TOPIC 7: INTERNAL AUDIT, COMPUTER AUDITING AND OTHER TYPES OF AUDIT INTERNAL AUDIT ISA 610 7.1.

.1 Nature and Function/scope of Internal audit According to the Institute of internal auditors (www.iia.org.uk) internal audit is defined as :

An appraisal or monitoring activity established by management and the directors, for the review of the accounting and internal control systems as a service to the entity. It functions by, amongst other things, examining, evaluating and reporting to management and the directors on the adequacy and effectiveness of components of the accounting and internal control systems. 7.1.2 Scope/ Objectives / Functions of internal Audit The scope of Internal audit is set by management and varies widely. It could include: I. Reviewing and appraising the soundness, adequacy and application of accounting, operating and internal control systems. It is the responsibility of management to establish adequate accounting and internal control systems. This demands proper attention on a continuous basis. Internal auditing is ordinarily assigned specific responsibility by management for reviewing these systems, monitoring their operation and recommending improvements thereto. I. Examination of financial and operating information. This may include review of the means used to identify, measure, classify and report such information and specific inquiry into individual items including detailed testing of transactions, balances and procedures. I. I. Ascertaining the extent to which the company assets are accounted for Reviewing and ascertaining the extent of compliance with established and safeguarded from losses of all kinds. internal policies, plans and procedures as well as with laws, regulations and other external requirements. I. I. Ascertaining the reliability of accounting and other data developed Reviewing of the 3Es - economy, efficiency and effectiveness of within the organization. operations of the company. Also known as value-for-money Audit (Economy operations at lowest reasonable cost ie the measure of resources consumed against planned consumption, Efficiency Relationship between input resources and output ie the ratio of resource consumption to benefits produced-the input:output ratio, Effectiveness achievement of predetermined objectives ie the measure of actual performance against planned performance in terms of outputs)

I. I.

Appraising the quality of performance in carrying out assigned Carry out special investigations, e.g. fraud

responsibilities (Quality assurance appraisal of lecturers etc )

7.1.3 Distinction Between External & Internal Auditors 7.1.3.1 Common interests of the two auditors: Ensuring a a a a a The organization has an effective system of internal control. That management obtains adequate management information. That assets are safeguarded. That the organization has an adequate accounting system (to minimum Compliance with statutory and regulatory framework.

Companies Act standard).

7.1.3.2 Differences between the two auditors: a Scope Scope of external auditor is determined by statute; internal auditors scope is set by management and specified in an internal audit charter. The Internal audit charter is a formal document approved by the Board of directors, that (a) establishes the internal audit departments position within the organization; (b) authorizes the internal auditor to have unlimited access to records, personnel and physical properties relevant to the performance of audits; and (c) defines the scope of internal auditing activities. a Approach and primary objective External auditors primary objective is the formation of an opinion as to the truth and fairness of the accounts. The internal audits objective is set by the charter and may cover EEE. a Relationship to the company External auditors are independent of the company and its management. Internal auditors are often employees of the organization, although some times the internal audit function is outsourced.

Reporting responsibility and appointment External Auditor is

appointed by shareholders in an Annual General Meeting and is therefore responsible and reports to the shareholders of the company (NB: the external auditors report is addressed to shareholders). The Ex. Auditor could also be appointed by management to fill a casual vacancy. The external auditor could also have a responsibility to others and the government. The internal auditor is appointed according to management policy via formal interview process. Ideally the Internal auditor reports to the Board of directors or to the audit committee of the Board. a Qualifications (Who is qualified to be Ex. / Int. Auditor ?) External must be a certified/chartered public qualifications are prescribed by

auditors qualifications are determined by the Companys Act and the Accountants Statute (1992) auditor accountant. a The internal auditors

management according to prevailing needs. Skills required External auditor must posses Accounting, finance and analytical skills. Internal Auditor requires broad-based, based

interpersonal and analytical skills.

Remuneration External auditors remuneration is agreed by auditor

and management and ratified later by shareholders in general meeting via the formal approval of accounts. The Internal auditors remuneration is salary based and fixed internally by management. a Security or tenure The Companys Act protects the external auditor

from unjustified dismissal and provides certain rights in Law. The internal auditor has rights of any individual employee only. a Error and fraud For the external auditor detection of errors and frauds is incidental, while to the internal auditor detection of errors and frauds is a very important objective.

