited entity on findings draft reports are reviewed by Chambers and then by Report Assessment Board headed by the president of TCA.
No designated unit but it is controlled through work processes
Legal framework (laws, regulations, guidelines) which is available to all personnel contain rules and responsibilities of regular assignments.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
The Court implements Audit Quality Management Guideline and Regularity Audit Guideline. They are in line with ISSAI 40 and ISAI 1220. These guidelines are designed for audit and reporting. The quality control procedures for administrative activities are regulated by law and regulations.
ISSAI 40, ISSAI 1220 are implemented.

52
United Kingdom
YES

YES

Answersd with Q3
Reflected in all stages of the audit
The NAO adheres to the International Standard on Quality Control (UK) (ISCQ1) ‘Quality Control for Firms that Perform Audits and Reviews of Financial Statements. Every member of an engagement team has a personal responsibility for quality and is expected to comply with NAO policy and procedures which support this. The responsibility for the NAO's system of quality control ultimately rests with the C&AG. The financial audit Executive Leaders (ELs) are the leadership team members responsible for quality, reporting to the C&AG, the wider leadership team and the board as appropriate. The financial audit ELs lead the Financial Audit Directors’ Group (FADG) which comprises all financial audit directors and which has an oversight role for the quality of financial audit. Financial audit ELs and FADG are supported in their responsibilities by the Director, Financial Audit Practice and Quality (PQ). The Engagement Director shall take responsibility for the overall quality on each audit engagement and should communicate through their actions and messages to other members of the engagement team. NAO have policies and procedures to ensure that it deals appropriately with complaints and allegations that the work performed by its auditors does not comply with professional standards and regulatory and legal requirements. The NAO Code of Conduct requires that staff discuss any such matters that come to their attention with their Director, Executive Leader or the Director of Human Resources in his capacity as the NAO's Corporate Compliance Officer.The NAO has an internal quality control unit which carries out an annual evaluation of the internal quality control system. The results of this are communicated to the NAO’s leadership team, Directors and staff. The quality control unit is an independent assurance function, not a management function. Activities undertaken by the quality control unit include pre-certification hot reviews, post-certification cold reviews, and management of the external reviews carried out on NAO’s audit files by the Financial Reporting Council. High risk audits are assigned an Engagement Quality Control Reviewer (EQCR). The audit cannot be certified without EQCR review of the file with all issues resolved. Each year the NAO’s technical team announces engagement that have been nominated for a pre-certification technical review of accounts. The accounts selected are based on risk.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
See embedded document below:
Directly reporting to the highest level of authority.
The quality control unit is an assurance function and independent of management.

The quality control unit is an assurance function and independent of management. The CQU Director(s) has overall responsibility for management of the Unit and for ensuring that it achieves its stated objectives. The CQU Director(s) will be supported in the day-to-day work of the Unit by an Audit Manager(s) and other staff as required. Its key activities (hot and cold reviews) will be provided by experienced managers drawn from across the wider Financial Audit Practice.

resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
ISSAI 40 is based on ISQC1. The NAO has put into place the policies and procedures to comply with ISQC1. We therefore believe we are compliant with ISSAI40 to the extent it does not conflict with ISQC1 or the ISAs (UK).ISSA1 1220 is a practice note supplementing ISA 220. The NAO has put into place the polices and procedures to comply with ISA 220. We therefore believe we are compliant with ISSA1220 to the extent it does not conflict with the ISAs (UK) or Practice Note 10.
ISSAI 40, ISSAI 1220 are implemented.

53
USA
YES

YES

While GAO undertakes a wide variety of engagements, we have one quality assurance system that is comprised of a comprehensive set of clearly defined, well-documented, and transparent standards and control procedures.
Reflected in all stages of the audit and some institutional aspects
GAO’s quality assurance system assures compliance with Generally Accepted Government Audit Standards (GAGAS). The quality assurance system also satisfies the intent of the international standards embodied in ISSAIs.
ISSAIs, CODE OF CONDUCT. SAI-PMF, manuals
GAO has an independent staff office—the Office of Audit Policy and Quality Assurance (APQA)—headed by the Chief Quality Officer, which is devoted to the quality control and assurance system. The Chief Quality Officer reports to GAO’s Chief Operating Officer and APQA is independent of the mission teams conducting the audit work.
Not Directly reporting to the highest level of authority.
GAO has in place a quality assurance framework (QAF)—a standardized, decision-based engagement management process that provides consistency in the application of key controls. Each engagement includes four levels of leadership, with clearly defined quality-related roles and responsibilities outlined in the QAF.
resposibility is defined among different levels in SAI (from general auditor to audit team) by rules, manuals, job discription
GAO has implemented policies and procedures that satisfy the intent of ISSAI 40 and ISSAI 1220.
ISSAI 40, ISSAI 1220 are implemented.

Sheet 2: Q6 - Q10

#
Country
Q6: Has your SAI developed any standards, policies and/or procedures to ensure: a) That all the audit work carried out is subject to review –including review of the audit plan, working papers and the work of the team, and regular monitoring of the progress of the audit by relevant levels of management or an external opinion– as a way to contribute towards quality and to promote the personnel’s learning and growth
[Through implementing directorates and IA&QC Directorate].

Q6: Has your SAI developed any standards, policies and/or procedures to ensure: b) That when difficult or contentious issues arise, the SAI will resort to technical experts to help solving such issues, as appropriate
[Through external advisory support].

Q6: Has your SAI developed any standards, policies and/or procedures to ensure: c) That any difference of opinion within the SAI is clearly documented and resolved before a report is issued.
[Through the Audit Board and Audit Methodology Committee].

Q6: Has your SAI developed any standards, policies and/or procedures to ensure: d) That your SAI acknowledges the importance of quality control reviews of its audits and that the issues brought forth are resolved in a satisfactory manner before issuing a report.

Q6: Has your SAI developed any standards, policies and/or procedures to ensure: e) The corresponding approval to issue a report.

Q6: Has your SAI developed any standards, policies and/or procedures to ensure: f) An internal culture that acknowledges that quality is essential in all jobs and at the stages of the audit process.

Q6: Please list any relevant documentation that support the statements you ticked/selected above and provide a brief description of each of them (documents might be requested afterwards):

Q7: What standards, policies and procedures has your SAI established and implemented to identify, analyze and mitigate the risks (i.e. internal, external, inherent and/or control risks): a) To ethical conduct within the institution, and/or
Q7: What standards, policies and procedures has your SAI established and implemented to identify, analyze and mitigate the risks (i.e. internal, external, inherent and/or control risks): b) That can affect quality in the execution of the SAI’s work?
Q7: In addition, please elaborate on your response by stating how does your SAI treats any non-compliance with ethical values, including the protection of those who report any suspected wrongdoing.
Q8: Does your SAI have a system in place to ensure that all the objectives/priorities within the SAI conform to quality? If so, how does it work?
Q9: In case your SAI has jurisdictional activities, describe the specific quality control system put in place to ensure the highest quality level of investigations and judgments.

Please elaborate on your answer and, if applicable, list any related documents, providing a brief description of each of them (documents might be requested afterwards):

Q10: How does your SAI elaborate, disseminate, implement and update its Code of Ethics?
In case that your SAI does not have one, please explain why and when it will be elaborated.

Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment

1
Afghanistan
Yes
yes
Yes
yes
Yes
yes
Yes
yes
Yes
yes
Yes
yes
The information is mentioned in [ ] brackets above.
a. [Through implementing directorates and IA&QC Directorate].
b.[Through external advisory support].
c.[Through the Audit Board and Audit Methodology Committee].

Code of Ethics and self-declarations of adherence to them by the staff. The SAO Law, Articles 11 and 22 stipulates the duties to be observed and instances of violations against which the auditor needs to guard. Auditors are rotated in audit assignments at intervals. Auditors are also regulated by the Afghanistan Civil Service code of conduct.
1) Code of Ethics 2) self-declarations 3) SAO Law 4) rotation of auditors 5) Afghanistan Civil Service code of conduct.
Quality review by the IA& QC Directorate of the implementation of the audit plan by audit parties and gaps if any with reasons thereof; Capacity gap assessment in implementing ISSAIs and need for capacity development; internal audit.
A significant risk arises due to prevailing political and security situations in Afghanistan that restricts the coverage of audit in many parts of the country. SAO has established four regional offices to increase accessibility in certain difficult areas. Nevertheless, this risk continues to affect the quality of audit due to exclusions.

1) Quality review 2) Capacity gap assessment 3) internal audit. 4) coverage of audit
Non-compliance with ethical values are dealt with the established civil service procedures including departmental actions. Further, in cases of serious fraud, criminal conspiracy, financial irregularities or cases of corruption, the cases are referred to the Office of the Attorney General for prosecution.

The financial management of the SAO is based on the framework and regulatory mechanism devised by the Ministry of Finance and the HR related matters are dealt with as per the regulation and framework of the Civil Service Commission. Hence, in these matters the quality is subject to external validation/review. For audit process, in addition to the in-built process through the respective Directorates and audit parties, the IA&QC Directorate review compliance and conformity and report upon them.
YES, The financial management & HR related matters ( the quality is subject to external validation/review) . For audit process the IA (INTERNAL AUDIT) & QC (QUALITY CONTROL)
Not applicable.
SAO Afghanistan at present does not undertake jurisdictional activities such as control activities of public finances as done in the Court of Accounts model or judging the accounts submitted by the public accountants, or power of hearing or sanctioning.

not applicable
SAO has adopted ISSAI 30 for its Code of Ethics including the required elements of civil service code. They are shared with all staff and every audit staff needs to sign and submit a self-declaration to the effect that s/he has read and understood the code and commit to abide by them.

The code is reviewed if there are guidance or changes in the ISSAI or if it is warranted by changes in civil servants code or requirement of national anti-corruption strategy.

SAO has adopted ISSAI 30 for its Code of Ethics including the required elements of civil service code. They are shared with all staff and every audit staff needs to sign and submit a self-declaration to the effect that s/he has read and understood the code and commit to abide by them.

The code is reviewed if there are guidance or changes in the ISSAI or if it is warranted by changes in civil servants code or requirement of national anti-corruption strategy.

2
Argentina

3
Australia
Yes
yes
Yes
yes
Yes
yes
Yes
yes
Yes
yes
Yes
yes
1) The ANAO Audit Manual (the Manual) sets ANAO policies and guidance applying specifically to the audits and other assurance work performed by or on behalf of the Auditor-General in accordance with ANAO Auditing Standards. The Manual also demonstrates compliance with the requirements of Auditing Standard on Quality Control ASQC 1 and includes policies and procedures which promote quality audits and for monitoring the application of those policies and procedures.
Within the Manual there are relevant policy chapters on:
- Leadership Responsibilities for Quality
- Monitoring Quality Control Policies and Procedures
- Engagement Quality Control Review
- Consultation
- Differences of Opinion
- Supervision, Direction and Review
- Engagement Performance

2) Quality Assurance Framework is the authoritative policy document on quality control.

1) The ANAO Audit Manual
2) Quality Assurance Framework

ASQC 1, ASA 102, ASAE 3000, ANAO policy on Professional and Ethical Requirements, and the Australian Public Service Code of Conduct.
ASQC 1, ASA 102, ASAE 3000, ANAO policy on Professional and Ethical Requirements, and the Australian Public Service Code of Conduct.
There are Quality Control and Quality Assurance procedures outlined in the ANAO policies for:
- Leadership Responsibilities for Quality
- Monitoring Quality Control Policies and Procedures
- Engagement Quality Control Review
- Consultation
- Differences of Opinion
- Supervision, Direction and Review
- Engagement Performance

Quality Control and Quality Assurance procedures outlined in the ANAO policies
The ethical requirements of APES 110 apply in addition to the ethical requirements that apply to ANAO staff as Commonwealth public servants. ANAO staff are bound by the Australian Public Service (APS) Code of Conduct made under the Public Service Act 1999. The APS and ANAO Values and Codes of Conduct also apply to any ethical non-compliance. ANAO staff are also bound by the General Duties of Officials under Division 3 of the PGPA Act.
Also, the Public Interest Disclosure Act 2013 (Cth) (PID Act) is designed to facilitate disclosure and investigation of wrong doing in the Commonwealth public sector. The primary mechanism to achieve this is by protecting 'whistleblowers' from reprisal action in order to encourage public officials to report suspected wrongdoing.

The ANAO Quality Assurance Framework.
A sound quality framework supports delivery of high-quality audit work and enables the Auditor-General to have confidence in the opinions and conclusions in reports prepared for the Parliament. A key element of the ANAO Quality Assurance Framework is monitoring of compliance with policies and procedures that comprise the system of quality control. The monitoring system comprises internal and external quality assurance reviews of the ANAO’s audit and other assurance engagements. Please also more information on quality assurance process on our website: https://www.anao.gov.au/about/audit-process

YES, The ANAO Quality Assurance Framework.
Not applicable to the ANAO.
not applicable
The requirements of APES 110 and ASQC 1 apply to assurance work conducted by the ANAO, except to the extent, if any, that these requirements conflict with legislative requirements. If a possible conflict between the requirements of APES 110 or ASQC 1 and relevant legislation is identified, the matter shall be referred to the responsible Group Executive Director and the PSRG Group Executive Director.
The ANAO is also required to implement the Australian Public Service Code of Conduct, and elaborates, implements and disseminates its code of ethics through various ANAO policies such as the policies on Professional and Ethical Requirements and numerous Human Resources policies. These are available to all staff on the ANAO Intranet page and referred to in commencement documentation.

implement and disseminate the code of ethics through various ANAO policies such as: the policies on Professional and Ethical Requirements and numerous Human Resources policies. These are available to all staff on the ANAO Intranet page and referred to in commencement documentation.

4
Azerbaijan
No Answer
No Answer
No Answer
NO Answer
No Answer
NO Answer
No Answer
NO Answer
No Answer
NO Answer
No Answer
NO Answer
No Answer
NO ANSWER
No Answer
no answer
No Answer
no answer
No Answer

No Answer
NO ANSWER
No Answer
no answer

Service behaviour of the civil servant is based on rules and principles of ethics conduct defined in the Law of the Republic of Azerbaijan on “Rules of Ethics Conduct of Civil Servants”. According to the Law head of the state body within his \her authority should draft and approve regulatory acts specifying ethic conduct rules and their observation determined by the Law. In this regard, the Chamber of Accounts drafted and approved ‘The Rules on Ethics Conduct of the members of the Chamber of Accounts of the Republic of Azerbaijan’ and ‘The Rules on Ethics Conduct of the civil servants of the Chamber of Accounts of the Republic of Azerbaijan’. Also, according to the Law of the Republic of Azerbaijan on the Chamber of Accounts the Chamber adopts ethic conduct rules, which are in accordance with the international standards of the supreme audit institutions. The members and officials of the Chamber of Accounts are obliged to comply with the provisions thereof.

‘The Rules on Ethics Conduct of the members of the Chamber of Accounts of the Republic of Azerbaijan’ and ‘The Rules on Ethics Conduct of the civil servants of the Chamber of Accounts of the Republic of Azerbaijan’. The members and officials of the Chamber of Accounts are obliged to comply with the provisions thereof.

5
Bahrain
Yes
yes
Yes
yes
Yes
yes
Yes
yes
Yes
yes
Yes
yes
NAO Law: it specifies that audit reports have to be issued by the Auditor General. it also emphasis on the need of independence and professional due care when perform the audit.
- audit Procedures Manuals: prepared based on INTOSAI pronouncements and other legal requirements and they specify in details every step of the audit process, including the different review levels.
NAO Law
Audit Procedures Manuals
HR Policy.
Performance Management Procedures.
The NAO professional code of conduct is in-progress as part of NAO Strategy (2016-2019)
1) HR Policy.
2) Performance Management Procedures.
3) The NAO professional code of conduct is in-progress as part of NAO Strategy (2016-2019)
No Answer
no answer

No Answer
NO ANSWER
No Answer
no answer
no answer
no answer

6
BELGIUM
Yes
yes
Yes
yes
Yes
yes
Yes
yes
Yes
yes
Yes
yes
General:
- Rules of procedure
- Code of ethics
- Strategic plans 2014-2019 (at Court and federal & regional audit sectors levels)
- Quality management system of the Court of Audit. Position paper.

Specific:
E.g. for performance auditing
- Procedural manual on thematic audits
- Manuals on the selection of topics
- Manual on audit questions and audit criteria
- Manual on statistical analysis
E.g. several manuals on financial auditing
E.g. specific manuals on e.g. human resources audit, procurement audit, audit of internal control systems, on the audit of grants …

ISSAI’s and ISA’s

Training policies and plans (elaborating on the above issues)

Rules of procedure
Code of ethics
Strategic plans 2014-2019 (at Court and federal & regional audit sectors levels)
Quality management system of the Court of Audit. Position paper.
Manuals
ISSAI’s and ISA’s
Training policies and plans

Code of ethics, staff regulations

1)Code of ethics, 2) staff regulations

Audit and procedural manuals, supplementary College decisions, strategic and operational planning procedures

E.g. relating to thematic/performance auditing:
- the criteria for selection of topics are as much as possible quantified, with a uniform scoring system, to make the selection as objective as possible. The proposed themes have to pass several quality checks.
- in every preliminary study the auditors have a) to identify the risks for that particular audit and b) propose measures to deal with these risks. Every preliminary study also includes an audit matrix (a detailed table with audit questions, audit criteria and methods), which is very important for the quality of the audit. A preliminary study has to pass several quality controls: peer review, review by the audit supervisor and the audit director, approval by the College.
- during the conduct of the audit, audit documentation should be systematically kept, non-written sources of information (such as interviews, focus groups) have to be validated by the interviewed persons. Dummy reports make timely feedback & guidance by the audit supervisor possible.
- the draft audit report has to pass several quality controls: review by the audit supervisor & audit director, review by an editor, approval by the College. There is a contradictory debate with the audited administration(s) and with the minister
- a follow up of audit findings is required

Each audit report is reviewed and approved by the College, consisting of 12 members with diverse educational backgrounds and experience. This discussion also contributes to the identification and elimination of possible bias.

1) Audit and procedural manuals, 2) College decisions, 3) strategic and operational planning procedures

Measures to treat non-compliance are included in our staff regulations, e.g. performance appraisal interview, disciplinary procedure.

See question 6 and 7
See question 6 and 7
Jurisdictional activities are conducted according to procedural rules that are included in the Judicial Code, these have to ensure an independent and impartial jurisdictional functioning.
Compliance with these rules is safeguarded by the possibility of appeal against the judgments of the Court of Audit.
We supervise the expertise of the staff members involved and the uniform handling of every case.

procedural rules that are included in the Judicial Code,
Our Code of Ethics was elaborated in 2009. It is disseminated through our website, intranet …
Our Code of Ethics was elaborated in 2009. It is disseminated through our website, intranet …

7
Belice
Yes
yes
Yes
yes
No
NO
Yes
yes
Yes
yes
Yes
yes
Audit Manual (a, b,d,e, f)
Audit Manual (a, b,d,e, f)
Code of Ethics, Independence Forms and Oath of Secrecy. Public Service Regulations (PSR)
1) Code of Ethics, 2) Independence Forms and Oath of Secrecy. 3) Public Service Regulations (PSR)
NO ANSWER
no answer
Non- compliance of ethical values are dealt with via the Public Service Regulations. Disciplinary procedures carried out by a third party.

Weekly reporting of Team assignments progress.
YES, WEEKLY REPORTING of Team assignments progress.
not applicable
not applicable
Code of Ethics reviewed annually with staff certification of acceptance.
Code of Ethics reviewed annually with staff certification of acceptance.

8
Bhutan
Yes
yes
Yes
yes
yes
yes
Yes
yes
Yes
yes
Yes
yes
The following laws define the quality control system
1. Bhutan Civil Service Regulations: For all controls relating to Human Resource
2. Financial Rules and Regulations: For all matters concerning Finance of the RAA
3. Financial Audit Manual: For quality control of financial auditing
4. Performance Audit Guidelines: For quality control of Performance auditing
5. Compliance Audit Guidelines: For quality Control of compliance auditing
6. Auditor General’s Standing Instructions: For ethical behavior and conduct of the auditors
There are also other rules like Code of conduct ethics and secrecy, style guide, executive orders and other manuals that provide necessary quality control system in the Royal Audit Authority

laws define the quality control system
rules: Code of conduct ethics and secrecy, style guide, executive orders and other manuals that provide necessary quality control system in the Royal Audit Authority

Code of conduct, ethics and secrecy which is instilled in every auditor during recruitment
1) Code of conduct, 2) ethics and secrecy which is instilled in every auditor during recruitment
AG’s Standing Instructions provides the procedures to ensure that quality of work is not affected in any way.
procedures
Since the establishment of Quality Assurance is relatively new, the non-compliance and its treatment is still vague. However, the QA policy states that significant cases of non-compliances will be dealt with more capacity development activities including reprimands for repeated non-compliance. There will also be reward system for best compliant teams. After the adoption of the QA policy, it will provide clearer picture on the treatment of non-compliance with ethical values

All employees of the RAA are made to understand the importance of quality. The adoption of ISSAIs has also emphasized the importance of quality and is integrated to all the functions of the Royal Audit Authority. Supervisors are the main focus of this quality control measures that needs to be implemented and have been instructed on their controls that will ensure quality in all of RAA’s function.
YES, All employees of the RAA are made to understand the importance of quality and is integrated to all the functions of the Royal Audit Authority.
Not Applicable
not applicable
The code of conduct, ethics and secrecy is elaborative and there are no requirements to make any changes at this stage. All the new recruits have to undergo minimum of two week induction programe including on dos and don’ts and every new recruits/auditor have to oath at the beginning of their services.
The code of conduct, ethics and secrecy is elaborative and there are no requirements to make any changes at this stage. All the new recruits have to undergo minimum of two week induction programe including on dos and don’ts and every new recruits/auditor have to oath at the beginning of their services.

9
Botswana
Yes
yes
Yes
yes
yes
yes
Yes
yes
Yes
yes
Yes
yes

a) Audit manuals and the review policy. These documents indicate the three level reviews to be carried out and the responsibilities for each level of review.
b) ISSAI 1220(18) is used as a provision that allows the SAI to consult externally, however the SAI does not have an internally developed policy for that.
c) Quality assurance policy and quality assurance manual. They detail the process to be followed and indicate the involvement of the quality control committee.
d) Audit manuals containing the review levels, and the quality assurance manual detailing the engagement quality control reviews.
e) The report is issued by the Auditor General as per the Public Audit Act of 2012.
f) The strategic map showing a snapshot of high level objectives with quality being the core theme.

a) Audit manuals and the review policy.
b) ISSAI 1220(18)
c) Quality assurance policy and quality assurance manual.
d) Audit manuals , and the quality assurance manual
e) The report is issued by the Auditor General as per the Public Audit Act of 2012.
f) The strategic map
Code of ethics
Code of ethics
There is a Government wide risk management framework and manual that has recently been launched, and the SAI as a government department is also looking to implement it. There are also audit manuals and Job effectiveness descriptions
risk management framework and manual audit manuals and Job effectiveness descriptions
Any deviations, wrongdoing or non-compliance is addressed in the context of the public service act to decide on the course of action to be administered.

Yes, the strategic plan. This shows what the objectives are, how they will be achieved, who is responsible for them and how achievement will be measured.
YES, the strategic plan
Not applicable.
not applicable
It has been distributed to staff members, and in a case of audit work auditors are requested to make a declaration of code of ethics for every assignment. The code is currently being reviewed to update it and come up with a more inclusive implementation plan and follow up mechanisms.

It has been distributed to staff members, and in a case of audit work auditors are requested to make a declaration of code of ethics for every assignment. The code is currently being reviewed to update it and come up with a more inclusive implementation plan and follow up mechanisms.

10
Bulgaria
Yes
yes
Yes
yes
yes
yes
Yes
yes
Yes
yes
Yes
yes
National Audit Office Act - a), e), Rules and Procedures of BNAO – a), c), d), e), Audit Manual - a) to f)
National Audit Office Act - a), e), Rules and Procedures of BNAO – a), c), d), e), Audit Manual - a) to f)
BNAO Code of Ethics based on ISSAI 30
Code of ethics
Council for Risk Management (headed by a member of BNAO) performs monitoring and governance over risk management process in BNAO. A Strategy for Risk Management and a number of internal rules regulates risk management.
Risk Management
Ethics Commission headed by a vice-president of BNAO is developing and applying policies regarding Ethics. Ethics Commission can perform investigations and propose measures.

Risk assessment especially about risks that can affect audit quality is a part of strategic and annual audit planning.

