Financial audits are always attestation engagements, as they are based on financial information presented by the responsible party. Performance audits are normally direct reporting engagements. Compliance audits may be attestation or direct reporting engagements, or both at once. The following constitute the subject matter or the subject matter information in the three types of audit covered by the ISSAIs:

  • Financial audit: The subject matter of a financial audit is the financial position, performance, cash flow or other elements which are recognised, measured and presented in financial statements. The subject matter information is the financial statements.
  • Performance audit: The subject matter of a performance audit is defined by the audit objectives and audit questions. The subject matter may be specific programmes, entities or funds or certain activities (with their outputs, outcomes and impacts), existing situations (including causes and consequences) as well as non-financial or financial information about any of these elements. The auditor measures or evaluates the subject matter to assess the extent to which the established criteria have or have not been met.
  • Compliance audit: The subject matter of a compliance audit is defined by the scope of the audit. It may be activities, financial transactions or information. For attestation engagements on compliance it is more relevant to focus on the subject matter information, which may be a statement of compliance in accordance with an established and standardised reporting framework.

INTOSAI ref. Fundamental Principles of Public-Sector Auditing(pdf) (ISSAI-100).
#tagcoding hashtag: #issai130



en
fr
nl