April 2021

EXPLORING ISSUES TO DETERMINE A WAY FORWARD                     I.      Background The term non-assurance services is used throughout the Code when referring to engagements that do not meet the definition of an assurance engagement. An assurance engagement is an engagement in which a professional accountant in public practice (PAPP) expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the outcome of the evaluation or measurement of a subject matter against criteria. An audit engagement is a reasonable assurance engagement in which a PAPP expresses an opinion on whether financial statements are prepared, in all material respects (or give a true and fair view or are presented fairly, in all material respects), in accordance with an applicable financial reporting framework. This includes statutory audits, which is an audit required by legislation or other regulation. Auditor independence is critical to public trust in audited financial statements, and contributes to audit quality. In recent years, there have been a number of legal and regulatory developments aimed at responding to issues affecting auditor independence, including audit firms’ provision of non-assurance services (NAS)[1] to audit clients.[2] Some stakeholders and the Public Interest Oversight Board have called for IESBA to review its International Independence Standards relating to the provision of NAS to audit clients. Having completed a number of projects which culminated in the April 2018 release of a completely rewritten and substantively revised International Code of Ethics for Professional Accountants (including International Independence Standards) (the Code[3]), the IESBA has established a Working Group to further understand and respond to those calls. Global Roundtables In deciding to hold three global roundtables in North America (Washington, DC, USA), Europe (Paris, France), and Asia Pacific (Tokyo, Japan), the IESBA is seeking to further understand stakeholders’ views about specific issues that might arise when firms and network firms provide NAS to their audit clients and whether changes are needed to the Code to address them. Purpose of Briefing Note This briefing note summarizes the NAS issues that the IESBA has identified to-date, in particular, in relation to audit clients that are public interest entities (PIEs). Some of the issues were raised by [1] Except where otherwise noted, NAS in this paper is used to refer to the term “non-assurance services” as used in the IESBA Code. In some jurisdictions the term “non-audit” services is used in describing similar issues. For example, the term “non-audit services” is used in the UK to cover any service that does not form part of the audit engagement (i.e., both “non-assurance” and “assurance services” other than an audit).The terms “non-audit services” and “non-assurance services” are not defined terms in the IESBA Code. [2] The main focus of this paper and the roundtable discussions is on firms’ provision of NAS to audit clients in the context of independence. Some of the issues may be relevant also to circumstances where firms provide NAS to assurance clients in the context of independence. [3] The references to “the Code” in this paper are to the revised and restructured Code which was released on April 9, 2018, and which will become effective in June 2019. respondents to Exposure Drafts (EDs) relating to the IESBA’s recently completed Safeguards and Structure of the Code (Structure) projects, and respondents to the IESBA’s November 2017 Fees Questionnaire. The paper is intended to facilitate a multi-stakeholder dialogue to explore possible solutions to the public interest issues that have been raised in relation to the provision of NAS by audit firms. The paper is organized as follows: Overview of NAS provisions in the Code; General policy objective; Summary of specific issues identified by stakeholders; and Questions for roundtable participants. II.     Overview of NAS Provisions in the Code In addition to the requirement to apply the enhanced conceptual framework[1] to identify, evaluate and address threats when providing NAS to audit clients, Section 600[2] of the Code contains general and specific requirements and application material that apply to firms and network firms when providing NAS to audit clients. The general provisions set out in paragraphs 600.1 to R600.10 apply in all situations when a NAS is provided to an audit client. Additional and more specific provisions are set out in subsections 601-610 and apply when providing certain types of NAS to audit clients. A list of the types of NAS that are dealt with in the Code is included in Appendix 1 of this document. As part of the general provisions in paragraphs 600.1 to R600.10, the Code includes: An overarching requirement that prohibits the assumption of management responsibilities when providing any NAS to audit clients.[3] Management responsibilities involve controlling, leading and directing an entity, including making decisions regarding the acquisition, deployment and control of human, financial, technological, physical and intangible resources. The conceptual framework specifies the approach that all professional accountants, including auditors, are required to use to identify, evaluate and address threats to compliance with the fundamental principles and, where applicable, independence. Clarifications and improvements to assist firms and network firms to better apply the conceptual framework in relation to identifying, evaluating and addressing threats created by providing a NAS to an audit client. For example, the Code now states in a more explicit manner that there are some situations in which safeguards might not be available, or capable of reducing threats created by providing a NAS to an acceptable level and that in such situations, the firm or network is required to decline or end the NAS or the audit engagement. Highlights of the clarifications and improvements to the conceptual framework is included in Appendix 2 of this document. [1] The conceptual framework is set out in Part 1 – Complying with the Code, Fundamental Principles and Conceptual Framework, Section 120, The Conceptual Framework.  [2] International Independence Standards, Part 4A – Independence for Audits and Reviews, Section 600, Provision of Nonassurance Services to an Audit Client [3] See Part 4, Section 600, paragraph R600.7 and related provisions in paragraphs 600.7 A1

INTRODUCTION INTOSAI’s fundamental auditing principles recognise that due to the differing approaches and structures of Supreme Audit Institutions (SAIs), not all auditing standards apply to all aspects of their work[1]. Furthermore, on the basis of the terms of the audit mandate with which SAIs are empowered, any auditing standards external to the SAI cannot be prescriptive, nor have a mandatory application to the work of the SAI[2]. However, in order to promote high quality work across its members, INTOSAI advocates that each SAI should establish a policy which has regard to INTOSAI standards, and other specific professional standards, which should be followed in carrying out various types of work that the organisation conducts. This audit guideline of key principles outlines a common understanding of what defines high quality work in performance auditing. Comparisons between the practices of performance auditing in different countries show considerable variations depending on the mandate, organisation and methods used by the SAIs. The legal, administrative and economic environment can have a bearing on the nature of performance audits conducted and how they are carried out. The maturity of public sector administration also impacts on the extent and nature of performance audits that can be performed. Performance auditing generally follows one of three approaches in examining the performance of the audited entity. The audit may take a result-oriented approach, which assesses whether pre-defined objectives have been achieved as intended, a problemoriented approach, which verifies and analyses the causes of a particular problem(s), or a system-oriented approach which examines the proper functioning of management systems: or a combination of the three approaches. Performance audit may also adopt one of two perspectives for the audit: a top-down perspective, which focuses on the requirements, intentions, objectives and expectations of the Legislature, Executive and/or regulatory body, or a bottom-up perspective, that focuses on the effects of the activity on the audited entity and the larger community[3]. In the case of the former performance audit does not question the intentions and decisions of the legislature, but instead examines whether possible shortcomings in the laws and regulations have affected those intentions being met. Depending on their mandate, SAIs may audit the assumptions on which policy decisions were based and the impact of such policy decisions. The audit provides an objective assessment to inform the legislature on such issues as how to enhance policy target achievement and/or how to accomplish objectives more efficiently and effectively. Whichever approach or perspective is adopted, performance audit aims mainly towards examining the economy, efficiency and effectiveness of the audited entity in the performance of its functions and activities, not excluding the verification of the audited entity’s compliance with established legislation and regulations[4]. Where appropriate, the impact of the regulatory or institutional framework on the performance of the entity should also be taken into account. Performance audit often achieves this by attempting to answer two basic questions: are the right things being done, and are things being done in the right way? As performance auditing can deal with all facets of the public sector, it would not be possible or appropriate to propose detailed common auditing standards to cover all situations. Accordingly, auditors are required to apply their own professional judgments and applicable professional standards to the diverse situations that arise in the course of performance auditing. This document is largely based upon the concepts contained in ISSAI 3000 – Implementation guidelines for Performance Auditing, to which auditors should refer for additional guidance. 