International Organization of Supreme Audit Institutions

Abbreviation	INTOSAI
Formation	1953; 72 years ago (1953)
Type	IGO
Headquarters	Vienna, Austria
Secretary General	Margit Kraker[1]
Website	www.intosai.org

The International Organization of Supreme Audit Institutions (INTOSAI) is an intergovernmental organization whose members are supreme audit institutions. Nearly every supreme audit institution in the world is a member of INTOSAI. Depending on the type of system used in their home country, the members of INTOSAI may be variously titled the Chief Financial Controller, the Office of the Comptroller General, the Office of the Auditor General, the Court of Accounts, or the Board of Audit.

INTOSAI holds a triennial conference entitled the International Congress of Supreme Audit Institutions (INCOSAI).^[2] It publishes the quarterly International Journal of Government Auditing and publishes guidelines and international standards on auditing.

INTOSAI was founded in 1953^[3] in Havana, Cuba.^[4] Thirty-four audit organizations formed the group originally and as of 2010 the current membership includes 193 institutions (188 national institutions, the European Court of Auditors and 4 associated members).^[3]

The members of INTOSAI are the primary external auditors of the United Nations.^[4] The UN's General Assembly appoints the UN Board of Auditors (3 members appointed for 6 years) among the INTOSAI member representatives.^[5]

The International Standards of Supreme Audit Institutions (ISSAI) are a benchmark for auditing public entities (External Audit Standards for public entities).

The "INTOSAI Auditing Standards" had been approved by the INCOSAI in 1998 and updated in 2001. In its strategic plan 2005–2010, the INTOSAI decided to "provide an up-to-date framework of professional standards", so the INTOSAI Professional Standards Committee decided to merge the existing and new INTOSAI standards and guidelines into a framework.

The framework comprises all documents endorsed by INCOSAI with the purpose of guiding the professional standards used by SAIs

The list of ISSAIs is in the table below:

• Auditing Standards (ISSAI-numbers of 3 digits) stipulate general principles and postulates for carrying out the audit work;
• Implementation Guidelines (ISSAI-numbers of 4 digits) give more detailed guidance, practical assistance to SAIs in implementing the Standards in their individual constituents.

Hierarchical level of the text	ISSAI series	Name	Notes and Links www.intosai.org and www.issai.org)
Level 1: Founding Principles	ISSAI 1	The Lima Declaration (endorsed 1977)	Comprehensive precepts on auditing in the public sector|
Level 2: Prerequisites	ISSAI 10-40	Prerequisites for the Functioning of Supreme Audit Institutions	* The 'ISSAI 30' Code of Ethics is the statement of values and principles guiding the daily work of the auditors. One of the principles outlined in the Code of Ethics is the statutory auditor’s obligation to apply generally accepted auditing standards. (not to be mistaken with the AICPA's Generally accepted auditing standards)|
Level 3: Fundamental Auditing Principles	ISSAI 100-400	Basic Principles, General Standards, Field Standards (endorsed 2001), and Reporting Standards
Level 4: Auditing Guidelines	ISSAI 1000-1810	Financial Audit Guidelines	Financial_Audit_Guidelines_E.pdf
	ISSAI 3000-3100	Performance Audit Guidelines
	ISSAI 4000-4200	Compliance Audit Guidelines
	ISSAI 5000-5010	Guidelines on auditing International Institutions
	ISSAI 5100-5140	Guidelines on Environmental Audit
	ISSAI 5200-5240	Guidelines on Privatisation
	ISSAI 5300-5399	guidelines on IT-audit
	ISSAI 5400-5499	Guidelines on Audit of Public Debt
	ISSAI 5500-5599	Guidelines on Audit of Disaster-related Aid
	ISSAI 5600-5699	Guidelines on Peer Reviews
Guidance for Good governance	INTOSAI GOVs 9100 - 9230	Internal Control and Accounting Standards	www.issai.org/media(891,1033)/Internal_Control_Standards.pdf

Financial audit focuses on determining whether an entity’s financial information is presented in accordance with the applicable financial reporting and regulatory framework. This is accomplished by obtaining sufficient and appropriate audit evidence to enable the auditor to express an opinion as to whether the financial information is free from material misstatement due to fraud or error.

Performance audit focuses on whether interventions, programmes and institutions are performing in accordance with the principles of economy, efficiency and effectiveness and whether there is room for improvement. Performance is examined against suitable criteria, and the causes of deviations from those criteria or other problems are analysed. The aim is to answer key audit questions and to provide recommendations for improvement.

Compliance audit focuses on whether a particular subject matter is in compliance with authorities identified as criteria. Compliance auditing is performed by assessing whether activities, financial transactions and information are, in all material respects, in compliance with the authorities which govern the audited entity. These authorities may include rules, laws and regulations, budgetary resolutions, policy, established codes, agreed terms or the general principles governing sound public sector financial management and the conduct of public officials.