Yes, this system is related with BNAO strategic governance and management. Institutional strategy for the period 2018-2022 is decomposed to annual Operational plans. Any changes and deviations from annual Operational plans is considered as a potential treat for quality. Operational plans are approved from BNAO board. BNAO board is supported by Strategic planning team which is permanent group of BNAO experts.
YES, BNAO strategic governance and management
Not applicable.
not applicable
Code of Ethics is published on BNAO website - http://www.bulnao.government.bg/bg/search/download/11438/etichen-kodeks-2018.doc And is disseminated amongst the auditors and employees of BNAO.
Code of Ethics is published on BNAO website - And is disseminated amongst the auditors and employees of BNAO.

11
Canada

12
Chile
Yes
yes
yes
yes
no
no
no
no
yes
yes
no
no
a) Audit regulation, art 6° y 9°, Obligations that the audit executive assists in managing, directing and coordinating the audits carried out in his area of competence, and to the audit supervisor, as soon as he is responsible for directing and coordinating the audit team in the field.
b) Lineament N° 5, Hiring of Experts.
e) d), art. 6°, Audit regulation, respect, the obligation that assists the audit executive, in order to review and audit audit reports including the safeguarding of their quality.

a) Audit regulation,
b) Lineament N° 5, Hiring of Experts.
e) d), art. 6°, Audit regulation, respect, the obligation that assists the audit executive, in order to review and audit audit reports including the safeguarding of their quality.

The creation of a CGR Integrity System, which includes a focus on the prevention of possible breaches of integrity, how to detect them, and deliver timely responses and corrections.
The creation of a CGR Integrity System
Of course, the quality of work of our SAI may be affected, for this reason the creation of the Integrity System.
Integrity System.
CGR has created a set of rules and procedures, tools and initiatives aimed at promoting and reinforcing the integrity of officials. The system has defined the following Official structure, Counselors and Superior Integrity Council, with the final purpose of detecting, preventing and giving answers and timely corrections to the officials.
The system is fed through consultations and denunciations presented by officials.
CGR officials must act under the principle of Probity, impeccable conduct, honest and loyal performance of the position, not prioritizing their personal interest over the institutional.
There is also the Code of Ethics and Code of Conduct, tools that allow the SAI's ethical standards to be agreed, with application to all CGR officials.

We work on it.
NOT YET, WORKING ON IT !!
The protection of the jurisdictional activities carried out by our SAI are based on:
a) art. 65, Auditing Regulations, stating that if the examination of accounts reveals a detriment to public property, the SAI will pursue civil liability through the formulation of a remedy.
b) VII, examination and judgment of the accounts, which regulates objectives, terms, powers, backups of expenses and income, account holders, constitution of the repair, notification of the claim, judgment of account and judgments.

The protection of the jurisdictional activities carried out by our SAI are based on:
a)Auditing Regulations,
b) examination and judgment of the accounts
The Code of Ethics is another document of the Comptroller's Integrity System. It was carried out in 2018. It became known with brochures and online courses.
Likewise, it is posted on the institutional intranet, such as the integrity system as a whole.

The Code of Ethics is another document of the Comptroller's Integrity System. It became known with brochures and online courses.
Likewise, it is posted on the institutional intranet

13
Colombia
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Document of principles, foundations and general aspects for audits. Guide for financial audits Guide for compliance audits Guide for performance audits Good government code

Document of principles, foundations and general aspects for audits. Guide for financial audits Guide for compliance audits Guide for performance audits Good government code

Disciplinary statute of Colombia - law 724 of 2002. Code of Ethics of the SAI - resolution 349 of 2015. Disciplinary control procedures manual Anti-corruption plan and citizen service plan - PAAC in its corruption risks component. Policies for the prevention of conflict of interest - resolution 612 of August 16, 2017.

1) Disciplinary statute of Colombia - law 2) Code of Ethics of the SAI 3) Disciplinary control procedures 4) manual Anti-corruption plan and citizen service plan 5) Policies for the prevention of conflict of interest.

Yes. For failure to comply with the institutional mission, objectives and effect of procedures.
institutional mission, objectives and effect of procedures.
The SAI of Colombia gives application to the national regulations in the matter to investigate these breaches, through its office of disciplinary control, and the application of the law 734 of 2002, where the possible conducts, procedures and sanctions are established to apply.

Likewise, those who denounce are conceived as a subject who can provide evidence, interpose resources and whose participation is subject to the reservations of law.

It is important to note that the complainant does not need to be identified in order for the corresponding investigations to be carried out.

Yes. The internal control and quality management system SCIGC, which among other objectives includes: Contribute to the fulfillment of the mission and objectives of the entity, as well as to the continuous improvement of its management and results ....

Contribute to the generation and strengthening of organizational culture characterized by management by process and results, focused on the client (citizenship and congress of the republic), based on ethics, transparency, control, quality, assurance of the quality and continuous improvement
Yes. The internal control and quality management system
There are no jurisdictional activities. The process of fiscal responsibility in charge of the SAI is of an administrative nature, which is known by an instance of contentious administrative jurisdiction of the Colombian State.
not applicable
The code of ethics has been developed within a participatory process with the officials of the SAI of Colombia.

Suggestions are received and all contributions are analyzed.

It is disseminated through activities planned annually by an SAI ethics committee. They use media such as talks, campaigns in the media, public ethics courses and the figure of an official in each unit that acts as an ethical leader, called PILE.

It is implemented with the resolution of the Comptroller General of the SAI, having the binding nature for all officers.

It is updated in periods no longer than 4 years.

The code of ethics has been developed within a participatory process with the officials of the SAI of Colombia.

Suggestions are received and all contributions are analyzed.

It is implemented with the resolution of the Comptroller General of the SAI, having the binding nature for all officers.

It is updated in periods no longer than 4 years.

14
Costa Rica
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
All the documentation is contained in the MAGEFI and in the audit procedures as quality instruments, instruments and specific control points within each audit phase. The procedures are reviewed and updated annually based on the results of the self-evaluations carried out.
All the documentation is contained in the MAGEFI and in the audit procedures as quality instruments, instruments and specific control points within each audit phase. The procedures are reviewed and updated annually based on the results of the self-evaluations carried out.
The audit procedure established the ethical framework and the behavior that the auditor must keep to ensure that the audit is executed within a probity environment. Likewise, the audit teams make a declaration of independence, confidentiality and objectivity, each time they initiate an audit. | In addition, the institution has a Code of Conduct for officials (R-DC-48-2011).
1) The audit procedure established the ethical framework. 2) Code of Conduct for officials.
Evidently, compliance with these tools aims to mitigate the risks of loss of independence, objectivity and confidentiality of the audit. A transgression of these would put at risk both the quality of the control products and the institutional reputation.
Evidently, compliance with these tools aims to mitigate the risks of loss of independence, objectivity and confidentiality of the audit. A transgression of these would put at risk both the quality of the control products and the institutional reputation.
The Statute of Autonomous Services of the SAI refers to the responsibilities of its officers, as well as any transgressions to the regular, including the ethical aspects of the auditors. There is also a platform of complaints of irregular facts filed with the SAI in which a complaint from an official of the institution could enter. In addition, the Internal Audit of the institution receives possible complaints about irregular behavior of SAI officials. Finally, in the case of complaints, there is a Regulation for their attention that regulates the guarantees of the service provided (R-DC-75-2018).

No. However, all the processes and procedures of the SAI have a clear definition of the stages, phases, instrument, activities and control points, as well as those responsible for applying them. At the institutional level, the Corporate Governance Unit is responsible for managing these procedural objectives that include the basic elements of quality management in accordance with ISSAI 40.
No. However, all the processes and procedures of the SAI have a clear definition of the stages, phases, instrument, activities and control points, as well as those responsible for applying them.
Not Applicable because Costa Rican SAI doesn’t has jurisdictional activities
not applicable
It does it as part of the implementation and strengthening of institutional corporate governance, and furthermore of the internal control system.
It does it as part of the implementation and strengthening of institutional corporate governance, and furthermore of the internal control system.

15
Croatia
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Documents are listed in answer to question 3.
Framework that establishes the quality control and quality assurance system in the SAO of the Republic of Croatia is defined by the State Audit Office Act, ISSAI standards, Code of professional ethics for state auditors, internal regulations and procedures. In addition, there is Financial audit manual, EU funds audit manual, Performance audit manual and Direction of auditor general on how to write audit reports. For specific areas of audit and certain groups of auditees there are guidelines and instructions (such as auditing of universities and institutions of higher education, then audit of political parties, audit of tourist boards, audit of internal control systems, etc.).

Code of ethic sets out ethical values and principles, and the way a SAI expects its staff to behave, therefore guiding individual conduct.
Code of ethic
SAI has adopted audit standards as well as manuals and procedures how to implement standards, which include procedures how to identify, analyze and mitigate risks.
1) audit standards 2) manuals and procedures 3) procedures how to identify, analyze and mitigate risks.
SAIs have ethics advisor which give advice on specific ethical issues, foster ethical behaivor and follow application of Code of ethic. A way to identify and analyse vulnerabilities and recommend measures for improving ethics management is self-assessment. There are procedures for reporting cases of misconduct and for timely and adequate response. Information gathered from the procedures above are used to regularly evaluate, update and improve ethical policies.

NO ANSWER
NO ANSWER
SAI has no jurisdictional activities.
not applicable
The Code of ethics sets ethical rules or codes, policies and practices. Code of ethics is disseminated to all staff. It is available on intranet and web page. It is updated regularly with ISSAI and when there is need for updating.
The Code of ethics sets ethical rules or codes, policies and practices. Code of ethics is disseminated to all staff. It is available on intranet and web page. It is updated regularly with ISSAI and when there is need for updating.

16
Cyprus
yes
yes
yes
yes
No
NO
yes
yes
yes
yes
yes
yes
Documentation relevant to points a), d), e) and f):

Auditing Guideline no. 4 (internal procedure regarding audit documentation - mention is made of the review of audit files and draft reports by senior staff).

Supervision and monitoring of audit teams is also provided for in the relevant Schemes of Service (formal job descriptions) for each grade of staff involved.

Audit Guideline no.19 concerns the procedures for ensuring audit quality through independent cold reviews (quality assurance system).

Regarding point b): no formal documented procedure is in place, but this is the general practice followed.
Documentation relevant to points a), d), e) and f):

Auditing Guideline no. 4

Schemes of Service (formal job descriptions)

Audit Guideline no.19

Regarding point b): no formal documented procedure is in place, but this is the general practice followed.
The Office has established a Code of Ethics and Professional Conduct and all staff are required to sign annual declarations that confirm they are aware of the latest version of the Code and its provisions.
1) Code of Ethics and Professional Conduct 2) sign annual declarations that
Such risk analysis procedures are yet to be determined by the Office.
Such risk analysis procedures are yet to be determined by the Office.
Cases of failure to abide by the provisions of the Code of Ethics are handled in accordance with the Public Service legislation (Part VII of the Public Service Law, Disciplinary Code). With regard to whistleblowing procedures, the Public Service Laws 1990-2015 (article 69A) provide that public sector employees are obliged to report in writing, to the responsible authority, any actions of corruption or bribery of staff during performance of their duties. A draft bill for the protection of whistleblowers is currently before the House of Representatives awaiting enactment. The Office has no further internal policies for dealing with such matters.

Please see answer to question 6 above. Also, the three-year Strategic Plan of the Office integrates quality issues in the defined strategic goals and refers to quality assurance procedures as a means of ascertaining conformance to quality standards.
YES, the three-year Strategic Plan of the Office integrates quality issues
N/A - Our Office is of the Anglo-Saxon model and has no judicial role.
not applicable
The Code of Ethics and Professional Conduct was first introduced in 2015. It was prepared based on ISSAI 30 and sample Codes obtained from other European SAIs and relevant associations. Upon its approval by the Auditor General, the Code was disseminated to all staff and a presentation of its key provisions was made to all auditors. It was also uploaded on the Office website, both in Greek and in English.

Updates to the Code are made as appropriate, when deemed necessary due to evolving circumstances or developments in the underlying ISSAI.
The Code of Ethics and Professional Conduct was first introduced in 2015. It was prepared based on ISSAI 30 and sample Codes obtained from other European SAIs and relevant associations. Upon its approval by the Auditor General, the Code was disseminated to all staff and a presentation of its key provisions was made to all auditors. It was also uploaded on the Office website, both in Greek and in English.

Updates to the Code are made as appropriate, when deemed necessary due to evolving circumstances or developments in the underlying ISSAI.

17
Czech Republic
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
SAO Auditing Standards - implemented by ISSAI 100-400 within the scope of the SAO mandate Directive No. 104 - sets procedures and activities for the entire audit process starting with identification of topic to be audited through approval of the audit conclusion by the SAO Board to subsequent activities (opinions for the discussion of audit conclusions in government, evaluation of audit action). It specifies activities and responsibility for their implementation. Code of Ethics of the SAO
SAO Auditing Standards - Directive No. 104 Code of Ethics of the SAO
Working Regulations, SAO Code of Ethics
1) Working Regulations, 2) SAO Code of Ethics
Directive No. 104, Risk Catalogue (Identified Risks, risk management is in place)
Risk Catalogue
Not found.

The SAO Strategy for the period 2018-2022 sets out Goal 5 "Improving performance of audit through streamlining audit processes ". The objective is fulfilled through an amendment of internal regulations, notably by the adoption of the new Directive No. 104 (including remote access audit, use of documentation in electronic form), emphasis shall be put on elaboration of methodical materials for performance of activities influencing quality (e.g. performance audit manual).
YES, The SAO Strategy for the period 2018-2022 sets out Goal 5 "Improving performance of audit through streamlining audit processes "
Not relevant.
not applicable
The SAO Code of Ethics was approved by the decision of the SAO President of October 2018. It is based on the ISSAI 30 (Code of Ethics). Employees of the SAO are obligated to follow it. The elaboration of the Code of Ethics is within the competence of the Office of the SAO President. The current task is to verify whether the code needs to be updated.
Employees of the SAO are obligated to follow it. The elaboration of the Code of Ethics is within the competence of the Office of the SAO President. The current task is to verify whether the code needs to be updated.

18
Denmark
Yes
yes
yes
yes
No
no
yes
yes
yes
yes
yes
yes
SOR2 covers the following topics in these specific items: a) – item 27 b) – item 28 e) – item 1 f)- item 4
SOR2 covers the following topics in these specific items: a) – item 27 b) – item 28 e) – item 1 f)- item 4
The leadership are responsible for a code of ethical conduct, that employees in Rigrevisionen must follow
The leadership are responsible for a code of ethical conduct
SOR in general, and SOR2 especially
SOR in general, and SOR2 especially
We do not have a whistle-blower mechanism, but all employees must sign a declaration of proper conduct annually.

Yes- cf. question 4b, the audit standards are present in all aspects of the working procedure. In addition, official statements regarding the goals/results in quality control are published in our annual report, and our progress report.
YES, The SOR-2 clearly specifies the responsibilities regarding quality control : 1. The auditor general has the general responsibility for quality control and for the distinction of the responsibilities amongst other leadership levels.

2. The leadership (cf. organizational chart) are responsible for systems of quality control regarding the completion of audits that the employees should follow.

3. The leadership assigns a responsible head of office as responsible for each audit and the adherence to SOR

4. Leaders on all levels in the organization, should strive to develop a culture of clear employee co-responsibility for each task. Each audit-team should to some extent be held responsible for auditing according to the SOR 1-7.
we do not
not applicable
Cf. question 7a:

The Code of Ethics is agreed upon by the Leadership, in accordance with a multitude of factors – primarily, it includes learnings from ISSAI 30 and specific national requirements for ethical conduct.
The leadership are responsible for a code of ethical conduct, that employees in Rigrevisionen must follow

19
Dominican Republic
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Meetings of the Audit Committee, legal reports and opinions regarding the revision of the Legal Directorate, and supervision of teamwork, visits by the audit Director to the subject-examination entities.
1)Meetings of the Audit Committee, 2) legal reports and opinions regarding the revision of the Legal Directorate, and 3) supervision of teamwork, 4) visits by the audit Director to the subject-examination entities.
The ethical and disciplinary regime of the Public Function Act 41-08.
Decree establishing the functioning of the Commissions of public ethics (CEP) and repealing Decree No. 149-98, which creates the CEP. Given on April 26, 2017.
Institutional Ethics Handbook.
Commission of public ethics, there are institutional murals where the ethical values of the institution are informed.
By the year 2015 a diagnosis of the internal Control system was carried out.
Semiannually, confidential internal surveys are carried out, as well as measurement of the performance of each of the servers.

For the 2016 together with the EFS Chile and Panama as moderators A self-assessment was made INTOSAint of which we have been working on opportunities for improvement and establishing most processes through electronic systems
1) The ethical and disciplinary regime of the Public Function Act 41-08.
2) Decree establishing the functioning of the Commissions of public ethics (CEP).
3) Institutional Ethics Handbook.
4) Commission of public ethics, there are institutional murals where the ethical values of the institution are informed.
5) internal Control system
6) self-assessment
The employees must sign the confidentiality agreement.
The employees must sign the confidentiality agreement.
Through the chapter of the sanctions established in the law of public function 41-08, where it establishes by degree the sanction that will be applied depending on the case. This is done via HR with the approval of the members of the plenary.

The highest authority of the Chamber of Auditors is the full membership, composed of all its members and permanent direction is in charge of the President of the Chamber, responsible for the quality of all the work carried out in it. All processes executed by the Chamber of Accounts must be approved by the full membership.
YES, The highest authority of the Chamber of Auditors is the full membership
Not Applicable
not applicable
We are governed by the decree that establishes the functioning of the Commissions of public ethics (CEP) and Repeals decree No. 149-98, which creates the CEP. Given on April 26, 2017. In turn we have an approved institutional ethics handbook and in the year 2004, which is part of the Compendium of the Audit guides. In the year 2013, through an external consultant a review of this code of ethics was made and updated according to the requirements of the ISSAIs.
code of ethics was made and updated according to the requirements of the ISSAIs.

20
ECA
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
a) This has been described in the above mentioned document on allocation of resources and roles and responsibilities, in the context of the reform of our institution undertaken in 2016;
b) Use of experts by ECA is governed by internal rules and standard agreements have been developed by our Legal Service to that effect (General conditions for supply services and work contracts at the ECA).
c) The chamber reading and approval process addresses these issues (covered by the Implementing rules of the Rules of procedure of ECA).
d) Idem
e) Idem
f) See 3 above
a) This has been described in the above mentioned document on allocation of resources and roles and responsibilities, in the context of the reform of our institution undertaken in 2016;
b) Use of experts by ECA is governed by internal rules and standard agreements have been developed by our Legal Service to that effect (General conditions for supply services and work contracts at the ECA).
c) The chamber reading and approval process addresses these issues (covered by the Implementing rules of the Rules of procedure of ECA).
d) Idem
e) Idem
F) ECA quality control system is based on ISSAI 40 and ISQC1. It is described in the ECA rules of procedure and its implementing rules, further explained in our Vademecum of General Audit Procedures (VGAP), and complemented by specific documents relating to quality control framework both at general level and at individual chamber level.

We have a comprehensive ethical framework based on ISSAI 30 (also using the EUROSAI guidance on how to implement ISSAI 30), and ISSAI 40 and set out in the ECA rules of procedure and the Rules for implementing the rules of procedure. In addition, there are a number of documents addressing specific issues, such as:
- Decision setting out a procedure for providing reasonable assurance that the ECA complies with the relevant ethical requirements;
- Decision laying down Ethical Guidelines for the ECA;
- Decision establishing the Ethics Committee.
1) ISSAI's.
2) Decision laying down Ethical Guidelines for the ECA.
3) Decision establishing the Ethics Committee.
In addition to well-established processes for EQCR and quality assurance, within the Directorate for Quality Control (DQC) we have assigned contact officers to each chamber who follow the progress of their work, and advise them on the quality and methodology advice and support we can provide, and facilitate issue analysis and drawing conclusions processes.
well-established processes for EQCR and quality assurance, Directorate for Quality Control (DQC)
A specialized independent financial irregularities panel has been set up within the ECA. Its role is to examine any infringement by staff or member of the Court of the provision of the EU financial regulation or of any rule relating to financial management to determine whether a financial irregularity has occurred and what consequences, if any, there should be.
The ECA has established rules of procedure for providing information in the event of serious irregularities (whistleblowing) which define the rights and obligations of the respective parties, information channels, as well as protection for whistleblowers against any form of retaliation.
ECA has also issued a decision on the protection of persons working at the ECA against harassment.

ECA operations are overseen by the College and Administrative Committee who examine and approve all key documents.
ECA operations are overseen by the College and Administrative Committee who examine and approve all key documents.
not applicable
not applicable
The ECA Ethical Framework (see under point 7) is available on our corporate intranet. The Ethical Framework is updated on a regular basis. Before 15 January of each year, the Secretary General sends an email to the ECA President, members and all staff engaged in audit tasks with a reminder about the ECA’s ethical requirements.
available on our corporate intranet. The Ethical Framework is updated on a regular basis. Before 15 January of each year, the Secretary General sends an email to the ECA President, members and all staff engaged in audit tasks with a reminder about the ECA’s ethical requirements.

21
Egypt
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
The relevant data mentioned in question 6 are supported by a number of decisions issued by the Presidency of ASA on job description of the ASA staff assigned to perform field audit and the supervisory level of audits manager as well as addressing controversial issues that appear during the inspection procedures and the ways of solving it, documentation and notifying relevant departments and circulate it to other ASA departments, for example:
- Decision of the ASA President concerning technical employees, auditors, comptrollers and higher level of management and its amendments.
- Decision of the ASA President to develop Egyptian auditing standards.
- Decision of the ASA President to be commited to adopt code of ethics of the practitioners of accounting and auditing profession.
- Circulars issued by ASA deputies on their respective central departments within the terms of competence on resolving controversial problems which appear during audit process and documentation it and circulation to concerned and affiliated departments after solving and issuing related reporting.
decisions issued by the Presidency of ASA on job description of the ASA staff assigned to perform field audit and the supervisory level of audits manager as well as addressing controversial issues that appear during the inspection procedures and the ways of solving it, documentation and notifying relevant departments and circulate it to other ASA departments.
The ASA has a compile of standards, policies and procedures established and implemented to commit its staff to the code of ethics governing the profession and reducing risks that affects the quality of work among which is the following:
• Personnel regulations and discipline regulation has addressed workers duties entire chapter on ethical behavior that employers should enjoy that enhance integrity, objectivity, professional efficiency, necessary measures and confidentiality.
• Code of ethics for practitioners of accounting and auditing profession and approved by the head of the ASA.
• Having policies to prevent risks resulting from to (limiting the duration during which the members of the SAI being assigned in each audited entity.
• Presence of policies that prevent risks threatening independence or misuse .

The ASA verifies soundness of the violation any non-compliance referring it to the competent department to investigate the audit work of employee without giving any information about who reported it, in case the violation is confirmed it will be reported to relevant investigation department for taking necessary action according to the staff regulations.

The Central Administration of Technical Inspection and Quality Control perform periodic audit of ASA performance members technical and their issued reports and compare the reports issued - to the planned actions - to ensure the quality of audit process outputs, as well as guaranteeing that examination of the policies and procedures and International and Egyptian Standards were implemented and ensures its annual observations on standards that might reveals the shortcomings and how to address it that ensures continuing education and upgrading the performance of the SAI's technical members.
The Central Administration of Technical Inspection and Quality Control perform periodic audit of ASA performance
ASA does not practice Judiciary activities, but sometimes refers the issues that require investigating to the investigation authorities, this may require that ASA provide advice and consultancies on the referred cases if necessary upon request from the investigating authorities.
ASA does not practice Judiciary activities, but sometimes refers the issues that require investigating to the investigation authorities, this may require that ASA provide advice and consultancies on the referred cases if necessary upon request from the investigating authorities.
The ASA is committed to all matters concerning the code of Ethics, where the ASA has issued in 1-12-2009 a decision to adopt Egyptian code of ethics and behavior of the practitioners of accounting and auditing profession, requires from auditors' appointed by the SAI of those engaged in the practicing audit outside the government scope to abide by a number of principles as integrity, honesty, justice and their credibility and impartiality, transparency, objectivity and professionalism.
The ASA is committed to all matters concerning the code of Ethics

22
Estonia
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
All those procedures/principles are regulated by audit manual (except f, which is more the question of personal opinion). Corresponding documents include guidelines, auditors working papers, minutes of meetings and internal negotiations etc.
1) audit manual (except f, which is more the question of personal opinion). 2)Corresponding documents include guidelines, auditors working papers, minutes of meetings and internal negotiations etc.
Ethical dilemmas are solved according to code of ethics and (in case of need) with discussion with commissioner of ethics.
code of ethics
There are a number of procedures to avoid these risks, most important are probably separation of functions (“four eyes”) principle and several internal reviews during every audit process.
separation of functions (“four eyes”) principle and several internal reviews during every audit process.
So far, we have almost no significant issues with non-ethical behavior, therefore it’s hard to elaborate anything.