2. KEY PRINCIPLES OF PERFORMANCE AUDITING   2.1              Definitions Performance auditing is an independent and objective examination of government undertakings, systems, programmes or organisations, with regard to one or more of the three aspects of economy, efficiency and effectiveness, aiming to lead to improvements5. The performance audit task is a separately identifiable piece of audit work, typically resulting in the issuing of a statement, or report. It should have clearly identifiable objectives and pertain to a single or clearly identifiable group of activities, systems, programmes or bodies know as the “audited entity”. 2.2.             Performance audit objective   According to ISSAI 100[5], an individual performance audit should have the objective of examining one or more of these three assertions: the economy of activities in accordance with sound administrative principles and practices, and management policies; the efficiency of utilisation of human, financial and other resources, including examination of information systems, performance measures and monitoring arrangements, and procedures followed by audited entities for remedying identified deficiencies; and the effectiveness of performance in relation to the achievement of the objectives of the audited entity, and the actual impact of activities compared with the intended impact.   The audit objectives are usually expressed in the form of one overall audit question and a limited number of subsidiary questions that the audit will answer and conclude against. Such questions are thematically related, complementary, not overlapping and collectively exhaustive in addressing the overall question. The audit questions addressed by performance audit do not have to be exclusively based on a retrospective audit approach. In a performance audit, SAIs can take an early initiative and furnish proactive audit findings, and/or recommendations, where appropriate, if this is explicitly allowed by their legal mandate. Furthermore, financial and compliance audit aspects[6], including environmental considerations in the context of sustainable development, can also be included in a performance audit. Finally, the perspective of the citizen that is related to the performance of the audited entity should be taken into account where appropriate. 2.3 Selecting audit topics   Auditors should select audit topics that are significant, auditable, and reflect the SAI’s mandate8. The audit should lead to important benefits for public finance and administration, the audited entity, or the general public. Where there is an overlap between other types of audit and performance auditing, classification of the audit engagement will be determined by the primary purpose of that audit[7]. Aside from audits carried out under legal mandate at the request of the Parliament or other empowered entity, performance audit topics should be selected on the basis

Introduction The purpose of this International Standard on Review Engagements (ISRE) is to establish standards and provide guidance on the practitioner’s professional responsibilities when a practitioner, who is not the auditor of an entity, undertakes an engagement to review financial statements and on the form and content of the report that the practitioner issues in connection with such a review. A practitioner, who is the auditor of the entity, engaged to perform a review of interim financial information performs such a review in accordance with ISRE 2410, “Review of Interim Financial Information Performed by the Independent Auditor of the Entity.” This ISRE is directed towards the review of financial statements. However, it is to be applied, adapted as necessary in the circumstances, to engagements to review other historical financial information. Guidance in the International Standard on Auditing (ISAs) may be useful to the practitioner in applying this ISRE.∗ Objective of a Review Engagement The objective of a review of financial statements is to enable a practitioner to state whether, on the basis of procedures which do not provide all the evidence that would be required in an audit, anything has come to the practitioner’s attention that causes the practitioner to believe that the financial statements are not prepared, in all material respects, in accordance with the applicable financial reporting framework (negative assurance). General Principles of a Review Engagement The practitioner should comply with the Code of Ethics for Professional Accountants issued by the International Ethics Standards Board for Accountants (the IESBA Code). Ethical principles governing the practitioner’s professional responsibilities are: Independence; Integrity; Objectivity; Professional competence and due care; Confidentiality; (f) Professional behavior; and (g)      Technical standards. * Paragraph 2 of this ISRE was amended in December 2007 to clarify the application of the ISRE. The practitioner should conduct a review in accordance with this ISRE. The practitioner should plan and perform the review with an attitude of professional skepticism recognizing that circumstances may exist which cause the financial statements to be materially misstated. For the purpose of expressing negative assurance in the review report, the practitioner should obtain sufficient appropriate evidence primarily through inquiry and analytical procedures to be able to draw conclusions. Scope of a Review The term “scope of a review” refers to the review procedures deemed necessary in the circumstances to achieve the objective of the review. The procedures required to conduct a review of financial statements should be determined by the practitioner having regard to the requirements of this ISRE, relevant professional bodies, legislation, regulation and, where appropriate, the terms of the review engagement and reporting requirements. Moderate Assurance A review engagement provides a moderate level of assurance that the information subject to review is free of material misstatement, this is expressed in the form of negative assurance. Terms of Engagement The practitioner and the client should agree on the terms of the engagement. The agreed terms would be recorded in an engagement letter or other suitable form such as a contract. An engagement letter will be of assistance in planning the review work. It is in the interests of both the practitioner and the client that the practitioner sends an engagement letter documenting the key terms of the appointment. An engagement letter confirms the practitioner’s acceptance of the appointment and helps avoid misunderstanding regarding such matters as the objectives and scope of the engagement, the extent of the practitioner’s responsibilities and the form of reports to be issued. Matters that would be included in the engagement letter include the following: The objective of the service being performed. Management’s responsibility for the financial statements. The scope of the review, including reference to this ISRE (or relevant national standards or practices). Unrestricted access to whatever records, documentation and other information requested in connection with the review. A sample of the report expected to be rendered. The fact that the engagement cannot be relied upon to disclose errors, illegal acts or other irregularities, for example, fraud or defalcations that may exist. A statement that an audit is not being performed and that an audit opinion will not be expressed. To emphasize this point and to avoid confusion, the practitioner may also consider pointing out that a review engagement will not satisfy any statutory or third party requirements for an audit. An example of an engagement letter for a review of financial statements appears in Appendix 1 to this ISRE. Planning The practitioner should plan the work so that an effective engagement will be performed. In planning a review of financial statements, the practitioner should obtain or update the knowledge of the business including consideration of the entity’s organization, accounting systems, operating characteristics and the nature of its assets, liabilities, revenues and expenses. The practitioner needs to possess an understanding of such matters and other matters relevant to the financial statements, for example, a knowledge of the entity’s production and distribution methods, product lines, operating locations and related parties. The practitioner requires this understanding to be able to make relevant inquiries and to design appropriate procedures, as well as to assess the responses and other information obtained. Work Performed by Others When using work performed by another practitioner or an expert, the practitioner should be satisfied that such work is adequate for the purposes of the review. Documentation The practitioner should document matters which are important in providing evidence to support the review report, and evidence that the review was carried out in accordance with this ISRE. Procedures and Evidence The practitioner should apply judgment in determining the specific nature, timing and extent of review procedures. The practitioner will be guided by such matters as the following: Any knowledge acquired by carrying out audits or reviews of the financial statements for prior periods. The practitioner’s knowledge of the business including knowledge of the accounting principles and practices of the industry in which the entity operates. The entity’s accounting systems. The extent to which a particular item is affected by management judgment. The materiality of transactions and account

