Professional Documents
Culture Documents
what are the duties and responsibilities of the department head of Internal Audit Service of local government
unit in the Philippines
The duties and responsibilities of the department head of the Internal Audit Service (IAS) in a local government unit
(LGU) in the Philippines can vary depending on the specific LGU's organizational structure and policies. However,
there are certain common roles and responsibilities associated with this position, as outlined in the Local Government
Code of the Philippines (Republic Act No. 7160) and other relevant laws and regulations. Here are some of the typical
duties and responsibilities of the department head of the IAS in an LGU:
1. Establish and Maintain an Internal Audit Function: The department head is responsible for establishing
and maintaining an effective internal audit function within the LGU. This includes developing audit policies,
procedures, and standards in accordance with relevant laws and regulations.
2. Audit Planning and Execution: Develop annual audit plans that outline the scope and objectives of audit
activities. Execute these plans by conducting financial, operational, compliance, and performance audits of
LGU departments and programs.
3. Risk Assessment: Identify and assess the risks facing the LGU, both financial and non-financial. Develop
strategies and audit plans to mitigate these risks.
4. Financial Accountability: Ensure that financial transactions and records of the LGU comply with established
accounting principles and legal requirements. Detect and prevent fraud, mismanagement, and irregularities.
5. Compliance Verification: Verify compliance with laws, regulations, and policies, including procurement and
disbursement regulations. Ensure that government funds are used for authorized purposes.
6. Performance Audit: Evaluate the efficiency and effectiveness of LGU programs and projects. Recommend
improvements and cost-saving measures.
7. Report Generation: Prepare audit reports detailing findings, recommendations, and action plans. Submit
these reports to the LGU's governing body (e.g., Sanggunian Bayan or Sangguniang Panlungsod) and the
LGU's chief executive officer (e.g., Mayor).
8. Follow-Up and Monitoring: Monitor the implementation of audit recommendations and track progress on
corrective actions. Report on the status of recommendations to the governing body and management.
9. Capacity Building: Provide training and guidance to LGU staff on proper financial management, internal
controls, and compliance.
10. Independence and Objectivity: Maintain independence and objectivity in the audit process, free from undue
influence or interference.
11. Coordination: Collaborate with other LGU departments and units to facilitate the audit process and ensure
cooperation in addressing audit findings.
12. Documentation and Records Management: Maintain thorough documentation of audit workpapers, reports,
and correspondence. Safeguard sensitive and confidential information.
13. Professional Development: Stay updated on changes in auditing standards, laws, and regulations through
continuing education and professional development.
14. Ethical Conduct: Adhere to the highest ethical standards in conducting audits and handling sensitive
information.
Mandate
The Internal Audit Services (IAS) is mandated to conduct a separate evaluation or appraisal of internal control system
to determine whether controls are well designed and properly implemented. In the conduct of evaluation, the IAS shall
determine the extent of compliance and assess the adequacy of controls embedded in operating and support
systems/units, as well as evaluate the performance of programs, projects, and activities of the LGU.
Mission
To provide independent, effective, efficient and value adding Internal Audit Services designed to promote
transparency, accountability, efficiency and effectiveness of management and operations of the Provincial
Government for the citizens of Bataan.
Vision
A team of highly competent and multi-disciplinary auditors that provides innovation, integrity and quality audits
designed to add value and improve operations of Provincial Government of Bataan.
MANAGEMENT AUDIT
Audit the effectiveness of LGU’s internal controls adopted in the operating and support service units/systems
to determine whether or not they achieve the control objectives over a period of time or as of a specific date.
OPERATIONS AUDIT
Audit the LGU’s operations and processes, including the efficiency and effectiveness of its programs and
services, to identify opportunities for improvement.
COMPLIANCE AUDIT
Audit the LGU’s compliance with laws, regulations, and policies, including procurement and financial
management policies.
Objective
•Risk assessment is a key requirement of the planning phase of an audit.
