Strategic planning, Understanding the entity and Selection of topics

Nazli J.ShayinPrincipal Director

Familiarize the participants with the primarytenets of Strategic Audit Planning asprescribed by ISSAIs on Performance Audit

Enhance understanding of the standardsfollowed by ISSAIs vis a vis preparation ofstrategic audit plan, understanding the auditentity, selection of topics and planning theaudit.

An independent, objective and reliableexamination

of whether government undertakings,programs, systems, activities ororganizations are performing in accordance

with the principles of economy, efficiency &effectiveness

and whether there is room for improvement.

Deliver new information, knowledge or value by:

Providing new analytical insights

making existing information more accessible to various stakeholders;

providing an independent and authoritative view

conclusion based on audit evidence;

providing recommendations based on an analysis of audit findings.

Economy

EffectivenessEfficiency

Are things being done in the right way?

Are the right things being done?

PA is a separately identifiable piece of audit work;

Typically results in the issuing of a statement, or

report;.

Should have clearly identifiable objectives and

Pertain to a single or clearly identifiable group of

activities systems , programs or the “audited entity.

Different from Financial or Compliance audit

Concept of Public accountability and client

oriented approach

Why is performance audit required?

Auditors have to adopt a broad and less

structured approach

No fixed checklist to be followed

Strategic Audit planning is the process ofdetermining the long term goals of the SAIand the best approach for attaining them.

consists of strategic goals (missionstatement), strategic objectives (more specificand detailed statements) and strategicmeasures to attain them.

Linked to the main audit plan of the SAI

While formulating their audit plans, the fields

offices should ensure that the plans are

consistent with strategic audit plan

help in accomplishment of long terms objectives

as enumerated in the Strategic audit plan of the

SAI as a whole

Also address the audit risks in their respective

areas of jurisdiction.

Time period of 5 years

Provide a firm basis for the Management togive strategic direction for future auditcoverage;

indentify and select audits with the potentialto improve public sector accountability andadministration

Understand entity risks and take them intoaccount in audit selection;

Provide a basis for Department'saccountability;

Produce a work programme that can beachieved with expected/available resource

Sound understanding of

General socio economic conditions

Govt. priorities goals and programs

Regulatory and accounting framework within

which the audited entities operate

The planning process is divided into various stages

The first stage is strategic planning, where potential themes and topics are analysed

Next a pre-study/feasibility study –resulting in a work plan for the main study–to gather information to design proposal for the main study.

Focus on areas where SAI’s audit may add value

in promoting economy, efficiency, and

effectiveness.

Greater freedom in the choice of performance

audit objects and audit approaches.

SAI must carefully consider the strategy for

selecting subjects for performance audits

SAI must maintain its neutrality

Selection of topics from potential audit areas

Constraints of time resources and priorities by SAI

Establishing a selection criteria based on

added value

Higher risk

Importance

Political considerations

Strategic choices

Budget or financial impact

New activities

Traditionally risk prone areas like procurement,

IT etc.

Complex management structures

No reliable or structured information database

SAI- Instrument of Change

• Previous plans

• Past audit reports and follow up

action on them

• Plan documents. Dept outcome

budgets and RFDs

• Annual reports

• Legislative interests

• Audit advisory board proceedings

• Media and external reports

• Academic reports

• Reports by multilateral agencies

input

• Strategic audit plan

• Resources requirements

• prioritiesoutput

Annual audit plan of different field offices in

sync with strategic plan

Quantity not at the cost of quality

Stakeholders on board

Resources and priorities of each office

Time- a crucial factor

Defining point for starting PA

Vital part of planning a PA

Different sources giving access to data on

entity

Various sources for information on the entity

Risk profiling to be done

Documents of the entity

Policy files

Annual reports

Budget and plan documents

Minutes of internal meetings

Manuals

Website

Evaluation reports

Audit reports

Legislative documents

Laws and statues

Parliamentary questions and debates

Reports of parliamentary committees

Letters of members of parliament/legislatures

Policy Documents

Documents of Ministry of Finance

Central planning bodies like a Finance commission or

a planning board

• Academic research

Independent evaluations

Research

Work done by other SAIs

Past audits

Past audit reports

Follow up requirement

Non compliance of recommendations

Increased risk of materiality

Media Coverage

Special focus groups

Identification of potential areas for audit

Resources and time constraint to be kept in view

Focused coverage

No ‘spreading the resources thin’

Criteria of materiality and risk are essential

Target should be value addition and

enhancement in the quality and working of the

scheme/department

May focus on one scheme/department

Or on topic cutting across many departments

Emphasis on emerging issues like

environment, sustainable development and IT

Relevant issues

Direct impact on general masses

Risk assessment-risk profiling of entities

Materiality and significance

Visibility

Past audits

Estimated impact

Coverage

Stage of programme development

Interaction with the audited entity on

selection of topics

Risk profiling to be done based on the nature

of functions, visibility, and financial impact.

Please draw up a Strategic Plan for performance auditof SAI Oman for the years 2016 to 2018 with at least6 topics for 3 years period with indication of 2 topicsfor each year to be included in the Annual Audit Plan.