Introduction Scope of this ISA This International Standard on Auditing (ISA) deals with the auditor’s responsibility to form an opinion on the financial statements. It also deals with the form and content of the auditor’s report issued as a result of an audit of financial statements. ISA 701[1] deals with the auditor’s responsibility to communicate key audit matters in the auditor’s report. ISA 705[2] (Revised) and ISA 706[3] (Revised) deal with how the form and content of the auditor’s report are affected when the auditor expresses a modified opinion or includes an Emphasis of Matter paragraph or an Other Matter paragraph in the auditor’s report. Other ISAs also contain reporting requirements that are applicable when issuing an auditor’s report. This ISA applies to an audit of a complete set of general purpose financial statements and is written in that context. ISA 800[4] deals with special considerations when financial statements are prepared in accordance with a special purpose framework. ISA 805[5] deals with special considerations relevant to an audit of a single financial statement or of a specific element, account or item of a financial statement. This ISA also applies to audits for which ISA 800 or ISA 805 apply. The requirements of this ISA are aimed at addressing an appropriate balance between the need for consistency and comparability in auditor reporting globally and the need to increase the value of auditor reporting by making the information provided in the auditor’s report more relevant to users. This ISA promotes consistency in the auditor’s report, but recognizes the need for flexibility to accommodate particular circumstances of individual jurisdictions. Consistency in the auditor’s report, when the audit has been conducted in accordance with ISAs, promotes credibility in the global marketplace by making more readily identifiable those audits that have been conducted in accordance with globally recognized standards. It also helps to promote the user’s understanding and to identify unusual circumstances when they occur. Effective Date This ISA is effective for audits of financial statements for periods ending on or after December 15, 2016. Objectives The objectives of the auditor are: To form an opinion on the financial statements based on an evaluation of the conclusions drawn from the audit evidence obtained; and To express clearly that opinion through a written report. [1] ISA 701, Communicating Key Audit Matters in the Independent Auditor’s Report [2] ISA 705 (Revised), Modifications to the Opinion in the Independent Auditor’s Report [3] ISA 706 (Revised), Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent Auditor’s Report [4] ISA 800, Special Considerations—Audits of Financial Statements Prepared in Accordance with Special Purpose Frameworks [5] ISA 805, Special Considerations—Audits of Single Financial Statements and Specific Elements, Accounts or Items of a Financial Statement Definitions For purposes of the ISAs, the following terms have the meanings attributed below: General purpose financial statements – Financial statements prepared in accordance with a general purpose framework. General purpose framework – A financial reporting framework designed to meet the common financial information needs of a wide range of users. The financial reporting framework may be a fair presentation framework or a compliance framework. The term “fair presentation framework” is used to refer to a financial reporting framework that requires compliance with the requirements of the framework and: Acknowledges explicitly or implicitly that, to achieve fair presentation of the financial statements, it may be necessary for management to provide disclosures beyond those specifically required by the framework; or Acknowledges explicitly that it may be necessary for management to depart from a requirement of the framework to achieve fair presentation of the financial statements. Such departures are expected to be necessary only in extremely rare circumstances. The term “compliance framework” is used to refer to a financial reporting framework that requires compliance with the requirements of the framework, but does not contain the acknowledgements in (i) or (ii) above.[1] Unmodified opinion – The opinion expressed by the auditor when the auditor concludes that the financial statements are prepared, in all material respects, in accordance with the applicable financial reporting framework.[2] Reference to “financial statements” in this ISA means “a complete set of general purpose financial statements, including the related notes.” The related notes ordinarily comprise a summary of significant accounting policies and other explanatory information. The requirements of the applicable financial reporting framework determine the form and content of the financial statements, and what constitutes a complete set of financial statements. Reference to “International Financial Reporting Standards” in this ISA means the International Financial Reporting Standards (IFRSs) issued by the International Accounting Standards Board, and reference to “International Public Sector Accounting Standards” means the International Public Sector Accounting Standards (IPSASs) issued by the International Public Sector Accounting Standards Board. Requirements Forming an Opinion on the Financial Statements The auditor shall form an opinion on whether the financial statements are prepared, in all material respects, in accordance with the applicable financial reporting framework.[3],[4] In order to form that opinion, the auditor shall conclude as to whether the auditor has obtained reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error. That conclusion shall take into account: The auditor’s conclusion, in accordance with ISA 330, whether sufficient appropriate audit evidence has been obtained;[5] The auditor’s conclusion, in accordance with ISA 450, whether uncorrected misstatements are material, individually or in aggregate;[6] and The evaluations required by paragraphs 12–15. The auditor shall evaluate whether the financial statements are prepared, in all material respects, in accordance with the requirements of the applicable financial reporting framework. This evaluation shall include consideration of the qualitative aspects of the entity’s accounting practices, including indicators of possible bias in management’s judgments. (Ref: Para. A1–A3) In particular, the auditor shall evaluate whether, in view of the requirements of the applicable financial reporting framework: The financial statements adequately disclose the significant accounting policies selected and applied; The accounting policies selected and applied are consistent with the applicable financial reporting framework and are appropriate; The accounting

Introduction Scope of this ISA This International Standard on Auditing (ISA) deals with the auditor’s responsibilities relating to the work of an individual or organization in a field of expertise other than accounting or auditing, when that work is used to assist the auditor in obtaining sufficient appropriate audit evidence. This ISA does not deal with: Situations where the engagement team includes a member, or consults an individual or organization, with expertise in a specialized area of accounting or auditing, which are dealt with in ISA 220;[1] or The auditor’s use of the work of an individual or organization possessing expertise in a field other than accounting or auditing, whose work in that field is used by the entity to assist the entity in preparing the financial statements (a management’s expert), which is dealt with in ISA 500.2 The Auditor’s Responsibility for the Audit Opinion The auditor has sole responsibility for the audit opinion expressed, and that responsibility is not reduced by the auditor’s use of the work of an auditor’s expert. Nonetheless, if the auditor using the work of an auditor’s expert, having followed this ISA, concludes that the work of that expert is adequate for the auditor’s purposes, the auditor may accept that expert’s findings or conclusions in the expert’s field as appropriate audit evidence. Effective Date This ISA is effective for audits of financial statements for periods beginning on or after December 15, 2009. Objectives The objectives of the auditor are: To determine whether to use the work of an auditor’s expert; and If using the work of an auditor’s expert, to determine whether that work is adequate for the auditor’s purposes. [1] ISA 220, “Quality Control for an Audit of Financial Statements,” paragraphs A10, A20–A22. 