The process SAIs undertake to adopt ISSAIs as auditing standards could be outlined as follows in the infographic below.^{15Steps for ISSAI adoption developed by IDI.} While almost 2/3 of the SAI respondents have a provision in the audit act, only five SAIs report to have carried out all the steps. 24% of SAIs globally have not carried out any of the possible steps outlined for adopting ISSAIs as auditing standards. For SAIs that don’t have a provision in the legal framework, and therefore have adopted ISSAIs directly, 34% have not carried out any of the steps.

However, regional distribution tells us something about where the steps are most frequently applied. Establishing the legal basis for adopting ISSAIs as authoritative standards was carried out by 41% in ASOSAI and 39% in AFROSAI-E. Another step, carrying out a detailed study on the rationale for adopting ISSAIs was done by 47% of SAIs in OLACEFS, making it the region where this practice was most widespread. This could also explain the varied practices of ISSAI adoption in OLACEFS, as a better understanding could lead to a better adapted solution. 40% of SAIs here also developed an implementation plan for the adopted standard. In AFROSAI-E the Head of SAI issued an Executive order for the adoption of ISSAIs as the audit standard in 43% of SAIs, while the same was the case in 40% of SAIs in OLACEFS. Public notification of the adoption was also most commonly done in AFROSAI-E and OLACEFS. While these results beg more questions and needs to be studied further, the adherence to the process according to regions, nevertheless, seems to confirm earlier Stocktakes where SAIs models and regional context have shown to affect the both the adoption and application of the ISSAIs. And while there is uniform willingness to adopt ISSAIs across INTOSAI, the practical application of a systematic process is still limited.

ISSAI standards are the departure point for enabling high-quality audits. Starting with financial audit, 54% SAIs have adopted financial audit ISSAIs as their authoritative standards. 18 % of SAIs adopted national standards consistent with ISSAIs, and 17% have adopted standards based on ISSAIs. SAI PMF data can help us understand the quality of these standards. For financial audit, 70% of the SAI PMF sample meets the benchmark for the indicator for quality financial audit standards, indicating that 2/3 of SAIs globally have financial audit standards aligned with the ISSAIs.

The SAI PMF sample results on audit practices indicate that SAIs continue to face the same issues as in previous GSRs, with only 25% meeting the overall benchmark for financial audit process. Hereunder, 26% meet the benchmark for planning. The proportion meeting the benchmark on the audit implementation is slightly higher at 32%, but this could also be due to comprehensive guidance, prescribing the audit process steps in detail. The results are unchanged from 2020 for reporting on the financial audit, at 35%. Despite these obvious limitations, 80 % of SAIs report to issue audit opinions based on reasonable assurance for all financial audit engagements.

According to Global Survey data, 68% of SAIs conducting financial audits, meets the benchmark of auditing at least 75% of the financial statements they received. SAI PMF data suggests the prevalence could be lower (46%). Assessing the self-reported data from the Global Survey based on regional distribution shows that AFROSAI-E and EUROSAI are the regions where SAIs meet the benchmarks most commonly, together with PASAI and North America. This regional distribution concurs with the SAI PMF sample. These are also the regions reporting to conduct audits according to financial audit objectives only, most frequently.

A positive starting point is that 52% of SAIs have compliance audit standards that meets the quality benchmark from SAI PMF and are greatly aligned with ISSAI 400. Still, for the conduct of audit, this proportion is more than halved, with only 21% of SAIs meeting the benchmark for planning and the implementation of the audit. Standards for compliance audit reporting are met by a larger number of SAIs, 31%. When it comes to coverage, 55% report to meet the benchmark for compliance audit coverage, notably that the SAIs has a documented risk basis for selecting audits, and at least 60% (by value) of the audited entities within their mandate were subject to a compliance audit in the last year, which the graphs further below show is a decline since GSR2020. The most concerning aspect about compliance audit coverage, however, is that as many as 41% of SAIs do not apply a documented risk basis for selecting audit entities, which means that for even the 11% who despite this was able to subject at least 60% of entities to compliance audit, these audits done may have even less impacts because of the entities chosen, and also may again affect the quality of the planning of the audit. SAI PMF results on coverage confirm that results are concerning with 23% meeting the benchmark during assessments.

Finally, for performance audit, 52% of SAIs have adopted the performance audit standards as authoritative standards. Interestingly, the adoption of ISSAIs as authoritative standards in AFROSAI-E are almost universal, with 91%. This is followed by CAROSAI and EUROSAI, with 57% and 54% respectively. In ASOSAI and OLACEFS the most common approach is to develop own standards based on ISSAI, done by 47% and 53% of members respectively. For PASAI, there’s an equal proportion of SAIs who either adopts the ISSAI directly or have adopted national standards aligned with the ISSAIs.