7.2 Can External Auditors Rely On The Work Of Internal Auditor? Where the external auditors intends to use the work of internal auditors they are guided by auditing standard ISA 610 : Considering the work of Internal auditing. The external auditor will assess the following matters before relying on the work of internal auditors a a Independence of the internal audit. Organizational status of the Internal audit department as evidenced by

their reporting and the number of positive actions taken consequent to an internal audit recommendation. a a Scope & objectives (relevance, set by?) and quality of internal audit work Standard of professional care Is the internal audit work properly as evidenced by their files and documentation. planned, supervised, reviewed and documented? The existence of adequate audit manuals, work programs and working papers would be considered. a Technical competence of the internal audit staff ie their qualifications, experience etc the external may for example review the policies for hiring and training the internal audit staff and their experience and professional qualifications. a Reporting standards The institute of internal auditors, an international body has issued 5 general standards covering the work of internal auditors (i) Independence (ii) Professional proficiency (iii) Scope of Work (iv) Performance of audit work (v) Management of audit department. These standards are supported by specific practice statements and guide lines which provide practical guidance for the internal auditor. a Resources available

After assessing the above matters, the extent of reliance depends on : Materiality of area under review. Level of associated audit risk Level of judgment required Sufficiency of complementary evidence Whether internals have some specialist skill. BUT The external auditor must always remember that it is his opinion and his reputation at stake. The external auditor has the sole responsibility for the audit opinion expressed, and that responsibility is not reduced by any use made of internal auditing. All judgments relating to the audit of the financial accounts are those of the external auditor.

7.3 Internal Audit Reports The audit report is an end product of an internal audit. The objectives of an internal audit report are: To recommend and influence change. To provide an understanding and overview of control issues within an area under review. To ensure action is taken on audit findings and recommendations. To document the work carried out on the audit and any limitations of scope (for example because of disputes). To provide some form of independent assurance to management. To provide independent advice, guidance and recommendations to management particularly on risk (financial or otherwise) and corporate governance practices. The report is a marketing tool for the Internal Audit department. It demonstrates to the organization the value added by the internal audit function. Users of Internal Audit Reports There are a number of users of such reports. For each report it is important to be aware of the users and what their specific objectives are likely to be. The reports need to be targeted to the appropriate audience. The users of a report may include the following. Operational Management Audit committees

Board of directors Organization as a whole Risk committees Finance director Chief executive Officer External auditors Regulatory bodies There is likely to be a principle user to whom the report will be addressed. This will usually be the Director/executive of the business or area under review. The audit committee/ the full board of directors should however see and follow up all reports produced by the Internal audit department.

7.3.2 Format and content of Internal Audit Reports Prior to issuing of the final report, the internal auditor should discuss the report with the management of the audit area to iron out any differences and obtain explanations to some of the issues the external audit team may have come across. Internal Audit reports need to be appropriately structured with a logical flow of information. The format of reports can vary significantly according to the organization and approach of the department. The typical report may be in the following format: Cover of the report Subject Distribution list Date of issue Period covered by the report Any rating/evaluation Executive summary this could include Overall summary of outcome from review Introduction Overview of scope Key risks Opinion Key findings and recommendations The major exposures identified during the review and their significance.

Detailed findings and agreed action Findings Risk exposure Agreed action Responsibility Deadline/time scale Appendices Explanations and further details Appropriate analysis to back up the matters referred to in the main body of the report.

COMPUTERS IN AUDIT MANAGEMENT 7.4.1 The use of computers in audit management: Audit practice administration At the firm level i.e within the audit firm, the role of computers is similar to the role they play in an audit client that is , it is a management information and accounting system. Audit staff log-on chargeable time, which goes into the audit firms billing system The computer system will produce partnership accounts, schedules of work-inprogress and general management information, used by the audit firm management for decision-making purposes. Preparation of audit reports and accounts - word processing, standard letters, reports etc.

7.4.2 The use of computers in audit management: Auditing applications The computer (P/C) may be used by auditors in the following ways to assist in audit work: Flow charting clients system flow-charting computer packages exist to assist the auditor in drawing flow charts. Evaluation of audit Risk computer packages exist to assist the auditor in evaluation of risk. Preparation of audit programmes audit programmes can be typed into a word processor, which will allow easy access and up dating. And determining sample sizes. Analytical procedures Spreadsheets can be used to generate key details of the accounts e.g. key accounting ratios that will assist the auditor when carrying out analytical procedures. Spreadsheets are also vital in data analysis. Preparation of audit working papers computers are a key resource in the production of schedules, summaries and other audit working papers. Used in the application of CAATS Computer- assisted audit techniques, which are a