Yes, it is the internal control system of our office and it works as internal control systems usually do (risk assessment, different internal controls, monitoring of activities etc).
Yes, internal control system (risk assessment, different internal controls, monitoring of activities etc).
N/A
not applicable
Updating the CoE is part of the major update of audit manual. The CoE don’t usually change so much, but we plan to introduce the more specific guidelines with case studies and FAQ. Trainings/discussions are a part of this update.
Updating the CoE is part of the major update of audit manual. The CoE don’t usually change so much, but we plan to introduce the more specific guidelines with case studies and FAQ. Trainings/discussions are a part of this update.

23
Fiji
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
a) The QA team has work plan approved by the Auditor General and mostly high risk audits having high reputational risk are reviewed before Auditor General signs the opinion for example Financial Statements for Government.
b) The SAI has an Audit Qualification Committee in which the SAI Executives are members chaired by Auditor General. This committee is responsible for resolving difference of opinion and any contentious issues.
c) The QA reports are tabled in Executive Committee meeting for discussion.

a) The QA team has work plan approved by the Auditor General and mostly high risk audits having high reputational risk are reviewed before Auditor General signs the opinion for example Financial Statements for Government.
b) The SAI has an Audit Qualification Committee.
c) The QA reports are tabled in Executive Committee meeting for discussion.

Conflict of Interest Policy and Conflict of Interest Declaration Form (filled annually by employees)
1) Conflict of Interest Policy 2) Conflict of Interest Declaration Form
Quality Assurance Function
Quality Assurance Function
Appropriate action is taken against staff on non-compliance with ethical values depending on the degree of the breach.

1. Auditing (Core Business) – a Quality Assurance Team is responsible for ensuring that quality is maintained. Also the Audit Teams are responsible for ensuring quality control with the guidance of checklists.
2. The SAI has in-house internal audit type function. This is where SAI auditors conduct internal audit for SAI Admin/Finance sections.

YES, 1. Auditing (Core Business) – a Quality Assurance Team
2. The SAI has in-house internal audit type function.
N/A
not applicable
The SAI follows the INTOSAI Code of Ethics. This is disseminated to all staffs via refreshers trainings and staffs inductions.
The SAI follows the INTOSAI Code of Ethics. This is disseminated to all staffs via refreshers trainings and staffs inductions.

24
Georgia
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
a. Starting 2019 all audits are performed in AMS (Audit Management Software) program and are monitored by QCR (Quality Control Reviewers). All work performed by QCR Team is documented in AMS program in each stage of audit (i.e. planning, execution and reporting).
b. In case of difficult or contentious issues, discussion is held between audit and QCR Teams. They jointly come to decision, whether to resort to technical expert, prepare meeting protocol, send it to Head of Audit Department in order to use expert’s service, in case of need.
c. If any differences of opinion arise between team members or between QCR and Audit Team members, they discuss this matte, and protocol the meeting. In case, if they do not come to any acceptable decision, they follow the manual and approach the next level of management to resolve the problem.
d. Fostering audit quality is one of the key strategic goals in SAOG revised 2018-2022 Development Strategy (1 of 5 top priorities). Commitment to quality is reinforced by consistent tone at the top from leadership and middle management at all levels of the organization. The leadership of the SAOG communicates its mandate, vision, core values and strategy to staff through the key documents, newsletters and statements issued to all staff of the SAOG through the behaviours exhibited by the leadership team itself.
e. No audit report is issued without HD, DAG or AG corresponding review, discussion and approval. All approvals are properly documented and kept in audit files.
f. All auditors have a role to play in contribution to a quality-oriented culture and ensure that they produce audits that meet the highest professional standards. Each auditor has a personal responsibility for quality and is expected to comply with SAOG policies and procedures.
Key performance indicators (KPIs) used in performance evaluation of audit staff, and incentive decisions are centred on audit quality. Moreover, quality messages underpin all trainings, workshops and seminars offered to audit staff.

a. AMS (Audit Management Software) monitored by QCR (Quality Control Reviewers).
b. In case of difficult or contentious issues , discussion is held between audit and QCR Teams.
c. If any differences of opinion arise between team members or between QCR and Audit Team members, they discuss this matte, and protocol the meeting. In case, if they do not come to any acceptable decision, they follow the manual and approach the next level of management to resolve the problem.
d. Fostering audit quality is one of the key strategic goals in SAOG revised 2018-2022 Development Strategy (1 of 5 top priorities).
e. No audit report is issued without HD, DAG or AG corresponding review, discussion and approval.
f. All auditors have a role to play in contribution to a quality-oriented culture and ensure that they produce audits that meet the highest professional standards.
quality messages underpin all trainings, workshops and seminars offered to audit staff.

The SAO Law (Art 20.6 and 32) and the Code of Ethics require that SAOG auditors are compliant with the principles of independence, professionalism, honesty, political neutrality. Auditors sign confirmation of compliance with the Code of Ethics at the beginning of each year via intranet. Also, prior to an engagement, the audit team members sign a ‘confirmation of independence’.

1) The SAO Law 2)Code of Ethics 3) Auditors sign confirmation of compliance with the Code of Ethics at the beginning of each year 4) confirmation of independence.

SAOG implements an operational ethics control system to identify and analyse ethical risks, to mitigate them, to support ethical behaviour, and to address any breach of ethical values, SAOG has also recently assessed its vulnerability and resilience to integrity violations, through voluntary self- assessment with IntoSAINT tool.
1) operational ethics control system 2) assessed its vulnerability and resilience to integrity violations, through voluntary self- assessment with IntoSAINT tool.
• Waivers of ethical requirements are not granted. Disciplinary proceedings are initiated against staff alleged of non-compliance with the requirements of the Code of Ethics. Such cases are reviewed by the Ethics Committee, comprising 5 members appointed by the Auditor General.
• The names of those, who report any suspected wrongdoing remain protected.

The Audit Quality Assurance Department (AQAD) is overseen by DAG. The authority and powers of the department are set forth in the Rules of Procedure of SAOG. More specifically, QAD is responsible for:
• Development of quality control policies and procedures;
• Continuous monitoring of SAOG’s system of quality control to evaluate:
o Adherence to professional standards and applicable legal and regulatory requirements;
o Whether the system of quality control has been appropriately designed and effectively implemented; and
o Whether SAOG’s quality control policies and procedures have been appropriately applied, so that SAOG reports are appropriate in the circumstances.

YES, The Audit Quality Assurance Department (AQAD)
N/A-SAOG has no jurisdictional activities on its audit work.
not applicable
During 2018 the revised Code of Ethics, policy documents and training materials where developed within the framework of the project “Institutional Strengthening of the State Audit Office of Georgia” supported by the EU experts. The SAO Law requires all SAO auditors, as well as experts contracted by the SAOG to comply with the requirements laid out in the Code of Ethics (Based on ISSAI 30 – “Code of Ethics”).
During 2018 the revised Code of Ethics, policy documents and training materials where developed within the framework of the project “Institutional Strengthening of the State Audit Office of Georgia” supported by the EU experts. The SAO Law requires all SAO auditors, as well as experts contracted by the SAOG to comply with the requirements laid out in the Code of Ethics (Based on ISSAI 30 – “Code of Ethics”).

25
Grece
Yes
yes
no
NO
no
no
no
NO
yes
yes
no
NO
In implementation of its statutory law (cf. article 39 par. 4 of Law No. 4129/2013 “Code of Laws for the Hellenic Court of Audit” providing that all audits are carried out in accordance with the ISSAIs), the HCA adopted in June 2016 an in-house drawn and developed “Audit Manual” (in Greek) conforming to the ISSAIs. The Manual elaborates the prerequisites for the functioning of the SAI in the field of audit as well as the fundamental auditing principles for Financial, Compliance and Performance Audits based on ISSAIs (Level 2 & 3). It also articulates general auditing guidelines as well as guidelines on specific subjects for Financial and Compliance Audits (Level 4 of the relevant ISSAIs).
To complete the aforementioned enunciation of article 39, the HCA is in the process of finalizing the elaboration of its “Performance Audit Manual”.

“Code of Laws for the Hellenic Court of Audit” “Audit Manual”
Mostly fulfilled.
Mostly fulfilled.
Partly fulfilled.
Partly fulfilled.
Non-compliance with ethical values is treated in accordance with the rigorous legal framework,based on three pillars (Constitution, codes of judges and judicial employees as well as the code of laws for the HCA), which rules both judges and auditors, enunciates clear and consistent principles, delineates their obligations and provides for disciplinary mechanisms.
In implementation of the above, the HCA audit manual analyses the concrete steps to be taken in the course of audits in order to deal with facets of professional misconduct.

The HCA has not yet established a highly specific system ensuring that all the objectives and priorities within the SAI conform to quality.
The aforementioned draft of the “ new HCA regulation” explicitely reiterates the importance of a multiannual Strategic Plan in the context of which assessment of quality is of high priority.

NO, HAS NOT YET
The HCA, as the Supreme Financial Court of Greece, exercises its jurisdictional function according to Laws Nos 4129/2013 (see above under point 6), and 4270/2014, "Organic Budget Law", respectively including substantive provisions regarding the liability of public accountable officers as well as procedural provisions. Furthermore, par. 3.2. of the aforementioned audit manual relates to quality control of the Court’s jurisdictional activity.
It is worth noting that even though some INTOSAI principles, standards and guidelines mention jurisdictional SAIs (c.f. ISSAI 1, I.2.3; ISSAI 10: good practices; ISSAI 11; ISSAI 12: Value and Benefits of SAIs, which mentions the power to impose sanctions or to carry out jurisdictional control on public finances when the public interest is at stake; ISSAI 100, 15 and 51, recognizing the importance of SAIs with jurisdictional functions by mentioning the possibility of issuing judicial decisions; ISSAIs 400 and 4000 on compliance audit, in particular ISSAI 4000, 144 -concerning sufficient and appropriate audit evidences- and 57, a –regarding identification of persons who may be held responsible for non-compliance acts; INTOSAI Code of Ethics ISSAI 30), there is no complete written standard for this specific kind of institutions.

Laws Nos 4129/2013 (see above under point 6), and 4270/2014, "Organic Budget Law",
It is worth noting that even though some INTOSAI principles, standards and guidelines mention jurisdictional SAIs (c.f. ISSAI 1, I.2.3; ISSAI 10: good practices; ISSAI 11; ISSAI 12: Value and Benefits of SAIs, which mentions the power to impose sanctions or to carry out jurisdictional control on public finances when the public interest is at stake; ISSAI 100, 15 and 51, recognizing the importance of SAIs with jurisdictional functions by mentioning the possibility of issuing judicial decisions; ISSAIs 400 and 4000 on compliance audit, in particular ISSAI 4000, 144 -concerning sufficient and appropriate audit evidences- and 57, a –regarding identification of persons who may be held responsible for non-compliance acts; INTOSAI Code of Ethics ISSAI 30), there is no complete written standard for this specific kind of institutions.

Besides the aforementioned (see point 7) legal framework, the HCA “Audit Manual” includes a concise and comprehensive Code of Ethics, conforming to the ISSAIs and the said national legislation. The Manual aims to elaborating, disseminating and implementing ethical prerequisites, though not including any provision regarding its update.
In addition, the abovementioned draft “new HCA regulation” points out the principles of Integrity, impartiality and confidentiality as core requirements for all staff.

26
Guatemala

27
Honduras
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
The quality control manual based on ISSAI 40 is currently being prepared, which contains the regulations, policies and procedures to guarantee the quality of the audits.
The quality control manual based on ISSAI 40 is currently being prepared
In addition to the code of ethics, ethical conduct is regulated in the TSC law, and this regulation is included in the quality control manual.

1) code of ethics 2) TSC law 3) quality control manual.

If this regulation does not apply, yes.
If this regulation does not apply, yes.
We have an institutional strategic plan for the next five years aligned to the objectives of the EFS, which works through the monitoring of the Management of Processes and Institutional Planning.

The penalties are penalized with fines until the dismissal of the charge, if the lack is serious and the law contemplates the protection of the identity of those who denounce, also these denunciations can be done anonymously and inside the TSC there is an ethics committee that gives process to this type of complaints. Additionally, a unit called internal investigations was created in the new structure of the TSC to investigate inappropriate behaviors of TSC employees.
The penalties are penalized + internal investigations unit
Our SAI does not have jurisdictional functions.
not applicable
The code of ethics of the Higher Tribune of Honduran accounts was developed with the participation of all the personnel, which was disclosed through sessions with each of the areas, and this one of resent implementation has not been updated.
The code of ethics of the Higher Tribune of Honduran accounts was developed with the participation of all the personnel, which was disclosed through sessions with each of the areas, and this one of resent implementation has not been updated.

28
Hungary
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
1. SAO’s quality management guide (updated regularly) – A guide to the practical aspects of SAO’s quality management prepared and updated by the Quality Management and Monitoring Unit (QMMU).
2. Circular of SAO’s President about the mandatory tasks to be completed in the audit phases – Clear definition of tasks, managerial/supervisory authorities and responsibilities in each audit phase, rules of data collection, handover/takeover, raising suspicion, certain precautionary measures, etc.
1. SAO’s quality management guide
2. Circular of SAO’s President about the mandatory tasks to be completed in the audit phases
In 2012 SAO published (and in 2017 updated) the document titled ‘Basic principles of Ethics at SAO’, listing general ethical principles and values. The document has been prepared by taking the ISSAI 30 standard into consideration. Between 2012 and 2017, SAO prepared numerous internal governance instruments containing ethical requirements, and such ethical requirements have also been embodied in controls regarding the financial management of SAO, the employment of external experts and the various phases of SAO audits. Staff members need to make professional declarations as regards their familiarity with the rules of data protection, and social media appearances. Also, an online course is available for each staff member about integrity, consciousness and ethical behaviour. When starting an audit, each auditor’s suitability for the given task is checked and verified (in terms of professional qualification and any conflict of interest).
1) Basic principles of Ethics at SAO 2) Staff declarations as regards their familiarity with the rules of data protection, and social media appearances. 3) online course 4) When starting an audit, each auditor’s suitability for the given task is checked and verified (in terms of professional qualification and any conflict of interest).
The first phase of each audit assignment is the risk analysis phase. This is when the proposed audit subjects are collected, and the department responsible for risk analysis collects, organises, evaluates and analyses the generated external and internal information. Also, the Draft Audit Programmes are discussed and commented on with the involvement of the units responsible for legal support, planning, risk analysis and methodology, and recommendations are made on possible amendments. The ‘principle of four eyes’ is applied, which means that the comments of all the managers of the supporting units are expressed at one location, at one time and in a synthesized way. Also, all documents and audit papers are reviewed by another colleague not participating in the audit, thus ensuring that the ‘principle of four eyes’ is in use.
1) The first phase of each audit assignment is the risk analysis phase. 2) the Draft Audit Programmes are discussed and commented on with the involvement of the units responsible for legal support, planning, risk analysis and methodology, and recommendations are made on possible amendments. 3) ‘principle of four eyes’ 4) all documents and audit papers are reviewed by another colleague not participating in the audit, thus ensuring that the ‘principle of four eyes’ is in use.
SAO has its own procedures in place as regards the handling of any events, risks or problems corrupting the integrity of the organisation. SAO handles all these issues in an integrated and centralized manner, paying special attention to the protection of whistleblowers. The whole process is fully documented, with clear authorities and responsibilities.

Please refer to the answer given to question 2 about the phasing procedure.
yes, The State Audit Office of Hungary (SAO) transformed the whole process of its audits in 2012, which has been continuously improved since then. The whole audit process has been divided into 7 well-separated phases. Each phase has a manager responsible for implementation and a manager for supervision. The performance of the whole process is monitored by an independent department. For the clear segregation of the responsibilities, each phase is closed with a control point and the acceptance of a document of pre-defined structure.
N/A
not applicable
The Strategy of the SAO features full compliance with ethical regulations as one of its fundamental values.
In 2012 the 'Principles of Ethics of the State Audit Office of Hungary' was published, containing general ethical principles and values, prepared in line with the ISSAI 30 standard. Following the revision of ISSAI 30, SAO also revised its ethical norms and identified the areas in need of further measures. The first document renewed was the Principles of Ethics to be followed by the update of internal guides and regulations.
SAO’s integrity procedures as well as the quality management guide and the President’s circular (that is, the documents regulating ethical issues) are regularly reviewed an updated. They are disseminated between colleagues electronically and in most cases colleagues are expected to also fill in a test to prove that they are familiar with the contents.
The Strategy of the SAO features full compliance with ethical regulations as one of its fundamental values.
In 2012 the 'Principles of Ethics of the State Audit Office of Hungary' was published, containing general ethical principles and values, prepared in line with the ISSAI 30 standard. Following the revision of ISSAI 30, SAO also revised its ethical norms and identified the areas in need of further measures. The first document renewed was the Principles of Ethics to be followed by the update of internal guides and regulations.
SAO’s integrity procedures as well as the quality management guide and the President’s circular (that is, the documents regulating ethical issues) are regularly reviewed an updated. They are disseminated between colleagues electronically and in most cases colleagues are expected to also fill in a test to prove that they are familiar with the contents.

29
Italy

30
Japan

31
Jordan
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
The audit plan and procedures are reviewed by the head of the control unit, and a copy of those procedures is sent for review and approval by the concerned department in the Audit Bureau and by the Directorate of Quality Assurance.

In the case of difficulties in performing audits, the expertise available in the Audit Bureau is used.

In the case of certain problems, these problems are resolved through consultation between the members of the regulatory tasks team and the team leader.

The regulatory reports are issued through the procedures and policies approved by the Audit Bureau, starting from the formation of preliminary conclusions and evaluation, and sending a draft report to the administration of the Audit Bureau to be studied and reviewed with the auditing team to form a conviction on the form and content of the final regulatory report.

Quality is essential from the preparation of the audit process, the preparation of the comprehensive audit plan, the implementation of audit procedures, the evaluation of findings, and the issuance of the report.

The audit plan and procedures are reviewed by the head of the control unit,

In the case of difficulties in performing audits, the expertise available in the Audit Bureau is used.

In the case of certain problems, these problems are resolved through consultation between the members of the regulatory tasks team and the team leader.

The regulatory reports are issued through the procedures and policies approved by the Audit Bureau.

yes
yes
yes
yes
The Audit Bureau form commissions of inquiry in case of non-compliance with ethical requirements.

The Audit Bureau has procedures and policies designed to ensure that all objectives and priorities within the Audit Bureau are consistent with quality

The objectives and priorities of the Audit Bureau defined by the strategic plan of the Audit Bureau for the years (2016 – 2020) are consistent with the quality system as follows:

(4) Key objectives were adopted in the strategic plan of the Audit Bureau:
• Complete independence and work with professional methodology and standards.
• Stressing the principle of pioneer and institutional excellence.
• Reliable and high quality audit reports.
• Enhancing cooperation and communication with relevant parties.

The Strategic Plan included the following priorities:
• Seek the full financial and administrative independence of the Audit Bureau (this goal was achieved at the end of 2018).
• Continue to build and develop the institutional capacity of the Audit Bureau.
• Compliance with professional standards and audit guidelines.
• Improving the quality of regulatory operations and their outputs.

The Audit Bureau has procedures and policies designed to ensure that all objectives and priorities within the Audit Bureau are consistent with quality

strategic plan of the Audit Bureau for the years (2016 – 2020) are consistent with the quality system

The Audit Bureau does not refer the case directly to the Public Prosecutor, but the House of Representatives (the Finance Committee) refer some of the cases emanating from the reports of the Audit Bureau to the Public Prosecutor. The Audit Bureau follows up the proceedings on these cases with the Public Prosecutor and the department concerned. And the file on any case is closed only after the decision of the court has been handed down and executed.
The Audit Bureau does not refer the case directly to the Public Prosecutor, but the House of Representatives (the Finance Committee) refer some of the cases emanating from the reports of the Audit Bureau to the Public Prosecutor. The Audit Bureau follows up the proceedings on these cases with the Public Prosecutor and the department concerned. And the file on any case is closed only after the decision of the court has been handed down and executed.
There is a Code of Ethics and Ethics of the Public Service, which is adhered to by all employees of the Audit Bureau, and are constantly updated.
There is a Code of Ethics and Ethics of the Public Service, which is adhered to by all employees of the Audit Bureau, and are constantly updated.

32
Kazakhstan
Yes
yes
No
NO
yes
yes
yes
yes
yes
yes
yes
yes
The Quality control system in our SAI is regulated by the Constitution of the Republic of Kazakhstan, the Law of the Republic of Kazakhstan dated 12 November, 2015 No.392-V, the Rules on Conducting the External State Audit and Financial Control dated 30 November, 2015 No.17-НҚ, Statute on the Accounts Committee for Control over Execution of the Republican Budget approved by the Decree of the President of the Republic of Kazakhstan dated 5 August, 2002 No.917, the Regulation of the Accounts Committee, the Procedural Standard of the External State Audit and Financial Control on Carrying out Quality Control by the External State Audit and Financial Control Bodies dated 31 March, 2016 No.5- НҚ, the Methodological Guidelines on Applying Procedural Standard of the external state audit and financial control on Carrying out Quality Control by the External State Audit and Financial Control Bodies dated 15 June, 2016 No.101- НҚ, Statute of the Department dated 31 July 2018 No.124- НҚ.
The Quality control system in our SAI is regulated by the Constitution of the Republic of Kazakhstan,
The Rules of professional ethics of state auditors, approved by the Regulatory Decree of the Accounts Committee for control over execution of the republican budget dated 31 March, 2016 No.5- НҚ
The Rules of professional ethics of state auditors
Qualification and professionalism
Qualification and professionalism
There is an Ethics Commissioner in our SAI, who considers the appeals

The Working Plan, Minutes of the Meetings, Orders on core activities
yes, The Working Plan, Minutes of the Meetings, Orders on core activities
The functions of investigations and judgments are not under the competence of SAI
not applicable
The Rules of professional ethics of state auditors, approved by the Regulatory Decree of the Accounts Committee for control over execution of the republican budget dated 31 March, 2016 No.5- НҚ are used and applied in the SAI
The Rules of professional ethics of state auditors, are used and applied in the SAI

33
Kuwait
Yes
yes
No
NO
No
no
No
NO
No
no
No
no
The Audit Bureau shall prepare policies and procedures to ensure quality assurance at all stages of the audit and in the control manuals and products by activating the audit quality system in the practice of supervisory work

The strategy of the SAI, Code of ethics
1) The strategy of the SAI, 2) Code of ethics
The strategy of the SAI, Code of ethics
1) The strategy of the SAI, 2) Code of ethics

AMS – Audit Management System) For our external auditors.
(UML guideline) for all procedures.
And in near future the SAI will adopt the latest standards related to quality assurance.

yes , AMS – Audit Management System) For our external auditors.
(UML guideline) for all procedures.
And in near future the SAI will adopt the latest standards related to quality assurance.

According to SAI law ( 1964 / 30 ) we can request all financial reports.
The disciplinary court shall summon officials in the relevant institutions and may take appropriate measures.

All auditors have to take a training course on code of ethic in periodic time and they must comply all the code of ethic. In addition, there is a review on the code of ethics each five years.
All auditors have to take a training course on code of ethic in periodic time and they must comply all the code of ethic. In addition, there is a review on the code of ethics each five years.

34
Latvia
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
See the answer to Question 3.
In addition, we would like emphasize that each of the above mentioned statements may be further developed in more than one document (regulation, process, and guideline). The internal regulations complement each other and should be perceived as a set of documents that contribute towards quality management improvements.

answer to Question 3: The QMS in the SAO is described in the following documents:
- QMS Manual
- SAO’s strategy
- SAO Regulation
- Work Process Descriptions explaining and reflecting operations of the SAO’s

The QMS is documented in 22 descriptions of work processes, seven of which are core (auditing) processes, three are management processes, and 12 are support processes.
The QMS is supervised by a QMS Expert and Audit Committee. Among others, QMS includes internal audit (in order to provide the assessment of the internal control system and improve its effectiveness) and compliance assessments - to provide the assessment of compliance of actions and QMS overall with external and/or internal legal acts, requirements for the QMS and international standards.
Each year the SAO’s officials are obliged to submit a “Declaration confirming the absence of any conflict of interest”.
In addition to internal regulations, there are training sessions organized on prevention of the conflict of interest in the work of State officials.