The SAI PMF sample confirms that performance audit practices are more aligned with ISSAI standards than financial and compliance audit practices. This starts with the 70 % of SAIs who have performance audit standards meeting the benchmark. The quality of the standards also seems to be better reflected in the practice, where the audit process is characterized by 36% of SAIs meeting the criteria for planning, and 47% meeting the criteria for implementing the audit, and 61% for reporting. When it comes to audit coverage 56% of SAIs report to have spent 20% of their resources or completed 10 audit reports. It is their resources or completed 10 audit reports. It is likely that these SAIs, with a regular and systematic performance audit practice, are covered by the SAI PMF sample, helping to increase results. Running the data against other variables, show that meeting the audit coverage benchmark is more likely to happen in SAIs in liberal democracies (83%). This could make sense from the view point those liberal democracies, in addition to be more economically advanced, also have more open exchange of ideas, and that the concept of performance audit, which aims to improve government performance, could meet less obstacles.

Despite the slow progress on ISSAI Implementation, SAIs have made efforts to improve their audit practices. More than 60% of SAIs in developing countries have received capacity development support to develop their professional audit capacity during the period 2020-2022, more precisely 62% for compliance audit 69% for financial audit and 75% for performance audit. Capacity development support in the audit disciplines is the most frequently received support across all types of capacity development areas. Comparison with the results from 2020 indicate that the proportion of SAIs receiving support in these audit disciplines during 2020-2022 are almost the same as those who received support during 2017-2019. However, for compliance and performance audit the total support received was less than what was projected by the SAIs. For performance audit 71% of SAI received support, against 82% that planned building capacities going forward, and for compliance audit 55% received support against the 66% planned to receive support. It’s likely that the duration of COVID-19 could have disturbed these plans. However, it could also suggest that some SAIs who needed support in these areas moved away from ambitions after not receiving the support. In fact, fewer SAIs are planning to build capacities in the audit types in the ongoing period (2023-2025), as illustrated in the graph below. Still, it seems like SAIs priority is increasingly geared towards professional development, use of technology and audit quality and reporting. The latter may be a positive sign for the future capacity in audit quality management and professionalisation, which will be discussed in the next sections.

As was pointed out in GSR2020, audit quality management systems and practices seem to play a particularly important role in developing good audit practices. Results for financial, compliance and performance audits are all within the same range, so the analysis below presents the results jointly for all audit types. Around 85% of SAIs have defined policies and procedures for ensuring quality of the audit processes for financial and performance audit, with a slightly lower proportion for compliance audit (80%). Quality management at the engagement level takes place in 73% of SAIs across the audit disciplines. 61% have a system for assessment of risks to quality. Two-thirds of SAIs have a system for monitoring quality, but still as many as 28% of SAIs do not have a monitoring function in place for any of the audit types. Yet, the result is a significant improvement since Global Survey 2020, where 39% of SAIs reported to not have any monitoring systems in place. Furthermore 29% of SAIs do not issue conclusions on the quality control system based on the monitoring, through a function established at the organisational level, and 37% of SAIs haven’t put in place such a unit.

SAI PMF assessments evaluate the quality control functions based on a combined assessment of the system in place, and an audit sample. These data show that the percentage of SAIs meeting the benchmarks for quality control (now referred to as quality management at the engagement level), are considerably lower than the reported existence of systems, with 39% for compliance audit, 44% for performance audit and 51% for financial audit. These numbers still indicate an improvement since the last Stocktake for compliance audit, where percentages are up by 8 points.^{18The sample size is smaller, but for this study 5-7% is considered to indicate an improvement.} These findings seem to echo the findings on ISSAI adoption, that while SAIs are making efforts to put in place standards and systems, these systems and processes are not always of sufficient quality, and for that reason SAI performance in the audit process does not seem to improve materially over shorter time periods. The findings on quality management for example, suggests that while SAIs put in place procedures and policies for the audit process, the holistic and continual assessment of the quality in the audits, through quality management units at the organisational level, risk assessments, monitoring and assessment of quality management at the engagement level are missing in many SAIs. This could pose as an obstacle to the identification of measures to mitigate and improve audit practices. Similarly, only 34% of SAIs have a dedicated department for methodology development, also indicating a lack in capacities to systematically dissect and address audit quality issues through improvement in audit methods. Shortages in an organisational level focus on audit quality, could be one of the factors continuing to hinder SAIs in improving their audits. This also leads us to the next part of this chapter, notably the development of audit competencies of staff.