2      ISA 500, “Audit Evidence,” paragraphs A34–A48. Definitions For purposes of the ISAs, the following terms have the meanings attributed below: Auditor’s expert – An individual or organization possessing expertise in a field other than accounting or auditing, whose work in that field is used by the auditor to assist the auditor in obtaining sufficient appropriate audit evidence. An auditor’s expert may be either an auditor’s internal expert (who is a partner[1] or staff, including temporary staff, of the auditor’s firm or a network firm), or an auditor’s external (Ref: Para. A1–A3) Expertise – Skills, knowledge and experience in a particular field. Management’s expert – An individual or organization possessing expertise in a field other than accounting or auditing, whose work in that field is used by the entity to assist the entity in preparing the financial statements. Requirements Determining the Need for an Auditor’s Expert If expertise in a field other than accounting or auditing is necessary to obtain sufficient appropriate audit evidence, the auditor shall determine whether to use the work of an auditor’s expert. (Ref: Para. A4–A9) Nature, Timing and Extent of Audit Procedures The nature, timing and extent of the auditor’s procedures with respect to the requirements in paragraphs 9–13 of this ISA will vary depending on the circumstances. In determining the nature, timing and extent of those procedures, the auditor shall consider matters including: (Ref: Para. A10) (a) The nature of the matter to which that expert’s work relates; The risks of material misstatement in the matter to which that expert’s work relates; The significance of that expert’s work in the context of the audit; The auditor’s knowledge of and experience with previous work performed by that expert; and Whether that expert is subject to the auditor’s firm’s quality control policies and procedures. (Ref: Para. A11–A13) The Competence, Capabilities and Objectivity of the Auditor’s Expert The auditor shall evaluate whether the auditor’s expert has the necessary competence, capabilities and objectivity for the auditor’s purposes. In the case of an auditor’s external expert, the evaluation of objectivity shall include inquiry regarding interests and relationships that may create a threat to that expert’s objectivity. (Ref: Para. A14–A20) Obtaining an Understanding of the Field of Expertise of the Auditor’s Expert The auditor shall obtain a sufficient understanding of the field of expertise of the auditor’s expert to enable the auditor to: (Ref: Para. A21–A22) Determine the nature, scope and objectives of that expert’s work for the auditor’s purposes; and Evaluate the adequacy of that work for the auditor’s purposes. Agreement with the Auditor’s Expert The auditor shall agree, in writing when appropriate, on the following matters with the auditor’s expert: (Ref: Para. A23–A26) The nature, scope and objectives of that expert’s work; (Ref: Para. A27) The respective roles and responsibilities of the auditor and that expert; (Ref: Para. A28–A29) The nature, timing and extent of communication between the auditor and that expert, including the form of any report to be provided by that expert; and (Ref: Para. A30) The need for the auditor’s expert to observe confidentiality requirements. (Ref: Para. A31) Evaluating the Adequacy of the Auditor’s Expert’s Work The auditor shall evaluate the adequacy of the auditor’s expert’s work for the auditor’s purposes, including: (Ref: Para. A32) The relevance and reasonableness of that expert’s findings or conclusions, and their consistency with other audit evidence; (Ref: Para. A33–A34) If that expert’s work involves use of significant assumptions and methods, the relevance and reasonableness of those assumptions and methods in the circumstances; and (Ref: Para. A35–A37) If that expert’s work involves the use of source data that is significant to that expert’s work, the relevance, completeness, and accuracy of that source data. (Ref: Para. A38–A39) If the auditor determines that the work of the auditor’s expert is not adequate for the auditor’s purposes, the auditor shall: (Ref: Para. A40) Agree with that expert on the nature and extent of further work to be performed by that expert; or Perform additional audit procedures appropriate to the circumstances. Reference to the Auditor’s Expert in the Auditor’s Report The auditor shall not refer to the work of an auditor’s expert in an auditor’s report containing an unmodified opinion unless required by law or regulation to do so. If such reference is

Introduction Scope of this ISA This International Standard on Auditing (ISA) deals with the auditor’s responsibility to identify and assess the risks of material misstatement in the financial statements, through understanding the entity and its environment, including the entity’s internal control. Effective Date This ISA is effective for audits of financial statements for periods beginning on or after December 15, 2009. Objective The objective of the auditor is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, through understanding the entity and its environment, including the entity’s internal control, thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement. Definitions For purposes of the ISAs, the following terms have the meanings attributed below: Assertions – Representations by management, explicit or otherwise, that are embodied in the financial statements, as used by the auditor to consider the different types of potential misstatements that may occur. Business risk – A risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely affect an entity’s ability to achieve its objectives and execute its strategies, or from the setting of inappropriate objectives and strategies. Internal control – The process designed, implemented and maintained by those charged with governance, management and other personnel to provide reasonable assurance about the achievement of an entity’s objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations, and compliance with applicable laws and regulations. The term “controls” refers to any aspects of one or more of the components of internal control. Risk assessment procedures – The audit procedures performed to obtain an understanding of the entity and its environment, including the entity’s internal control, to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels. Significant risk – An identified and assessed risk of material misstatement that, in the auditor’s judgment, requires special audit consideration. Requirements Risk Assessment Procedures and Related Activities The auditor shall perform risk assessment procedures to provide a basis for the identification and assessment of risks of material misstatement at the financial statement and assertion levels. Risk assessment procedures by themselves, however, do not provide sufficient appropriate audit evidence on which to base the audit opinion. (Ref: Para. A1–A5) The risk assessment procedures shall include the following: Inquiries of management, and of others within the entity who in the auditor’s judgment may have information that is likely to assist in identifying risks of material misstatement due to fraud or error. (Ref: Para. A6) Analytical procedures. (Ref: Para. A7–A10) Observation and inspection. (Ref: Para. A11) The auditor shall consider whether information obtained from the auditor’s client acceptance or continuance process is relevant to identifying risks of material misstatement. If the engagement partner has performed other engagements for the entity, the engagement partner shall consider whether information obtained is relevant to identifying risks of material misstatement. Where the auditor intends to use information obtained from the auditor’s previous experience with the entity and from audit procedures performed in previous audits, the auditor shall determine whether changes have occurred since the previous audit that may affect its relevance to the current audit. (Ref: Para. A12–A13) The engagement partner and other key engagement team members shall discuss the susceptibility of the entity’s financial statements to material misstatement, and the application of the applicable financial reporting framework to the entity’s facts and circumstances. The engagement partner shall determine which matters are to be communicated to engagement team members not involved in the discussion. (Ref: Para. A14–A16) The Required Understanding of the Entity and Its Environment, Including the Entity’s Internal Control The Entity and Its Environment The auditor shall obtain an understanding of the following: Relevant industry, regulatory, and other external factors including the applicable financial reporting framework. (Ref: Para. A17–A22) The nature of the entity, including: its operations; its ownership and governance structures; the types of investments that the entity is making and plans to make, including investments in special-purpose entities; and (iv)  the way that the entity is structured and how it is financed, to enable the auditor to understand the classes of transactions, account balances, and disclosures to be expected in the financial statements. (Ref: Para. A23–A27) The entity’s selection and application of accounting policies, including the reasons for changes thereto. The auditor shall evaluate whether the entity’s accounting policies are appropriate for its business and consistent with the applicable financial reporting framework and accounting policies used in the relevant industry. (Ref: Para. A28) The entity’s objectives and strategies, and those related business risks that may result in risks of material misstatement. (Ref: Para. A29–A35) The measurement and review of the entity’s financial performance. (Ref: Para. A36–A41) The Entity’s Internal Control The auditor shall obtain an understanding of internal control relevant to the audit. Although most controls relevant to the audit are likely to relate to financial reporting, not all controls that relate to financial reporting are relevant to the audit. It is a matter of the auditor’s professional judgment whether a control, individually or in combination with others, is relevant to the audit. (Ref: Para. A42–A65) Nature and Extent of the Understanding of Relevant Controls When obtaining an understanding of controls that are relevant to the audit, the auditor shall evaluate the design of those controls and determine whether they have been implemented, by performing procedures in addition to inquiry of the entity’s personnel. (Ref: Para. A66–A68) Components of Internal Control Control environment The auditor shall obtain an understanding of the control environment. As part of obtaining this understanding, the auditor shall evaluate whether: Management, with the oversight of those charged with governance, has created and maintained a culture of honesty and ethical behavior; and The strengths in the control environment elements collectively provide an appropriate foundation for the other components of internal control, and whether those other components are not undermined by deficiencies in the control environment. (Ref: Para. A69–A78)