1) The QMS is documented. 2) The QMS is supervised by a QMS Expert and Audit Committee.
3) Declaration confirming the absence of any conflict of interest.
4) training sessions.

See answers to Questions 2 and 7b).
The Quality Management System (QMS) Audit quality control measures
Audit quality assurance measures

To treat any non-compliance with ethical values the Ethics Commission is established, which is responsible for evaluation of all signals and reports on any wrongdoing. In addition to the SAO’s Code of Ethics, also a Handbook of the Code of Ethics is in place.

Yes, all the objectives/priorities defined in the SAO’s strategy are cascaded down the ‘hierarchy’ – “translated” into measures and activities with deadlines and responsible officials, information and reporting lines clearly established, quality control and assurance interventions prescribed by internal regulations and processes. Implementation progress of all the priorities are measured quarterly by the Planning and Analysis Division, and the results reported to the Council.
Yes, the SAO’s strategy
N/A
not applicable
The SAO has a Code of Ethics that is applicable to the institution and to all its personnel. The SAO’s officials and employees should comply with the basic principles of professional ethics established in the Code of Ethics and general behavioral norms, thus promoting compliant and efficient service to the public, improving work culture at the institution and strengthening the confidence of audited entities and the public in the SAO.
The Code of Ethics lays down five fundamental principles of ethics: honesty, objectivity, professional competence, confidentiality and professional conduct.
To help the SAO’s officials and employees to practically understand and observe the fundamental principles of conduct determined in the Code of Ethics in everyday work, the Handbook on the Code of Ethics has been developed. As well as the Ethics Commission has been established with the goal to strengthen the norms of professional ethics in accordance with the objectives and tasks of the SAO and to promote the activity of the SAO’s officials and employees pursuant to the requirements laid down in the Code of Ethics.

The Code of Ethics is disseminated among SAO’s employees, as well as it is available on the SAO’s webpage. It is a must that the newly recruited employees get acquainted with the Code of Ethics during the first week of work.

The SAO’s officials and employees should comply with the basic principles of professional ethics established in the Code of Ethics and general behavioral norms.
, the Handbook on the Code of Ethics has been developed.

35
Lithuania
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
The Manual on the Quality Assurance of Public Audits
Performance Audit Manual
Financial and Compliance Audit Manual
Information Technology Audit Manual.
1) The Manual on the Quality Assurance of Public Audits
2) Performance Audit Manual
3) Financial and Compliance Audit Manual
4) Information Technology Audit Manual.
The Code of Institutional Ethics establishes the requirements of ethical conduct of staff working at the National Audit Office.
The Commission on Ethics considers appeals and information on the compliance of staff actions to the requirements of legal acts regulating institutional ethics or conduct; investigates infringements of ethical conduct; develops measures for prevention of infringements of ethical conduct norms.
Code of Institutional Ethics
The Manual on the Quality Assurance of Public Audits defining the monitoring of quality control system.
The Process management policy defining risk assessment and management including also the audit quality.

The Manual on the Quality Assurance of Public Audits
The Process management policy
The Commission on Ethics considers appeals and information on the compliance of staff actions to the requirements of legal acts regulating institutional ethics or conduct; it investigates infringements and undertakes the necessary preventive actions.

The Process management policy and procedures defining the risk assessment and management including the achievement of the supreme audit institution goals.
yes, The Process management policy and procedures defining the risk assessment and management
N/A
not applicable
There is in place the approved Code of Institutional Ethics of the National Audit Office that establishes the values of institutional ethics, behaviour representing these values (principles of ethics) as well as general and special requirements for staff, working at the National Audit Office, in the discharge of their duties at the National Audit Office and outside their work at the National Audit Office.
The Code of Institutional Ethics is being updated, supplemented and amended following changes in regulation and upon the necessity.

There is in place the approved Code of Institutional Ethics of the National Audit Office that establishes the values of institutional ethics, behaviour representing these values (principles of ethics) as well as general and special requirements for staff, working at the National Audit Office, in the discharge of their duties at the National Audit Office and outside their work at the National Audit Office.
The Code of Institutional Ethics is being updated, supplemented and amended following changes in regulation and upon the necessity.

36
Netherlands
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
a) See our answer to question 2.

b) Internal experts in different fields can be consulted when difficult or contentious issues. If necessary, external experts can also be consulted.

c) Differences of opinion can be documented in the audit file (see also our answer to question 14). The Board of the NCA has the final say regarding any report (see our answer to question e).

d) See our answer to question 2.

e) Reports can only be published after the NCA’s Board has read them, their comments have been addressed adequately and they have given permission to publish the report.

f) See our answer to question 2. Furthermore, in our strategy for 2016-2020 we have indicated that the quality of our work is a precondition: “[..] Proven quality standards and effective working methods from the basis for every product of ours. We like to set our sights high. The quality of our work must be beyond reproach, our findings incontestable and our recommendations carefully formulated. Each and every audit opinion of ours must be based on facts [...]”. In our annaul report we also pay a lot of attention to our quality management (what we do to ensure the quality of our work).
a) answer to question 2: The systems of Quality Control and Quality Assurance for our audit work consist of a number of components. The most important are:
1)The quality of our staff .
2)Quality control in audit projects
3)Quality control reviews during the course of an audit
4)Quality Assurance

b) Internal experts in different fields

c) Differences of opinion can be documented in the audit file .

d) See our answer to question 2.

e) Reports can only be published after the NCA’s Board has read them,

f) See our answer to question 2. Furthermore, in our strategy for 2016-2020 we have indicated that the quality of our work is a precondition
We have a code of ethics and an integrity policy within our institution. Furthermore, we have executed an IntoSAINT self-assessment in 2018 and also an integrity risk analysis specific for the Civil Service in the Netherlands. The results will be used to update our policy in the field of integrity and ethics in 2019.

1) code of ethics and an integrity policy within our institution. 2) IntoSAINT self-assessment 3) integrity risk analysis specific for the Civil Service in the Netherlands.
Risks that can affect the quality of audits and their mitigation have to be listed in the audit proposals (this is a mandatory element in the format). Audit teams and the responsible audit director have to monitor the identified risks and their mitigation, as well as emerging risks, during the course of an audit. If relevant and necessary, they have to discuss risks with the NCA Board.

Risks for the NCA as a whole were identified in 2018 in an institutional risk analysis. In 2019 the NCA will work further on the set up of an internal risk management system.

1) Risks that can affect the quality of audits and their mitigation have to be listed in the audit proposals (this is a mandatory element in the format).
2) an institutional risk analysis. 3) In 2019 the NCA will work further on the set up of an internal risk management system.

The Code of Ethics is actively brought under the attention of members of staff (including temporary staff) and discussed in the monthly general introduction for new members of staff.
When non-compliance with the Code of Conduct of the NCA by a member of staff is identified or suspected, this is can be addressed by their manager and/or their director (so in the hierarchical line in which the functioning and performance of members of staff is usually discussed).
Any member of staff can report suspected wrongdoing. If a member of staff suffers from unwanted manners, or has witnessed this and doesn’t want to raise it with their supervisor, then they can contact a “confidentiality counsellor”. Two internal members of staff hold this (part time) position and there’s also an external counsellor available. The NCA also has policy to protect “whistle blowers”. This policy is based on the general policy for whistle blowers for the Civil Service in the Netherlands.
All policy documents concerning the reporting of wrongdoing are available on the NCA’s intranet and are easy to find for all members of staff.

See our answer to question 2.
yes,
1)The quality of our staff .
2)Quality control in audit projects
3)Quality control reviews .
4)Quality Assurance .
N/A The NCA’s name perhaps suggests otherwise, but we don’t have a jurisdictional function.
not applicable
We have a Code of Ethics. This code was last updated in 2017. Our code of conduct consists of ISSAI 30 and the Code of Conduct for the Civil Service in the Netherlands.
The code is available on the NCA’s intranet and is easy to find for all members of staff.
The Code of Ethics is actively brought under the attention of members of staff (including temporary staff) and discussed in the monthly general introduction for new members of staff.

We have a Code of Ethics. This code was last updated in 2017. Our code of conduct consists of ISSAI 30 and the Code of Conduct for the Civil Service in the Netherlands.
The code is available on the NCA’s intranet and is easy to find for all members of staff.
The Code of Ethics is actively brought under the attention of members of staff (including temporary staff) and discussed in the monthly general introduction for new members of staff.

37
New Zealand
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
INTOSAI Performance Measurement Framework assessment (Detailed Assessment of the New Zealand Office of the Auditor-General against International Standards

INTOSAI Performance Measurement Framework assessment

We publish our standards:
https://www.oag.govt.nz/2017/auditing-standards/docs/01-introduction.pdf/view
We provided training and communicate the ways for staff/public to raise these.

1) standards. 2) training.

We build in quality controls into the work of the OAG and monitor compliance with these
We build in quality controls into the work of the OAG and monitor compliance with these
The SAI takes any matters raised seriously. In addition to this it is required to comply with the Protected Disclosures Act. The purpose of the Protected Disclosures Act 2000 (the Act) is to encourage people to report serious wrongdoing in their workplace by providing protection for employees who want to ‘blow the whistle’. This applies to public and private sector workplaces.

The Auditor-General is also an "appropriate authority" under the Act. This means that public sector employees who are concerned that there may be serious wrongdoing in their organisation are protected if they disclose information to us under the Act’s procedures. We deal with protected disclosures as part of our general inquiries work.

All of the work of the SAI is subject to review (peer and one-up). External reports require the approval of the Auditor-General to be released. The reporting for approval set out the nature of review/consultation these have been subject to.
yes,All of the work of the SAI is subject to review (peer and one-up). External reports require the approval of the Auditor-General to be released.
The SAI carries out inquiries on its own initiative or on request from a member of the public, an employee, a member of Parliament, or another organisation.

The SAI has the power to investigate into issues relating to public entities. The function is discretionary. No-one can make the Auditor-General investigate a matter. The focus is on the way public entities use their resources, including financial, governance, management and organisational issues. The Auditor-General's office is not an avenue for resolving individual complaints or concerns about how a public entity has handled a particular matter.

This work is performed in accordance with a published Standard the SAI has developed for this work. AG-6 Inquiries (contained within the Auditor-General’s Auditing Standard). The work also has specific QCs and is subject to QA.

This work is performed in accordance with a published Standard the SAI has developed for this work
Published Standard contained on the SAI’s intranet. Ongoing training.
Published Standard contained on the SAI’s intranet. Ongoing training.

38
Palestine
Yes
yes
No
NO
yes
yes
yes
yes
yes
yes
yes
yes
No Answer
NO ANSWER
We have two code of conducts one is special for the employees of the SAI another one is the one of the General Personnel Council of Palestine.
1) code of conduct, for the employees of the SAI. 2) code of conduct, for the General Personnel Council of Palestine.
Risk assessment of the audit tasks is done as a part of the quality control.
Risk assessment
The system of the complains of our SAI allow receiving complains from anonymous.

The first goal of the strategic is plan of the Sai is the reinforcement of the culture of the quality control of the SAI.
yes, strategic is plan
We are not following the system of jurisdictional activities.
not applicable
We have a code of conduct inside the SAI , making sure that the new employees understand it and implement it also. It was prepared since six years until now its not updated m with strong implementation of ISSAI 30.
We have a code of conduct inside the SAI , making sure that the new employees understand it and implement it also. It was prepared since six years until now its not updated m with strong implementation of ISSAI 30.

39
Papua New Guinea
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Audit Review Policy has been set up in TeamMate Audit System that the audit project will halt to finalize unless all the audit test procedures and working papers are being prepared by team members and reviewed by a team leader.
Audit Review Policy has been set up in TeamMate Audit System
PNG Public Sector Code of Ethics,
PNG Public Sector General Orders,
Handbook of the Code of Ethics for Professional Accountants, and
International Framework: Good Governance in the Public Sector.
1) PNG Public Sector Code of Ethics,
2) PNG Public Sector General Orders,
3) Handbook of the Code of Ethics for Professional Accountants, and
4) International Framework: Good Governance in the Public Sector.
ISSAI financial statements audits level 4 and
ISSAI compliance audits 4000 series
PNG Public Finance Management Act 2016

1) ISSAI financial statements audits level 4 and
2) ISSAI compliance audits 4000 series
3) PNG Public Finance Management Act 2016

Any noncompliance with Ethical Values is dealt in accordance with PNG’s Public Service General Orders – General Order No.15 ‘Officer’s Discipline (Non-Contract)’, and then depending on the seriousness of the matter, may be referred to Police or the legal system of PNG.

Yes. The tasks perform relating to objectives or priorities go through processes of reviews and approvals by the responsible people.
Yes. The tasks perform relating to objectives or priorities go through processes of reviews and approvals by the responsible people.
Forensic Audit and Investigations Team perform their duties in accordance with a set of requirements based on the type of activity.
Forensic Audit and Investigations Team perform their duties in accordance with a set of requirements based on the type of activity.
PNG Code of Ethics is for all the Public Sector entities to comply and therefore, PNG SAI is required to comply fully with the code of ethics.
PNG Code of Ethics is for all the Public Sector entities to comply and therefore, PNG SAI is required to comply fully with the code of ethics.

40
Peru
no
no
no
NO
no
no
no
NO
yes
yes
yes
yes
1. General Norms of Governmental Control.
2. Compliance Audit Manual.

Regarding the internal culture that recognizes that quality is essential, by means of Comptroller’s Resolution N ° 376-2012-CG, the Policy and Objectives of Quality was approved, in line with the purpose of the organization. It provides a frame of reference and commitment for its personnel.

Likewise, by Comptroller’s Resolution No. 192-2013-CG (updated by Resolution No. 157-2017-CG), a Quality Management Committee was formed, made up of representatives of Senior Management and officials with decision-making capacity in strategic areas of the organization.

1. General Norms of Governmental Control.
2. Compliance Audit Manual.

• Code of Ethics of Public Function.
• Directive N ° 010-2008-CG.
• Directive N ° 010-2018-CG.

Code of Ethics
• Directive No. 014-2016-CG / PROCAL "Quality and Continuous Improvement in Control Services and Related Services”
• Within the framework of the Quality Management System based on the ISO 9001 standard in its 2015 version, the procedure PR-SGC-11 "Risk Management" has been implemented, which is based on the ISO 31000 standard and the COSO ERM, which establishes the necessary activities for the identification, analysis, evaluation and treatment of the risks that affect the fulfillment of the institutional objectives; it considers the following types of risks: Strategic, Operational, Financial, Compliance, Technology, Quality, Image, Fraud and Corruption and Information Security.

• "Quality and Continuous Improvement in Control Services and Related Services”
• "Risk Management"

There is the Internal Audit Department and the Technical Secretariat of our SAI, who, based on the existing regulations, initiate the corresponding actions, should they detect any ethical breach by the personnel of the SAI of Peru.

As explained in questions 1 and 2, work is underway to define it.
answers to Q1: To date, the documents related to quality control in the SAI of Peru are under evaluation, in order to correct and implement internal policies that are reflected in the Management Manuals. This will lead to having a Quality Control System aligned to the standards of the ISSAI- 40. answer to Q2: documents related to quality control in the SAI of Peru are under evaluation, as specified in question N° 1, the scope is not defined.
As explained in questions 1 and 2, work is underway to define it.
answers to Q1: To date, the documents related to quality control in the SAI of Peru are under evaluation, in order to correct and implement internal policies that are reflected in the Management Manuals. This will lead to having a Quality Control System aligned to the standards of the ISSAI- 40. answer to Q2: documents related to quality control in the SAI of Peru are under evaluation, as specified in question N° 1, the scope is not defined.
The SAI of Peru has the Code of Ethics of the Governmental Auditor in Peru, approved by Comptroller's Resolution No. 077-99-CG. The aforementioned document brings together the set of principles, criteria and minimum values that guide the individual performance of the government auditor, in their internal activity within the National Control System, in the auditing functions and in its treatment of the areas and people on whom their work falls upon; with the goal that through their observance, the auditors perform their proper functions.

In accordance with the resolution approving the aforementioned document, previously the Recommendation Sheet No. 006-99-CG / STE was prepared, formulated by the then Technical-Legal and Ethics Secretariat of this Supreme Audit Institution.

For its dissemination, the institutional website (http://webserverapp.contraloria.gob.pe/CGR/BBL_NORMATIVAS/RC_077_99_CG.pdf) is used, notwithstanding the dissemination and/or training that the SAI Peru Training Center may provide on the subject. As part of their curriculum on ethics.

It should be noted that, although this Code is still valid, it is a considerably old document. Because of this, the regulations governing the management of ethics in the SAI of Peru are currently under review, and it is planned to have a Code of Ethics and Conduct of general scope for all the employees of the SAI of Peru, and not only for the audit staff.

For the formulation of this Code of Ethics and Institutional Conduct, a participatory methodology has been applied with the help of technical cooperation. This methodology involves running decentralized participatory workshops for the information gathering phase (which has already been completed), processing the collected information, collecting good international practices, structuring a draft document for validation with a participatory approach, making adjustments to the corresponding project, and design and implement a plan for its internalization, as well as for its subsequent monitoring or evaluation. All of this according to the OECD standards.

The SAI of Peru has the Code of Ethics of the Governmental Auditor in Peru,

For its dissemination, the institutional website, Peru Training Center may provide on the subject. As part of their curriculum on ethics.

a Code of Ethics and Conduct of general scope for all the employees of the SAI of Peru, and not only for the audit staff.

41
Philippines
Yes
yes
yes
yes
No
no
yes
yes
yes
yes
yes
yes
A. All audit work carried out is subject to review
• COA Memorandum No. 2016-023 dated November 14, 2016 – provides the guidelines on the Implementation of the Unified Audit Approach. It contains review and supervision responsibilities of directors, supervising auditors, and audit team leaders;
• Quality Inspection Tool under the Integrated Results and Risk-Based Audit (IRRBA) Manual documents the overall review and approval of the audit engagement.

B. When difficult or contentious issues arise, the SAI will resort to technical experts to help solving such issues, as appropriate.

• COA Resolution 2011-009 dated 20 October 2011 – Prescribing the use of IRRBA Manual and Forensic Audit Manual (FoAM) that includes the Audit Risk Assessment and Planning (ARAP) Tool (Form 02-07) where the auditor may consider to rely on the work of expert.

C. Any difference of opinion within the SAI is clearly documented and resolved before a report is issued.

The policy on EQCR which includes resolving differences of opinion is still pending for review and approval of COA executives.

D. SAI acknowledges the importance of quality control reviews of its audits and that the issues brought forth are resolved in a satisfactory manner before issuing a report.

E. The corresponding approval to issue a report.

• COA Memorandum No. 2016-023 dated November 14, 2016 – provides the guidelines on the Implementation of the Unified Audit Approach. It contains review and supervision responsibilities of directors, supervising auditors, and audit team leaders;

F. An internal culture that acknowledges that quality is essential in all jobs and at the stages of the audit process.

• Quality Inspection Tool under the Integrated Results and Risk-Based Audit (IRRBA) Manual documents the overall review and approval of the audit engagement.

A. guidelines on the Implementation of the Unified Audit Approach
Quality Inspection Tool under the Integrated Results and Risk-Based Audit (IRRBA) Manual documents

B. When difficult or contentious issues arise, the SAI will resort to technical experts to help solving such issues, as appropriate.
Prescribing the use of IRRBA Manual and Forensic Audit Manual (FoAM) that includes the Audit Risk Assessment and Planning (ARAP).

C. Any difference of opinion within the SAI is clearly documented and resolved before a report is issued (review and approval of COA executives).

D. SAI acknowledges the importance of quality control reviews of its audits and that the issues brought forth are resolved in a satisfactory manner before issuing a report.

E. The corresponding approval to issue a report.

• guidelines on the Implementation of the Unified Audit Approach.

F. An internal culture that acknowledges that quality is essential in all jobs and at the stages of the audit process.

• Quality Inspection Tool under the Integrated Results and Risk-Based Audit (IRRBA) Manual documents

• Adoption of ISSAI 30 on Code of Ethics;

• COA Resolution No. 2018-036 dated November 28, 2018 on the adoption of Commission on Audit Integrity Pledge;

• COA Resolution No. 2018-010 dated February 1, 2018 bearing the subject Revised Code of Conduct and Ethical Standards for Commission on Audit (COA) Officials and Employees.

• Adoption of ISSAI 30 on Code of Ethics;

• COA adoption of Commission on Audit Integrity Pledge;

• COA bearing the subject Revised Code of Conduct and Ethical Standards for Commission on Audit (COA) Officials and Employees.

• COA Memorandum No. 2016-023 dated November 14, 2016 provides the guidelines on the Implementation of the Unified Audit Approach. It contains review and supervision responsibilities of directors, supervising auditors, and audit team leaders;

• COA Memorandum No. 2014-008 dated August 28, 2014 bearing the subject Guidelines on the Implementation of the Unified/Integrated Audit Strategy;

• COA Memorandum No. 2014-008A dated October 1, 2014 bearing the subject Amendment of COA Memorandum No. 2014-008 dated August 18, 2014 re: Guidelines on the Implementation of the Unified/Integrated Audit Strategy;

• IRRBAM, Quality Inspection Tool – the overall review and approval of the audit engagement will be documented.

• COA Memorandum No. 2014-008 dated August 28, 2014 bearing the subject Guidelines on the Implementation of the Unified/Integrated Audit Strategy;

• IRRBAM, Quality Inspection Tool – the overall review and approval of the audit engagement will be documented.

The COA has created an Internal Affairs Office where it is lodged with performing investigative work on COA auditors with administrative cases. Its jurisdiction includes complaints on our auditors who are non-complying with the COA’s ethical values/requirements.

The Commission aims to strengthen its institutional and organization capacity and improve the quality of its services through the institutionalization of quality control systems and procedures. In this regard, COA adopted COA Resolution No. 2016-026 dated December 29, 2016 to institutionalize the structure, mechanism and standards to implement the Government Quality Management System (QMS) prescribed under Executive No. 605, s. 2007 and subsequently created a SAI PMF Team in preparation for the QMS certification through a peer review.
yes, the institutionalization of quality control systems and procedures.
COA Memorandum No. 2016-023 was issued on November 14, 2016 that provides the guidelines on the Implementation of the Unified Audit Approach. It contains review and supervision responsibilities of directors, supervising auditors, and audit team leaders.

COA Resolution No. 2018-008 dated February 1, 2018 on the Amendment of the authority of the Cluster Director and Regional Director to act on appeals from Notice of Disallowance/Notice of Charge and other decisions of the Supervising Auditor/Regional Supervising Auditor/Audit Team Leader under Commission on Audit Memorandum No. 2016-023 dated November 14, 2016 on the Revised Guidelines in the Implementation of the Unified Audit Approach.

COA Memorandum No. 2016-023 was issued on November 14, 2016 that provides the guidelines on the Implementation of the Unified Audit Approach. It contains review and supervision responsibilities of directors, supervising auditors, and audit team leaders.

The COA has issued the following:

COA Resolution No. 2018-010 dated February 1, 2018 which bears the subject Revised Code of Conduct and Ethical Standards for Commission on Audit (COA) Officials and Employees. This is to strengthen compliance of auditors with the ethical standards and core values of the Commission.

COA Resolution 2018-036 dated 28 November 2018 on Adoption of COA integrity Pledge in the virtue of promoting high standard of code of ethics in the public service and for all public officials and employees to be accountable to people at all times in the discharge of their duties and responsibilities.

These two resolutions are transmitted to all concerned COA sectors, clusters and offices. These issuances are also available at the COA website.

The Code of conduct and Ethical Standards for COA auditors is regularly reviewed by the COA executives to keep abreast with the international and best practices. As matter of fact, the revised code of ethics was just approved on 01 February 2018, while the COA integrity pledge was adopted on 28 November 2018.

These two resolutions are transmitted to all concerned COA sectors, clusters and offices. These issuances are also available at the COA website.

The Code of conduct and Ethical Standards for COA auditors is regularly reviewed by the COA executives to keep abreast with the international and best practices.

42
Poland
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
At every stage of the audit process, a three-step quality assessment is performed:
1. self-assessment - carried out by the author of the document ending the stage
2. internal evaluation - carried out by supervising persons in the unit producing the document
3. EQCR - made by a person or team independent of the above persons
All quality control stages are documented in special quality questionnaires specific to a given stage of the audit process. The documentation is kept only in the IT system and its results are recorded in the electronic quality control register.