While drawing up the plan, the importantconsiderations like Added Value, Important ProblemAreas and Risk or Uncertainties etc to be the basis for

selection of those topics.

Time for discussion for groups- 15 minutes.

Plenary session- 15 minutes

Setting audit objectives and criteria

To understand the key elements of planning

How to formulate the criteria

Basic principles of conducting the audit

Background of ISSAI guidelines

A well thought out plan is essential for a

successful PA

Efficiency, effectiveness and economy of

processes

Timeliness is crucial

Identifying the audit objectives, scope and

methodology

Carrying out a Pilot Study

Feasibility Study

Short period

To check the feasibility of topics

gives background information and knowledge about the

entity

Establishes whether conditions for main study exists

Making a study of a small sample;

Selecting a small team;

Deciding on the period to be focused in PA;

Deciding the nature, extent and availability of evidence and

how to be collected;

Approach and techniques to be used;

Determining organizational structure;

Developing list of critical functions;

Determining key financial and administrative data;

Identifying issues raised in prior audits;

Help in deciding

timing;

Resources required;

Redefine risk perception and materiality;

Format of reporting findings and results.

Levels of Planning

Two levels of planning are:

Strategic Planning: Selection of potential themes/topics

(ISSAI 3000, 3.2)

Operational Planning or Planning of individual audits: Plan individual audits in such a way that

High quality audit is conducted

Economically, efficiently and effectively and

In a timely manner

(ISSAI 3000, 3.3)

It involves certain research efforts, with the aim of

building knowledge,

testing various audit designs; and

checking whether data needed is available.

(ISSAI 3100, 16)

Planning

Assessing

resources

Developing

Guidelines

Guidelines

Information on entity’s environment

Audit materiality and risks

Audit scope

Objectives

Methodology

Assignment of duties to various members

Clearly laid out timelines

Audit proposal-

Audit objectives and

scope and design

Assessment of

resources and

drawing up timelines

Analysis of intended

impact

Understanding the entity and program

Defining audit objectives and scope

Determining audit criteria

•Deciding audit scopeDeciding audit approach

Developing audit questions

Assess the skills of the audit team and decide if outside assistance is

required

Preparation of audit design matrix

Establishing resources and time table

Intimation of audit programme to audit entities

Setting audit objectives

Helps preclude the perception of prejudged outcomes

fosters precision and discipline

Facilitates clarity

Helps focused data gathering techniques

Helps establish underlying logic

Maintains consistency in quality of audit

Serves as a measure of quality assurance

Audit topics are selected based on:

Significance (Financial/social and political)

Auditability(Ability to conduct audit)

Audit impact (can lead to important benefits)

Risk Assessment (risks to good performance)

(ISSAI 3100, 11)

Should be clearly spelt out

Number should be from 3-5

Defined in such a manner that conclusion

could be linked to each audit objective

Precise and not verbose

Should have sub objectives and further sub

objectives

Key areas to be identified ;

Clarity about the nature of audit observations

with regard to the key area.

Questions to be framed under each objective

Limited number of audit objectives

Clarity and simplicity

Phrases ‘whether’ ‘To assess’ ‘To ascertain/verify whether’ etc. to be used

Functional area should be clearly linked

Conclusions aimed at should be clearly specified.

audit area like risk control, governance or information be clearly identifiable

Avoid large no of objectives

Keep it simple and clear

Don’t make an objective lengthy. Break down

into various sub objectives

A study identified (i)procurement and(ii)inventory management as two thrust areasfor the study as a result of risk analysis.

Frame possible audit objectives, within thethrust area inventory management.

On what grounds is it possible to assess

actual behavior?

What is required or expected

What results have to be achieve and how

Whether a program meets or exceeds

expectations

Is it always possible to predefine criteria?

The auditors need to decide-

whether the performance measures in place are complete, relevant and justified on a cost benefit basis;

whether the entity has sufficient and reliable procedures in place to measure and report on performance such as KPI and RFD

If the procedures relate to the entity's corporate goals

whether the performance measures are incorporated into the management decision making processes, i.e., are they reported and used within the agency.

enabling and related legislation which governs

the operations of the audited entity;

operating and procedure manuals;

policies, standards, directives and guidelines;

multilateral international accords signed by India;

criteria used previously in similar audits;

general management and subject matter

literature and research papers.

performance standards used by the entity for

the programme / activity to be audited, or

previous inquiries by the legislature;

criteria used by the same entity or other

entities in similar activities or programs;

criteria used or developed by professional

organizations and standard setting bodies;

independent expert advice and know how;

new or established scientific knowledge and

other reliable information;

criteria published by other SAIs; and

Services of a consultant or institution may be

taken to enhance acceptability of a criteria

Shared with the entity in order to take their

suggestions and also help them accept it.

Reliability

Objectivity

Usefulness

Comparability

Completeness

Make sure the criteria are:

Specific

Measurable/quantitative

Discussed with the entity

Free from auditor’s bias

Clear and understandable

Comparable

Make sure the criteria are not:

Vague

Leading to in definable assessments

Influenced by auditor’s perception

Open to several interpretations

Indistinct

Inconsistent

Understanding the entity through

◦Old reports

◦Administrative reports

◦Government sanctions orders etc.

◦Memorandum signed with other agencies etc.