Introduction Scope of this ISA This International Standard on Auditing (ISA) deals with the external auditor’s responsibilities relating to the work of internal auditors when the external auditor has determined, in accordance with ISA 315,[1] that the internal audit function is likely to be relevant to the audit. (Ref: Para. A1–A2) This ISA does not deal with instances when individual internal auditors provide direct assistance to the external auditor in carrying out audit procedures. Relationship between the Internal Audit Function and the External Auditor The objectives of the internal audit function are determined by management and, where applicable, those charged with governance. While the objectives of the internal audit function and the external auditor are different, some of the ways in which the internal audit function and the external auditor achieve their respective objectives may be similar. (Ref: Para. A3) Irrespective of the degree of autonomy and objectivity of the internal audit function, such function is not independent of the entity as is required of the external auditor when expressing an opinion on financial statements. The external auditor has sole responsibility for the audit opinion expressed, and that responsibility is not reduced by the external auditor’s use of the work of the internal auditors. Effective Date This ISA is effective for audits of financial statements for periods beginning on or after December 15, 2009. Objectives The objectives of the external auditor, where the entity has an internal audit function that the external auditor has determined is likely to be relevant to the audit, are: To determine whether, and to what extent, to use specific work of the internal auditors; and If using the specific work of the internal auditors, to determine whether that work is adequate for the purposes of the audit. [1] ISA 315, “Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment,” paragraph 23. Introduction Scope of this ISA This International Standard on Auditing (ISA) deals with the external auditor’s responsibilities relating to the work of internal auditors when the external auditor has determined, in accordance with ISA 315,[1] that the internal audit function is likely to be relevant to the audit. (Ref: Para. A1–A2) This ISA does not deal with instances when individual internal auditors provide direct assistance to the external auditor in carrying out audit procedures. Relationship between the Internal Audit Function and the External Auditor The objectives of the internal audit function are determined by management and, where applicable, those charged with governance. While the objectives of the internal audit function and the external auditor are different, some of the ways in which the internal audit function and the external auditor achieve their respective objectives may be similar. (Ref: Para. A3) Irrespective of the degree of autonomy and objectivity of the internal audit function, such function is not independent of the entity as is required of the external auditor when expressing an opinion on financial statements. The external auditor has sole responsibility for the audit opinion expressed, and that responsibility is not reduced by the external auditor’s use of the work of the internal auditors. Effective Date This ISA is effective for audits of financial statements for periods beginning on or after December 15, 2009. Objectives The objectives of the external auditor, where the entity has an internal audit function that the external auditor has determined is likely to be relevant to the audit, are: To determine whether, and to what extent, to use specific work of the internal auditors; and If using the specific work of the internal auditors, to determine whether that work is adequate for the purposes of the audit. [1] ISA 315, “Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment,” paragraph 23. A2.  Carrying out procedures in accordance with this ISA may cause the external auditor to re-evaluate the external auditor’s assessment of the risks of material misstatement. Consequently, this may affect the external auditor’s determination of the relevance of the internal audit function to the audit. Similarly, the external auditor may decide not to otherwise use the work of the internal auditors to affect the nature, timing or extent of the external auditor’s procedures. In such circumstances, the external auditor’s further application of this ISA may not be necessary. Objectives of the Internal Audit Function (Ref: Para. 3) A3. The objectives of internal audit functions vary widely and depend on the size and structure of the entity and the requirements of management and, where applicable, those charged with governance. The activities of the internal audit function may include one or more of the following: Monitoring of internal control. The internal audit function may be assigned specific responsibility for reviewing controls, monitoring their operation and recommending improvements thereto. Examination of financial and operating information. The internal audit function may be assigned to review the means used to identify, measure, classify and report financial and operating information, and to make specific inquiry into individual items, including detailed testing of transactions, balances and procedures. Review of operating activities. The internal audit function may be assigned to review the economy, efficiency and effectiveness of operating activities, including non-financial activities of an entity. Review of compliance with laws and regulations. The internal audit function may be assigned to review compliance with laws, regulations and other external requirements, and with management policies and directives and other internal requirements. Risk management. The internal audit function may assist the organization by identifying and evaluating significant exposures to risk and contributing to the improvement of risk management and control systems. The internal audit function may assess the governance process in its accomplishment of objectives on ethics and values, performance management and accountability, communicating risk and control information to appropriate areas of the organization and effectiveness of communication among those charged with governance, external and internal auditors, and management. Determining Whether and to What Extent to Use the Work of the Internal Auditors Whether the Work of the Internal Auditors Is Likely to Be Adequate for

INTRODUCTION   Professional standards and guidelines are essential for the credibility, quality and professionalism of public-sector auditing. The International Standards of Supreme Audit Institutions (ISSAIs) developed by the International Organisation of Supreme Audit Institutions (INTOSAI) aim to promote independent and effective auditing by supreme audit institutions (SAIs).   The ISSAIs encompass public-sector auditing requirements at the organisational (SAI) level, while on the level of individual audits they aim to support the members of INTOSAI in the development of their own professional approach in accordance with their mandates and with national laws and regulations.   INTOSAI’s Framework of Professional Standards has four levels. Level 1 contains the framework’s founding principles. Level 2 (ISSAIs 10-99) sets out prerequisites for the proper functioning and professional conduct of SAIs in terms of organisational considerations that include independence, transparency and accountability, ethics and quality control, which are relevant for all SAI audits. Levels 3 and 4 address the conduct of individual audits and include generally-recognised professional principles that underpin the effective and independent auditing of public-sector entities.   The Fundamental Auditing Principles at level 3 (ISSAIs 100-999) draw and elaborate on ISSAI 1 – The Lima Declaration and the ISSAIs at level 2 and provide an authoritative international frame of reference defining public-sector auditing.   Level 4 translates the Fundamental Auditing Principles into more specific and detailed operational guidelines that can be used on a daily basis in the conduct of an audit and as auditing standards when national auditing standards have not been developed. This level comprises General Auditing Guidelines (ISSAIs 1000-4999) which set the requirements for financial, performance and compliance auditing.   ISSAI 100 – Fundamental Principles of Public-sector Auditing provides detailed information on:   the purpose and authority of the ISSAIs; the framework for public-sector auditing; the elements of public-sector auditing; the principles to be applied in public-sector auditing. PURPOSE AND AUTHORITY OF THE ISSAIs   ISSAI 100 establishes fundamental principles which are applicable to all public-sector audit engagements, irrespective of their form or context. ISSAIs 200, 300 and 400 build on and further develop the principles to be applied in the context of financial, performance and compliance auditing respectively. They should be applied in conjunction with the principles set out in ISSAI 100. The principles in no way override national laws, regulations or mandates or prevent SAIs from carrying out investigations, reviews or other engagements which are not specifically covered by the existing ISSAIs.   