At every stage of the audit process:
1. self-assessment
2. internal evaluation
3. EQCR
All quality control stages are documented in special quality questionnaires
Our SAI has adapted the employees’ code of ethics. Each auditor undertakes to comply with the code.
code of ethics
In each audit program audit risk management mechanisms, as well as the identification and assessment risk of irregularities are to be obligatory implemented.
In each audit program audit risk management mechanisms
The code of ethics provides for tackling non – ethical behavior by SAI’s employees. A special role for taking care of ethical wrongdoings was established by the President of SAI. Reporting of the wrongdoing must not be penalized under the code of ethics. Any wrongdoings reports need to be verified and properly handled.

Our SAI has introduced the system that provides the compliance with objectives/priorities at all stages of audit process. The quality of completed audits is reviewed in reference to each audit by a senior member of the SAI’s management responsible for a given project at the level of the entire organization. Additionally the review of the quality of audits at the level of the entire organization is conducted twice a year by a team of experts appointed by the President of the SAI.
yes, Our SAI has introduced the system that provides the compliance with objectives/priorities at all stages of audit process.
SAI does not have jurisdictional activities.
not applicable
All auditors familiarized themselves with the code of ethics and undertook to use it. The ethics principles are the subject of training at the entire organizational level and in particular provided to the new auditors.
Compliance with ethical principles is one of the elements of the annual assessment of each auditor by the director of his/her organizational unit.

All auditors familiarized themselves with the code of ethics and undertook to use it. The ethics principles are the subject of training at the entire organizational level and in particular provided to the new auditors.
Compliance with ethical principles is one of the elements of the annual assessment of each auditor by the director of his/her organizational unit.

43
Qatar
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Detailed audit methodologies are there for each type of audit with Quality Assurance clearly defined and embedded.
Detailed audit methodologies
Oath taking in front of President of the Bureau along with signing undertaking to disclose any conflict of interest
disclose any conflict of interest
We follow Methodologies where Quality Assurance is clearly defined and embedded
Methodologies
All such cases are referred to a disciplinary committee, which has the mandate to deal with such cases.

There is a Quality form for each phase of audit process which has to be reviewed by the Quality Assurance section.
yes, There is a Quality form for each phase of audit process which has to be reviewed by the Quality Assurance section.
Not applicable
not applicable
State Audit Bureau has its own Code of Ethics, and it is reviewed and updated regularly when updates are needed.
State Audit Bureau has its own Code of Ethics, and it is reviewed and updated regularly when updates are needed.

44
Seychelles
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Audit working papers, including, overall audit strategy, materiality, risk analysis, audit plan, etc. Following the RAM, submitted by the Audit teams are duly reviewed by, Audit Managers and seniors management. Code of ethics is signed by the Audit staff who conduct audits. Looking in to the limited availability of the human resource and skills, certain audits are outsourced also to carefully selected technically competent audit firms. Difference of opinion is duly deliberated upon before finalizing observations. . Issues remaining unresolved during the course of audit field work are put in an Interim Management letter which is issued to the auditee for reply/discussion in the audit exit meeting to obtain management views. Issues still remaining unresolved issues are duly examined and incorporated in the management letter. The unresolved issues are then examined in the light of the management response to the management letter and draft audit paras are issued to the auditee for their comments/reply. The reply of the management is once again duly examined, facts verified and the finally drafted audit paras are included in the annual Audit Report which is submitted to the Parliament. The process of seeking auditee views at different stages of the audit process as also while drafting audit paras before inclusion in the annual audit report ensures presentation of a balanced view in the audit observations. Where felt necessary,expert opinion is also sought, to ensure correct basing of the audit observations by relevant rules and regulations, from concerned bodies such as the Seychelles Revenue Commission,Public Oversight Unit, Department of Public Administration, etc The deliberations by the Finance & Public Accounts Committee (FPAC) subsequently during the process of oral evidence by the executive, also guide the Audit to shape its audit processes to make it more useful for the FPAC/Parliament.
Audit working papers. Following the RAM, submitted by the Audit teams are duly reviewed by, Audit Managers and seniors management. Code of ethics. Looking in to the limited availability of the human resource and skills. Difference of opinion is duly deliberated upon before finalizing observations. . Issues remaining unresolved during the course of audit field work are put in an Interim Management letter which is issued to the auditee for reply/discussion in the audit exit meeting to obtain management views. Issues still remaining unresolved issues are duly examined and incorporated in the management letter. The unresolved issues are then examined in the light of the management response to the management letter and draft audit paras are issued to the auditee for their comments/reply. The reply of the management is once again duly examined, facts verified and the finally drafted audit paras are included in the annual Audit Report which is submitted to the Parliament. The process of seeking auditee views at different stages of the audit process as also while drafting audit paras before inclusion in the annual audit report ensures presentation of a balanced view in the audit observations. Where felt necessary,expert opinion is also sought, to ensure correct basing of the audit observations by relevant rules and regulations, from concerned bodies such as the Seychelles Revenue Commission,Public Oversight Unit, Department of Public Administration, etc The deliberations by the Finance & Public Accounts Committee (FPAC) subsequently during the process of oral evidence by the executive, also guide the Audit to shape its audit processes to make it more useful for the FPAC/Parliament.
SAI’s code of ethical conduct, developed on the lines of the INTOSAI Code of Conduct, is in place to guide and regulate the audit staff conduct within the institution and at public places.
1) code of ethical conduct, developed on the lines of the INTOSAI Code of Conduct
The SAI has developed its second “Strategic Plan 2016-2020” and the “Medium Term Strategy 2017-2021 for delivering an effective audit service” taking in to consideration and incorporating all the quality relating aspects. The SAI's Annual Audit Programme, 2018-19 which is presently under implementation, is based on assessments of risks in the government functioning environment, expectations of stakeholders and is formulated through discussions/brain storming over the available information.
1) “Strategic Plan 2016-2020” 2) “Medium Term Strategy 2017-2021 for delivering an effective audit service” 3) SAI's Annual Audit Programme
The Code of Conduct and ethical values are aligned to the SAI’s disciplinary Code and rewarding systems to address the compliance and non-compliant behaviors. However, as population of the country is very small, the chances of violation of the code going unnoticed are remote.

The quality system related principles are in-built into the SAI’s audit planning and implementation processes taking due cognizance of the SAI’s objectives and priorities.
yes, The quality system related principles
Not applicable as the SAI does not have jurisdictional activities.
not applicable
SAI’s ethical code of conduct has been developed on the lines of the INTOSAI Code of Conduct. The audit team during the pre-audit planning activities stage duly undertake observance of the Code for which templates are provided to the teams. Impairment, if any, in respect of any assigned audits are duly declared by the members of the audit teams.
SAI’s ethical code of conduct has been developed on the lines of the INTOSAI Code of Conduct. The audit team during the pre-audit planning activities stage duly undertake observance of the Code for which templates are provided to the teams. Impairment, if any, in respect of any assigned audits are duly declared by the members of the audit teams.

45
South Africa
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Engagement performance policy – provide guidelines for the performance of audit engagement and includes supervision and review responsibilities, consultation on difficult matters that might arise during the audit including a difference of opinion process.
policy n Monitoring of QC compliance.
Difference of opinion process and procedures document – provides guidelines on the process to be followed when a difference of opinion arises during an audit engagement.
Pre-issuance process & procedures – provides guidelines on the process to be followed for quality control reviews.
Delegations procedure and process of signing audit reports
Audit quality leadership engagements are done on a frequent basis to promote audit quality.

Engagement performance policy
policy n Monitoring of QC compliance.
Difference of opinion process and procedures document.
Pre-issuance process & procedures .
Delegations procedure and process of signing audit reports

The SAI has an ethics policy which is a framework that guides employees on ethical conduct and decision making and governing processes within the SAI which is consistent with international best practices and the strategic direction of the organization.

The ethics policy is aligned to the ethical requirements in ISQC1 and the AGSA has adopted the fundamental principles of the IESBA code issued by IFAC. In addition, the AGSA has adopted the relevant values and principles contained in ISSAI 30 code of ethics issued by Intosai.

The AGSA also has a complaints policy for complaints against the AGSA which is aligned with the requirements of ISQC1 and is also intended at facilitating the requirements of section 13(1) of the PAA act. The aim of the policy is to ensure that the AGSA is transparent and consistent with dealing with the complaints lodged against the SAI or the SAI’s employees. Furthermore, the policy also seeks to promote a safe, accountable, and responsive environment for employees who disclose information of occupational detriment or unlawful or corrupt conduct.
Non-compliance with the ethics policy are dealt with in accordance with the AGSA disciplinary policy and associated procedures.

Yes – The AGSA’s system of quality control includes policies and procedures addressing each of the following elements as required by ISQC 1:
a. Leadership responsibilities for the system of quality control within the AGSA
b. Ethical requirements
c. Acceptance and continuance of client relationships and specific engagements
d. Human resources
e. Engagement performance
f. Monitoring
Yes – The AGSA’s system of quality control includes policies and procedures addressing each of the following elements as required by ISQC 1:

not applicable
not applicable
The ethics policy is available for all staff on the intranet on the policy register. Ethics sessions are held with all business units on the ethics policy to provide awareness on ethics matters. Regular feedback is provided by the top executive to employees on ethical breaches identified and how they have been resolved in order to provide ongoing ethical awareness. Ethics register is kept and all employees have access to declare any interests that they might have which might have which might have an impact on the performance of their duties. The declared interests are and assessed s approved by the responsible line manager.

On Annual basis, all the employees are required to perform independency declaration and these are assessed by the line manager of each employee. Furthermore, individual independence declarations are required for all audit team members prior to the start of the audit to ensure that that there are no independence threats. These are assessed by the audit engagement manager responsible for the audit.
The ethics policy is available for all staff on the intranet on the policy register. Ethics sessions are held with all business units on the ethics policy to provide awareness on ethics matters. Regular feedback is provided by the top executive to employees on ethical breaches identified and how they have been resolved in order to provide ongoing ethical awareness. Ethics register is kept and all employees have access to declare any interests that they might have which might have which might have an impact on the performance of their duties.

On Annual basis, all the employees are required to perform independency declaration .

46
South Sudan
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Differences are documented on the working papers at planning, execution and reporting stage. Quality control reviews are also documented at the three level of working papers above.
The culture of quality control are acknowledged on the Code of ethics and values of the SAI as expressed in the strategic plan.
1) Differences are documented on the working papers. 2) Quality control reviews are also documented at the three level of working papers.
The culture of quality control are acknowledged on the Code of ethics and values of the SAI as expressed in the strategic plan.
We apply AFROSAI-E ethical conduct – based on guidelines and standards. For each audit, audit team signs the Code of ethical conduct.
AFROSAI-E ethical conduct
Auditors are commanded not to accept any forms of gifts from the auditees to maintain their independence.
Auditors are commanded not to accept any forms of gifts from the auditees to maintain their independence.
We have practically dismissed one auditor for breaching our ethical values and have a policy of not revealing the names of those who reported on the suspected wrong doers.

Our SAI has no system to ensure that all the objectives/priorities within our SAI conform to quality other than the AFROSAI-E guidelines on quality control forms embed in the audit manuals.
NO, Our SAI has no system to ensure that all the objectives/priorities within our SAI conform to quality other than the AFROSAI-E guidelines on quality control forms embed in the audit manuals.
There are No jurisdiction activities in our SAI
not applicable
Our SAI produced a brochure of Code of Ethics which is distributed to all auditors. Newly recruited auditors are given induction workshop on core audit functions and Code of Ethics. Again audit teams signs a Form on Code of Ethics on each audit assignment.
Our SAI produced a brochure of Code of Ethics which is distributed to all auditors. Newly recruited auditors are given induction workshop on core audit functions and Code of Ethics. Again audit teams signs a Form on Code of Ethics on each audit assignment.

47
Suriname

48
Switzerland
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Quality control and assurance is part of all processes of the SFAO. The main elements and rules are described in the Quality Manual, which is our quality framework. It is binding for SFAO employees and third parties carrying out work on behalf of the SFAO. It exists in French and German.
1)Quality control and assurance is part of all processes of the SFAO. The main elements and rules are described in the 2) Quality Manual, which is our quality framework.
• Risk analysis and strategy process of the SFAO
• Code of Conduct of the Swiss Federal Administration, including rules in case of breaches
• Management’s commitment and example for ethical behaviour
• Requirements for hiring staff members
• Internal and external training courses and workshops
• Annual written Declarations of Independence and Supplier Impartiality from employees
• Rotating key audit personnel
• Ethical behaviour being part of the quality assurance system
• Whistleblowing system
• Risk analysis and strategy process of the SFAO
• Code of Conduct of the Swiss Federal Administration, including rules in case of breaches
• Management’s commitment and example for ethical behaviour
• Requirements for hiring staff members
• Internal and external training courses and workshops
• Annual written Declarations of Independence and Supplier Impartiality from employees
• Rotating key audit personnel
• Ethical behaviour being part of the quality assurance system
• Whistleblowing system
• Risk analysis and strategic process of the SFAO
• Quality control and feedback system (review and supervision, reporting and corrective action)
• Requirements for recruitment and hiring processes
• Risk analysis and strategic process of the SFAO
• Quality control and feedback system (review and supervision, reporting and corrective action)
• Requirements for recruitment and hiring processes
Non-compliance with ethical rules is handled according to the severity level of misconduct. The consequences may be limited to an oral or written admonishment but could also result in dismissal or filing a criminal charge.
The protection of those who report is ruled by the law. Federal employees should not suffer any professional disadvantage for reporting suspected wrongdoing or irregularities.

There is no separate quality assurance system for the objectives / priorities. The main elements for applying quality to all institutional processes are in place (cf. question 1). The core element of an overall quality assurance, including objectives and priorities, is the quality awareness at all levels. Setting objectives / priorities, aiming to achieve them and controlling their implementation are part of the management process of the SFAO.
There is no separate quality assurance system for the objectives / priorities.
The SFAO does not have jurisdictional activities.
not applicable
The SFAO does not have a Code of Ethics. However, we do have the necessary key elements: the Federal Auditing Act, standards of the professional associations, the Code of Conduct of the Federal Administration, the Declaration of Independance, the Declaration of Impartiality for suppliers, the SFAO strategy and values, our internal control system, human resource processes, quality control and assurance. We closely monitor the relevant trends and modifications, make the necessary adjustments and communicate them (internal newsletter, staff meetings, toolboxes, Jour-fixe with all employees).
The SFAO does not have a Code of Ethics. However, we do have the necessary key elements: the Federal Auditing Act, standards of the professional associations, the Code of Conduct of the Federal Administration, the Declaration of Independance, the Declaration of Impartiality for suppliers, the SFAO strategy and values, our internal control system, human resource processes, quality control and assurance. We closely monitor the relevant trends and modifications, make the necessary adjustments and communicate them (internal newsletter, staff meetings, toolboxes, Jour-fixe with all employees).

49
Tajikistan
yes
yes
no
NO
no
no
no
NO
no
no
no
NO
No Answer
NO ANSWER
No Answer
no answer
No Answer
no answer
There were no such situations.

At that moment SAI works at the project of implementation to strengthen external audit. In the frame of this project SAI plans to work out the instruction of the quality control and quality assurance systems.
At that moment SAI works at the project of implementation to strengthen external audit. In the frame of this project SAI plans to work out the instruction of the quality control and quality assurance systems.
no answer
no answer
The SAI’s Code of Ethics has been approved by the decision of the College of the Accounts Chambers of the Republic Tajikistan on 4 December 2012. Then in accordance to ISSAI 30 some changes were made on 31 October 2017.
The SAI’s Code of Ethics has been approved by the decision of the College of the Accounts Chambers of the Republic Tajikistan on 4 December 2012. Then in accordance to ISSAI 30 some changes were made on 31 October 2017.

50
Tanzania
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Financial Audit Manual (FAM): guides the audit of financial statements. Among others it describes the following: the audit process; audit methodology; audit approach; quality control system of the SAI; quality control at engagement level; audit review process and focus of the review at different levels; the annual overall plan; applicable policies and procedures; audit documentation; mandatory working papers; applicable standards; audit steps; and Glossary.
Compliance Audit Manual (CAM): aims to:
1. Explain the main concepts of compliance audit and link it to the audit practice;
2. Provide guidance on and illustrations of the process, tools and working papers that may be used in planning, conducting and reporting on a compliance audit based on the ISSAIs;
3. Guide strategic considerations in implementing the compliance audit standard in the NAOT.

In addition it explains the audit process; audit methodology; audit approach; quality control system of the SAI; quality control at engagement level; audit review process and focus of the review at different levels; the annual overall plan; applicable policies and procedures; audit documentation; mandatory working papers; applicable standards; audit steps; and Glossary.
Performance Audit Manual: Provides guidance on Performance Audit. The minimum coverage is not different from other audit manuals explained above.
Quality Assurance Policy: Provides types of quality assurance reviews carried at the SAI, defines the quality control system of the SAI and quality control at engagement level, guides on reporting and follow up of quality assurance results.
Financial Audit Manual (FAM).
Compliance Audit Manual (CAM):
Performance Audit Manual.
Quality Assurance Policy.
• Vetting of staff
• Completion and Signing of Integrity Pledge for Civil Servants
• Completing and signing the code of ethics declaration forms for every audit engagement.
• To emphasize on ethical conduct through a memo issued by the Controller and Auditor General from time to time.
• Establishment of SAIs’ Staff Ethics Committee
• All NAOT leaders complete and sign declaration forms from Public Leaders Ethics Secretariat
• Vetting of staff
• Completion and Signing of Integrity Pledge for Civil Servants
• Completing and signing the code of ethics declaration forms for every audit engagement.
• To emphasize on ethical conduct through a memo issued by the Controller and Auditor General from time to time.
• Establishment of SAIs’ Staff Ethics Committee
• All NAOT leaders complete and sign declaration forms from Public Leaders Ethics Secretariat
• Management review levels at every audit stage and during the audit process.
• Conducting hot reviews by Quality Assurance unit.
• Engaging Technical Support Services Unit to monitor quality control during the audit process.
• Staff rotations which aims at mitigating the familiarity threat to auditor.
• Regular management meetings to discuss the progress of work for the entire office.
• Management review levels at every audit stage and during the audit process.
• Conducting hot reviews by Quality Assurance unit.
• Engaging Technical Support Services Unit to monitor quality control during the audit process.
• Staff rotations which aims at mitigating the familiarity threat to auditor.
• Regular management meetings to discuss the progress of work for the entire office.
The actions to be taken by the Controller and Auditor General when there is non-compliance with ethical values are guided by the Public Service Act and its regulations, Standing Orders for Public Service, circulars and directives.

Procedures that will be followed will depend on the type of proceedings as established under Regulation 36 to 64 of the Public Service Regulations (PSR). Some offences may warrant formal disciplinary proceedings and others summary proceedings as provided under the First and Second Schedule of the PSR.

Utmost the public servant may be even be dismissed if a disciplinary charge is preferred against him/her; adequate opportunity to answer the charge has been afforded and an inquiry is held into the charge in accordance with regulations made under Section 34 of the Public Service Act.

For external non –compliances among others, Public Audit Act 2008 requires the Controller and Auditor General to refer the matter to the Director of Public Prosecutions for appropriate action.

Generally those who report wrongdoings are protected under Part III of the Whistleblowers and Witness protection act, No. 14 of 2015 and that they are protected if the disclosure was made in good faith, the whistleblower has a reasonable cause to believe that the information disclosed and the allegation of wrongdoing contained in it is substantially valid and that the disclosure was made in accordance with the provision of this act.

Yes.

The National Audit Office of Tanzania has in place the Planning, Monitoring and Evaluation Unit which is responsible for monitoring all the priorities of the Office. The unit monitors the performance of objectives and on quarterly basis prepares the performance report which elaborate on the status of each activity for the achievement of such objectives.
Yes.

The National Audit Office of Tanzania has in place the Planning, Monitoring and Evaluation Unit which is responsible for monitoring all the priorities of the Office.es.
No.

The National Audit Office of Tanzania has no jurisdictional activities.
not applicable
The National Audit Office has its own Code of Ethics which is compliant with International Code of Ethics for Professional Accountants issued by International Ethics Standards Board for Accountants (IESBA). In addition, we also comply with Code of Ethics and Conducts for Public Service in Tanzania.

The National Audit Code of Ethics and Conduct is disseminated during various trainings and auditors are reminded to comply with these codes during the training sessions.

The implementation of the Code of Ethics is embedded in the audit process whereby, every auditor in the audit team has to declare his/her compliance with the code of ethics for every audit engagement.

The Code of Ethics is reviewed from time to time once there is a change in the standards.
The National Audit Office has its own Code of Ethics which is compliant with International Code of Ethics for Professional Accountants issued by International Ethics Standards Board for Accountants (IESBA). In addition, we also comply with Code of Ethics and Conducts for Public Service in Tanzania.

The National Audit Code of Ethics and Conduct is disseminated during various trainings and auditors are reminded to comply with these codes during the training sessions.

The Code of Ethics is reviewed from time to time once there is a change in the standards.

51
Turkey
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
Code of Court of Accounts, Audit Regulation and Audit Guideline. (See answer 4 (a))
The Regulation on Resort to Expert
Regulation on Ethical Requirements for Auditors promotes the awareness of independent and impartial behaviour during audit work.

1) Code of Court of Accounts, 2) Audit Regulation and 3) Audit Guideline, 4) answer to Q4a: The management as a board prepares strategic audit plan relying on risk registers and establishes audit teams by managing human resources.
audit manual and related audit standards.
Draft reports are reviewed by Report Assessment Commissions comprised of principal auditors not involved in the audit in order to be impartial. After receiving the response of audited entity on findings draft reports are reviewed by Chambers and then by Report Assessment Board headed by the president of TCA. Code of Court of Accounts, Audit Regulation and Audit Guideline. (See answer 4 (a))
The Regulation on Resort to Expert
Regulation on Ethical Requirements for Auditors promotes the awareness of independent and impartial behaviour during audit work.
e.g. In order to mitigate risk by increasing awareness, the auditors are required to accept the alignment with the ethical requirements for each audit they conduct.
e.g. In order to mitigate risk by increasing awareness, the auditors are required to accept the alignment with the ethical requirements for each audit they conduct.
Internal control procedures and policies and related risks are determined in Action Plans and Internal Control Instructions. The actions are monitored by a dedicated board (Internal Control and Risk Steering Board)

The Court identifies operational risks in risk registers, relevant units and the planned action towards the risk. The action plan is monitored regularly, results and achievements are reported.
Internal control procedures and policies and related risks are determined in Action Plans and Internal Control Instructions. The actions are monitored by a dedicated board (Internal Control and Risk Steering Board)

The Court identifies operational risks in risk registers, relevant units and the planned action towards the risk.
Disciplinary procedures written in personnel regulation are applied. Non-compliance with ethical requirements are dealt with related disciplinary boards.
Whistle blowing can be done anonymously and these complaints are directly conveyed to disciplinary boards for further investigation.

See answers 6 and 7
See answers 6 and 7
Quality control procedures concerning the jurisrictional activities are defined by law. Quality is ensured by using a process adequate to jurisdictional decisions, such as collegiality, intervention of the public prosecutor and remedy actions, especially appeals.
Quality control procedures concerning the jurisrictional activities are defined by law.
The code of ethics for auditors are written, implemented and updated by the Court. It is publicly available on web site. Also briefings are held for communicating the requirements to the personnel.
The code of ethics for auditors are written, implemented and updated by the Court. It is publicly available on web site. Also briefings are held for communicating the requirements to the personnel.

