What is the purpose of the standards framework (IFPP), and how can the needs of different user
groups be accommodated?

See minutes here

• Is the IFPP intended to be an infrequently accessed reference framework or a useful and
  practical resource?
• Is it aimed at methodology departments, auditors or both? Do these major (potential) users have
  different requirements?
• Should the content of the framework, as far as possible, reflect current practice, or does it
  establish an acceptable minimum? Who decides on the minimum?
• Should the framework cover every type of work an SAI may do or is it more about the principles
  that should be applied whatever the mandate/objective/output?
• What do developing SAIs need: dedicated (simplified) standards? simplify current standards?
  include dedicated country perspective to all material, where appropriate? more support?
• Should the framework provide a ‘ready-made’ audit manual that can be taken over and applied
  directly?
• What difference – if any – should there be between the hundred- and thousand-series ISSAIs?

What is guidance and how do we ensure it is soundly-based, useful and available?

What possibilities do new ways of working bring?

See minutes here

• Can a distinction be made between guidance intended to make the meaning of concepts and
  requirements clearer on the one hand, and suggestions and examples on how to put them into
  practice, on the other?
• Should some elements of guidance be compulsory? If so is this a different concept and should it
  be given a different name?
• Can a distinction be made between guidance that needs to be part of the framework and follow the
  lengthy due process, and guidance outside it that could be provided in quicker and more flexible
  format? If so, how should this distinction be defined?
• Does guidance provided outside the framework need formal ‘approval’? If so, who should provide
  it?
• Should guidance only flow from a requirement in the framework, or can it be of ‘independent’
  issues that some SAIs could find useful?
• When guidance flows from a requirement, is it sufficiently clear from the requirement that it
  exists, and can be found easily?
• Practical examples provided by individual SAIs can be a useful element of guidance. Do they need
  vetting, and by whom?
• Do online collaborative websites give new possibilities for practitioners to post and discuss
  examples and other elements of guidance?

If so, could direct feedback be used to assess the relevance and utility of guidance?

Do the concepts of ‘principles’ and ‘standards’ refer to documents, or elements of their content,
and what do they mean in practice?

See minutes here

• Are principles an abstract concept or an element of content?
• In the case of the former, does this mean everything in a document entitled as such are
  considered principles? In the case of the latter, can the individual principles be identified?
• ‘Principles-based’ has a number of different meanings, what are they?
• Which meaning of ‘principles-based’ is the one the framework is or should be based on, and what
  implications could this have?
• Are standards an abstract concept or an element of content?
• In the case of the former, does this mean everything in a document entitled as such are
  considered standards? In the case of the latter, can individual standards be identified?

Compliance audit is ‘generally conducted’ in cooperation with one of the two other audit types:
should this have an impact on how the material (standards and guidance) in the framework is
sorted and presented?

See minutes here

• Is the reality in practice that compliance audit is ‘generally conducted’ with one of the two
  other audit types? Or are they more likely to be standalone tasks, reported separately?
• ISSAI 400 suggests that when compliance and performance audit are performed in combination, the
  standards that apply can be one, or the other, or both. What normally happens in practice? What
  challenges arise from following two sets of standards at the same time?
• Are SAI mandates defined around the audit types?
• Is SAI training organised around these audit types?

Financial audit: impact and implications of relationship with the ISAs.

INTOSAI’s financial auditing standards are based on the International Standards on Auditing (ISAs)
developed by the International Auditing and Assurance Standards Board (IAASB). While the principles
are set out in ISSAIs 100 and 200, the standards in the form of ISSAIs 2200 – 2810 are simply
renumbered ISAs.

Guidance on applying ISAs in the public sector context is given with the ISAs themselves,
supplemented by GUID 2900 currently being finalised. More information, including the specific
arrangements concerning ethics and quality control, can be found in the recently adopted ISSAI 2000.

See minutes here

• Do you find the situation clear, or can there be confusion as to what applies in practice?
  When carrying out financial audit work in accordance with international auditing standards,
  do you refer in your audit report to the audit as having been performed in accordance with
  the ISAs or the financial audit ISSAIs?
• Is there scope to further simplify the IFPP in respect of financial audit, for example by
  removing from the IFPP those documents that are simply renumbered ISAs (knowing that INTOSAI
  has no responsibility for the content thereof) ?
• Do you find difficulties in accessing the ISAs, and what could help in this respect?
• What do you see as the challenges for INTOSAI’s financial audit standard-setting
  strategy?  Are there particular issues you would like to see addressed in the future?

Are pronouncements on performance auditing sufficiently clear to do the work?

See minutes here

• Do you find the current performance audit content of the IFPP clear, sufficient and useful? How
  would you like to see it develop in the future, such as topics that need covering or where
  further guidance would be useful?
• Do you find the 3Es too restrictive when scoping performance audits, or do they represent a
  sufficiently flexible guide for all performance audit work?
• Is evaluation fundamentally different from performance audit? Does performance audit have
  lessons to learn from evaluation?