• Guidelines for Internal Control Standards for the Public Sector (1992 - The current text is the 2004 revision by the INTOSAI Internal Control Standards Committee, approved by the XVIIIth INCOSAI of October 2004. It has been subsequently integrated in the INTOSAI standards/guidances as "INTOSAI GOV 9100"). It relies upon the COSO's integrated framework for internal control (as stated in the preface), and uses the COSO's definition of Internal Control and IIA's definition of Internal Audit.
• Guidelines on Best Practice for the Audit of Privatizations, (1998)
• Guidance for Planning an Audit of Internal Controls for Public Debt, (2002)

In addition to the INTOSAI members (the Supreme Audit Institutions), the following intergovernmental organizations have adopted INTOSAI AS:

• Council of Europe
• European Communities
  • The European Court of Auditors performs its audits in accordance with the IFAC and INTOSAI Auditing Standards and Codes of ethics, in so far as these are applicable in the European Community context.^[6]
• European Centre for Medium-Range Weather Forecasts
  • Audit by two appointed Supreme Audit Institutions.
• European Space Agency
  • Audit by an Audit Board composed of Supreme Audit Institutions auditors.
• EUMETSAT
  • Audit by an appointed Supreme Audit Institution.
• International Criminal Police Organization
• North Atlantic Treaty Organization
• Organisation for Economic Co-operation and Development
  • Audit by a Supreme Audit Institution.
• The United Nations
  • The United Nations' Board of Auditors (the external audit of the UN) has adopted the ISAs^[7] (International Standards on Auditing). The Board is composed of three Supreme Audit Institutions chairmen, familiar with and usually using the INTOSAI Auditing Standards.^[8]

The Institute of Internal Auditors (IIA) is among the five associated members of the INTOSAI.^[9] The INTOSAI is a strong advocate for the establishment of Independent Internal audit in public entities.

• ISSAI 1610 – Using the Work of Internal Auditors
• INTOSAI Guidance for Good governance: INTOSAI GOVs 9100–9230

The guidance "INTOSAI GOV 9100" states:

• (page 46) "The Supreme Audit Institution also has a vested interest in ensuring that strong internal audit units exist where needed. Those audit units constitute an important element of internal control by providing a continuous means for improving an organisation's operations. In some countries, however, the internal audit units may lack independence, be weak, or be non-existent. In those cases, the SAI should, whenever possible, offer assistance and guidance to establish and develop those capacities and to ensure the independence of the internal auditor's activities."
• "The creation of an internal audit unit as part of the internal control system is a strong signal by management that internal control is important. ... For an internal audit function to be effective, it is essential that the internal audit staff be independent from management, work in an unbiased, correct and honest way and that they report directly to the highest level of authority within the organisation. ... "For professional guidance, internal auditors should use the Professional Practices Framework (PPF) of the Institute of Internal Auditors (IIA) (...) Additionally, internal auditors should follow the INTOSAI Code of Ethics".

• AFROSAI: African Organization of Supreme Audit Institutions
• ARABOSAI: Arab Organization of Supreme Audit Institutions
• ASOSAI: Asian Organization of Supreme Audit Institutions
• CAROSAI: Caribbean Organization of Supreme Audit Institutions
• EUROSAI: European Organization of Supreme Audit Institutions
• OLACEFS: Organization of Latin American and Caribbean Supreme Audit Institutions
• PASAI: Pacific Association of Supreme Audit Institutions

INCOSAI	Place	Date	Host	Information
I	Havana, Cuba	November 1953	Ministry of Auditing and Control of the Republic of Cuba
II	Brussels, Belgium	September 1956	Court of Audit of Belgium
III	Rio de Janeiro, Brazil	May 1959	Tribunal de Contas da União
IV	Vienna, Austria	May 1962	Court of Audit of the Republic of Austria
V	Jerusalem, Israel	June 1965	State Comptroller's Office of Israel
VI	Tokyo, Japan	May 1968	Board of Audit of Japan
VII	Montreal, Canada	September 1971	Office of the Auditor General of Canada
VIII	Madrid, Spain	May 1974	Tribunal de Cuentas
IX	Lima, Peru	October 1977	Contraloría General de la República del Perú
X	Nairobi, Kenya	June 1980	Office of the Comptroller and Auditor General of Kenya
XI	Manila, Philippines	April 1983	Philippine Commission on Audit
XII	Sydney, Australia	April 1986	Australian National Audit Office
XIII	Berlin, Germany	June 1989	Bundesrechnungshof
XIV	Washington, D.C., U.S.	October 1992	Government Accountability Office
XV	Cairo, Egypt	September - October 1995	Central Auditing Organization of Egypt
XVI	Montevideo, Uruguay	November 1998	Contraloría General de la República del Uruguay
XVII	Seoul, South Korea	October 2001	Board of Audit and Inspection of Korea
XVIII	Budapest, Hungary	October 2004	Hungarian State Audit Office
XIX	Mexico City, Mexico	November 2007	Contraloría General de la República de Mexico	https://web.archive.org/web/20081007173620/http://www.incosai2007.org.mx/
XX	Johannesburg, South Africa	November 2010	Auditor-General of South Africa	http://www.incosai.co.za/en/
XXI	Beijing, PR China	October 2013	National Audit Office of the People's Republic of China
XXII	Abu Dhabi, UAE	December 2016	State Audit Institution of United Arab Emirates	http://www.incosai2016.ae
XXIII	Moscow, Russia	September 2019	Accounts Chamber of the Russian Federation	https://incosai2019.ru/en
XXIV	Rio de Janeiro, Brazil	November 2022	Tribunal de Contas da União	https://incosai2022.rio.br/

The following supreme audit institution are members of INTOSAI:^[9]

•  Europe: European Court of Auditors

• Association des Institutions Supérieures de Contrôle Ayant en Commun l'usage du français (AISCCUF)
• Court of Audit of the West African Economic and Monetary Union (UEMOA)
• Organization of SAIs of Portuguese Speaking Countries (OISC/CPLP)
• The Institute of Internal Auditors (IIA)
• World Bank

• Government performance auditing
• CGAP: Institute of Internal Auditors#Other certificates offered by the IIA
• INTOSAI Development Initiative
• Negative assurance and Positive assurance
• UNMAI

• A draft framework of ISSAI standards: www.afrosai-e.org.za
• INTOSAI Marks 50 Years International Journal of Government Auditing January 2003