52
United Kingdom
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
a) All audit and assurance work should be subject to quality review processes which meet the requirements of ISQC 1 and ISAs, as applicable. The Engagement Director should take responsibility for reviews being performed in accordance with the NAO’s review policies and procedures. The NAO procedures for review include:
• two stage review of audit work to support the outputs of audit and assurance engagements (the first stage review is a detailed review considering individual working papers and audit procedures, and the second stage review involves review of key planning and completion documents as well as any other procedures or working papers considered appropriate.
• the use of central technical advice and support provided by PQ
• consideration of specific matters by Audit Panels
• the appointment of Engagement Quality Control Reviewers for high risk audits of financial statements

b) It is NAO policy that appropriate consultation should take place on difficult or contentious matters. The Engagement Director and Engagement Manager should ensure that sufficient resources are available within the engagement team to enable appropriate consultation to take place. The Engagement Director is responsible for ensuring that conclusions resulting from consultations are implemented.
c) It is NAO policy that appropriate consultation should take place on difficult or contentious matters. The Engagement Director is responsible for ensuring that conclusions resulting from consultations are implemented.
d) High risk audits are assigned an Engagement Quality Control Reviewer (EQCR). The audit cannot be certified without EQCR review of the file with all issues resolved. Each year the NAO’s technical team announces engagement that have been nominated for a pre-certification technical review of accounts. The compliance and quality unit undertake pre-certification hot reviews and post certification cold reviews.
e) The level of approval depends on the report. For example, higher risk audits such as Public Interest Entities or audits with modified opinions will need to be reviewed by the NAO’s internal technical team.
f) See comments above.
a) All audit and assurance work should be subject to quality review processes
b) It is NAO policy that appropriate consultation should take place on difficult or contentious matters.
c) It is NAO policy that appropriate consultation should take place on difficult or contentious matters.
d) High risk audits are assigned an Engagement Quality Control Reviewer (EQCR).
e) The level of approval depends on the report. For example, higher risk audits such as Public Interest Entities or audits with modified opinions will need to be reviewed by the NAO’s internal technical team.
f) See comments above.
The NAO complies with the FRC Revised Ethical Standard 2016 (the Ethical Standard) as applied to listed entities and International Standards on Auditing (UK) in respect of all financial audit engagements. These standards form an integral part of the NAO Code of Conduct.
1) The NAO complies with the FRC Revised Ethical Standard 2016 (the Ethical Standard) 2) These standards form an integral part of the NAO Code of Conduct.
Please refer to the above sections for details of the NAO’s quality control procedures.
quality control procedures.
If matters come to the Engagement Director’s attention through the NAO's system of quality control or otherwise that indicate that members of the engagement team have not complied with relevant ethical requirements, the Engagement Director, in consultation with the Director, Financial Audit Practice and Quality determines the appropriate action.

Where a breach in the requirements of the Ethical Standard has occurred, this is disclosed within the Basis of Opinion section of the auditor’s report together with details of any safeguards or other actions which have been taken to mitigate the impact of the breach. Any auditor’s reports containing such disclosures must be approved by the Director of the NAO’s technical team.

Please refer to the sections above regarding the NAO’s quality control systems and processes.
yes, The NAO adheres to the International Standard on Quality Control

The Engagement Director shall take responsibility for the overall quality on each audit engagement and should communicate through their actions and messages to other members of the engagement team.

. The NAO Code of Conduct

The NAO has an internal quality control unit.
High risk audits are assigned an Engagement Quality Control Reviewer
Please refer to the sections above regarding the NAO’s quality control systems and processes.
The NAO adheres to the International Standard on Quality Control (UK) (ISCQ1) ‘Quality Control for Firms that Perform Audits and Reviews of Financial Statements. Every member of an engagement team has a personal responsibility for quality and is expected to comply with NAO policy and procedures which support this.

The responsibility for the NAO's system of quality control ultimately rests with the C&AG. The financial audit Executive Leaders (ELs) are the leadership team members responsible for quality, reporting to the C&AG, the wider leadership team and the board as appropriate. The financial audit ELs lead the Financial Audit Directors’ Group (FADG) which comprises all financial audit directors and which has an oversight role for the quality of financial audit. Financial audit ELs and FADG are supported in their responsibilities by the Director, Financial Audit Practice and Quality (PQ).

The Engagement Director shall take responsibility for the overall quality on each audit engagement and should communicate through their actions and messages to other members of the engagement team.

NAO have policies and procedures to ensure that it deals appropriately with complaints and allegations that the work performed by its auditors does not comply with professional standards and regulatory and legal requirements. The NAO Code of Conduct requires that staff discuss any such matters that come to their attention with their Director, Executive Leader or the Director of Human Resources in his capacity as the NAO's Corporate Compliance Officer.

The NAO has an internal quality control unit which carries out an annual evaluation of the internal quality control system. The results of this are communicated to the NAO’s leadership team, Directors and staff. The quality control unit is an independent assurance function, not a management function. Activities undertaken by the quality control unit include pre-certification hot reviews, post-certification cold reviews, and management of the external reviews carried out on NAO’s audit files by the Financial Reporting Council.

High risk audits are assigned an Engagement Quality Control Reviewer (EQCR). The audit cannot be certified without EQCR review of the file with all issues resolved.

Each year the NAO’s technical team announces engagement that have been nominated for a pre-certification technical review of accounts. The accounts selected are based on risk.
The NAO’s financial audit manual contains a whole section on ethical policies and procedures.

The NAO’s Code of Conduct outlines the ethical requirements to which NAO staff must adhere. All staff are required to complete an annual declaration stating that they have met the requirements of the Code. Each member of staff has individual responsibility for compliance with ethical requirements.

The Code of Conduct also requires all staff to complete an annual declaration of interests. This declaration is made online and a register of interests is maintained by Human Resources. In addition, all NAO staff should notify the relevant engagement director, Director of Practice and Quality, and Human Resources of any possible conflict of interest as soon as it becomes apparent during the course of the year, resubmit their Code of Conduct on-line, and confirm for each audit how conflicts of interests, if any, have been managed.
The NAO’s financial audit manual contains a whole section on ethical policies and procedures.

53
USA
Yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
GAO’s QAF and its standardized processes and controls ensures each of these conditions, including a review of each report by an independent senior executive to ensure that quality standards are met.
GAO’s QAF and its standardized processes and controls ensures each of these conditions, including a review of each report by an independent senior executive to ensure that quality standards are met.
GAO’s QAF includes multiple processes and procedures throughout the engagement process to identify, analyze, and mitigate risks to ethical conduct, including numerous controls to assure staff are independent in all matters relating to GAO’s work and adhere to GAO’s mission values of accountability, integrity, and reliability.
multiple processes and procedures throughout the engagement process to identify, analyze, and mitigate risks to ethical conduct.
GAO’s QAF also includes standard approaches, policies, and procedures that mitigate risks to quality in the execution of GAO’s work, such as centralized decisions on key aspects of engagement acceptance, planning, design, and resources, and review of each report by a senior executive before issuance to assure compliance with quality standards.
standard approaches, policies, and procedures that mitigate risks to quality in the execution of GAO’s work.
There are several avenues that may be used, depending on the nature of the issue, including an independent Office of Inspector General, where reports can be made anonymously and without fear of retaliation, and the Office of General Counsel (OGC) within GAO. GAO’s OGC includes an Ethics Office that, among other things, provides guidance on ethics-related conduct rules and issues.

GAO’s QAF includes procedures related to strategic planning, which help focus limited resources on important national issues, such as through the use of a strategic planning framework; and portfolio and risk management, which ensure that GAO has clearly defined, transparent policies and practices relating to its work and is consistent in dealing with all Congressional committees and members.
yes, GAO’s QAF includes procedures related to strategic planning
n/a
not applicable
Elaboration and implementation of GAO’s core values are built into the QAF procedures, which help ensure adherence with these values at all stages of the engagement. These values are also emphasized and communicated to staff from the highest levels of the organization. In addition, GAO has an Ethics Office, which provides guidance to GAO staff on ethics, conflicts of interest, impairments to independence, financial disclosure, and related conduct rules and issues.

Elaboration and implementation of GAO’s core values are built into the QAF procedures, which help ensure adherence with these values at all stages of the engagement. These values are also emphasized and communicated to staff from the highest levels of the organization. In addition, GAO has an Ethics Office, which provides guidance to GAO staff on ethics, conflicts of interest, impairments to independence, financial disclosure, and related conduct rules and issues.

Sheet 3: Q11 - Q15

#
Country
Q11: What policies and procedures has your SAI established and applied so that an audit team, as a whole, possesses the knowledge, skills and experience necessary to carry out successfully the audit work?
Q12: Does your SAI have a training center? If your answer is affirmative:
Q13: Are your SAI's organization and processes certified by any international quality standard (such as ISO 9001)? If so, which parts or processes and since when?
Q14: Is there any specific software (technical resources) that your SAI uses for its Quality Management System with the aim of securing quality control and quality assurance?
Q15: Does your SAI have and apply any monitoring process to assure that policies and procedures related to its quality control system are relevant, adequate and operating effectively?

Answer
Comment
Answer
Comment
Answer
Comment
Answer
Comment

Comment

1
Afghanistan
Through Capacity Need Assessments, knowledge, skill and experience gaps are identified and suitable capacity building programmes are undertaken, in-house, with the help of other SAIs as well as through on-the-job training with the support of external consultants and advisors. While ensuring that the audit team as a whole has required experience and exposure to subject matter under audit, rotation of audit team member(s) are done to ensure knowledge, skill and experience for the audit. SAO also deployed external expert support for audits through consultancy firm / international advisors. However, SAO still has lack of adequate capacity and is working towards self-reliant audit teams through capacity building and professionalization.
Capacity need assessments
SAO does not have a separate training centre. However, the training department organizes in-house training programmes with in-house and by engaging external expert resources. Training programmes include subject of ISSAI 40 and quality management system.

Yes, in addition to in-house training on the basis of TNA, SAO has formalised MOUs with other SAIs (e.g., CAGO-India, BPK-Indonesia, NAD-Malaysia, SNAO-Sweden, TCA-Turkey) for capacity building and knowledge sharing programmes through which SAO staff are trained.
The selection for such trainings are done on the basis of area of audit assignments, TNA, consideration of English language (Afghanistan is predominantly Pashto/Dari speaking country), previous trainings, length of service, etc.
SAO is also encouraging staff to acquire professional certifications (e.g., CIA, CGAP, ACCA, MBA, CISA).

12- No.
A- In-house training
B- Yes
NO, [However, they have been assessed as part of SAI-PMF and PEFA].
no
Not at present.
However, SAO is in the process of setting up and implementing an Audit Management Information System (in 2019-20).

Not at present but in the process of setting up and implementing a system
Yes, the IA & QC Directorate in cooperation with the Audit Methodology Committee of the SAO review and update in them.
Quality assesment done in cooperation between departments

2
Argentina

3
Australia
The ANAO has a policy on the Assignment of Engagement Teams in which Group Executive Directors shall allocate audit staff, taking into account the appropriate skill level and their capability, and competence to perform the engagement.
Taken into consideration when creating the audit team
While the ANAO does not have a separate training center, in-house training is provided coordinated by the ANAO Learning and Development team. Training is provided by both the ANAO Professional Services and Relationship Group, the Audit Groups and external providers. The ANAO provides training to all staff to 1) ensure their technical knowledge and skill, 2) comply with professional membership requirements of audit and accounting bodies.

Each staff member completes an Annual Individual Development Program which is agreed by their supervisor. Mandatory training is specified in the ANAO Learning and Development calendar. Also, staff self-nominate to participate in training and obtain professional qualifications. And it is the individual’s responsibility to maintain their continuing professional development.
12- No.
A- In-house training
B- Yes
NO
no
The ANAO utilises Audit Software which includes mandatory procedures aimed to promote consistency and quality throughout audits including compliance with ANAO Auditing Standards and policies.

The ANAO’s audit manual, together with the procedures set out in TeamMate and the on-line audit guide, provide reasonable assurance that engagements are performed in accordance with professional standards and regulatory and legal requirements, and that the reports issued are appropriate in the circumstances.

The Software (TeamMate) is used
The monitoring processes over the ANAO’s quality control system include 1) internal quality assurance team, 2) external review of the quality control system.

Generally, the ANAO has policies and procedures designed to provide reasonable assurance that it has sufficient quality assurance staff with the capabilities, competence, and commitment to ethical principles necessary to perform quality assurance in accordance with the professional standards, and to enable the ANAO to issue reports that are appropriate in the circumstances.

It is specific ANAO policy that when appointing quality assurance staff, the ANAO shall have regard to:
• the technical qualifications required to perform the role, including the necessary experience and authority; and
• any other considerations that may threaten the reviewer’s objectivity.

The ANAO also engages contractors to perform some quality reviews to increase impartiality through objectivity and Independence.

There is a (division / team) for quality assesment

4
Azerbaijan
According to the Law on the Chamber of Accounts to provide implementation of the duties of the Chamber of Accounts on the basis of principles determined by the law it was decided to develop new methodical documents as well as to improve effective methodical documents. In this regard the followings are examples of above mentioned methodical documents:
• Preparation to external public financial control measures by the Chamber of Accounts, rules on conduct of external public financial control measures and formalization of results.
• Methodical guidance on Compliance Audit
• Guidance on conduct of performance audit
• Financial Statements analysis methodology
• Methodical guidance on evaluation of internal control system in entities
• Recommendations on conduct of control measures by the Chamber of Accounts regarding use of funds allocated to state programs and projects.
• Rules on planning of the work of the Chamber of Accounts
• Recommendations on risk assessment in the planning process of external public financial control
Additionally drafting of other methodical documents of the Chamber of Accounts is considered. Also, the colleagues of the Chamber of Accounts of the Republic of Azerbaijan regularly attend international conferences and events organized by other SAIs and international organizations (INTOSAI, EUROSAI, ASOSAI,ECOSAI) related to the activity of the Chamber of Accounts.
Audit guidelines,procedures,manuals,audit plan
No, but according to new Law on the Chamber of Accounts a Training Centre of the Chamber of Accounts shall be established in order to organize the increase of knowledge and skills, vocational training capacities of the newly appointed members and other staff in the Chamber of Accounts, the human resource development, and the study of the international standards and best practices of supreme audit institutions.
12- No.
NO ANSWER
no answer
Special information system in the Chamber of Accounts- Auditing Management System is being prepared and implemented. Auditing Management System of the Chamber of Accounts is intended as a system to be used for electronically planning, management, documentation of external public financial control measures (as well as audits), implementation of quality control, generation of various types of reports. System facilitates the application of new methods along with electronization. The most important of these is the use of risk based approach at strategic level and external public financial control level during the planning. So, it creates more opportunity to choose the facilities for events on the principles of transparency and equity as a result of data processing and analysis gathered in databases of the System considering risk factor.
Additionally, implementation of Auditing Management System of the Chamber of Accounts makes it possible to effective organize accounting, maintain sustainability in approaches, maintain standardization expectations, reduce of non value added activities, and manage audit activity information in order to enhance effectiveness and efficiency of external public financial control measures.

Not at present but in the process of setting up and implementing a system

5
Bahrain
1) The first step is the employment procedures which ensure only qualified resources are employed by NAO.
2) Supporting the technical staff to get professional certifications such as (CPA, ACCA, CMA & CIA).
3) Provide continuous professional learning for all NAO Staff.
4) Selecting the audit team members based on experience and skills as per the Audit Procedures Manual requirements.
5) NAO law allows for the use of subject matters’ experts during the audit whenever is needed.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
NAO has a training unit which plan and conduct training courses based on training needs analyses and feedback from appraisal competency based.

Yes.
For the professional qualifications NAO approved the updated version of the Professional Qualification system, which assist the technical employees to be certified by sponsoring them though bearing cost and providing study leaves.
In addition, NAO bear the cost of membership in one of the professional associations.
For the training part, NAO has participated in the IDI program “Train the trainer” to develop the skills of its employees to become qualified trainers
12- No.
A- In-house training
B- Yes
NO
no
NAO Bahrain does not have a Quality Management System as such.

However it implements and audit automation software (MK Insight), that enhances the quality control by ensuring that all audit works are documented and reviewed by all required levels. It also incorporates audit checklist that ensure completeness of audit work before finalizing any assignment. And finally, the software has detailed tasks logs that ensure accountability of all work performed.

Audit Management Software is used
There is no specific quality assessment team in NAO Bahrain; however some monitoring procedures were conducted as listed below:
1) The Administrative Audit Directorate used one of the Big 4 audit firms to review policies, procedures and the full audit cycle of the directorate’s work.
2) NAO Bahrain has participated in several gap analysis projects (such as the 3i program) since 2013.

NAO Bahrain has introduced a strategic initiative to implement effective Quality Assurance System as part of NAO Strategy (2016-2019), which will cover the following aspects:
- Issuing the Quality Assurance Charter.
- Produce Quality Assurance procedures manuals.
- Perform period Quality Assurance assignments.
The work in this initiative is in-progress.

There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

6
Belgium
This is part of the Court’s procedural manuals, operational planning procedures, and human resources and training policies. The audit supervisors are responsible for the appropriate composition of the audit teams from a knowledge, skills and experience point of view (see job description). They can make proposals towards the audit directors concerning staffing and training needs (see below). At the start of an audit the composition of the audit team is determined. In the case of performance audits this is, for instance, done in the preliminary study. This preliminary study is subject to review by the audit director and the college. The work of the supervisors is supported by a strict recruitment policy and a well-developed training policy. In recruitment we strive to recruit excellent employees. E.g. in our last recruitment of performance auditors we recruited six auditors, they all had experience in research / evaluation / audit, four of them had a PhD. E.g. for financial audit we often recruit auditors with experience in private audit firms. We have a well-developed training policy; every year a training plan is drawn up on the basis of a needs survey. We also have excellent facilities for following external training courses.
Taken into consideration when creating the audit team
Not Answered
12- No.
We have decided to go for an ISO 9001 certificate for our audit processes. We hope to achieve this by the end of 2020 / beginning of 2021.
NO, IN THE PLAN
For financial audits we use Caseware.
For performance audit we don’t have a specific software.

Audit Software is used
At the moment peer review by colleagues, hierarchical review by managers (audit supervisors and directors) and - final - review by the members of the Court of Audit are the mechanisms to assure quality and the application of quality control measures.

For the future, within the framework of a trajectory to ISO 9001 certification, our quality department will carry out internal quality audits and there will also be a triennial independent external audit performed by an accredited external organization that carries out ISO 9001 audits.

There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

7
Belice
Section Leaders provides the relevant training to carry out the areas being audited.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
N/A
12- No
NO
no
N/A
There isnt a spesific software system
The Head of SAI delegates two Senior Officers tasked with the monitoring.
There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

8
Bhutan
Although the Financial Audit Manual provides the required competencies, the same is yet to be incorporated in Performance and Compliance Auditing. The basis for the necessary knowledge, skills and experience required was discussed with IDI expert and included in the Financial Audit Manual.
Only in financial audit, yet to be implemented in performance and compliance auditing
Recently established. The Management is in the process of drafting the necessary documents to determining the role of the training centre.

At the beginning of every financial year a training Need assessment is carried out by the Human Resource Division. The division chiefs are also requested to provide the training need that may be relevant for the officials under their respective divisions.
12- Yes.
A- In process of drafting necessary documents.
B- Yes.
NO
no
Audit Resource Management System (ARMS) has been developed for the same by the in-house expertise. Currently we do not use any specific software.
Not at present but in the process of setting up and implementing a system
There is proper monitoring system in place called Audit Performance Evaluation and Monitoring Systems (APEMS) that keep track of every audits being undertaken including the completion and reporting. However, there is no system to assess if the monitoring system is impartial.
There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

9
Botswana
Competency matrix
Specialities by audit sectors,training, job description, outsourcing, competency matrix
The SAI does not have a training centre but benefits from trainings organized by Afrosai E

Selection is done by the Auditor General
12- No.
A- Organized by Afrosai E.
B- No.
No, but the SAI has recently employed a management analyst to address that.
NO, WORKING ON IT
There is Teammate audit management system for audits, but for quality assurance there is no specific software
The Software (TeamMate) is used
There is a quality assurance function that is within the division for Policy Research and Development with this responsibility. Indicators are the domains in the Institutional Capacity Building Framework and the standards reference.
There is a (division / team) for quality assesment

10
Bulgaria
Considering also the answer of Q 2, one (out of three) strategic priorities in Institutional strategy for the period 2018-2022 is dedicated to HR. Which means that several strategic goals are planned with a number of specific measures. Separate HR strategy is about to be approved by mid-2019. Procedures for consideration the knowledge, skills and experience of the audit staff available is part of strategic and annual audit planning process (developed in the Audit Manual). It also can be pointed out as a risk (as a part of strategic and annual audit planning process). Also in every single audit, audit team leader should take into consideration knowledge, skills and experience of team members and if there is a deficiency – to communicate it with the management.
Audit guidelines,procedures,manuals,audit plan
There is no training center, but HR department is organizing training events proposed from audit directors and approved by BNAO documented as Annual Training Program

Yes, trainings that are being proposed by audit directors are identified during the mid-year appraisal meeting between an auditor and its line manager. One of activities planned in Institutional strategy for the period 2018-2022 is developing and applying procedures so that SAI supports the auditors for obtaining professional qualifications.
12- No.
A- In-house training
B- Yes
NO
no
Pentana – audit management software
Audit Management Software is used
Considering also the answer of Q 2, quality control system is being built in accordance with ISSAI 40. Some of the elements are being monitored by BNAO management (for example HR policies), some aspects are being monitored by BNAO management with assistance of internal structures (Ethics Commission or Audit Activity Development Directorate responsible for audit methodology). QA policies, regulations and rules which will involve external experts are in process of preparation and are being based on IDI iCAT that are just being updated.
Quality assesment done in cooperation between departments

11
Canada

not answered

12
Chile
The SAI has specialties by public sectors (health, armed forces, education, labor, among others) and municipal sectors. The auditors attend specific audits of the sector. In addition, training courses are being developed that address technical, systematic issues and improvements in the work environment. Similarly, there is a training plan that is updated annually.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
So far in nothing, until the formal creation of the unit. However, training has been carried out regarding ISSAI, contained 40.

Each training that takes place has prerequisites to apply, only people who meet the requirements have the possibility to participate in them. (selection through the Training System). In addition, the training unit asks the technical and operational units for training suggestions for the following year. Therefore, the training offered covers the real needs of the SAI.
12- No.
A- Yes.
B- Yes.
NO
no
We don´t have a specific software.
There isnt a spesific software system
No for the moment, until the creation of the quality unit.
There is no specific quality assessment team

13
Colombia
Training and continuous training Update on issues inherent to audits Administration policy and audit process roles Audit supervision activities
Specialities by audit sectors,training, job description, outsourcing, competency matrix
This training center in the SAI of Colombia is called the Center for Fiscal Studies.
In accordance with the law 1807 of September 1 of 2016:
It develops the research that in the educational field is recognized as relevant and transcendent, related to the control and monitoring of fiscal management. To train highly qualified human talent in matters related to fiscal control. Within the scope of its competence, it organizes educational programs, in different modalities and with the use of different methodologies, in order to train citizens committed to the care and monitoring of the management of public resources. Contributes to the institutional strengthening of the Comptroller General of the Republic and the National System of Fiscal Control. Executes technical cooperation processes through agreements or agreements with organizations or entities of a national or international nature subscribed by the Comptroller General of the Republic
It develops training programs in matters related to the control and monitoring of fiscal management. It fosters participatory spaces for the training of the key actors in control and surveillance of the management of public resources.

By resolution 0553 of February 28, 2017, the organic statute of the Center for Fiscal Studies was issued. For the selection of the personnel for the trainings, a diagnosis of needs is elaborated with the participation of all the dependencies of the SAI, the professional profile is considered, the areas in which they perform and their functions. On these bases, priorities are established.
12- Yes.
A- Training and developing training programs.
B- Yes.
NO
no
In the SCIGC application, the necessary documents for the operation of the institutional processes are published, such as procedures, guides, manuals, among other instruments of a similar nature, which are mandatory for application within the entity. With support in said tool, control of such documents is exercised
In a complementary manner, audits include the Audit Control Information System SICA - is an information system that supports the surveillance and fiscal control that is the responsibility of the Comptroller General of the Republic of Colombia. It was developed by the SAI of Chile and through a technological cooperation agreement, the SAI of Colombia acquires the rights to use software that seeks greater efficiency and effectiveness in the exercise of fiscal control in our country. Its main objective is to strengthen the fiscal surveillance and control function of the Comptroller General of the Republic, through the efficient and effective use of its resources, the application of updated methodologies and aligned with international best practices, and technological components that support the improvement of processes
SICA is a web system that can be accessed from anywhere and that brings all the benefits of an online system. The final users are the SAI officials who exercise fiscal vigilance and control, which are mobilized in the different regions in our country.
Audit Management Software is used
YES. In compliance with the self-control principle established by the MECI Internal Control Standard Model for Colombia, each server must exercise control to guarantee the expected results of the activities under its responsibility. In 2017, the institutional self-evaluation procedure was adopted. The SAI applies and tracks process indicators. It is worth mentioning that there is no human team specifically dedicated to the monitoring referred to in the question. In addition, the internal control office carries out internal audit and monitoring activities.
The Institution applies, institutional self-evaluation

14
Costa Rica
In the first place, the institution has designed and inscribed in its Position Manual, specific professional profiles for performance auditors, compliance auditors and financial auditors, among other profiles. For each of these profiles, there is a Competency Development Program (hard and soft tents) that aims to develop the knowledge and skills necessary for an optimal development of each type of audit. In addition, there are updating activities, sharing knowledge and practices and innovative activities implemented during the year. Finally, there is a budget line to finance specific training activities to update or develop knowledge and skills not included in the development plans.
Audit manuals and guidelines , Competency matrix , training
The Human Potential Management Unit has its own function The function of leading the development of the competencies of the officials. This unit, together with the divisions and load areas of the officials who perform the audit, are the basis for preparing and executing the development plans of competencies, skills and knowledge for the correct execution of the types of audits.