key audit tool in a computerized environment. CONTROLS IN COMPUTERIZED ACCOUNTING SYSTEMS EDP (Electronic Data Processing System) The main objectives of a strong Internal Control System be it in a manual or computerbased accounting environment are (i) to ensure the proper and accurate recording of all transactions and (ii) to prevent mismanagement, error, fraud and general abuse. In the past, major components of an internal control system have included such things as: Separation of duties, Delegation of authority and responsibility in a clear unambiguous manner, Recruitment and training of skilled personnel, A system of authorizations, Adequate documentations and records to provide an audit-trail, Physical controls over assets and records, Management supervision and independent checks on performance. Certainly, the above components must exist in an EDP system; however, use of EDP affects the implementation of these components in a number of ways (The International Federation of Accountants IFAC practice statement IAPS - International auditing Practices statement 1002: EDP EDP Environment-On-line computer systems) these include: Absence of input documents data may be entered directly into the EDP system without supporting documents. In some on-line transaction systems, written evidence of data entry authorization (for example, approval for order entry) may be replaced by other procedures, such as authorization controls contained in computer programs (for example, credit limit approval) Lack of a visible transaction trail certain data may be maintained on computer files only. In a manual environment, it is normally possible to follow a transaction through the system by examining source documents, books of account and reports. In an EDP environment, however, the transaction trail may be partly in machine-readable form, or it may exist only for a limited period of time. Lack of visible output certain transactions or results of processing may not be printed. In manual environments and in some EDP environments, it is normally possible to visually examine the results of processing. In other EDP environments, the results of the processing may not be printed, or only summary data may be printed. Thus, the lack of visible output may result in the need to access data retained on computer files readable only by the computer. Accessibility of data and computer programs data and computer programs

can be accessed and altered by persons through the use of on-line terminals. Therefore, in the absence of appropriate controls, there is an increased potential for unauthorized access to, and alteration of, data and computer programs by persons inside or outside the entity.

The above statements indicate that despite the advantages of computerized accounting systems to an organization, certain characteristics inherent in these systems represent problems or risks that can only be addressed by developing and implementing special control mechanisms in the organizations internal control systems. These special controls in an EDP system can be categorized under 3 areas. Systems development controls General controls Application / Procedural and processing controls 7.5.1 System Development Controls (SDCs) These are Controls over the entire development process of the computer system, from the initial idea/proposal, designing, testing, and implementation through to acceptance of a fully operational system. In many respects system development controls are the most important - if they are inadequate the whole project is at risk. Any system errors may remain undetected for some time and cause countless problems. Standards must be prescribed for the design, development, testing and implementation of systems, programs and amendments.

SDC 1 There must be proper Consultation with the following groups before Computer systems are developed. (i) (ii) (iii) (iv) SDC 2 Management Users / departments going to use the system Operators of the system Auditors - internal and external

There is a need to have clear documentation and Record of the system so developed. A developed. detailed description of the computer programme must be compiled. This could take the form of: (i) (ii) (iv) (v) (vi) SDC 3 The system so developed must be fully tested to ensure that all programmes have been prepared correctly before operating it on live data. Systems testing will take the following form: (i) (ii) (iii) Test packs - using dummy data on the new system . limited period. flowcharts of clerical and computer procedures specification of types and form of input processing detail and dealing with errors form of output and its distribution operational controls and maintenance of audit trail

(iii) Form and content of master and other files

Pilot running running the new system fully with live data for a

Parallel running with the manual system until it is proved that the new system

can operate satisfactorily. SDC 4 Acceptance Users, operators and management must accept the system developed.

7.5. 2 General Controls These are controls over the environment in which computer-based accounting systems are developed, maintained and operated. Purposes - to ensure (i) (ii) the integrity of data and program files and of operations. operations.

Basic controls include: Segregation of duties requiring appropriate segregation of responsibilities and duties. In a computerized environment the following functions must be carried out by separate officers/sections/departments: Development, Data preparation, Computer Data entry, File Library maintenance, Control.

Controls over Operators operators to have designated and restricted areas of access within the computer programme by use of pass words. No unauthorized change should be made to accounting programmes that process data by using Pass words and maintaining a record of all changes effected on the system. Also a physical control can be instituted e.g preventing people from having access to the computer terminals Hardware controls and Security Having Fire Precautions and Stand-by Arrangements ( Protective measures should be put in place to secure the equipment and data standby power source, UPS etc) Controls to ensure continuity - File back systems on site and off-site, data recovery procedures, insurance cover etc)

7.5.3 Application / procedural and processing Controls These consist of controls over completeness, accuracy and authorization of

input/processing and maintenance of master files. They relate to the transactions and data belonging to each computer based system and are therefore specific to that system (e.g. payroll, debtors etc.). (i) Input controls These are controls designed to ensure that the integrity of the data entered into the computer system is maintained. That is they ensure that transactions are properly authorized, they are accurately recorded and that they are complete. batch totals comparison of files (e.g. order/invoice) sequential numbering of documents-document count control totals (ii) Processing and out put controls (Accuracy and Validity controls) accounting