•We perform risk assessment procedures to obtain an understanding of the entity and its environment, including the
entity’s controls, to identify and assess the risks of material misstatement, whether due to error or fraud, at the
financial statement and relevant assertion levels, which aids us in designing further audit procedures.
•The objective of this presentation is to provide an overview of the risk assessment process as it relates to the planning
of the audit.
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an
organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined
approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
Audit risk (also referred to as residual risk) as per ISA 200 refers to the risk that the auditor expresses an
inappropriate opinion when the financial statements are materiality misstated. This risk is composed of:
Inherent risk (IR), the risk involved in the nature of business or transaction. Example, transactions
involving exchange of cash may have higher IR than transactions involving settlement by cheques. The
term inherent risk may have other definitions in other contexts.;[1]
Control risk (CR), the risk that a misstatement may not be prevented or detected and corrected due to
weakness in the entity's internal control mechanism. Example, control risk assessment may be higher in
an entity where separation of duties is not well defined; and
Detection risk (DR), the probability that the auditing procedures may fail to detect existence of a material
error or fraud. Detection risk may be due to sampling error or non-sampling error.[2]
Audit risk can be calculated as:
AR = IR × CR × DR
Detection risk is inversely related to the risks of material misstatement. For example, when the inherent and control
risks are assessed as High (IR=100%, CR=80%), the detection risk would need to be Low (DR=6%) to ensure that
audit risk is kept at a low level. This would increase the assurance required from substantive tests.
Alternatively, when the inherent and control risks are assessed as Low (IR=40%, CR=25%), a higher level of detection
risk (DR=50%) is acceptable while maintaining audit risk at a low level. This would reduce the assurance required
from substantive tests.
The degree of assurance (%) is the confidence level and can be used in statistical sampling to calculate the sample size
for substantive tests. The sample size is determined using statistical sampling tables or audit software
An audit evaluates the accuracy of a company’s financial statements and the effectiveness of its internal control
system to identify control weaknesses. In addition, audits typically include some form of substantive testing, which
tests for risks of material misstatements and errors. These substantive audit procedures review, test, and analyze a
company’s financial records.
Substantive testing is an audit that looks for flaws in financial records. These tests are required to prove that a
company’s financial records are comprehensive, valid, and accurate. It’s an important concept in audits and internal
control, so in this post we’ll explore all its related issues.
Substantive audit procedures prove that each material assertion in the financial statements is true. That said, tests may
also reveal monetary errors or misstatements in the recording or presentation of transactions and balances.
Substantive testing is performed according to Generally Accepted Auditing Standards (GAAS). These standards
require the auditor to understand the relevant audit controls and to assess whether those controls effectively prevent
(or at least detect and correct) material misstatements that may appear in the financial statements.
Analytical procedures. Substantive analytical procedures compare several financial and operational data sets
to examine whether trends and relationships are consistent. These techniques are intended to alert you to
potential issues with your financial records, which you can then investigate further.
Test of details of transactions. A test of transactions focuses on the individual transactions that make up an
account balance. This test of details is done to check for the accuracy of the financial statement transactions.
Auditors typically choose a sample to test whether the details match the transaction recorded in a company’s
books.
Tests of details of balances. A test of balances is done to check whether any material misstatement exists in
the balances of the financial statements’ accounts. This test of details tries to demonstrate that the tests of
control and the substantive tests related to transactions are all reasonable.
Nature. This relates to the efficacy and type of audit procedure an auditor uses based on whatever level of risk
is acceptable. The lower your risk level is, the more expensive and extensive your audit procedures will be.
Conversely, the procedures are less expensive (and less effective) when the acceptable level of risk is higher.
Extent. This is the quantity of evidence an auditor gathers, depending on how much substantive testing is
conducted. Procedures requiring more tests and larger sample sizes are frequently needed when acceptable
risk is low. When your risk levels are high, processes require fewer tests and smaller sample sizes.
