Thursday, November 3, 2011

6. GOAL 4 ENHANCING AUDIT EFFECTIVENESS AND IMPACT



6 Goal 4:Enhancing AuditEffectiveness and Impact

6.1 Integrated Approach to Financial and Compliance Audit

This strategy is about:

4A.         Conducting pilot integrated financial‐cum‐compliance audits in different areas with a view to
assessing the advantages and disadvantages of such integration, and drawing up a phased  approach to integrated financial‐cum‐compliance audit

Most developed country SAIs conduct only two types of audit:

·      Financial / regularity audit, which covers both expression of an audit opinion on financial statements, as well as assessment of compliance with applicable laws, rules and regulations; and

·       Performance/ VFM audit

There is no separate type of “compliance” or “transaction” audit; this is an integral part of the annual financial audit process.

The transaction/ compliance audit by IAAD11 is, thus, different from the financial/ regularity audit, as is internationally practiced, in the following ways:

·      It is undertaken separately from the certification/ audit process and no co‐ordination is attempted.

·      Major findings arising out of the transaction audit (viz. instances of non‐compliance, irregular/ wasteful expenditure, fraud etc.) do not “feed” into the annual certification process; do not, in general, have an impact on the CAG’s audit certificate that the accounts present a “true and fair view” of the financial position of Government; and, thus, do not contribute to providing “assurance” on the financial statements.

·      While the annual audit opinion is based on findings relating to activities/ transactions during the financial year only, compliance audit findings, as presented in the CAG’s Audit Report,

are not restricted to transactions during that year and could cover transactions upto 3‐ 4 years old12.

Thus, our transaction/ compliance audit process is, in many ways, an anachronism (viewed with reference to international practices). It would, therefore, be logical to integrate financial and compliance
 


11 And some other SAIs in developing countries (notably the sub‐continent)

12   The preface to the CAG’s Compliance Audit Reports carries a specific reference that findings relating to transactions of earlier years have also been included. As a matter of practice, however, findings relating to transactions which are five years old or more are not generally considered for inclusion in the Audit Report.


9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page32



audit into a single process geared towards the objective of providing audit assurance on the financial statements, as also on the adequacy and effectiveness of the internal controls.

However,as against the numerous advantages of the integrated financial‐cum‐compliance audit approach, several difficulties in practical implementation of such an approach have also to be recognized:

·      The IAAD itself has been conducting integrated financial ‐ cum‐ compliance audits during its audits of the UN, WHO, FAO and other international agencies. For such prestigious internal audits, officers and staff are chosen through a rigorous selection process targeted to maintain a high quality of audit resources; however, this, in itself, is not an insurmountable obstacle to an integrated audit approach in domestic assignments. Similarly, our audit of expenditure on World Bank and other multilaterally funded projects is increasingly an integrated financial‐cum‐compliance audit, as is the case for small autonomous bodies.

·      The main impediment to conduct of integrated audits is the poor governance and internal control structures of our auditee agencies. It is well recognized that the adequacy and effectiveness of internal controls, including financial controls, in most Government Departments and agencies leaves much to be desired. The timeliness of rendering of accounts (both the primary accounts by the Treasuries and Divisions of the State Governments as well as the Appropriation Accounts and Finance Accounts statements by the different Pr. PAOs of the Central Government) and adherence to the stipulated time schedules is extremely poor. The process of rendering the audit opinion on the annual accounts is thus a race against time. Combining the financial and compliance audits might well delay the finalization of the CAG’s audit opinion.

·      A case could be made for a two/ three phase audit in a concurrent manner throughout the year, so as to minimise the time taken at the end of the year for finalizing the audit opinion. It is however well recognized that a significant proportion of the annual expenditure (and in some cases, the majority of the expenditure) is incurred in the last quarter of the financial year, especially in the month of March itself. The risk for non‐compliance, impropriety and wastefulness (if not fraud) of such expenditure late in the financial year is extremely high, and conducting financial‐cum‐compliance audit in a highly compressed timeframe, so as to ensure timely finalization of the audit opinion, carries potential audit risks.

·      Given the state of internal controls in most Government organisations13, it would not be difficult to give suitable qualifications/ disclaimers on the adequacy and ineffectiveness of
 


13An Internal Control and Risk Management framework is under adoption. However, even this draft framework is not an integrated framework, covering the entire activities of the Ministry/ Department. By contrast, listed PSUs have, in general, better corporate governance and internal control structures, primarily due to the requirements of quarterly financial reporting, the rigour of external scrutiny by private shareholders, investors and financial analysts, and the corporate governance requirements stipulated in the listing regulations by SEBI.


9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page33



control structures14, as part of our audit opinion on the financial statements; indeed, this would be appropriate and desirable. However, given the expectations of our stakeholders (the legislature, the media, and the public at large) who look forward to our audit findings highlighting instances of irregular/ wasteful expenditure etc., a disclaimer on the state of internal controls would not absolve us from conducting and reporting the results of our compliance/ transaction audits.