As well as creating systems that ensure audits are carried out in compliance with the ISSAIs, SAIs need to establish opportunities for staff to build their professional capacities as auditors. Conducting high quality audits depends on SAI’s ability to create an environment where these learning and development opportunities exist, either through internal programmes or external support. For staff development, quality starts by defining the competencies necessary to do the job.

The starting point for identifying needs for improving staff competencies is an assessment of the staff resources available. According to the Global Survey 2023, only 37% of SAIs find their current staff to be adequate both in terms of size and competencies, almost identical results as in 2020 (39%). 32% of SAIs find staffing to be inadequate in terms of staff numbers, also indicating that a heavier workload would be needed from the staff available. 20% of SAIs find that neither competencies nor numbers are adequate, and another 10% find the competencies of staff to be inadequate. Interestingly, while there is a pattern related to income levels and staff adequacy, more than 40% of SAIs in HI countries still find their human resources to be inadequate either when it comes to numbers, competency, or both. There is also a big difference between SIDS, and non-SIDs with 11% against 47% rating their resources as adequate. The same is the case comparing SAIs in fragile countries against SAI in non-fragile contexts. These results also pre-empts the regional analysis, which confirms that 40% of SAIs in CREFIAF, 35% of SAIs in CAROSAI, 30% in AFROSAI-E and 28% in PASAI, find current staffing inadequate.

The responses to the Global Survey 2023 shows that only 66% of SAIs have adopted a competency framework, a system for mapping the necessary professional skills. A quarter of SAIs report to not yet have a competency framework for their auditors. Analysis reveals that financial, compliance and performance auditor competency frameworks only exist in half of SAIs globally. The same applies for jurisdictional competencies for those SAIs who have this mandate. Most SAIs carry out audit engagement with a combination of the audit objectives, for example a combination between financial and compliance audit, which means that SAIs should cover necessary competencies for these two audits in their frameworks. It’s interesting that numbers are equally low for cross-cutting competencies and unique skills to the SAIs, suggesting that the definition of competencies overall, is lacking, not only due to the specific audit approaches SAI take. Although the skills weren’t outlined in detail in the survey question, responses imply that skills ranging from knowledge about country PMF systems, to the overall principles for public sector audit found in ISSAI 100, aren’t explicitly outlined as competency needed in the audit profession, by half of SAIs.

In AFROSAI-E the three audit disciplines are most frequently covered in the competency framework. Financial audit is covered by 74% with 65% for compliance and performance audit. 61% also report to cover cross-cutting competencies, while EUROSAI is the region where SAI-specific skills are covered most often, by 62% of SAIs.

If we look to the SAI PMF data, assessment of team skills and competencies are assessed in connection with assessments of audits. Results suggest that overall team management and skills for each audit discipline is relatively weak, with 46% meeting the benchmark for performance audit, 37% for financial audit and only 33% for compliance audit. These findings both confirm the shortages seen in the existence of frameworks and can offer an explanation to the limitations in performance in the audits.

Subsequently, it is therefore important to look at how SAIs assess the competencies of their staff. Given the low proportion of SAIs with a fully developed competency framework it is hardly surprising that only 39% of SAIs have a mechanism to assess auditor competence against a competency framework. Even fewer, 33% of SAIs, report to have mechanisms to promote and assess the success of continuing professional development. This means that even if SAIs do invest in their staff by offering and enrolling them in professional development programmes, only one-third is able to evaluate the effect of these investments and further, are unlikely to have mechanisms to ensure that new skills and competencies come to good use through application and further roll-out. Such SAI organisational capabilities to apply and manage knowledge and expertise across the organisation, or lack therefore, is likely one of the key factors determining whether SAIs succeed in ISSAI implementation.

Staff competency can be built through directed human resource strategies and dedicated professionalisation programmes. 57% of SAIs report to have built its human resource management processes (within its control) around an auditor competency framework. The proportions are higher than the global average in North America, EUROSAI, ARABOSAI and AFROSAI-E. The low global proportion makes sense in light of the limited number of SAIs that adopted a competency framework. In CREFIAF as many as 33% report that they are not in control of their own recruitment processes, and therefore having in place a competency framework is not applicable for them. The same applies to 26% of SAIs in CAROSAI. In these regions auditor competency frameworks are established for only 27% and 35% of SAIs respectively.

