Upload
mabel-summers
View
213
Download
0
Embed Size (px)
Citation preview
Annual Meeting of WGPD
Livingstone, ZambiaJuly, 2015
ISSAI 5450GUIDANCE ON AUDITING PUBLIC DEBT
MANAGEMENT INFORMATION SYSTEMS
Federal Court of Accounts - Brazil
Progress Report
The first version 2009 in Kyiv, Ukraine: investigation theme “Evaluation on
Information Systems Related to Public Debt Management”
2011 TCU performed a preliminary study on federal Debt Integrated System (SID)
2012 first draft presented in the WGPD meeting in September (Helsinki, Finland)
Comments of USA, Lithuania
2013 TCU jointed the parallel audit coordinated by Ukraine
The second version 2013 second version - ISSAI 5450 “Guidance of
Auditing on Public Debt Information System”
CommentsArgentina MalaysiaAustralia MoldovaCanada NetherlandsChile OmanChina PolandHonduras ThailandHungary United States of AmericaIndia United Arab EmiratesKazakhstan United KingdomKuwait VietnamLatvia Zambia
The third versionImprovement Who did suggest?
Description of the importance of auditing the system public debt and the possible consequences of not performing it Austrália, Latvia
Description of the objectives of the debt information system Australia
Explanation about the importance of this guide within a large context United Kingdom, Latvia, India
Indication of the necessity of a process mapping Argentina, Australia, United Arab Emirates
Setting out the importance of a risk based audit approach Australia, United Kingdom, United Arab Emirates, Hungary
Highlight in Application ControlsUnited Kingdom, Honduras, Chile, United
Arab Emirates, Poland, Netherlands, India, Hungary
Creation of a specific list of application controls (testing matrix) Chile, United Arab Emirates
Mention of the functions, queries and connections that the public debt system should provide Hungary, Chile
Making references to INTOSAI documents United Kingdom, India, USA, HungaryIndication of the necessity of an IT expert (the table of sophistication level was removed) Argentina, Kwait, Chile
Modification on the document structure Australia, United Kingdom, HungaryImprovement of the text structure Australia, Canada, Malaysia, Hungary
Improvement Who did suggest?Description of the importance of auditing the system public debt and the possible consequences of not performing it Austrália, Latvia
Description of the objectives of the debt information system Australia
Explanation about the importance of this guide within a large context United Kingdom, Latvia, IndiaIndication of the necessity of a process mapping Argentina, Australia, United Arab Emirates
Setting out the importance of a risk based audit approach Australia, United Kingdom, United Arab Emirates, Hungary
Highlight in Application ControlsUnited Kingdom, Honduras, Chile, United
Arab Emirates, Poland, Netherlands, India, Hungary
Creation of a specific list of application controls (testing matrix) Chile, United Arab Emirates
Mention of the functions, queries and connections that the public debt system should provide Hungary, Chile
Making references to INTOSAI documents United Kingdom, India, USA, HungaryIndication of the necessity of an IT expert (the table of sophistication level was removed) Argentina, Kwait, Chile
Modification on the document structure Australia, United Kingdom, HungaryImprovement of the text structure Australia, Canada, Malaysia, Hungary
The third version
Highlight in Application Controls
Creation of a specific list of application controls (testing matrix)
Testing Matrix
INPUT CONTROLS
The objective of input controls is to ensure the authorization, accuracy, completeness, and timeliness of data entered into an application.
REQUIREMENT / FUNCTIONALITY(set of categories/functionalities)
GENERAL / APPLICATION CONTROLS
(how each functionality works)
SUGGESTION OF TESTING PROCEDURES
(applicable testing procedures)
Fields with mandatory input
The application does not allow the operation confirmation if any mandatory input field is not filled
Trying to confirm the operation by not inputting necessary data and verifying whether the transaction was processed or not.
The last version 2014 Effective outcomes of the Parallel Audit:
Weaknesses unveiled Knowledge acquired: testing matrix
2015 SAI’s comments on 3rd version: USA, Mexico, India Suggestions:
Better explanation/more detailing of some parts Inclusion of “Controls Objectives” in the testing
matrix Comments chart and executive summary ISSAI’s and
INTOSAI’s websites
Summarizing
Long way since the first version: ample and effective participation of INTOSAI’s and WGPD’s members
Many contributions aiming development and improvement of the ISSAI 5450
Good level of objectivity
ISSAI 5450: final endorsement at XXII INCOSAI, 2016