The Positions Profiles Manual. Each specific profile has a formal development plan that defines the max. Likewise, there is a definition of each of the employees that can be made with respect to the type of audit in which it is de-specialized when the position of senior auditor is acquired. Therefore, once the profile of the official has been defined according to the type of audit since his selection as a senior auditor, this will define the specific training program that he will pursue.
12- No.
A- Training.
B- Yes.
NO
no
The System of Audit Network (FIPNET) is a system that automates, in a sequential and controlled flow of tasks, the current Audit Procedure, and is integrated with the institutional systems to add value in the assurance of the quality of the process and of the products of the Audit.
Audit Management Software is used
The SAI schedules a quality self-assessment of each type of audit (financial, performance and compliance). These self-assessments verify compliance with the elements contained in the procedures derived from MAGEFI. The self-assessment is based on a representative sample of audits and is executed by teams of more experienced auditors and is not a state in the execution of the audit in the review. The entire self-assessment process is coordinated and led by the Technical Secretariat, which is in the areas that perform the audit and which has the burden of quality management of the audit processes.
The Institution applies, institutional self-evaluation

15
Croatia
SAI has established and implement professional development and training plans to ensure that its staff has competence and skills to perform audits. SAI has established procedures for recruitment and promotion.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
-
12- No.
NO
no
SAO is applying information system for audit monitoring which consists of all phases of audit process including quality control.
Audit Management Software is used
The SAO entrusted monitoring process to the Internal Audit Department, which performs subsequent testing of the quality of audits performed within a certain period, sample based, in a way to periodically perform a testing of the activities of each organizational unit.

Concerning the findings obtained during the conduct of subsequent testing of quality, Internal Audit Department regularly prepares reports for the Auditor General as well as a special summary within the SAO’s Annual Work Report. In this way Department enables making necessary changes and the further development of quality requirements, procedures and methods of quality control.

monitoring done by the internal Audit department

16
Cyprus
While there is no established formal procedure for ensuring this, Section Heads (Senior Audit Officers), as team leaders, are expected to ensure the necessary composition of their audit team. If such knowledge or skill as needed is not available within the responsible audit Section, internal arrangements are made in consultation with the Auditor General for the secondment of staff from other Sections to the particular audit team for the purposes of the specific audit.
Taken into consideration when creating the audit team
N/A
12- No.
NO
no
No specialized software is used for quality management. Audit work reviews are evident either on hard copies (signed and dated by the member of senior staff performing the review) or electronically, through the audit documentation software in use by the Office (TeamMate).
The Software (TeamMate) is used
The Methodology and Quality Assurance Unit performs independent reviews of a sample of completed audit work. The purpose of such reviews is primarily to ensure the effective operation of the quality control system. The Quality Assurance Officer is not involved in audit work and is thus impartial. The quality assurance report issued after each assessment is forwarded to an ad hoc internal committee comprising three members of staff that were not involved in the particular audit under review, to review the quality assurance work and report and provide any comments thereon. The criteria on which quality assurance reviews are based are listed in the internal Auditing Guideline no. 19, which includes a checklist of all relevant points to be considered (mainly ISSAI provisions for each stage of the audit, from planning through to reporting, that audit teams are expected to adhere to). Therefore, the effectiveness of the quality control system is implicitly examined through these reviews.

The same Unit is assigned with the responsibility of ensuring that internal procedures are relevant and adequate with regard to conforming to ISSAI requirements. In this regard, developments in international standards or national legislation are monitored and internal procedures are modified as deemed necessary.

There is a (division / team) for quality assesment

17
Czech Republic
A "job description" is defined for each work place with competencies needed for its performance (education, practice, knowledge, skills). A training system is set up for employees to expand, supplement and maintain knowledge. For the new employees, an adaptation process is set up, with examination at the end of the process.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
Yes. One part of the personnel department is the education and development department that prepares education activities according to the requirements of the audit section and also an adaptation process for new employees which includes a system of initial education that the employee enters during the first year at the SAO. Training facilities are used to implement the training.

Compulsory education: initial training for new employees, professional training Auditor II. Further education is determined by a senior employee following the annual assessment of their work and the need to supplement their knowledge of auditing.

12- Yes.
A- Training.
B- Yes.
NO
no
The Athena information system is used to record and archive all documents created in the whole course of the audit process.
Control Information System is a modular system created for SAO needs, which supports audit processes (topic processing for audit, audits and capacities planning, performance audit, including the recording of its results, the evaluation of the benefits of audit).
Audit Management Software is used
The SAO has not set up yet its own monitoring process to assure the quality of the Quality Management System.
In 2015, the SAO completed a self-assessment according to the PMF (see answer to question 2), based on the action plan which follows a further independent review of the SAO after 2022.
There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

18
Denmark
The SOR-2 clearly specifies the responsibilities regarding quality control :
1. The auditor general has the general responsibility for quality control and for the distinction of the responsibilities amongst other leadership levels.

2. The leadership (cf. organizational chart) are responsible for systems of quality control regarding the completion of audits that the employees should follow.

3. The leadership assigns a responsible head of office as responsible for each audit and the adherence to SOR

In addition, all newly employed auditors complete introductory courses on a broad range of issues, among these are ethical- and proper conduct as an auditor.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
We do not.
12- No.
NO, In addition, we do not deem an international quality standard relevant, as we operate solely on behalf of our legal mandate, in accordance with Danish jurisdiction.
no
We use the software “Team-Mate” in order to assure the responsibilities for each audit team member for individual audits at engagement level. In addition, we use a Leadership Information System that enables us to follow the progress of our special reports, e.g. when the engagements are decided upon, when they are due to publishing, etc.
The Software (TeamMate) is used
No, Rigsrevisionen does not have a designated assessment team within the SAI. We are currently establishing monitoring processes.
There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

19
Dom Rep
The Chamber has a process of selection, evaluation and hiring of rigorous personnel, in which the members of the plenary participate, who approve all the appointments and designations making sure that the hired personnel is suitable for the position Recruited. In addition, a process of induction and continuous training of the personnel is carried out, as well as circularization of the Compendium of guides of government audits.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
It’s the responsibility of the School of Accounts to develop de institutional capacitation through formation of the staff, guaranteeing a continuous professionalization inside the judicial and normative mark.

We take as reference the needs we find in the annual performance evaluations to all the staff. Also, the results obtained by the Detection of Needs Workshop.
12- No.
We are in the process of implementing a quality management system based in the ISO 9001-2015. We have 14 standardized processes included the substantive processes of the Chamber of Accounts linked with government audit.
NO, IN PROCESS
We do not have an Automated technological system.
There isnt a spesific software system
The processes carried out By the Division of Quality control are not documented, although they are executed consistently. There is also a quality Control guide That counts with a check list of how to review procedures.
There is a (division / team) for quality assesment

20
ECA
All audit planning documents contain detailed information on staff allocation. These documents undergo extensive quality control procedures, including EQCR, and, after detailed scrutiny and discussion, are approved by audit chambers.
Audit guidelines,procedures,manuals,audit plan
Our training department plays a key role in maintaining the ECA as an efficient knowledge-based organization fostering trust through its work and products. Our multiannual training plan (2018-20) has the following objectives:
- Ensure Maintenance of Cohesion and of a Common Working Culture;
- Increase Staff Qualifications and Versatility;
- Improve Knowledge Sharing and Support to Management while Promoting Transparency;
Provide More Targeted, Flexible and Efficient Training.

ECA has adopted a decision laying down the Internal Rules on Professional Training for the ECA staff.
A personal development plan is drawn up for each member of staff. It establishes their training and development needs, and is part of the annual appraisal. The personal development plans of auditors must ensure that they comply with IFAC and ISSAI standards:
- to complete at least 120 hours of relevant professional development activity in each
rolling three-year period, and
- - to complete at least 20 hours of relevant professional development activity each year.
We encourage our auditors to acquire audit qualifications, and aims to provide continuing professional development (CPD) for auditors who belong to professional bodies (eg ECA is an ACCA approved employer). Along with in-house training courses, we offer two programmes, organised in cooperation with the University of Lorraine, leading to a postgraduate diploma in ‘Audit of public organisations and policies’, a Master’s degree in ‘Management of public organisations’ or a postgraduate diploma in ‘Fundamentals of statistics applied to audit’. ECA also organises summer schools in public auditing and accountability in cooperation with the University of Pisa.
12- No.
A- Training.
B- Yes.
NO
no
No
There isnt a spesific software system
Quality management is overseen by the Audit Quality Control Committee. Quality assurance is undertaken by a dedicated team within the Audit Quality Control Directorate. Each individual quality assurance task within the three-year plan (see also point 2 above) has a specific set of criteria which are considered during the execution of the work.
There is a (division / team) for quality assesment

21
Egypt
The ASA organizational structure includes a Central Department of research, training and continuing education directly affiliated to ASA President, concerned with the training of members of the SAI on audit practices, computer applications and use of databases in obtaining laws and decisions documenting audits, work also ASA official website online provides service to acquire versions of laws and decisions, and publishes all data with regard to accounting and auditing standards, in addition also there is the library that makes available books, references and researches, and encourages the ASA members to acquire the membership of the Egyptian Association of Accountants and Auditors and any other local or international professional certification as well as master's and doctorate degrees.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
An annual training plan is set to ensure carrying out the audit work in high quality through monitoring of the discrepancies in audit reports and training sessions are held to avoid such discrepancies.

ASA participates in several training courses whether on internal and external level by acknowledging members through the official website of the ASA, qualified members are chosen through specialized committees, the ASA members are also encouraged to obtain professional certifications on international and national levels.
12- No.
A- Training.
B- Yes.
ASA organizational structure was approved from the ASA President and it is considered periodically now for some development to be in line with the planned objectives of audit, ASA also applies self audit systems in measuring quality through the Central Administration of Technical Inspection and Quality Control.
NO
It depends on the audited unit and to what extent they use of applications of electronic information system, the ASA provides trained manpower to deal with these application and perform electronic audit, and provide technical resources whether through ASA or within audited entities according to the relevant laws and regulations, in case there is a need for specialists in information technology ASA members are assigned in this regards.
Audit Software is used
This is done through the Central Department for Technical Inspection and Quality Control- which is regarded as high priority by the ASA President - that examines and monitor all reports content and the response of audited entities to ensure compliance with quality control system to guarantee objectivity, independence and justice of those reports.
There is a (division / team) for quality assesment

22
Estonia
All the necessary skills are evaluated during the planning phase and the risks must be involved in audit programme document. Every audit team is free to propose involving technical experts to audit, if needed.
Taken into consideration when creating the audit team
N/A
12- No.
NO
no
We use TeamMate as documenting and review solution, also some applications developed by us (Warehouse of Audit Ideas – based on Sharepoint; intranet graph about the status of annual work plan). Feedback from auditees is gathered by Girf web survey module (local service).
The Software (TeamMate) is used
We have assessed the quality of audits, but it has not been regular work of some permanent assessment team, i.e every time the new team will be compiled.
There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

23
Fiji
Competency Matrix is used to gauge the competency of audit team members. Any gaps are mitigated via on-job training, refreshers training, internal and external technical workshops.
Specialities by audit sectors,training, job description, outsourcing, competency matrix

12- No.

SAI Fiji is currently using Team Mate Audit Management Software for audits and quality assurance reviews.
The Software (TeamMate) is used
There is an impartial assessment team, the Quality Assurance Unit whose team members are independent of the audits done in the SAI, and report directly to the AG. The team uses a comprehensive checklist in carrying out its QA Reviews which covers the planning, conduct and reporting stages of an audit.
There is a (division / team) for quality assesment

24
Georgia
SAOG’s policy is to assemble the team from well trained, experienced, self-motivated auditors, and assign them to particular audit. For this purpose HD (Head of Departments) use Competence matrix, where the information about each Auditor is recorded, his (her) experience, skills, trainings completed, etc. As a result, the audit team, as a whole, possesses the knowledge, skills and experience necessary to carry out successfully the audit work.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
Subordinate to SAOG, the Institute of Public Audit is functioning since 2012. This institute prepare and conduct trainings according needs of SAOG, top management and auditors view. Furthermore, Institute has separate program for Certificated Public Sector Auditors.

Every six months, SAOG Auditors fill questionnaire, where they indicate trainings they want to attend (Personal Development Plan). HR Department aggregates this information, process and produces report for management. This report is compared with key strategic goals in our revised 2018-2022 Development Strategy. The approved list of trainings with the list of participants is sent to the Institute.

12- Yes.
A- Training.
B- Yes.
NO
no
Starting from 2017, SAOG started implementing audit management system (AMS) MK Insight along with IDEA - big data analysis and extraction software used for statistical sampling, CAATS, fraud detection and identification of unusual patterns in large data sets. In 2019 we started document all audits using MK Insight.
Audit Management Software is used
AQAD (Audit Quality Assurance Department) under the supervision of DAG (Deputy of Auditor General) is responsible for monitoring of the system of quality control.

Overall AQAD functions provide independent and objective information, advance, and assurance to the Auditor General, that:
-Risk management control, and governance processes of SAOG are appropriately designed and effectively implemented;
-Audit Departments Heads are complying with professional standards, quality control polices, and relevant legal and regulatory requirements when conducting their audits; and
-Audit reports are appropriate in the circumstances
Monitoring of compliance with quality control policies and procedures is designed to assess:
- Whether SAOG and its audit staff observe professional standards and relevant legal and regulatory requirements;
- Whether SAOG has appropriately designed and effectively implemented the system of quality control; and
- Whether SAOG properly applied its quality control policies and procedures to provide reasonable assurance that reports issued are appropriate in the circumstances.

There is a (division / team) for quality assesment

25
Grece
In practice, all audit teams comprise an experienced audit manager, despite the absence of any specifically established and applied policies and procedures ensuring that an audit team, as a whole, possesses the knowledge, skills and experience necessary to carry out successfully the audit work.
Taken into consideration when creating the audit team
The issue has not been raised yet.

The HCA recruits staff with skills and education according to established procedures implemented by the “Supreme Council for Civil Personnel Selection”. The participation of the staff in trainings is in practice mainly based on rotation and requires application by the employee.

12- No.
No, given HCA’s nature as a Supreme Court and thus as part of the hard core of official authority.
no
At present, the HCA does not use any specific software regarding the Quality Management System. Upon adoption of the aforementioned new HCA regulation, specific software securing quality control and assurance is expected to be procured.
Not at present but in the process of setting up and implementing a system
At present, no.
Not at the moment

26
Guatemala

27
Honduras
In application of the quality control manual that is in development processes, it includes the evaluation of the skills, competences and knowledge of the personnel that its audit staff performs.
In development process

12- No.
no
no
Do not
There isnt a spesific software system
Without this function corresponds to the management of evaluation and quality control, which is independent management of those who perform the audit. The criteria are those established in the principles of ISSAI 40.
There is a (division / team) for quality assesment

28
Hungry
Members of audit teams are chosen each time on the basis of competency-based planning of human resources. Also the clear rules regarding the 7 audit phases and the handover/takeover of documents are aimed to ensure successful audit work.
Taken into consideration when creating the audit team
It is mandatory for the colleagues to be familiar with the contents of basic documents concerning quality management. Once a document is updated, colleagues need to fill in a test as well. Also, those returning from longer leaves (eg. maternity leave) need to first attend a ‘reintegration course’ to brush up their knowledge.

Yes, there are regular knowledge-sharing days each year. Colleagues can either chose for themselves, which lectures to attend or they are invited to specific events falling within their competencies. Online courses are available for everyone throughout the year.

12- No.
no
no
Yes, the audit assignments have their own database, where those involved in the given phase can access the relevant documentation.
Also, QMMU uses a specific software to monitor certain stages of audits. The software keeps track of deadlines in the given procedure and sends out automatic reminders to those concerned.

Audit Management Software is used
Members of the QMMU are not involved in the completion of audit work, therefore they can impartially monitor the procedures. Also, the unit gathers information every 6 months from the heads of supporting units regarding the implementation of basic principles outlined in ISSAI 40 within the organisation. Based on this data, QMMU prepares a report and evaluates whether quality management principles are fully implemented.
There is a (division / team) for quality assesment

29
Italy

not answered

30
Japan

31
Jordan
• A continuous developing of the auditors through their involvement in specialized training courses in the field of audit and control.
• Issuing audit guideline in the various fields of control applied by the Audit Bureau, which contribute in providing additional guidance to the auditors in the execution of regulatory tasks.
• Adopt a risk-based audit approach in the implementation of regulatory tasks and oblige auditors to apply it.
• Continuously update the audit operations and procedures and circulate them to the regulatory task teams.
• A continuous review of the audit plans and procedures carried out by the regulatory task teams by the heads of the control units and concerned departments at the Audit Bureau.

Specialities by audit sectors,training, job description, outsourcing, competency matrix
The courses conducted by the Directorate of Studies and Training for auditors are designed to increase the efficiency and effectiveness of auditing, and enhance the quality of regulatory work and its outputs.

The Directorate of Studies and Training determines the annual training needs based on the strategic plan of the Audit Bureau and based on the results of questionnaires circulated to the auditors to know their training needs, and accordingly an annual training plan is developed and implemented on the ground.

The lists of participants for the training courses are approved in proportion to their qualifications, experience and the regulatory tasks assigned to them.
12- Yes.
A- trainiing.
B- Yes.
no
no
The TeamMate system which is an audit management system
The Software (TeamMate) is used
(Yes), where this is done through the Directorate of Institutional Performance Development and Quality Assurance evaluation of the policies and procedures applied in the Audit Bureau, as well as the evaluation of the implementation of regulatory tasks in field units in accordance with the procedures and policies adopted in the Audit Bureau and based on the relevant professional standards, through the examination and evaluation forms prepared on the basis of applicable legislative and regulatory frameworks, and professional standards, where reports on the results of inspections and evaluations are written, and what areas need to be improved.
There is a (division / team) for quality assesment

32
Kazakhstan
Certification of the state auditors, skills training on regular basis, seminars, international events, skills development.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
It conducts seminars, case studies on issues which are necessary for the Accounts Committee

Yes, it depends on the theme of a seminar. Themes of the trainings are selected according to the necessity of the staff and depend on activity.
12- Yes.
A- Conducts Seminars and case studies.
B- Yes.
no
no
Integrated Information System of the Accounts Committee, Integrated Data Base of the State Audit and Financial Control Bodies
Audit Management Software is used
In accordance with the Rules of the State Audit and Financial Control on quarterly basis state auditors send interim reports on the work done through the Integrated Information System of the Accounts Committee with the access of the workers of the quality control
There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

33
Kuwait
• Provide the team with the most important guidelines and standards for the quality control auditing.
• Training courses.
• Recently, the World Bank has been contracted to train and qualify the work team, assist the team in preparing the audit manual, and transferring the best practice aiming to share knowledge and inherit the perfect experiences, which can suit our environment.
Guidelines + training
The SAI has a training department and provides training programs by managing the quality system

Training programs target different segments of staff involved in quality management
12- No.
A- Training.
B- Yes.
The SAI seeks to obtain global accreditation in the field of training such as ISO 9001
NO, WORKING ON IT
Our SAI has a software management system and it goal to securing quality control for auditing (AMS – Audit management system).
Audit Management Software is used
Yes, there are policies and procedures to ensure the integrity of the control processes through the quality assurance department and the internal audit department, which directly follows the head of the SAI to ensure neutrality.
There is a (division / team) for quality assesment

34
Latvia
The State Audit Office has established a Human Resources Management (HRM) Policy with the aim to ensure development and motivation of its employees. Training of employees is among the basic tasks of the HRM Division.
To ensure that an audit team develops knowledge and necessary skills to carry out successfully the audit work, the SAO performs continuous training of employees and development of their competences - auditors are trained (‘class’ and on-the-job training) and have their skills developed to enable them to perform their duties effectively and to develop professionally throughout their careers so that they could be able to advance within the audit organization, in line with SAI’s procedures.
The SAO delivers the following types of training:
- Introductory trainings to help new personnel adapt to the organization
- Thematic trainings to increase the skills of auditors (for example, trainings on financial audits, on policy planning documents, on risk assessment, etc.)
- Auditors’ certification courses for Heads of Audit Sectors and Senior state auditors
- Experience exchange seminars, which promote good practices, transfer of accumulated professional knowledge and exchange of professional experience between the employees of structural units;
- Seminars and training outside Latvia;
- Other external events.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
No, the SAO does not have a specific training center as a structural unit or a separate legal entity.

Specific training needs are defined for each employee during annual assessment of staff performance; training needs are summarized and taken into account during planning of the training for the following year. As regards internal trainings - the training needs identified during the yearly assessment are respected and participation of employees is coordinated with heads of units.
12- No.
No, the State Audit Office organization and processes are not certified by international quality standards. However, Quality Management System has been developed according to requirements of ISO 9001:2015.
NO, but the Quality Management System has been developed according to requirements of ISO 9001:2015.
No, there is no specific software used for QMS.
In general, the SAO uses TeamMate (both support and audit staff). For example, audit staff uses TeamMate for circulation of audit working documents, monitoring of implementation of recommendations, annual work planning and time recording. TeamMate working document system contains not only audit files, but it is also used by internal audit (working documents of internal audit files). Auditor’s General Office uses reviews and reports of TeamMate in order to obtain information on implemented recommendations. All employees use TeamMate for annual work planning and record keeping of working hours.

The Software (TeamMate) is used
As already described under the Question 2 with regard to Quality Assurance measures, at least once a year a group of Quality Assurance experts is organized and managed by Audit and Methodology Department to review closed financial, compliance and performance audit files. Quality Assurance experts team is composed of the most experienced and respectable auditors, being ‘external’ to the audits selected for review i.e. - have not participated in the audits they review.
For assessment of all other processes, internal audit and compliance assessment interventions are performed (see above).

There is a (division / team) for quality assesment

35
Lithuania
Training, methodological materials, explanatory materials (different guidelines, memo, etc.); audit team leaders’ format where auditors can share experiences; meetings at different levels.
Guidelines + training

12- No.
Yes, since January 2015 the National Audit Office organisation and processes are certified by ISO9001:2015, except the requirements of its Clause 7.1.5.2. Measurement Traceability and Clause 8.3. Design and development of products and services.

The following processes of quality management system have been established:
Management Processes: performance planning, internal audit;
Main processes: public audit, EU investment audit, supervision of fiscal discipline
Support processes: Staff management and training; Information Technology management; Document management; Material resources management; Reputation management.
yes
Performance management and monitoring system (VIPSIS) – aimed at documentation of audit and recording of all the procedural actions related to audit including also audit quality.
Sub-system for recording of audit results (ARAP) - aimed at recording of all the necessary audit data (results), as well as excersing control over implementation of audit recommendations.

Audit Management Software is used
Yes. The National Audit Office have and apply a monitoring process in question implemented by:
Audit Quality Assurance Division within the Audit Development Department;
Manager of public audit process - a person appointed who is responsible for the process;
Public Audit Methodology and Quality Commission that considers the audit results.
This helps to ensure impartiality of the monitoring process

There is a (division / team) for quality assesment

36
Netherlands
1- We invest in the recruitment of qualified staff.
2- We invest in the continuing professional development of our staff. Members of staff are stimulated to follow training courses (see our answers to questions 12 a and 12 b).
3- We try to form audit teams with the “right people for the job” e.g. who have the (combined) knowledge, skills and experience necessary. In 2017 the position of “allocation advisor” was created. This advisor helps the audit directors with the formation of the audit teams (who’s available? who has specific expertise on certain topics?).
4- We try to mix people with different levels of experience in audit teams. New members of staff follow training courses, but are also “trained on the job” during the audit by more experienced colleagues.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
The NCA doesn’t have a training center, but we do have a dedicated team (consisting of two persons) for facilitating everything related to the professional training of the NCA staff.
This teams writes an annual training plan for the NCA as a whole (with annual priorities), advertises training opportunities on the NCA’s intranet and collects and registers all applications of members of staff for training courses (internally or externally).
The NCA has a specific (mandatory) training programme for new employees in which they get acquainted with all elements of the NCA’s work. This programme includes training courses on the mandate of the NCA, the ISSAI, the audit process and the quality management system. If it is deemed necessary to pay extra attention to certain topics, this can be addressed in the training programme.