Processing controls are those controls designed to ensure that the appropriate computer processes have been performed on the data entered into the computer. These are exercised within the computer. Output controls are designed so that the results ultimately reported as a consequence of the inputting and processing of data are valid, accurate and complete.

batch processing (not for real time) segregation (e.g. of responsibility for application, transaction & master files) control totals manual authorization and checking pro-forma documents (pre-coded if possible) field presence (e.g. must have customer account number) master file compatibility (does customer exist?) range (e.g. wages within ushs100,000-500,000 per week) batch (e.g. total hours worked) sequence (e.g. all delivery notes accounted for) logic (e.g. gross, VAT, net calculation checked) access controls back-up facilities anti-virus protection effective staff training testing and evaluation of programs controls over data input etc.

7.6 PLANNING A COMPUTER BASED AUDIT

A computer based system will affect the timing and recording of audit work. The absence of input documents, or audit trail, or output, will necessitate the use of special audit tools known as CAATs. Broadly there are two approaches which might be considered: Audit round the computer Audit through the computer Audit round the computer: This involves substantive testing of computer input and its reconciliation to output. The approach saves time and cost in the short-run, especially when coupled with analytical review. Audit through the computer: computer:

This is usually preferable although the auditor does require a higher knowledge of EDP. The auditor is required to make detailed contact with the computer hardware and software. Auditing through the computer will require the auditor to make use of computer assisted auditing techniques (CAATs).

Advantages of using CAATs: i. i. CAATs are the only effective way of testing complex systems especially where The use of CAATs enables the auditor to test a much larger population quickly the auditor has in his large volumes of transactions take place. and accurately, and therefore increase the confidence opinion. i. CAATs enable the auditor to test the accounting system and its records (i.e the tapes and disk files) rather than relying on testing printouts of what they believe to be a copy of those records. I.E. allows testing of live/actual systems. i. Once set up , CAATs are likely to be a cost effective way of obtaining audit evidence provided that the enterprise does not regularly change its systems.

COMPUTER ASSISTED AUDIT TECHNIQUES There are two main categories of CAATs: test data audit software TEST DATA: This is used to test application controls. It consists of data selected by the auditor for processing through a clients system, where the auditor knows client what results are expected from that processing. The data may either be specially developed by the auditor or selected from the clients data. It must, however, be as representative as possible of the client whole population of data, which it is chosen to represent. Test data may be used during a normal run or during a special run set up for the purpose. Difficulties in using audit test data Costs in ascertaining the relevant controls and in constructing test data from scratch. It may be very difficult to identify all relevant conditions. Dangers of live testing - requires careful planning otherwise data may be corrupted ! Dangers of testing during a special run and files have been used. Recording - the use of test data does not necessarily provide visible evidence of audit work performed. Working papers should therefore include details of the controls to be tested, an explanation of how they are to be tested, details of the transactions and files used, details of the predicted results, the actual results and evidence of the predicted and actual results having been compared. this creates an artificial testing environment. Assurance is needed that normal programs

AUDIT SOFTWARE: This is used to test both system (general) and application controls. It consists of purpose written software (there are packages on commercial sale). It may also be built into the design of systems in the form of embedded software of System Control And Review Files (SCARF). It is designed to enable the auditor to interrogate a clients files, to download them client and to manipulate them. If properly used it is a very powerful tool as it enables the auditor to test the whole system for a full year. Difficulties in using audit software

a. a.

Costs There will be substantial set-up costs . Changes to the clients system there will be a need to alter the software because of changes made by clients to their own systems. This can be very costly. 7.6.1 Challenges of E-commerce Its a problem for auditors Loss of audit trail !, E-crime Basic audit requirement is unchanged obtaining sufficient and relevant evidence , on which to base your opinion. Controls must be developed for the new environment E. signatures.

7.7 AUDIT OF NOT-FOR-PROFIT ORGANIZATIONS 7.7.1 Charity - A charity is a common form of not-for-profit organization. Charities may be constituted in a variety of ways. Some may be unincorporated entities, some are incorporated under company legislation, and others are constituted and registered under the NGO Statute, in Uganda. In all cases the objectives of the charity will be set out in its governing document, The constitution and its activities should accord with its objectives and any relevant legislation e.g. the NGO statute. A copy of the constitution should be kept on the auditors permanent file. 7.7.2 Financial statements of charities include: Statement of Financial activities (SOFA) that will include: Receipts and payments statement Income and expenditure statement watch out for any revenue generating activity of the charity on commercial lines e.g. Poultry farm etc

