Access the database
The CSSF assumes responsibility of :
Pending the adoption by the European Commission of international auditing standards by means of an EU Regulation, and in order to maintain the continuity of the standards framework applicable to the statutory audit activity in Luxembourg, the CSSF has adopted by means of the CSSF Regulation N°19-02, the sections “Introduction”, “Objective”, “Definitions” and “Requirements”, of international auditing standards as established by the International Auditing and Assurance Standards Board (IAASB) in their clarified version and published in the International Federation of Accountants (IFAC) “Handbook of International Quality Control, Auditing, Review, Other Assurance, and Related Services Pronouncements – 2018 Edition”.
These standards have been supplemented by the provisions introduced by the directive and the EU regulation in order to have a standard reference framework covering all the rules applicable in Luxembourg.
In the same way as the international auditing standards, these standards have been supplemented by the provisions of the directive and the EU regulation in order to have a standard framework containing all the rules applicable in Luxembourg.
The CSSF has adopted at the same time as the CSSF Regulation N°19-02 by means of Circular CSSF 19/717:
These “Application and Other explanatory material” and “Appendix” have also been supplemented by the provisions introduced by the directive and the EU regulation.
IT outsourcing for the storage of working documents poses a number of risks, including in particular the confidentiality of the data contained therein.
The working papers may be kept by a third party on the territory of Luxembourg and, possibly, outside the territory of Luxembourg, provided that the third party guarantees the application of the minimum requirements set out in paragraphs 46, 47 and A56 to A63 of ISQC 1 and that the conditions set out in section 3.3 of the Luxembourg supplement to ISQC 1 regarding the retention of the working papers of the réviseur d’entreprises agréé (approved statutory auditor) are complied with.
The prior approval of the CSSF is required when the réviseur d’entreprises agréé (approved statutory auditor) envisages the use of a cloud computing infrastructure. To this end, the dedicated form must be sent to the Public Oversight of the Audit Profession Department.