The Fundamental Auditing Principles form the core of the General Auditing Guidelines at level 4 of the ISSAI framework. The principles can be used to establish authoritative standards in three ways:   as a basis on which SAIs can develop standards; as a basis for the adoption of consistent national standards; as a basis for adoption of the General Auditing Guidelines as standards.   SAIs may choose to compile a single standard-setting document, a series of such documents or a combination of standard-setting and other authoritative documents.   SAIs should declare which standards they apply when conducting audits, and this declaration should be accessible to users of the SAI’s reports. Where the standards are based on several sources taken together, this should also be stated. SAIs are encouraged to make such declarations part of their audit reports; however, a more general form of communication may be used.   An SAI may declare that the standards it has developed or adopted are based on or are consistent with the Fundamental Auditing Principles only if the standards fully comply with all relevant principles.   Audit reports may include a reference to the fact that the standards used were based on or consistent with the ISSAI or ISSAIs relevant to the audit work carried out. Such reference may be made by stating:   … We conducted our audit in accordance with [standards], which are based on [or consistent with] the Fundamental Auditing Principles (ISSAIs 100-999) of the International Standards of Supreme Audit Institutions.   In order to properly adopt or develop auditing standards based on the Fundamental Auditing Principles, an understanding of the entire text of the principles is necessary. To achieve this, it may be helpful to consult the relevant guidance in the General Auditing Guidelines.   SAIs may choose to adopt the General Auditing Guidelines as their authoritative standards. In such cases the auditor must comply with all ISSAIs relevant to the audit. Reference to the ISSAIs applied may be made by stating:   … We conducted our audit[s] in accordance with the International Standards of Supreme Audit Institutions.   In order to enhance transparency, the statement may further specify which ISSAI or range of ISSAIs the auditor has considered relevant and applied. This may be done by adding the following phrase:   The audit[s] was [were] based on ISSAI[s] xxx [number and name of the ISSAI or range of ISSAIs].   The International Standards on Auditing (ISAs) issued by the International Federation of Accountants (IFAC) are incorporated into the financial audit guidelines (ISSAIs 1000-2999). In financial audits reference may therefore be made either to the ISSAIs or to the ISAs. The ISSAIs provide additional public-sector guidance (’Practice Notes’), but the requirements of the auditor in financial audits are the same. The ISAs constitute an indivisible set of standards and the ISSAIs in which they are incorporated may not be referred to individually. If the ISSAIs or the ISAs have been adopted as the SAI’s standards for financial audits, the auditor’s report should include a reference to those standards. This applies equally to financial audits conducted in combination with other types of audit.   Audits may be conducted in accordance with both the General Auditing Guidelines and standards from other sources provided that no contradictions arise. In such cases reference should be made both to such standards and to the ISSAIs.   FRAMEWORK FOR PUBLIC-SECTOR AUDITING   Mandate   An SAI will exercise its public-sector audit function within a specific constitutional arrangement and by virtue of its office and mandate, which ensure sufficient independence and power

Introduction Scope of this ISA This International Standard on Auditing (ISA) deals with the auditor’s responsibilities relating to fraud in an audit of financial statements. Specifically, it expands on how ISA 315[1] and ISA 330[2] are to be applied in relation to risks of material misstatement due to fraud. Characteristics of Fraud Misstatements in the financial statements can arise from either fraud or error. The distinguishing factor between fraud and error is whether the underlying action that results in the misstatement of the financial statements is intentional or unintentional. Although fraud is a broad legal concept, for the purposes of the ISAs, the auditor is concerned with fraud that causes a material misstatement in the financial statements. Two types of intentional misstatements are relevant to the auditor – misstatements resulting from fraudulent financial reporting and misstatements resulting from misappropriation of assets. Although the auditor may suspect or, in rare cases, identify the occurrence of fraud, the auditor does not make legal determinations of whether fraud has actually occurred. (Ref: Para. A1–A6) Responsibility for the Prevention and Detection of Fraud The primary responsibility for the prevention and detection of fraud rests with both those charged with governance of the entity and management. It is important that management, with the oversight of those charged with governance, place a strong emphasis on fraud prevention, which may reduce opportunities for fraud to take place, and fraud deterrence, which could persuade individuals not to commit fraud because of the likelihood of detection and punishment. This involves a commitment to creating a culture of honesty and ethical behavior which can be reinforced by an active oversight by those charged with governance. Oversight by those charged with governance includes considering the potential for override of controls or other inappropriate influence over the financial reporting process, such as efforts by management to manage earnings in order to influence the perceptions of analysts as to the entity’s performance and profitability. [1]  ISA 315, “Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment.” [2] ISA 330, “The Auditor’s Responses to Assessed Risks.” Responsibilities of the Auditor An auditor conducting an audit in accordance with ISAs is responsible for obtaining reasonable assurance that the financial statements taken as a whole are free from material misstatement, whether caused by fraud or error. Owing to the inherent limitations of an audit, there is an unavoidable risk that some material misstatements of the financial statements may not be detected, even though the audit is properly planned and performed in accordance with the ISAs.[1] As described in ISA 200,[2] the potential effects of inherent limitations are particularly significant in the case of misstatement resulting from fraud. The risk of not detecting a material misstatement resulting from fraud is higher than the risk of not detecting one resulting from error. This is because fraud may involve sophisticated and carefully organized schemes designed to conceal it, such as forgery, deliberate failure to record transactions, or intentional misrepresentations being made to the auditor. Such attempts at concealment may be even more difficult to detect when accompanied by collusion. Collusion may cause the auditor to believe that audit evidence is persuasive when it is, in fact, false. The auditor’s ability to detect a fraud depends on factors such as the skillfulness of the perpetrator, the frequency and extent of manipulation, the degree of collusion involved, the relative size of individual amounts manipulated, and the seniority of those individuals involved. While the auditor may be able to identify potential opportunities for fraud to be perpetrated, it is difficult for the auditor to determine whether misstatements in judgment areas such as accounting estimates are caused by fraud or error. Furthermore, the risk of the auditor not detecting a material misstatement resulting from management fraud is greater than for employee fraud, because management is frequently in a position to directly or indirectly manipulate accounting records, present fraudulent financial information or override control procedures designed to prevent similar frauds by other employees. When obtaining reasonable assurance, the auditor is responsible for maintaining professional skepticism throughout the audit, considering the potential for management override of controls and recognizing the fact that audit procedures that are effective for detecting error may not be effective in detecting fraud. The requirements in this ISA are designed to assist the auditor in identifying and assessing the risks of material misstatement due to fraud and in designing procedures to detect such misstatement. Effective Date This ISA is effective for audits of financial statements for periods beginning on or after December 15, 2009. Objectives The objectives of the auditor are: To identify and assess the risks of material misstatement of the financial statements due to fraud; To obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement due to fraud, through designing and implementing appropriate responses; and To respond appropriately to fraud or suspected fraud identified during the audit. Definitions For purposes of the ISAs, the following terms have the meanings attributed below: Fraud – An intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage. Fraud risk factors – Events or conditions that indicate an incentive or pressure to commit fraud or provide an opportunity to commit fraud. Requirements Professional Skepticism In accordance with ISA 200[3], the auditor shall maintain professional skepticism throughout the audit, recognizing the possibility that a material misstatement due to fraud could exist, notwithstanding the auditor’s past experience of the honesty and integrity of the entity’s management and those charged with governance. (Ref: Para. A7–A8) Unless the auditor has reason to believe the contrary, the auditor may accept records and documents as genuine. If conditions identified during the audit cause the auditor to believe that a document may not be authentic or that terms in a document have been modified but not disclosed to the auditor, the auditor shall investigate further. (Ref: Para. A9) Where responses to