Balance sheet showing the assets, liabilities and funds of the charity. Cash flow statement and notes Auditors report on the truth and fairness of the financial statements. 7.7.3 Audit problems of charities Lack of segregation of duties and use of unqualified staff it is unlikely that the charity will employ many people, if any. The level of internal control may well be low and it may be difficult for the auditor to require many detailed checks on the actions of unpaid volunteers. Window-dressing The charity may wish to present a reasonably favorable picture in its annual report to encourage further donations. Auditors must, however, guard against the possible window-dressing of the financial statements. Donations - These may either be cash donations or donations in kind. In many cases they may not be supported by invoices/ equivalent documentation. Obtaining assurance as to the completeness and accuracy of recorded donations can therefore be difficult. There is a difficulty of obtaining suitable evidence with regards to income some donors prefer to be anonymous. Grants to beneficiaries how do you ascertain that they were the rightful beneficiaries? 7.7. 4 Audit Procedures for charities Planning auditor should properly plan and control their work in the light of the accounting and auditing requirements of the charity under review. At the planning stage the auditor should consider: The scope of the audit The requirements of the NGO Board/compliance with the law. Accounting policies used by the charity Special circumstances of the sector within which the charity operates Key audit areas Detail in the financial statements on which auditors to report. Inherent Risk Consider IR factors like complexity/extent of regulation, significance of donations and cash receipts, lack of predictable income, tax rules etc.

Control Risk Consider CR factors like - Time committed and degree of involvement by trustees, skills of trustees, Independence of trustees from each other, division of duties. Examine details of the trust deed / constitution and any other legislation affecting the operations of the charity. Vouch / check all expenditure, and ensure it relates to the objects of the charity and has been properly authorised. Where separate funds (restricted funds) are kept for specific purposes or depending on donors requirements, ensure that the regulations governing these have been observed. Look out for commingling of funds. Ascertain that there is a proper system of internal control in force to ensure that there is no misappropriation of subscriptions and donations. Collections from the public a. a. a. - These should be checked for validity and completeness: (church baskets, mosque boxes, charity tins etc) There should be strict numerical control over collection boxes, The boxes should be regularly collected, and dual counting and There should be dual control if possible over the opening of mail, which should be sealed to prevent unauthorized opening. recording of the contents should be made. and all postal receipts should be immediately recorded and later reconciled to the cashbooks. a. a. There must be agreement of bank paying-slips to record of Acknowledgements sent to all donors should be considered. receipts by an independent person.

Legacies should be related to detailed correspondence files and outstanding legacies receivable should be followed up (legacy = receivable from the estate of a dead person by way of a will) Government grants to the charity should be checked and the auditor should confirm that the grant is used as per conditions on that grant. Where a charity has branches, there must be regular reports from such branches to the head office. Auditor should check that all branches are included in the financial reports of the charity. Grants to beneficiaries should be checked against correspondence and should be authorized by management committee. They should be in line with the objectives of the charity. Auditors should check that:

a. a. a. a.

Bankings are made promptly upon receipt Bankings are checked to receipt records Regular bank reconciliations are made Returned cheques are examined for date, signature, payee,

endorsements etc Audit of Balance sheet and other financial statements will follow similar procedures as for profit organizations. Focus will be on confirming the assertions Completeness, Ownership, Valuation, Existence, and Disclosure etc. In particular watch out for: Understatement /incompleteness in income Overstatement of grants or assets Misanalysis of misuse of funds Misstatement and out right theft of assets like donated properties Carry out analytical review Vs budgets. 7.7. 5 Auditors report. Will take the normal form of auditor report except it must refer to the constitution and other legal requirements setting up the charity. Where the financial statements are prepared on a cash basis other than accruals basis the auditors report must highlight that fact. Provided auditors satisfy themselves on the reasonableness of the accounting systems and controls in operation, and there is no reason to suspect that income has been omitted (because of difficulties of obtaining suitable evidence with regards to income), they may be able to issue unqualified report.

FEATURES OF GOVERNMENT AUDIT Government audit is a means of ensuring public accountability for the use of funds by the Government and also acts as a tool for exercising financial control. 7.8.1 INSTITUTIONAL FRAMEWORK FOR GOVERNMENT AUDIT.

Auditor General

The

The Public Parliament (The Legislature)

accountability cycle

Government Cabinet (The Executive)

In a democratic society, accountability falls in the following stages: i. i. i. i. and i. The Auditor general independently audits the annual appropriation accounts prepared by Government and reports back to Parliament through the annual report whether the funds so allocated to government have been properly spent. Members of public elected by the public MPS vote funds for various programmes Government spends the so voted for funds Government has the obligation to account for the

manner in which the funds so voted have been spent;

In

Uganda

Government the

audit of

is a

performed proper

by

the

Auditor

General. for

Recognizing

importance

institutional

framework

Government accounting and auditing, the Constitution of Uganda (1995) and the Public Finance and Accountability Act, 2003 give a special status to the Auditor General and contains provisions to safeguard his independence from the Legislature and the Executive arm of the Government.

