strategic planning, understanding the entity and selection...
TRANSCRIPT
Strategic planning, Understanding the entity and Selection of topics
Nazli J.ShayinPrincipal Director
Familiarize the participants with the primarytenets of Strategic Audit Planning asprescribed by ISSAIs on Performance Audit
Enhance understanding of the standardsfollowed by ISSAIs vis a vis preparation ofstrategic audit plan, understanding the auditentity, selection of topics and planning theaudit.
An independent, objective and reliableexamination
of whether government undertakings,programs, systems, activities ororganizations are performing in accordance
with the principles of economy, efficiency &effectiveness
and whether there is room for improvement.
Deliver new information, knowledge or value by:
Providing new analytical insights
making existing information more accessible to various stakeholders;
providing an independent and authoritative view
conclusion based on audit evidence;
providing recommendations based on an analysis of audit findings.
PA is a separately identifiable piece of audit work;
Typically results in the issuing of a statement, or
report;.
Should have clearly identifiable objectives and
Pertain to a single or clearly identifiable group of
activities systems , programs or the “audited entity.
Different from Financial or Compliance audit
Concept of Public accountability and client
oriented approach
Why is performance audit required?
Auditors have to adopt a broad and less
structured approach
No fixed checklist to be followed
Strategic Audit planning is the process ofdetermining the long term goals of the SAIand the best approach for attaining them.
consists of strategic goals (missionstatement), strategic objectives (more specificand detailed statements) and strategicmeasures to attain them.
Linked to the main audit plan of the SAI
While formulating their audit plans, the fields
offices should ensure that the plans are
consistent with strategic audit plan
help in accomplishment of long terms objectives
as enumerated in the Strategic audit plan of the
SAI as a whole
Also address the audit risks in their respective
areas of jurisdiction.
Time period of 5 years
Provide a firm basis for the Management togive strategic direction for future auditcoverage;
indentify and select audits with the potentialto improve public sector accountability andadministration
Understand entity risks and take them intoaccount in audit selection;
Provide a basis for Department'saccountability;
Produce a work programme that can beachieved with expected/available resource
Sound understanding of
General socio economic conditions
Govt. priorities goals and programs
Regulatory and accounting framework within
which the audited entities operate
The planning process is divided into various stages
The first stage is strategic planning, where potential themes and topics are analysed
Next a pre-study/feasibility study –resulting in a work plan for the main study–to gather information to design proposal for the main study.
Focus on areas where SAI’s audit may add value
in promoting economy, efficiency, and
effectiveness.
Greater freedom in the choice of performance
audit objects and audit approaches.
SAI must carefully consider the strategy for
selecting subjects for performance audits
SAI must maintain its neutrality
Selection of topics from potential audit areas
Constraints of time resources and priorities by SAI
Establishing a selection criteria based on
added value
Higher risk
Importance
Political considerations
Strategic choices
Budget or financial impact
New activities
Traditionally risk prone areas like procurement,
IT etc.
Complex management structures
No reliable or structured information database
SAI- Instrument of Change
• Previous plans
• Past audit reports and follow up
action on them
• Plan documents. Dept outcome
budgets and RFDs
• Annual reports
• Legislative interests
• Audit advisory board proceedings
• Media and external reports
• Academic reports
• Reports by multilateral agencies
input
• Strategic audit plan
• Resources requirements
• prioritiesoutput
Annual audit plan of different field offices in
sync with strategic plan
Quantity not at the cost of quality
Stakeholders on board
Resources and priorities of each office
Time- a crucial factor
Defining point for starting PA
Vital part of planning a PA
Different sources giving access to data on
entity
Various sources for information on the entity
Risk profiling to be done
Documents of the entity
Policy files
Annual reports
Budget and plan documents
Minutes of internal meetings
Manuals
Website
Evaluation reports
Audit reports
Legislative documents
Laws and statues
Parliamentary questions and debates
Reports of parliamentary committees
Letters of members of parliament/legislatures
Policy Documents
Documents of Ministry of Finance
Central planning bodies like a Finance commission or
a planning board
• Academic research
Independent evaluations
Research
Work done by other SAIs
Past audits
Past audit reports
Follow up requirement
Non compliance of recommendations
Increased risk of materiality
Media Coverage
Special focus groups
Identification of potential areas for audit
Resources and time constraint to be kept in view
Focused coverage
No ‘spreading the resources thin’
Criteria of materiality and risk are essential
Target should be value addition and
enhancement in the quality and working of the
scheme/department
May focus on one scheme/department
Or on topic cutting across many departments
Emphasis on emerging issues like
environment, sustainable development and IT
Relevant issues
Direct impact on general masses
Risk assessment-risk profiling of entities
Materiality and significance
Visibility
Past audits
Estimated impact
Coverage
Stage of programme development
Interaction with the audited entity on
selection of topics
Risk profiling to be done based on the nature
of functions, visibility, and financial impact.
Please draw up a Strategic Plan for performance auditof SAI Oman for the years 2016 to 2018 with at least6 topics for 3 years period with indication of 2 topicsfor each year to be included in the Annual Audit Plan.