 It is, thus, clear that while an integrated financial‐cum‐compliance audit approach has
enormous advantages in terms of providing overall audit assurance, there are serious

 practical issues in its potential implementation, primarily on account of the poor internal  control and governance structures in Government Departments and agencies.

 Considering that an integrated audit approach has not been tried out by IAAD in its
mainstream audits, we recommend that pilot integrated audits be conducted in different
 areas, with a view to
·      assessing the advantages arising from such integrated audits,

 ·      assessing the difficulties (external and internal) in such integration and how these can be  addressed with a view to providing overall audit assurance,

 ·      ascertaining the limits of integration (where control deficiencies in auditees and other
external factors would constrain our audit approach, and beyond which our credibility could be potentially compromised), and

 ·      drawing up a phased approach (with indicative timelines) to integration, given the above  factors.

 Such pilot audits could covera mix of:
·    selected Central PSUs (especially listed PSUs, where internal control and corporate
governance structures are part of an institutional framework15 and a three‐phase audit

approach has already been adopted for certification audit u/ S 619(4) of the Companies Act)

 ·      Two State Governments – either as a whole, or selected Departments within the State
Governments;

 ·      Two Central Government Ministries/ Departments
 






14  The findings in Report No. 1/ Chapter‐II relating to appropriations in the Central/ State Governments is, by itself, adequate to justify such qualifications/ disclaimers.
15 Thanks to Clause 49 of the Listing Agreement


9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page34


 The pilot studies could be conducted for the financial year 2011‐12, for which adequate  preparatory steps would need to be undertaken. Based on the results of the pilot studies, a  phased strategy for integrated financial‐cum‐compliance audit could be drawn up thereafter.

Details of a suggested approach to integrated financial‐cum‐compliance audit, which could be adopted for the pilot studies, are enclosed in Annexe‐6. Pending the introduction of an integrated financial‐cum‐ compliance audit pursuant to these pilot studies, the approach to financial audit and compliance audit is discussed separately in the succeeding sections.

6.2 Enhanced Focus on Financial AttestAuditof Government Accounts

This strategy is about:

4B.         Strengthening the assurance based approach to financial attest audit of Government accounts


4C.         Preparing detailed annual financial attest audit plans and evolving appropriate statistical  models

4D.         Combining inputs from past audit findings and VLC data analysis into the financial audit  process

4E.         Commenting on adequacy and effectiveness of internal controls affecting the accuracy of  financial statements, and encourage moves towards a Management Responsibility Statement

4F.          Introducing audit automation software, towards preparation of assurance memos

Background

The financial attest audit of Central and State Government accounts, resulting in the expression of the CAG’s audit opinion, is a core product of the CAG under Article 151 of the Constitution. However, the financial audit process in an AG office receives inadequate priority, and primarily comprises of:

·      Central audit of vouchers by the CAP/ CASS Sections – In the typical AG office, these sections are staffed with human resources of less than adequate quality (who cannot be effectively utilized for assignments considered to be of higher priority). The proportion of vouchers to be examined, as prescribed in the existing manuals and instructions, is very high, since it is based on monetary limits prescribed several decades ago and is entirely inconsistent with current expenditure levels. In practice, the output of CAP/ CASS is largely limited to preparation of audit notes, covering relatively inconsequential items, and does not feed into the financial audit assurance process in any meaningful manner.

·      Scrutiny of the draft Finance and Appropriation Accounts – At this stage, given the available resources and tight timeframes for finalization of the audit opinion, the scrutiny is restricted




9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page35



to checks at aggregate levels (primarily in terms of arithmetical accuracy), based on fairly rudimentary checklists (which are generally filled in a routine fashion).

 Consequently, the financial audit process, as currently practiced, is not appropriately geared
towards providing overall audit assurance (at acceptable confidence levels, based on well

 designed and structured methodologies and truly representative samples) on whether the  annual accounts really present a true and fair view of the state of finances of the Central/  State Government.

Strengthen assurance­based approach

In order to ensure that the financial audit process is re‐oriented to providing assurance on the reliability of the financial statements of the Centraland State Governments, the following steps need to be taken:

Prepare a detailed Annual Financial Attest Audit Plan

Such a plan cannot be a mere listing of the units to be covered and the time allowed for each unit, but must identify the key areas of high risk (typically, a listing of top risks), based on background search and scrutiny of past expenditure and budget profiles, annual reports and other relevant documents and also considering key weaknesses in financial controls identified in the past. This will also involve allocation of a far higher proportion of resources for audit planning; allocation of about 20 per cent of overall time and resources to audit planning would be reasonable, and would also be consistent with international best practices.