7.8.2 MANDATE OF THE AUDITOR GENERAL : APPOINTMENT, POWERS, DUTIES AND RESPONSIBILITIES OF THE AUDITOR GENERAL The powers, duties and responsibilities of the Auditor General are found in: i. i. Act) i. Other Acts of parliament. 7.8.2.1 Appointment : According to Article 163 of the Constitution the Auditor General is appointed by the President with approval of the Parliament. 7.8.2.2.Duties and responsibilities Article 163 of the 1995 constitution of the Republic of Uganda and section 33 of the PFA, Act 2003 outline the duties of the Auditor General which cab be summarized as follows: i. To examine, inquire into , audit and report on all the public accounts of Uganda and all public offices including courts, the central and local administrations, Universities and public institutions of like nature and any other public corporation or other bodies or Organisations established by an Act of Parliament, i. To audit and report on all expenditures from the Consolidated fund (this fund is defined by the Constitution, 1995 in section 153) in this regard he has to ascertain whether the moneys shown in the accounts as having been disbursed were legally available for and applicable to the service or purpose to which they have been applied or charged and whether the expenditure conforms to the authority given. i. i. i. To audit and report on all receipts which are payable To assess the adequacy of management control of To review that financial businesses have been into the consolidated fund. public moneys and state property, conducted with due regard to economy, efficiency and effectiveness ( to conduct financial and value for money The Constitution, 1995. The Public Finance and Accountability Act, 2003. (PFA

audits in respect of any project involving public funds) i. i. To satisfy him/herself that there is proper safe guard of To prepare and submit an annual audit report to public money and state property. Parliament. And draw the attention of the Parliament to any irregularities in the accounts audited and any other matter which in his opinion ought to be brought to the attention of the parliament. i. Examination and reporting on confidential government contracts to express an opinion on the adequacy of the summaries of confidential contracts. 7.8.2.3 Powers of the Auditor General The 1995 constitution and the PFA, Act 2003 give the Auditor General powers which reaffirms his independence. i. The auditor general shall not be subject to direction or control of any other person or authority in the exercise of their function [Article 163(6) of the constitution]. This power emphasizes the concept of independence of the auditor general. i. He has the power to require a public officer, within 3 months, to give explanation or information on any query raised by the auditor general; i. i. Power to appoint any competently qualified person to Power to access all records, books of accounts, carry out the audit on his behalf, vouchers, documents, cash, stamps, securities, stores or other public property in the possession of any public officer. i. i. Power to disallow any item of expenditure which is May, by summons, require the appearance of any contrally to the law. person or the production of any relevant accounts, records or other documents i. Power to require a person to make an oath or affirmation to answer truthfully all questions relating to an audit or examination. i. Power to recommend to the attorney general any cases

for prosecution i. the amount The power to surcharge : of any expenditure disallowed upon the person

responsible for incurring or authorizing the expenditure, any sum which has not been duly brought into account upon the person whom the sum ought to have been brought into account.

7.8.2.4 Status of the Auditor General The following provisions of the 1995 constitution and the PFA, Act 2003 seek to safe guard the status and independence of the Auditor general : 1). The Auditor general can only be removed from office by the President only for: Inability to perform the functions of his or her office arising from infirmity of body or mind; Misbehavior or misconduct; or incompetence 2). According to article 163(2) of the constitution, a person cannot be appointed as Auditor General, unless that person meets the following criteria: Is a qualified accountant (therefore, subject to the professional code of conduct) of not less than 15 years standing and Is a person of high moral character and proven integrity. 3). His salary and conditions of services are guaranteed by the constitution as a charge from the consolidated fund. 4). Reports to the Parliament and the constitution requires parliament to debate his report within six month of submitting it to parliament, and to take action on his recommendations. PAC Public accounts Committee etc 5) Is not subject to the direction of any person/party as to the manner in which functions are carried out; powers are exercised; or priority given to a particular matter. 6). The constitution requires the accounts of the office of the auditor general to be audited and reported upon by another auditor appointed by Parliament. 7.8.2.5 Organization of the office of auditor general Auditor General Directors of audit

Directorate of Central government accounts Directorate for Prastatals and statutory commissions Directorate for local governments Administration and Training. Principal auditors Senior Auditors Auditor Degree holders Examiner of Accounts diploma holders