While drawing up the plan, the importantconsiderations like Added Value, Important ProblemAreas and Risk or Uncertainties etc to be the basis for
selection of those topics.
Time for discussion for groups- 15 minutes.
Plenary session- 15 minutes
To understand the key elements of planning
How to formulate the criteria
Basic principles of conducting the audit
Background of ISSAI guidelines
A well thought out plan is essential for a
successful PA
Efficiency, effectiveness and economy of
processes
Timeliness is crucial
Identifying the audit objectives, scope and
methodology
Carrying out a Pilot Study
Feasibility Study
Short period
To check the feasibility of topics
gives background information and knowledge about the
entity
Establishes whether conditions for main study exists
Making a study of a small sample;
Selecting a small team;
Deciding on the period to be focused in PA;
Deciding the nature, extent and availability of evidence and
how to be collected;
Approach and techniques to be used;
Determining organizational structure;
Developing list of critical functions;
Determining key financial and administrative data;
Identifying issues raised in prior audits;
Help in deciding
timing;
Resources required;
Redefine risk perception and materiality;
Format of reporting findings and results.
Levels of Planning
Two levels of planning are:
Strategic Planning: Selection of potential themes/topics
(ISSAI 3000, 3.2)
Operational Planning or Planning of individual audits: Plan individual audits in such a way that
High quality audit is conducted
Economically, efficiently and effectively and
In a timely manner
(ISSAI 3000, 3.3)
It involves certain research efforts, with the aim of
building knowledge,
testing various audit designs; and
checking whether data needed is available.
(ISSAI 3100, 16)
Guidelines
Information on entity’s environment
Audit materiality and risks
Audit scope
Objectives
Methodology
Assignment of duties to various members
Clearly laid out timelines
Audit proposal-
Audit objectives and
scope and design
Assessment of
resources and
drawing up timelines
Analysis of intended
impact
Understanding the entity and program
Defining audit objectives and scope
Determining audit criteria
•Deciding audit scopeDeciding audit approach
Developing audit questions
Assess the skills of the audit team and decide if outside assistance is
required
Preparation of audit design matrix
Establishing resources and time table
Intimation of audit programme to audit entities
Setting audit objectives
Helps preclude the perception of prejudged outcomes
fosters precision and discipline
Facilitates clarity
Helps focused data gathering techniques
Helps establish underlying logic
Maintains consistency in quality of audit
Serves as a measure of quality assurance
Audit topics are selected based on:
Significance (Financial/social and political)
Auditability(Ability to conduct audit)
Audit impact (can lead to important benefits)
Risk Assessment (risks to good performance)
(ISSAI 3100, 11)
Should be clearly spelt out
Number should be from 3-5
Defined in such a manner that conclusion
could be linked to each audit objective
Precise and not verbose
Should have sub objectives and further sub
objectives
Key areas to be identified ;
Clarity about the nature of audit observations
with regard to the key area.
Questions to be framed under each objective
Limited number of audit objectives
Clarity and simplicity
Phrases ‘whether’ ‘To assess’ ‘To ascertain/verify whether’ etc. to be used
Functional area should be clearly linked
Conclusions aimed at should be clearly specified.
audit area like risk control, governance or information be clearly identifiable
Avoid large no of objectives
Keep it simple and clear
Don’t make an objective lengthy. Break down
into various sub objectives
A study identified (i)procurement and(ii)inventory management as two thrust areasfor the study as a result of risk analysis.
Frame possible audit objectives, within thethrust area inventory management.
On what grounds is it possible to assess
actual behavior?
What is required or expected
What results have to be achieve and how
Whether a program meets or exceeds
expectations
Is it always possible to predefine criteria?
The auditors need to decide-
whether the performance measures in place are complete, relevant and justified on a cost benefit basis;
whether the entity has sufficient and reliable procedures in place to measure and report on performance such as KPI and RFD
If the procedures relate to the entity's corporate goals
whether the performance measures are incorporated into the management decision making processes, i.e., are they reported and used within the agency.
enabling and related legislation which governs
the operations of the audited entity;
operating and procedure manuals;
policies, standards, directives and guidelines;
multilateral international accords signed by India;
criteria used previously in similar audits;
general management and subject matter
literature and research papers.
performance standards used by the entity for
the programme / activity to be audited, or
previous inquiries by the legislature;
criteria used by the same entity or other
entities in similar activities or programs;
criteria used or developed by professional
organizations and standard setting bodies;
independent expert advice and know how;
new or established scientific knowledge and
other reliable information;
criteria published by other SAIs; and
Services of a consultant or institution may be
taken to enhance acceptability of a criteria
Shared with the entity in order to take their
suggestions and also help them accept it.
Make sure the criteria are:
Specific
Measurable/quantitative
Discussed with the entity
Free from auditor’s bias
Clear and understandable
Comparable
Make sure the criteria are not:
Vague
Leading to in definable assessments
Influenced by auditor’s perception
Open to several interpretations
Indistinct
Inconsistent
Understanding the entity through
◦Old reports
◦Administrative reports
◦Government sanctions orders etc.
◦Memorandum signed with other agencies etc.