Introduction The purpose of this International Standard on Auditing (ISA) is to establish standards and provide guidance on: Agreeing the terms of the engagement with the client; and The auditor’s response to a request by a client to change the terms of an engagement to one that provides a lower level of assurance. The auditor and the client should agree on the terms of the engagement. The agreed terms would need to be recorded in an audit engagement letter or other suitable form of contract. This ISA is intended to assist the auditor in the preparation of engagement letters relating to audits of financial statements. In some countries, the objective and scope of an audit and the auditor’s obligations are established by law. Even in those situations the auditor may still find audit engagement letters informative for their clients. Audit Engagement Letters It is in the interest of both client and auditor that the auditor sends an engagement letter, preferably before the commencement of the engagement, to help in avoiding misunderstandings with respect to the engagement. The engagement letter documents and confirms the auditor’s acceptance of the appointment, the objective and scope of the audit, the extent of the auditor’s responsibilities to the client and the form of any reports. Agreement on Written Representations The auditor should obtain the acknowledgement and agreement of management and, where appropriate, those charged with governance that they understand their responsibilities for: Preparing and presenting the financial statements Prepared by: IAASB (March 2007)                              Page 1 of 14 IAASB Main Agenda (April 2007) Page 2007·1366   Designing, implementing, and maintaining internal control relevant to the preparation and presentation of financial statements that are free from material misstatement, whether due to fraud or error Providing complete information to the auditor ISA 200, “Objective and General Principles Governing an Audit of Financial Statements” states that audits are conducted on the premises that these responsibilities are acknowledged and understood by management and, where appropriate, those charged with governance. These premises are fundamental to the ability to conduct an effective independent audit, but there may be a risk that these premises may not be understood by management or those charged with governance. To avoid misunderstanding, agreement is reached with management and, where appropriate, those charged with governance about their responsibilities as part of agreeing the terms of engagement. Since [proposed] ISA 580, “Written Representations” requires the auditor to obtain written representations about the validity of these premises, it may also be appropriate to make management aware that receipt of such representations from relevant persons will be expected together with, where appropriate, specific written representations. It also may be useful to agree with management or those charged with governance who the relevant persons are expected to be. Where management or those charged with governance will not make the necessary acknowledgements and agreements, or will not provide the necessary general written representations, the auditor will be unable to obtain sufficient appropriate audit evidence. In such circumstances, it may not be appropriate for the auditor to accept the engagement. In some cases, however, law or regulation prevents the auditor from refusing an engagement. In these cases, the auditor may need to explain to management and those charged with governance the importance of these matters, and the implications for the auditor’s report. PRINCIPAL CONTENTS The form and content of audit engagement letters may vary for each client, but they would generally include reference to: The objective of the audit of financial statements. Management’s responsibility for the financial statements as described in ISA 200. The financial reporting framework adopted by management in preparing the financial statements, i.e., the applicable financial reporting framework. The scope of the audit, including reference to applicable legislation, regulations, or pronouncements of professional bodies to which the auditor adheres. The form of any reports or other communication of results of the engagement. The fact that because of the test nature and other inherent limitations of an audit, together with the inherent limitations of internal control, there is an unavoidable risk that even some material misstatement may remain undiscovered; and IAASB Main Agenda (April 2007) Page 2007·1367 Unrestricted access to whatever records, documentation and other information requested in connection with the audit. Management’s responsibility for establishing and maintaining effective internal control. The auditor may also wish to include in the letter: Arrangements regarding the planning and performance of the audit. Expectation of receiving from management written confirmation concerning representations made in connection with the audit. Request for the client to confirm the terms of the engagement by acknowledging receipt of the engagement letter. Description of any other letters or reports the auditor expects to issue to the client. Basis on which fees are computed and any billing arrangements. When relevant, the following points could also be made: Arrangements concerning the involvement of other auditors and experts in some aspects of the audit. Arrangements concerning the involvement of internal auditors and other client staff. Arrangements to be made with the predecessor auditor, if any, in the case of an initial audit. Any restriction of the auditor’s liability when such possibility exists. A reference to any further agreements between the auditor and the client. The agreement of management to inform the auditor of facts, that may affect the financial statements, of which management may become aware during the period from the date of the auditor’s report to the date the financial statements are issued. An example of an audit engagement letter is set out in Appendix 1. AUDITS OF COMPONENTS When the auditor of a parent entity is also the auditor of its subsidiary, branch or division (component), the factors that influence the decision whether to send a separate engagement letter to the component include the following: Who appoints the auditor of the component. Whether a separate auditor’s report is to be issued on the component. Legal requirements. The extent of any work performed by other auditors. Degree of ownership by parent. Degree of independence of the component’s management. IAASB Main

Introduction Scope of this ISA This International Standard on Auditing (ISA) deals with additional communication in the auditor’s report when the auditor considers it necessary to: Draw users’ attention to a matter or matters presented or disclosed in the financial statements that are of such importance that they are fundamental to users’ understanding of the financial statements; or Draw users’ attention to any matter or matters other than those presented or disclosed in the financial statements that are relevant to users’ understanding of the audit, the auditor’s responsibilities or the auditor’s report. Appendices 1 and 2 identify ISAs that contain specific requirements for the auditor to include Emphasis of Matter paragraphs or Other Matter paragraphs in the auditor’s report. In those circumstances, the requirements in this ISA regarding the form and placement of such paragraphs apply. Effective Date This ISA is effective for audits of financial statements for periods beginning on or after December 15, 2009. Objective The objective of the auditor, having formed an opinion on the financial statements, is to draw users’ attention, when in the auditor’s judgment it is necessary to do so, by way of clear additional communication in the auditor’s report, to: A matter, although appropriately presented or disclosed in the financial statements, that is of such importance that it is fundamental to users’ understanding of the financial statements; or As appropriate, any other matter that is relevant to users’ understanding of the audit, the auditor’s responsibilities or the auditor’s report. Definitions For purposes of the ISAs, the following terms have the meanings attributed below: Emphasis of Matter paragraph – A paragraph included in the auditor’s report that refers to a matter appropriately presented or disclosed in the financial statements that, in the auditor’s judgment, is of such importance that it is fundamental to users’ understanding of the financial statements. Other Matter paragraph – A paragraph included in the auditor’s report that refers to a matter other than those presented or disclosed in the financial statements that, in the auditor’s judgment, is relevant to users’ understanding of the audit, the auditor’s responsibilities or the auditor’s report. Requirements Emphasis of Matter Paragraphs in the Auditor’s Report If the auditor considers it necessary to draw users’ attention to a matter presented or disclosed in the financial statements that, in the auditor’s judgment, is of such importance that it is fundamental to users’ understanding of the financial statements, the auditor shall include an Emphasis of Matter paragraph in the auditor’s report provided the auditor has obtained sufficient appropriate audit evidence that the matter is not materially misstated in the financial statements. Such a paragraph shall refer only to information presented or disclosed