7.8.3

NATURE OF GOVERNMENT AUDITS

Government audit encompasses two main elements: 1. Fiscal accountability Compliance or regularity auditing and financial auditing involving the audit of expenditure, receipts and other elements of financial statements of the Government; 1. Managerial accountability Value for money audit: audit of efficiency, economy and effectiveness 7.8.3.1 Fiscal Accountability Ensuring fiscal accountability is a very significant aspect of Government audit. This involves: Audit of expenditure Auditor general will examine whether or not the following essential conditions for incurring Government expenditure have been satisfied: That there is Provision of funds out of which the expenditure can be met. This provision should have been authorised by competent authority fixing the limits within which the expenditure can be incurred. This scrutiny is known as audit of provision of funds .The executive (cabinet) will seek this authority from the Parliament (annual budget), local governments get the authority from their councils. Therefore the power of provision of funds is with the legislature. That there is proper sanction covering the expenditure. The sanction

may be either specific to the expenditure (i.e special sanction) or it may be a general sanction. It should have been accorded by competent authority. This part of the audit is term sanctioning powers of various authorities. That the expenditure incurred conforms to the relevant provisions of the constitution or of the laws made there under and is in accordance with the financial rules and regulations framed by the authority. This part of the audit is called audit of regularity. Under this the auditor has to examine the following: all payments are according to the rules and orders regarding powers to sanction and incur expenditure and regarding mode or presentation of claims for expenditure; Claims are made in accordance with rules and in the proper form; the prescribed preliminaries for incurring expenditure are observed; the rates paid for work done or supplies made are in accordance with any scale or schedule prescribed by competent authority etc. That the expenditure is incurred with due regard to broad and general principles of financial propriety/correctness/fitness i.e audit of propriety. The auditor has to examine whether in making the expenditure, a reasonably high standard of financial morality, sound financial administration and devotion to the financial interests of the Government has been maintained. While there are no hard and fast rules laid down regarding the standards of financial propriety, the auditor should, while conducting this phase of audit, look into the following matters: the expenditure does not seem prima facie to be more than what the occasion demands, the authorities involved in the expenditure have made the expenditure with same degree of caution as a person of ordinary prudence would exercise in respect of his own money, the authorities involved in the expenditure have not derived any direct or indirect advantage from the transaction, public money is not utilized for the benefit of a particular person or section of community and the audit of sanctions. The auditor therefore should be conversant with the

benefits accrues to the public in general unless : the amount involved is insignificant; or a claim for the amount could be enforced in a court of law; or the expenditure is in pursuance of a recognised policy or custom. Audit of Receipts Government audit also covers receipts payable into the consolidated fund of the central government and of each of the local authorities. Government revenue can be classified as tax revenue and non-tax revenue. Tax revenues are on account of direct taxes and indirect taxes. An audit of tax revenues involves an examination of the quasijudicial act of assessments made by the relevant authorities. Nontax revenue, on the other hand, is generally governed by a contract, a tariff or general financial rules and regulations e.g traffic offence fines, passport fees etc. The auditor has to satisfy himself that the rules and procedures in case are designed in such a manner that amounts due to Government are regularly recovered and duly brought into the accounts. The emphasis in audit of receipts is on examining the procedure regarding the assessment, collection and refund of all revenue receipts to determine whether it provides adequately for actually secures: The collection and utilization of data necessary for the computation of the demands or refunds under law; The prompt raising of demands on tax payers in the manner required by law; The regular accounting of demands, collections and refunds The correct accounting and allocation of collections and their credit to the consolidated fund; The existence of proper safeguards to ensure that there is no willful omission or negligence to levy or collect taxes, or to issue refunds,

The follow up of claims on taxpayers with due diligence. The claims should not be abandoned or reduced except with adequate justification and proper authority; Prompt detection and investigation of double refunds, fraudulent or forged refund orders, or other losses of revenue through fraud, default or mistake. Audit of debts and investments The procedures described above also apply here. The first step in the process of verification of these items is to ascertain how far the final balances agree with the ledger balances; secondly ascertain where necessary, whether the person or persons by whom the balance is owed or to whom it is due, admit its correctness, and in case of balances due, to what extent are they recoverable. Borrowings: The Auditor should examine whether the borrowings are within the limits fixed by the legislature from time to time and whether conditions relating to the loans are duly observed. The auditor should also examine whether the proceeds from the loans are properly accounted for and are spent only on objects for which the loans were originally raised. Sections 20 30 of PFA, Act 2003 gives regulations for Government borrowings. Investments : The auditor has to examine whether the investments made on account of any regularly constitutes sinking fund or other fund administered by the Government are of such nature as is authorised by the statutory provisions or by instrument governing the fund. The auditor should also take up promptly with the Government, cases of investments, which he considers to be unauthorized, irregular or unsound. Loans and advances: The auditor should review the reasons for making the loan or advance as well as the conditions on which it is made. Audit of stores and stocks (The term stores in