When asked about professional development programmes, SAIs rely most commonly on in-house development programmes which are not regulated by any other organ. For financial audit this is common in North America (100%), EUROSAI (87%) and ASOSAI (80%). Considering the staff and resources needed to develop and run such a programme, it is not surprising that this approach is used less in PASAI (28%) and CAROSAI (26%) with many small SAIs. The regional pattern is similar for performance and compliance audit. For performance audit in-house programmes exist in 71% of SAIs in ARABOSAI, 88% in ASOSAI, 82% in EUROSAI, and 100% in North America. The last results could be tied to the fact that these regions also correlate with a higher proportion of HI countries with sufficient resources, and that SAIs from North America have adopted national standards for performance audit, creating a need for specialised training in the field.

In-house programmes regulated by an external professional body is the least common approach across audit types, which only one-fifth of SAIs relying on this approach. The practice is most widespread in ASOSAI where 53% report to have this arrangement.

Reliance on building pathways through external programmes such as university programmes, is less common than in-house, but here again we see regional differences. For financial audit (38%) this approach is used by 57% in AFROSAI-E, 50% in ARABOSAI, 53% ASOSAI and 47% in OLACEFS, but only by 13% in CREFIAF, suggesting that there could either be institutional aspects or few professional service providers available. Another aspect is of course financial resources through the payment of tuition fees. According to the Global Survey only 7 %o SAIs in CREFIAF consider themselves to have sufficient financial resources. Another explanation could also be that financial audit is not widespread in CREFIAF, however, also for compliance audit the proportion of SAIs in CREFIAF resorting this approach is low, with 20%. The practice is more widespread in ASOSAI (59%), AFROSAI-E (52%) and OLACEFS (50%). However, it should also be noted that the extent of this practice, and the proportion of auditor it is offered to, is not captured by the Global Survey.

Finally, when we look at these results, also considering the SAIs that have a competency framework, it is only one-third of SAIs having adopted competency frameworks covering financial, compliance or performance audit, and also have established in-house professional development schemes. However, SAIs who adopted the relevant framework have a higher proportion of professionalisation pathways in place across all audit types, suggesting that defining competencies helps advancing the professionalisation journey.

In sum, the limitations in today’s SAI practices pose a risk to SAIs ability to advance in the professionalisation of audit staff. Many SAIs are struggling with ensuring their audit staff have the appropriate skills. This is partly due to lack of resources, but regardless of the structural challenges, it’s clear that a lack of defined auditor competencies, and assessment mechanisms for the competencies, lies at the heart of this challenge. With as many as 60% of SAIs aim to offer in-house training across audit types as the main pathway for professionalisation of their auditors, this competency building approach will be the main approach for many SAI. But if these pathways are not based on comprehensive competency framework, and supplemented by continuous assessment of quality like this chapter results suggests, there is a risk that impact of trainings and ultimately on audit quality will be limited.

Throughout the years, there’s been a continuous message about the preference of SAIs to receive support from peers, because of their unique insight and understanding of INTOSAI standards and public sector audit, a specialised and often sensitive exercise. Therefore, it is surprising that SAIs in the Global Survey 2023, indicated that their preference for support leaned more towards international development partners,^{19SAIs receive support from different type of partners. Development partners could for SAIs encompass bilateral donors, multilateral donors, implementers, Embassy channelled funding, support from UN agencies etc.} followed by the INTOSAI region, while SAI peers from the same region, or another INTOSAI region came in as third and fourth preference, respectively. The explanation to this, could be the dramatic reduction of SAIs who report to have provided peer support, from 71 during 2017-2019, to only 42 during 2020-2022. This continues the decline from the GSR2017, when 87 SAIs reported to have provided peer support. But in light of these numbers, it’s also worth to note that both GSR2020 and a recent EU-funded study (which partly based itself on GSR2020 data) demonstrated that there is need for a more harmonised understanding of what peer to peer support entails.^{20Peer-to-Peer Capacity Development Support to Supreme Audit Institutions. ECORYS. 2023.} Also, a major explanation to the latest development probably comes from COVID-19, with travel restrictions and reduced activity level across INTOSAI. 70% of SAIs providing support state that their own staff is used to deliver the support most of the time while includes physical visits, while only 24% provided remote support regularly, suggesting that travel restrictions would severely hamper implementation of support. In addition, the global uncertainty and turbulence during the period examined, would likely affect the ability for SAIs to plan for such support, considering that half of SAIs are dependent on external funding to implement support. It is also worth noting that 29% of provider SAIs initiate the support most of the time, and according to 38% mostly determined based on their own priorities, and finally that for 37% of the SAIs offering support, the support period exceeds a year.