Yes. As a matter of policy, every member of staff must spend at least five days a year on training and professional development. This is also roughly the average for the whole of central government in the Netherlands.
12- No.
A- Plan yearly training plan.
B- Yes.
no
no
No/Not applicable.
We’re not quite sure what you’re asking here: we do use a specific digital system for our Regularity Audits (this includes our Financial Audits). This system is called TeamMate. All documents regarding the audit, all working steps, sign offs by supervisors (audit managers and or directors) are stored and are visible in this system. This system can also be accessed for the purpose of Quality Control reviews or Quality Assurance reviews.

The Software (TeamMate) is used
See our answer to question 2: our Quality Assurance unit monitors and evaluates the set up and functioning of (the different components of) our quality management system and the quality of our products. By performing different kinds of internal and external reviews, this unit tries to identify those areas in which our quality management system is operating well and those areas in which there are problems; ascertain whether we are exposed to certain risks; and identify those areas in which improvements may be made.
The QA officer has an independent status within our organization and is therefore impartial.

There is a (division / team) for quality assesment

37
New Zealand
Refer to Q5. For financial audits this is a requirement expected of the firms used to perform the audits on the Auditor-General’s behalf. This is subject to review as part of our QA process. For other work of the SAI it is managed by tier-2 managers.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
N/A for financial audits – see Q11 for the other work of the SAI we do not have a training centre.

Yes – structured training based on their level and ongoing training requirements.

12- No.
no
no
No
There isnt a spesific software system
The QA function is independent of the firms performing financial audits and the other work of the SAI.
There is a (division / team) for quality assesment

38
Palestine
1-training courses WERE PROVIDED to the AUDIT TEAMS.
2-ESTABLISHING GUIDELINES FOR ALL the THREE TYPES of AUDIT.
3-training in the field.
4-the referense in the AUDIT is the standards.
5-Benefits from the best practices of the peers.
6-Sharing AUDIT tasks with other countries.
Guidelines + training

12- No.
no
no
No
There isnt a spesific software system
These tasks are done by the quality control unit and internal control unit.
There is a (division / team) for quality assesment

39
Papua New Guinea
PNG SAI has exiting recruitment policies and procedures as a guide to recruit suitable candidates for various positions.
Guidelines + training
Our trainings are tailored toward equipping the staff with required skills and technical-knowledge courses aimed at different staff levels. Our aim is to equip our staff with knowledge and technical skills so they could perform their duties to achieve AGO’s goals effectively and efficiently. Thus, this creates culture of quality output.

External Training selection procedures are outlined in the Public Service General Order No.6 ‘Training and Development’. It contains processes and procedures of selecting staff for further studies or training.
12- No.
A- Training.
B- Yes.
PNG SAI is a Constitutional Office of Papua New Guinea, established by the Constitution of PNG. The Audit Act 1989 outlines the functions and duties of the PNG SAI. Hence, the Constitution and the Audit Act certifies the existence of the SAI. Audits are conducted based on the laws and regulations of the country and relevant requirements from the International Standards on Auditing.
The current audit methodology, however, as the SAI is transitioned from the system based to risk-based, is in full compliance with the ISA or ISSAI financial guidelines. The AGO staff authored the methodology, reviewed by a representative from the Australian National Audit Office and certified by two AGO staff who are PASAI certified trainers. PNG SAI may not directly comply with ISO 9001, but indirectly, have its audit processes certified by the certified individuals within the PASAI region.
Audits are conducted based on the laws and regulations of the country and relevant requirements from the International Standards on Auditing.

The current audit methodology is full compliance with the ISA or ISSAI financial guidelines.

The AGO staff authored the methodology, reviewed by a representative from the Australian National Audit Office and certified by two AGO staff who are PASAI certified trainers. PNG SAI may not directly comply with ISO 9001, but indirectly, have its audit processes certified by the certified individuals within the PASAI region.
PNG SAI is currently using TeamMate Auditing Solution from Wolters Kluwer.
The Software (TeamMate) is used
Yes – The technical services team reviews the audit projects in TeamMate on a regular basis until the audit projects are completed and finalized. When audit reports are issued, the Team selects a project from each Director of Audits and conducts the quality assurance procedures. Any issues of noncompliance are reported to the audit team, management and shared with the rest of the staff if required.
There is a (division / team) for quality assesment

40
Peru
To the extent that the Quality System is implemented, it will be possible to establish said policies and procedures.
To the extent quality system is implemented
The SAI Peru Training Center (Escuela Nacional de Control - ENC) is the body that exercises the tutelary role of the SAI of Peru in the development of educational services. By virtue of this, it provides training, specialization, and training in government control, public administration and related topics, to the employees of the SAI of Peru and of the organs that make up the National Control System, as well as public servants and officials.
In that sense, it plays an important role in the process of implementation of the Quality Management System, since it contributes to the achievement of the following quality objective: "Developing human talent within the Institution", which is quantifiable and consistent with our quality policy.

As of 2018, the ENC has begun implementing a Master’s Degree in Government Control.

To access the program, the ENC, through the Subdirectorate of Postgraduate, has prepared the admission procedure, which establishes the necessary activities for the proper execution of the aforementioned activity.

On the other hand, in reference to the execution of courses and free programs, there is a registration procedure for academic activities, in which activities are established for their proper execution.

However, the ENC does not determine the needs for the SAI of Peru’s staff training. Rather evaluates the registration or admission requirements to the courses and programs or Master's Degree, respectively, of the employees of the National Control System or officials and servants of any entity public, in order to provide training, specialization, training and training in government control, public administration or related issues.

The Subdirectorate for Policies and Human Development has the responsibility for managing the procedures and processes relating to the capacity development of the SAI of Peru’s personnel. This department is also responsible for evaluating, selecting and keeping records of the personnel that participates in external or internal training events.
12- Yes.
A- Training and specialization. Implementation of quality management system.
B- Yes.
Since 2012, the SAI of Peru has implemented a Quality Management System (QMS) based on the International Standard ISO 9001, which since 2014 has been certified and recertified by the company SGS del Perú, through annual audits to the system.

The current scope of the system is composed of three mission processes, 3 strategic processes and 4 support processes, as detailed below:

Missional:
1. Evaluation of Additional Work Benefits.
2. Evaluation of Additional Performance of Work Supervision.
3. Issuance of Previous Report

Strategic:
1. Management of the Strategy. (Includes Review by Management)
2. Quality Management and Continuous Improvement. (Includes Risk Management)
3. Process Management.

Support:
1. Logistics Management.
2. Management of Documentary Assets.
3. Information Technology Management.
4. Human Talent Management
Since 2012, the SAI of Peru has implemented a Quality Management System (QMS) based on the International Standard ISO 9001, which since 2014 has been certified and recertified by the company SGS del Perú, through annual audits to the system.
There is no specific software for the administration of the Quality Management System of the CGR of Peru.
There isnt a spesific software system
As explained in questions 1 and 2, the monitoring process will be implemented in accordance to the results of the review.
There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

41
Philippines
The COA issued Memorandum No. 2013-007 dated October 1, 2014 bearing the subject Guidelines in the Implementation of the Ladderized Training Program of the COA, and COA Memorandum No. 1999-057 dated September 2, 1999 on the Implementation of the Integrated Human Resource Training and Development Plan (IHRTDP) of the Commission.
Taken into consideration when creating the audit team + Training
The Professional Development Office (PDO) is responsible for the implementation of comprehensive and relevant training programs for all COA personnel. These programs are conducted for different purposes, such as to orient new hires, help existing employees adopt new technology and/or processes, and enable them to meet new responsibilities, among others.

All applicants for the training undergo the nomination process being administered by the PDO.
Also, the PDO has a unit called Scholarship Unit. The said unit:
(1) formulates, recommends and implements policies and programs on local and foreign scholarship/training;
(2)evaluates and processes invitations /applications for local and foreign scholarship /training and the Certified Fraud Examiner training, including the preparation of the ranking list from the scholarship pool and the preparation of the Scholarship Evaluation Sheet for submission to the Scholarship Board;
(3) acts as Secretariat to the Scholarship Board;
(4) maintains database on nominees and scholars for local and foreign scholarship programs; and
(5) performs other functions as may be assigned.
12- Yes.
A- Training.
B- Yes.
It was determined that the INTOSAI SAI PMF will better capture the public sector audit being performed by the COA than the generic QMS framework provided by the standards of the ISO. With this consideration, the Inter-Agency Task Force on the Harmonization of National Government Performance Monitoring, Information and Reporting Systems (AO-25 Inter-Agency Task Force) approved the INTOSAI SAI PMF as equivalent to the ISO 9001. Assessment using the INTOSAI SAI PMF is on-going.
the Inter-Agency Task Force on the Harmonization of National Government Performance Monitoring, Information and Reporting Systems (AO-25 Inter-Agency Task Force) approved the INTOSAI SAI PMF as equivalent to the ISO 9001. Assessment using the INTOSAI SAI PMF is on-going.
None but COA has a Quality Management System (QMS) Manual. This manual defines and mandates the policies, systems and procedures adopted to implement and continuously improve the QMS of the Commission.
There isnt a spesific software system
The QAO which was established per COA Resolution No. 2013-014 dated June 28, 2013, is comprised of COA members who possess the competencies as required by the COA Qualification Standards and who are independent of the operating units. The QAO is mandated to undertake the planning, conducting and reporting of quality assurance reviews on the adequacy of, and compliance to, quality control systems of the Commission.

The INTOSAI Standards for Quality Management System (desired conditions) will be applied in conducting quality assurance of the COA activities. The QA team uses various QA Tools, which are generally based on standards and other issuances of INTOSAI. These tools cover institutional and engagement level requirements, which are similar to the SAI-PMF domains.

There is a (division / team) for quality assesment

42
Poland
If the audit team requires special qualifications, it is indicated in the audit program and is taken into account when creating the audit team. Regardless of that, there are special audit support teams, e.g. in the area of CAATs application.
Taken into consideration when creating the audit team
The center is used for training new auditors and for training remaining auditor's skills, including enabling them preparation for a specific audit.

Yes. Our SAI has introduced the procedures for enabling the staff in internal and external training, including obtaining professional qualifications within a special training program established by our SAI. The procedure was introduced by the order issued by the President of our SAI and is known by our employees. Generally the head of the unit employing an employee decides on his/her training when a there is a need for enhancing his/her skills. An employee may also request his/her training to fulfill his/her developmental needs.
12- Yes.
A- Training.
B- Yes.
no
no
The quality control and quality assurance system have been implemented in the document management system functioning at our SAI.
Audit Software is used
Monitoring is carried out on the basis of a quality control register. The department of audit methodology and professional development is responsible for this monitoring. The monitoring is carried out by the experienced inspectors employed in this department.
There is a (division / team) for quality assesment

43
Qatar
One policy is to conduct training programs and on-the job training for all new hires and retraining programs for current staff.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
Training center requests for the training requirement from all department employees

All employees are asked to identify professional qualification and training needs and the bureau extends support in this regard
12- Yes.
A- Identifies training needs.
B- Yes.
no
no
Currently Quality Management System does not use any software.
There isnt a spesific software system
Internal audit department within the bureau is responsible for ensuring operating effectiveness of controls. Further, Quality Assurance section also performs self-assessment
Monitoring done by the internal Audit department

44
Seychelles
The audit teams are constituted duly taking in to consideration the knowledge, skills, qualifications and experience necessary to successfully carry out the audit of an entity. Accordingly, an audit team can comprise a single member to even five members depending on the nature and size of the entity. For this, a competency matrix is drawn which is reviewed by senior management level to ensure availability of the requisite competency for each entity. SAI has implemented an internal communication strategy that includes alignment of staff to SAI’s vision, mission and objectives. It also includes effective information sharing practices (e.g. websites, meetings, newsletters etc.). Where necessary, expert opinion is also sought, when come across an issue of interpretation of/gaps in relevant rules/regulations, from concerned bodies such as Public Oversight Unit, Seychelles Revenue Commission, Department of Public Administration, etc.
Taken into consideration when creating the audit team
The SAI does not have an exclusive training centre. However, it has developed and implemented a Training and Development Policy to realise individual potential, to improve productivity as well as individual and team performance, On--job training is provided continuously under seniors and AMs and various in house training programme are also undertaken.

Yes. the SAI facilitates, supports and encourages its staff
o obtain professional qualifications. While nominating staff for trainings, relevance to organizational needs and staff duties and aptitude as also the office exigencies are looked in to.
12- No.
A- Training and on-job training.
B- Yes.
no
no
No
There isnt a spesific software system
For the reasons stated above, constitution of an exclusive impartial quality control system assessment unit/team is not feasible
Not at the moment

45
South Africa
The public audit manual requires that the audit engagement manager to assess the audit engagement risk prior to the commencement of the audit. The auditee and the engagement are assessed in relation to requirements of ISQC1 as well as relevant auditing and assurance standards. The engagement risk assessment includes assessing the competency, capabilities and resources of the engagement team and their compliance with the ethical requirements.

Please also see details below regarding training and equipping auditors with the required knowledge and skills.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
The People and Organizational effectiveness (POE) business unit is responsible for the training and development of all staff of the organization. The training is based on the AGSA methodology, international standards on auditing and applicable accounting frameworks.

Learning and development policy has been established which promotes continuous learning and development, lifelong learning and personal development. Continuous professional development ensures that all staff levels are continuously developed and are responsive to the changing environment. The organization has an annual training plan which is formulated based on the training needs of the staff.
12- No.
A- Training.
B- Yes.
No however in South Africa the Independent Regulatory Board for Auditors regulate the auditing profession and on an annual basis they perform an independent inspection of the monitoring function within the QC unit to provide assurance to leadership that the monitoring processes are sound.
no
No - currently the SAI does not have a specific software for the management of its Quality Management System.
There isnt a spesific software system
Yes – the monitoring is performed by an independent Quality control business unit. The QC reviews are conducted at firm level review and engagement level review.

The purpose of monitoring compliance with quality control policies and procedures is to provide an evaluation of the following:
i. Adherence to professional standards and regulatory and legal requirements.
ii. Whether the quality control system has been appropriately designed and effectively implemented.
iii. Whether the AGSA’s quality control policies and procedures have been appropriately applied, so that reports that are issued by the organisation or engagement managers are appropriate in the circumstances.

There is a (division / team) for quality assesment

46
South Sudan
All auditors are introduced to regularity audit manual, whereby they are exposed to required procedures and skills to conduct the audit that produced quality audit reports.
Audit guidelines,procedures,manuals,audit plan
No. our SAi has no training center of its own. We rent halls.

No. Our SAI has not established staff selection procedures for training. We select based on capabilities of each auditor.
12- No.
no
no
No
There isnt a spesific software system
No
Not at the moment

47
Suriname

48
Switzerland
Policies and procedures are part of the Quality Manual. These include the recruitment and hiring process, the selection of employees for a specific audit (resource planning or staffing process), the preparation of the audit, the opportunity to work with external experts, the review and supervision process. At each step, special attention is paid to the relevant risks and the knowledge, skills and experience needed. The audit team can at any time be reinforced or assisted if specific knowledge or skills are required. If external experts are involved, a knowledge transfer will always take place within the audit team or competence centre.
Taken into consideration when creating the audit team
We have a “pop-up”-training centre which operates every January for two weeks. The trainers are either inhouse or external experts, depending on the knowledge available within in the SFAO and the training needs. These needs are identified during the annual Quality Review (management) but also on an ongoing basis by the employees and their superiors. The identification of needs also serves to train employees on specific quality issues. This is, therefore, a key element of the Quality Management System. Issues concerning the Quality Management System are also communicated at the general staff meeting (Jour-fixe) which takes place 6 to 8 times a year.

The need for training is identified based on the regular audit quality reviews, the annual Quality Review (management) and the monitoring of trends and risks. The employees are sent to external training courses to acquire more knowledge in specific matters. This is part of the discussion between the superior and the employee during their 6-month performance review.
Obtaining professional skills and qualifications and keeping them up to date is crucial. The SFAO analyzes the desired skills and qualifications. It then tries to hire people with such skills and/or encourages employees to acquire the needed qualifications (special trainings, further education courses etc.).
12- No.
A- Training.
B- Yes.
no
no
Not at the time being, but our currently running project for the implementation of a new Audit Management System will consider this need.
Not at present but in the process of setting up and implementing a system
The assessment of adequacy and effectiveness of the quality control system takes place annually during the Quality Review of selected audits of the past year. The team is impartial, consisting of auditors (expert level) and two members of the management team. All team members apply the same assessment criteria (professional standards and specific criteria depending on the focus of the review).
Every couple of years, the SFAO conducts a satisfaction survey, collecting feedback from audited entities on the audit processes and results.
The monitoring process also includes watching the evolution of the legal and professional frameworks and trends in order to develop and maintain state-of-the-art policies and procedures.
In addition to these systematic review elements, the monitoring process includes the analysis of internal and external feedbacks, which might indicate weaknesses in the quality control and assurance system.
The results of the monitoring process are compiled in a report to our Director (President). Subsequently the results and the response of the President are communicated to all the employees. They also serve to update the Quality Manual as well as relevant policies and procedures.

There is a (division / team) for quality assesment

49
Tajikistan
1- the performance AUDIT standard public funds.
2- the instruction on performance AUDIT financial reports.
3- the standard on leading mutual control measures with another SAIs.
4- Brief glossary in the field of Finance, Economy, Accounting which use in
Regulatory and legal activities SAI.
5- the instruction of methodological support SAI.
Audit guidelines,procedures,manuals,audit plan

12- No.
no answer
no answer

not answered

50
Tanzania
The audit manuals provides procedures to ensure that an audit team as a whole possesses the knowledge, skills and experience necessary to carry out successful audit work.

In addition, the audit manual has a checklist/working paper known as the “competency Matrix Form” which must be completed for each audit engagement as part of pre-engagement activities which aims at analyzing the specific requirements of the assignment as well as the individual capacities within the team.

In case of skill gap, appropriate trainings will be carried out before the engagement or the team compositions will be revisited or the office may opt to outsource if the skill cannot be obtained from internal staff.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
The unit organizes and coordinates all trainings approved by training committee and management of the SAI.

Develops strategies that meet organizational demand and challenges.

Also ensures comprehensive training database are in place for references and;

Facilitate trainings and professional skills enhancement for all staff

Yes.

The National Audit Office of Tanzania has a ‘Training Programme’ which identifies required competency and the tentative dates for ensuring the training is conducted. The programme is for both long and short term trainings.

In addition, the office maintains a register of staff and the trainings attended by every staff both short and long term trainings. This helps the office in future plans for staff development.
12- No.
A- Training and identifying training needs.
B- Yes.
No.

However, the organisation processes and quality of work of National Audit Office is assessed through AFROSAI-E Institutional Capacity Building Framework.

The results of these reviews rank the reviewed SAI on a particular development levels among the existing five levels.
no
Yes.

The office uses TeamMate as audit documentation software which records the work done by every audit team member including the level and extent of reviews done by management levels at different audit stages.

The software also allows access by various stakeholders including the reviewers from the quality assurance unit.

The Software (TeamMate) is used
Yes.

The National Audit Office of Tanzania has the Quality Assurance Unit which ensures the quality control system in place is relevant, adequate and operating effectively.

The quality assurance unit reviews the quality of audit work against audit guidelines and manuals (Financial Audit Manual, Compliance Audit Manual and Performance Audit Manual). Further, the quality assurance unit reviews compliance with various circulars issued by the controller and Auditor General for the purpose of the audit.

There is a (division / team) for quality assesment

51
Turkey
Due to legal framework, auditors take comprehensive professional training on legislation and conduct field audits with senior auditors for two years after recruitment. Regular in-service training programmes are held to help auditors to maintain their professional knowledge and skills.
The Court has two training units. One of them is responsible for planning and conducting professional training of new recruitments. The other, plans and executes the in-service training programmes.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
No
12- No.
No. But works are started to get certified by ISO 27001 for information security management systems.
no , but working on it
The Court uses a specific software to digitalize audit work. Each auditor in the audit team has personal password to access and register the programme. Documents and findings recorded or uploaded by auditors can be monitored by higher level auditors as a quality control procedure. The management, where relevant, can also monitor the processes as a part of quality control.
Audit Management Software is used
No, but this year sampled audits will be reviewed by senior auditors not involved in the audit for their conformity with audit guideline and international audit standards to assure quality of audits.
There is no specific quality assessment team, but there are some monitoring procedures that are being conducted

52
United Kingdom
Quality control is built into our work through the Office's policies on recruitment, training and continuing professional development, the Code of Conduct, and through operational guidance specific to the execution of our work. The latter covers matters such as methodology and the level and nature of review of the work completed. It is designed to ensure that the Office's work complies with professional standards and compares favorably to industry best practice.

The NAO has established policies and procedures designed to provide the Office with assurance that it has sufficient personnel with the capabilities, competence, and commitment to ethical principles necessary to perform its engagements in accordance with professional standards and regulatory and legal requirements.

The NAO seeks to recruit the best quality candidates to meet its current and future needs, using the principles of fair and open competition in line with its policy on equal opportunities. In addition, the Office develops the capabilities and competence of its staff through a combination of structured and unstructured training and career development. The NAO is a registered trainer for the ICAEW. In addition, it provides professional training for employees undertaking the ACCA, CIMA and CIPFA qualifications. The performance management framework includes a consideration of training undertaken during the period under review and a review of current developmental needs.

All staff are required to undertake continuing professional development (CPD) and to take responsibility for updating their technical knowledge. The Office has established its own targets for CPD and staff are required to adhere to these as well as ensuring that they comply with the requirements of their respective institute. All staff are required to submit an annual CPD return, which is completed online. This forms part of the NAO Code of Conduct.
Specialities by audit sectors,training, job description, outsourcing, competency matrix
The NAO’s learning and development team, in conjunction with the technical team, develops the capabilities and competence of its staff through a combination of structured and unstructured training and career development. The NAO is a registered trainer for the ICAEW. In addition, it provides professional training for employees undertaking the ACCA, CIMA and CIPFA qualifications. The performance management framework includes a consideration of training undertaken during the period under review and a review of current developmental needs.
12- No.
A- Training.
B- Yes.
The NAO adheres to the International Standard on Quality Control (UK) (ISCQ1) ‘Quality Control for Firms that Perform Audits and Reviews of Financial Statements.
International Standard on Quality Control (UK) (ISCQ1)
The NAO subscribes to Croner-I library for company legislation, UK GAAP standards and guidance, IFRS standards and guidance, auditing standards and guidance, tax guides, and audit and accounting guides.

The NAO’s audit software (Morgan-Kai Insight) has quality controls inbuilt, such as the requirement of a two stage review of all audits.

Audit Software is used
Yes- please see answers to questions above.
There is a (division / team) for quality assesment

53
USA
GAO’s QAF includes numerous procedures to ensure that GAO recruits and hires staff with the critical skills needed to accomplish GAO’s work and that its engagement teams collectively possess adequate professional proficiency. These procedures include centralized decision-making to identify the appropriate stakeholders and experts to be involved in each engagement.
Audit guidelines,procedures,manuals,audit plan
GAO’s core training curriculum includes training in the elements of GAO’s QAF.

GAO staff conducting audits are required to obtain a set number of continuing professional education credits in each two-year period.
12- No.
A- Training.
B- Yes.
GAO has undergone an international peer review that provides an opinion on the design and operation of our quality control system every three years, with the most recent having been completed in September 2017.
international peer review that provides an opinion on the design and operation of the quality control system every three years.
GAO engagement data are captured in a web-based Engagement Management System, which allows for timely access to engagement data, including for quality control and assurance purposes. GAO also has an electronic guide—the Electronic Assistance Guide for Leading Engagements (EAGLE)—that contains GAO guidance, consistent with GAO policies and protocols and GAGAS requirements. EAGLE is the definitive source for implementing GAO’s Engagement Management Process.
Audit Management Software is used
Yes. APQA leads an annual inspection of the engagement work conducted in the prior year. The inspection team reviews whether GAO’s quality control system is suitably designed and operating effectively.
There is a (division / team) for quality assesment

The words contained in this file might help you see if this file matches what you are looking for:

...Sheet q country does your sai have a quality control system in place what is the scope of rsquo s and assurance systems regulatory framework law guideline procedure standardized forms issai that regulates terms organizational structure level responsibilities related to unit devoted such within please attach chart if available b procedures has used implement clear assignment authority hierarchical scheme its personnel which extent could ldquo ndash for sais rdquo an audit financial statements considering mandate risks kind work it not possible measures implemented answer comment afganistan yes supreme office sao afghanistan put mechanism as per are reflected all stages process relevant issais strategic planning implementation hr management subject national requirements code conduct ethical ethics etca separate internal amp ia qc directorate headed by director functions directly under auditor general responsible directorates departments well review works reports parties aimed at covering...

Related files

Share

Help

Related files

Share

Share to social media

Help

Login Area