MONITORING AND

AUDITING
RECOMMENDATIONS
Daniel Whyte | Michael Commens | Kristian Gage
 ANAO CONTEXT

What we will • Purpose of recommendations

• Financial statement audit
• Performance audit

cover today
MONITORING RECOMMENDATIONS
• ANAO KPIs for recommendations
• Performance audit monitoring results

IMPLEMENTATION OF
RECOMMENDATIONS AUDITS

FOLLOW-UP AND FOLLOW-ON AUDITS

 Purpose of ANAO recommendations

ANAO’s purpose is to support accountability and transparency in the

Australian Government sector through independent reporting to
Parliament, and thereby contribute to improved public sector performance

Primary audience of our audit reports is Parliament

Entities are accountable to Parliament in relation to their performance,

including the actions they take in response to ANAO recommendations
 ANAO provides entities with audit findings and
Financial statement recommendations to improve internal controls and
business processes
audit recommendations
• Reported to entity through interim management letter,
closing report or final management letter
• Entities may suggest alternative method to resolve the issue

Findings and recommendations are reported using

rating scale

• Significant (category A) and moderate (category B) risk issues

reported individually to entity, minister and Parliament
• Lower risk issues (category C) reported to individually to
entity and in aggregate in ANAO’s reports to the Parliament

Findings and recommendations are followed up as

part following year’s financial statements audit
 Entity level:
Financial statement
audit recommendations
 Financial statements audit
recommendations
Entity level:
 Financial statements audit
recommendations
Whole of Government level:
 Financial statements audit
recommendations
Whole of Government level:
 Performance audit recommendations

Entities are asked to clearly

ANAO aims to be targeted ‘agree’ or ‘disagree’ to
ANAO provides potential in developing recommendations
recommendations to recommendations
entities prior to the final Discourage ‘partially’ or ‘in
draft report principle’ responses (treat the
Principles:
same as 'disagree' in our
• address the cause;
reporting)
Recommendations can • focus on significant issues;
Joint Committee on Public
be adjusted or removed, • be realistic and
Accounts and Audit (JCPAA)
or new recommendations achievable;
has expressed support for this
developed, in light of • focus on what needs to
position – wants clear signal
feedback and additional be done rather than how
from entities on whether they
information provided to do it.
will implement it
 ANAO HAS KEY PERFORMANCE INDICATORS
IN OUR CORPORATE PLAN RELATING TO
Monitoring RECOMMENDATIONS:
Performance audit
recommendations • 90% of recommendations agreed without qualification
• 70% of recommendations implemented within 24 months
Financial statements audit
• 90% of moderate and significant findings agreed without
qualification
• 90% of moderate and significant findings addressed within
24 months

ANAO PARTICIPATES AS AN OBSERVER IN

ENTITY AUDIT COMMITTEES WHICH HAVE A
ROLE IN MONITORING THE IMPLEMENTATION
OF RECOMMENDATIONS.
Monitoring Recommendation
FINANCIAL STATEMENTS AUDIT
Monitoring Recommendation
FINANCIAL STATEMENTS AUDIT
Monitoring Recommendation
PERFORMANCE AUDIT
Monitoring Recommendation
PERFORMANCE AUDIT
Performance audit monitoring results

Implementation results are based on entity self-

reporting – audits have shown this can be inaccurate
 IMPLEMENTATION OF
RECOMMENDATIONS AUDITS
 THE AUDIT OBJECTIVE:
The objective of implementation of recommendations
Implementation of audits are to determine whether the selected entity or
portfolio entities have implemented:
Recommendations
• Recommendations of the Australian Parliament’s
audits JCPAA (Joint Committee of Public Accounts and
Audit)
• Recommendations of Parliamentary committees and
inquiries (Presently the Parliament has 64
Committees and 76 public inquiries)
• Recommendations of previous ANAO performance
audits
 THE AUDIT CRITERIA:
Governance:
Implementation of • Governance arrangements (formal response to recs,
assignment of responsibility, monitoring
Recommendations committees)
audits • Systems and process to monitor recommendations
Implementation activities:
• Development of implementation plans
• Effective monitoring of each recommendation
(sample testing in the case of a large number of
recommendations)
• Effective delivery of the recommendation in full and
closed in accordance with requirements
 AUDIT SCOPE AND AUDIT TESTING:
Governance:
Implementation of • Committee structures, lines of accountability,
committee responsibilities, terms of reference, and
Recommendations committee records relating to the acceptance,
audits monitoring and closure of recommendations
• Policies and procedures for tracking and reporting
on recommendations
• System data or other tracking of the status of
recommendations
 AUDIT SCOPE AND AUDIT TESTING:
Implementation:
Implementation of • Development of implementation plans, milestones
and timelines for implementation
Recommendations • Specific recommendation testing (procedures
audits developed, systems implemented, etc)
• Evidence supports the effective implementation
and the appropriate closure of the
recommendation
 Implementation of
Recommendations audits
Recent ANAO examples:

2020-21:
Implementation of ANAO and
Parliamentary Committee
Recommendations — Department of
Defence

2021-22:
Implementation of Parliamentary Committee and
Auditor-General Recommendations — Department
of Home Affairs

2019-20:
https://www.anao.gov.au/work/performance-
audit/implementation-anao-parliamentary-committee-
recommendations-education-health-portfolios
 Implementation of
Recommendations audits

Implementation of Parliamentary Committee and Auditor - General Recommendations –

Department of Home Affairs
 Implementation of
Recommendations audits

Implementation of Parliamentary Committee and Auditor - General Recommendations –

Department of Home Affairs
 Implementation of
Recommendations audits

Implementation of Parliamentary Committee and Auditor - General Recommendations –

Department of Home Affairs
FOLLOW-UP AND FOLLOW-ON
AUDITS
The Audit Objective:
• Often includes two objectives:
➢ The effective implementation of
Follow-up audits
recommendations
➢ Re-auditing of activities or re-
scoping of audit work
undertaken in the original audit
The Audit Criteria:
• Narrowly scoped audit criteria that
directly reference the recommendation Follow-up audits
or subject matter relevant to the original
audit recommendations.
• May include broader criteria relating to
the effectiveness of the activity subject to
adverse findings or a recommendation
the original audit.
Audit Scope and Audit Testing:
• Typically scoped more narrowly and
audit testing is focussed on the same or Follow-up audits
associated activities as the original audits.
• Audit testing is a mix of typical
performance audit and implementation
of recommendations testing
(governance and implementation).
 Follow-up audits
Some recent examples:

Monitoring the Impact of Government School Funding — Follow-up Regulation of Great Barrier Reef Marine Park Permits and Approvals —
Follow-up

Delivery of Security Vetting Services Follow-up Domestic Passenger Screening—Follow-Up

 Follow-up audits

Delivery of Security Vetting Services Follow-up:

The Audit Objective:
• Typically look at aspects of a program
that were out of scope in the original
audit; or Follow-on audits
• Address material audit questions which
the original audit was unable to draw an
appropriate conclusion on.
Example:

Implementation of cashless debit card – Follow-on

The Audit Critera:
• Criteria vary based on the subject
Follow-on audits
matter and don’t generally reference
specific recommendations of the
original audit
• Criteria are typical of performance
audits and focus on risk and materiality
The Audit Scope and Audit Testing:
• Scoped according to risk and/or the
Follow-on audits
breadth of the issues identified in the
original audit.
• Audit testing is based on risk and
undertaken the same as other
performance audits.
 Follow-on audits

Some recent examples:

Implementation and Performance of the Cashless Management of the National Collections — Follow-on
Debit Card Trial — Follow-on
 Follow-on audits

Management of the national Collections – Follow-on:

Implementing
recommendations - Insights

• Published in July 2021, the insights publication

looks at the approaches taken to by entities to
implement and monitor Parliamentary and
ANAO recommendations.
• Two key themes:
➢ Governance
➢ Implementation
Implementing
recommendations - Insights

Governance:
• Governance arrangements to respond to, monitor and
implement recommendations. These arrangements
include:
➢ Establishing processes and assigning responsibility for the
implementation
➢ Establishing systems and processes for tracking and
monitoring progress
➢ Establishing systems and processes for reporting on the
progress and outcomes of implementation to the entity
audit and risk committee
Implementing
recommendations - Insights

Implementation:
• Arrangements to support the effective implementation of
recommendations. These include:
➢ Planning and the establishment of measures or indicators
the effective implementation or recommendations
➢ Establishing a timeline for impletion, including interim
milestones if appropriate
➢ Appropriate documentation and record keeping