Timing. This relates to how the timing of an audit event might change due to the acceptable risk level. For
example, the auditor may perform audits in the middle of the month if controls are solid and the expected
level of risk identification is minimal. Conversely, the auditor may audit closer to month- or year-end if the
expected risk is high.
Control tests determine whether a policy or practice is well-designed to prevent or detect significant misstatements in
a financial statement. The operating effectiveness of controls focuses on three questions: how is the control applied, is
it consistently applied during the year, and who applies it?
Concurrent test. The auditor tests the understanding of a process to check the effectiveness of the control
policy or practice. These tests are performed based on the discretion of the auditor. For example, auditors may
inquire about the budgeting system to verify users’ familiarity with the processes.
Planned test of control. An auditor will look for evidence of proper and consistent application of control
policies and procedures throughout the audited year.
Prioritize testing of controls. Large organizations routinely have hundreds or even thousands of documented
controls. For each control under consideration, determine its effect on the organization to determine the nature
and frequency of testing. In addition, consider the specific regulations or compliance standards that the
organization must follow, such as the Sarbanes-Oxley Act (SOX) or General Data Protection Regulation
(GDPR). Requirements for these standards will often guide the testing process and determine which controls
to test first.
Design an appropriate test for each control. The nature of the control often determines the testing approach.
For example, if the organization relies on controls to mitigate significant risks, you should test those controls
more frequently. You may also evaluate the design of the control before testing its operation.
Documenting and tracking identified problems. An essential aspect of control testing is quickly remedying
issues encountered during testing. Always check corrections by rerunning the test program after allowing time
for the remediation to verify that all problems have been resolved.
How Do the Main Objectives of Tests of Controls and Substantive Procedures Differ?
When we talk about control tests, we refer to audit procedures that verify the operating effectiveness of controls
related to preventing or detecting material misstatements. That is not the same as substantive testing, which (as we
described above) is a phase in the audit process to determine the fairness of financial information.
For objectives, control testing evaluates the performance of the internal controls that govern the accounting system. At
the same time, substantive testing provides sufficient appropriate audit evidence on the completeness, accuracy, and
validity of the actual data produced by the accounting system.
Control testing is completed before substantive testing, and results from control testing will influence the scope of
substantive testing. For example, if an auditor determines that an organization’s controls are weak, he or she may
recommend more thorough substantive testing. In this sense, we can say that the procedures are different but related.
While each procedure has its purpose in audits, both audit techniques are essential for the risk management of internal
controls of a business.
The primary objective behind performing substantive procedures is to assure that there are no material misstatements
in your company’s financial records and that all the relevant information is correctly disclosed. These procedures
include the following activities:
Testing the applicable classes of transactions, account balances, and disclosures;
Reconciling the financial statements and accompanying notes to the underlying accounting records;
Evaluating material journal entries and other adjustments made during the preparation of the financial
statements;
Making inquiries about any suspicious transactions.
Based on that plausible relationship (the percentage of payroll to total expenses) the auditors can then search for and
create evidence by using percentages and comparisons to the prior year.
Another way to think of it: numbers usually behave in specific ways, so an auditor can use these relationships to form
audit opinions when reviewing your company’s financial statements.
To test occurrence, the auditor can compare monthly sales of the current year to the previous year. He or she
can also compare the percentage of expenses to sales for the current year with that of the prior year.
To test cut-off, the auditor can compare profit margins from the last few months of the audit period to those
after the period-end.
To test solvency and going concern, the auditor can compare the current ratio to that of the previous year.
To test accuracy and occurrence, the auditor can compare the current year’s profit margins with those of the
previous period.
To test the completeness and accuracy of pension or post-employment benefit plans, the auditor can
divide the actual value of plan assets by the actual accrued liability and compare it to the prior year.
To test the financial strength and going concern of an entity, the auditor can divide the total debt by the
total assets and compare it to the prior year.
To test inventory existence and occurrence, the auditor can divide the cost of goods sold by the average
inventory and compare it to the prior year.