in the financial statements. (Ref: Para. A1–A2) When the auditor includes an Emphasis of Matter paragraph in the auditor’s report, the auditor shall: Include it immediately after the Opinion paragraph in the auditor’s report; Use the heading “Emphasis of Matter,” or other appropriate heading; Include in the paragraph a clear reference to the matter being emphasized and to where relevant disclosures that fully describe the matter can be found in the financial statements; and Indicate that the auditor’s opinion is not modified in respect of the matter emphasized. (Ref: Para. A3–A4) Other Matter Paragraphs in the Auditor’s Report If the auditor considers it necessary to communicate a matter other than those that are presented or disclosed in the financial statements that, in the auditor’s judgment, is relevant to users’ understanding of the audit, the auditor’s responsibilities or the auditor’s report and this is not prohibited by law or regulation, the auditor shall do so in a paragraph in the auditor’s report, with the heading “Other Matter,” or other appropriate heading. The auditor shall include this paragraph immediately after the Opinion paragraph and any Emphasis of Matter paragraph, or elsewhere in the auditor’s report if the content of the Other Matter paragraph is relevant to the Other Reporting Responsibilities section. (Ref: Para. A5–A11) Communication with Those Charged with Governance If the auditor expects to include an Emphasis of Matter or an Other Matter paragraph in the auditor’s report, the auditor shall communicate with those charged with governance regarding this expectation and the proposed wording of this paragraph. (Ref: Para. A12) *** Application and Other Explanatory Material Emphasis of Matter Paragraphs in the Auditor’s Report Circumstances in Which an Emphasis of Matter Paragraph May Be Necessary (Ref: Para. 6) A1.  Examples of circumstances where the auditor may consider it necessary to include an Emphasis of Matter paragraph are: An uncertainty relating to the future outcome of exceptional litigation or regulatory action. Early application (where permitted) of a new accounting standard (for example, a new International Financial Reporting Standard) that has a pervasive effect on the financial statements in advance of its effective date. A major catastrophe that has had, or continues to have, a significant effect on the entity’s financial position. A2. A widespread use of Emphasis of Matter paragraphs diminishes the effectiveness of the auditor’s communication of such matters. Additionally, to include more information in an Emphasis of Matter paragraph than is presented or disclosed in the financial statements may imply that the matter has not been appropriately presented or disclosed; accordingly, paragraph 6 limits the use of an Emphasis of Matter paragraph to matters presented or disclosed in the financial statements. Including an Emphasis of Matter Paragraph in the Auditor’s Report (Ref: Para. 7)  A3. The inclusion of an Emphasis of Matter paragraph in the auditor’s report does not affect the auditor’s opinion. An Emphasis of Matter paragraph is not a substitute for either: The auditor expressing a qualified opinion or an adverse opinion, or disclaiming an opinion, when required by the circumstances of a specific audit engagement (see ISA 705[1]); or Disclosures in the financial statements that the applicable financial reporting framework requires management to make. A4. The illustrative report in Appendix 3 includes an Emphasis of Matter paragraph in an auditor’s report that contains a qualified opinion. Other Matter Paragraphs in the Auditor’s

Concept, Background and Purpose of the Code of Ethics   The Office of the Auditor General of Belize has deemed it essential to establish a Code of Ethics for the auditors. A Code of Ethics is a comprehensive statement of the values and principles which should guide the daily work of auditors. The independence, powers and responsibilities of the public sector auditor place high ethical demands on the SAI and the staff employed or engaged for audit work. A code of ethics for auditors in the public sector should consider the ethical requirements of civil servants in general and the particular requirement of auditors, including the latter’s professional obligations. The OAGB Code of Ethics is an adoption of the INTOSAI Code of Ethics. The INTOSAI Code of Ethics should be seen as a necessary complement, reinforcing the INTOSAI Auditing Standards issued by the INTOSAI Auditing Standards Committee in June 1992. This Code of Ethics serves as a complement to the Public Service Regulations of 2001 which governs the conduct of public officers. The OAGB Code of Ethics is directed at the individual auditor, the head of the SAI, and all individuals working for or on behalf of the SAI who are involved in audit work. However, the Code should not be interpreted as having any impact on the organizational structure of the SAI. The conduct of auditors should be beyond reproach at all times and in all circumstances. Any deficiency in their professional conduct or any improper conduct in their personal life places the integrity of auditors, the SAI that they represent, and the quality and validity of their audit work in an unfavorable light, and may raise doubts about the reliability and competence of the SAI itself. The adoption and application of a code of ethics for auditors in the public sector promotes trust and confidence in the auditors and their work. It is of fundamental importance that the SAI is looked upon with trust, confidence and credibility. The auditor promotes this by adopting and applying the ethical requirements of the concepts embodied in the key words: Integrity, Independence and Objectivity, Confidentiality and Competence.   Trust, Confidence and Credibility   The legislature, the general public and the audited entities are entitled to expect the SAI’s conduct and approach to be above suspicion and reproach and worthy of respect and trust. Auditors should conduct themselves in a manner which promotes co-operation and good relations between auditors and within the profession. The support of the profession by its members and their co-operation with one another are essential elements of professional character. The public confidence and respect which an auditor enjoys is largely the result of the cumulative accomplishments of all auditors, past and present. It is therefore in the interest of auditors, as well as that of the general public, that the auditor deals with fellow auditors in a fair and balanced way. The legislature, the general public and the audited entities should be fully assured of the fairness and impartiality of all the SAI’s work. It is therefore essential that there is a national Code of Ethics which governs the provisions of the services. In all parts of society there is a need for credibility. It is therefore essential that the reports and opinions of the SAI are considered to be thoroughly accurate and reliable by knowledgeable third parties. All work performed by the SAI must stand the test of legislature scrutiny, public judgments on propriety, and examination against a national Code of Ethics   CHAPTER 2    Integrity   Integrity is the core value of a Code of Ethics. Auditors have a duty to adhere to high standards of behavior (e.g. honesty and candidness) in the course of their work and in their relationships whether it be personal or with the staff of audited entities. In order to sustain public confidence, the conduct of auditors should be above suspicion and reproach. This includes but is not limited to PSR 20: Demonstrating the highest level of professional conduct and personal integrity in the performance of their duties and in serving the public; Treating everyone, including the public officers clients and members if the general public with courtesy, respect, fairness and objectivity. Displaying a positive attitude and being proactive in the exercise of their duties; seeking to understand and satisfy the real needs of members of the public; and volunteering information and services as appropriate. in the exercise of their official duties, not conferring any special benefits and/or giving preferential treatment to anyone on the basis of any special relationship; and Rendering service in a timely, efficient and effective manner. Integrity can be measured in terms of what is right and just. Integrity requires auditors to observe both the form and the spirit of auditing and ethical standards. Integrity also requires auditors to observe the principles of independence and objectivity, maintain irreproachable standards of professional conduct, make decisions with the public interest in mind, and apply absolute honesty in carrying out their work and in handling the resources of the SAI In accordance with section 121 of the Constitution, all public officers shall conduct themselves in such a way as not to: Place themselves in positions in which they have or could have a conflict of interest; compromise the exercise of their official functions and duties; use their office for private gain; demean their office or position; allow their integrity to be called into question; nor Endanger or diminish respect for, or confidence in, the integrity of the Government. The high level of integrity shall transcend throughout the officer’s public service life.    CHAPTER 3   Independence, Objectivity and Impartiality   Independence from the audited entity and other outside interest groups is indispensable for auditors. This implies that auditors should behave in a way that increases, or in no way diminishes, their independence. Auditors should strive not only to be independent of audited entities and other interested groups, but also to be objective in dealing with the issues and topics