Government accounting includes all articles and materials purchased or other wise acquired for the use of the government, and thus includes items like

plant,

machinery,

instruments,

furniture,

equipments, fixtures,livestock, cars etc) Audit of all articles and materials including plant, machinery, furniture and equipment is carried out as follows: The internal regulations and controls governing purchase, receipts, issue, custody, sale, write-off and stock taking procedures and reviews (see Public Procurement and Disposal of Public assets Act, 2003 PPDPA, Act 2003) Purchases are audited according to the rules prescribed for audit 2003. The system of accounting for stores is reviewed. The auditor has to examine whether the balance in hand is within the maximum prescribed limits and is not excess of reasonable requirements. The sanction for write-offs /disposals is scrutunised and is accordance with the PPDPA, 2003. The auditor examines whether necessary action has been taken to segregate and dispose of unserviceable, surplus or obsolete stores in accordance with the prescribed procedures under the PPDPA, 2003. The auditor reviews the system of physical stocktaking. Where he finds discrepancies in the stores accounts, the auditor has a right to inspect the physical balances Where a priced ledger is maintained the auditor has to review the prices charged and examine the balances at hand. 7.8.3.2 Managerial accountability Value for money audit Government audit also seek to evaluate economy, efficiency and effectiveness of selected government activities. Economy is concerned with minimizing the cost of resources acquired or used, having regard to appropriate quality. Efficiency refers to the relationship between the output of goods / services or other results and the resources used to produce them. Thus the auditor examines how far maximum output is achieved for a given input, or minimum input used for a given output. of expenditure and in line with procurement guidelines(tendering, shopping etc) under the PPDPA, Act

Effectiveness is the relationship between the intended results and the actual results of projects, programmes or other activities. Thus the auditor examines how successfully the outputs of goods /services or other results achieve policy objectives, operational goals and other intended effects. In practice, the boundaries between economy, efficiency and effectiveness are rarely clear-cut. Therefore in carrying out a value for money audit, the auditor looks at these aspects together particularly when considering the closely linked aspects of economy and efficiency. EXAMPLE: Value for money audit Programme for construction of a hospital might cover an examination of any or all of the following aspects: i. The tendering, contract and project control procedures to establish how far the hospital and associated facilities have been built to specification, on time and at lowest achievable cost or within approved cost limits. i. Utilisation of wards, beds, operation theatres and medical and mix; and administrative of staff integration services; equipment; allocations systems; etc i. Results achieved e.g in terms of reduction in patient waiting lists, increase in operations performed, improved diagnostic and treatment services and, ultimately, the improvement in health and quality of life, reduced mortality rates, etc. 7.8.4 THE AUDIT REPORT : The auditor generals report enables the public to know with confidence how public funds have been spent. He issues both a management letter and the audit report, parliament (PAC) The basic elements of the report are: i. i. Title Content

maintenance; management and resource allocation

Audit assignment: The auditor should state that the financial statements identified in the report have been audited; the

responsibility of the management and of the auditor on the financial statements. Objectives and scope of the audit. Opinion paragraph qualified or unqualified, adverse, disclaimer of opinion. i. i. Signature Date

7.8.5 DOES THE AUDITOR GENERAL REALLY HAVE FULL CONTROL OF HIS POWERS TO EFFECTIVELY CARRY OUT THE MANDATE? (to what extent does auditor general carry out independent review of accounts ?) The following factors affect the ability of the auditor general to act effectively a) The auditor general is not totally independent. For the office of the Auditor general to function effectively and efficiently it should have freedom from control or undue influence by the executive, but the practice is that Government does not allow the full range of its activities to be subject to an independent analysis and evaluation Classified expenditure! b) Policy issues are a no go area which auditors dare not question directly, so how do you assess value for money c). Staff of the office of the auditor general are recruited by the public service commission. This makes it difficult for the Auditor general to establish standards in terms of quality of professional qualification of personnel, d). The staff still depends on the Ministry of Finance Planning and Economic Development for budgetary and financial matters, e). Staff remuneration, conditions of services and other required logistics still lie outside the ambit of the office of the auditor general f) The attitude of public officers in providing records to auditors. Auditors encounter with some civil servants, military and other security fields have not been very pleasant, because some of these official refuse to adhere to statutory rights, which assure the auditors access to all records.

g) Lack of effective follow-up on Audit reports these reports are relegated to parliamentary committees many of whose members do not even have the ability to understand the queries raised by the auditor general later on following up the recommendations! h) Insufficient legal foundation the law is insufficient to ensure total independence and proper mandate to the auditor general. Is there a case for an independent GOVT AUDIT AUTHORITY ?