Evolve appropriate statistical models for sampling

There is a need to design statistical models, linked to the risk analysis mentioned above, which minimizes the substantive testing of vouchers in the field (thus keeping the cost of audit down and also reducing the demand placed on State Government Departments in attending to our audit), but at the same time is designed to provide assurance at acceptable confidence levels. The current system of nodal statistical officers has been confined, by and large, to sample selection for performance auditing, and has not been very effective in either financial or compliance audits. Consequently,an approach involving across‐IAAD guidance on the general approach, as well as customization at the field level (based on inputs drawn from locally available trained statisticians – not necessarily IAAS officers) would be necessary.


Combine inputs from past compliance audit findings, CAP/ CASS audit findings, and analysis of VLC data into the financial audit process

Even without full scale integration of financial‐cum‐compliance audit, it is necessary to consider past compliance audit findings (analysed and summarized on a Department‐wise basis) to identify focus areas for substantive testing in individual Appropriation Accounts and Finance Accounts Statements. Similarly, analysis of VLC data (and COMPACT/ e‐Lekha data on the Central Government side) on an ongoing/ periodic basis will also throw up potential irregularities/ deficiencies, which will need to be validated through substantive testing. Further, CAP/ CASS audit has no relevance, unless it is fully


9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page36



integrated into the financial audit process, so that offsite scrutiny of vouchers/ sanctions is combined with onsite scrutiny of selected vouchers/ sanctions; also, central audit should also be introduced in a phased manner in respect of audit of the GoI16.

Encourage a move towards a Management Responsibility Statement

Internationally accepted audit standards requires the auditor to obtain a statement from management that they understand and accept their responsibility towards preparation of accounts. In line with these standards, we should encourage a move towards a management responsibility statement from the Central /State governments on the lines of the Responsibility Statement for Directorsin commercial organizations. In the case of the State Governments, such a Responsibility Statements should clearly acknowledge their responsibility for preparation of the initial accounts (the monthly treasury accounts as well as dividisonal accounts). The responsibility statement should also cover compliancewith the applicable financial reporting framework; for such internal control that is necessary to enable the preparation of such statements and to assure compliance to rules; and to provide the auditor with access to all documentsthat the management is aware is relevant to the preparation of financial statements/ additional information that the auditor may seek for his work/ and access to persons within theauditee from whom the auditor determines it necessary to obtain audit evidence. Such a Management Responsibility Statement should also give details of details of internal audits/internal appraisals conducted, and compliance thereto.

Comment on adequacy and effectiveness of internal controls affecting the accuracy and reliability of financial statements

In the absence of full integration between financial and compliance audit, it is not possible to focus on all categories of internal controls. However, in addition to pointing out individual comments/ errors/ issues (arising out of substantive testing), the audit opinion and/or the Audit Report should draw attention to the adequacy and effectiveness of internal controls, which directly affect the accuracy and reliability of financial statements. The adequacy of internal audit (basedon the information furnished in the Management Responsibility Statement and audit verification thereof) could be mandatorily commented upon.



Consider a two/ three phase audit approach, where feasible

A three phase audit approach is already functional forS 619(4) audit of listed PSUs. Subject to the issues raised in paragraph 6.1, we should consider a two/ three phase audit approach, where feasible, whereby at least a portion of the financial attest audit work is done concurrently during the year (and notafter the end of the year and after receipt of the draft/ final annual accounts). In addition to crunching the
 




16 The bifurcation of compilation and central audit took place in 1984, after the restructuring of IAAD into separate audit and A&E offices for the States. However, since the Departmentalised accounting organization in respect of the Central Government was introduced in 1976, there is no provision for central audit in respect of GoI audit.


9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page37



time for finalizing the audit opinion, this would also provide an opportunity to provide concurrent feedback to the auditee, providing an opportunity for immediate corrective action.

Preparation of an Assurance Memo

A detailed Annual Financial Attest Audit Plan is of use,only when at the end of the annual audit, a formal assurance memo is drawn up (typically in the form of an aide memoire) which clearly highlights the audit efforts undertaken in respect of each area, the results of audit – either a comment/qualification/note or audit assurance (either positive or negative17) or alternatively justifiable reasons as to why the area could not be examined in audit (all suitably cross‐referenced to KDs/ supporting documentation), and suggestions for future action in the future. Such an assurance memo or aide memoire is far more assurance‐oriented than the current system of KDs only for those findings/ comments which appear in the audit report.

Introducing Audit Automation Software

The rigour that exists in performance audit on documentation of working papers for all findings (regardless of whether the assurance is positive or negative) should be extended to financial and compliance audit; this will also ensure accountability of field audit parties/ team members or, at the least, make assessmentof their work more objective. Considering the volume of financial audit assignments being undertaken, the only practical way to document/ establish that audit assurance has been provided is through use of automation software. Such software should, at the minimum, have provisions for capturing each audit activity/ step (in the form of audit checklists/ sub‐checklists for individual account areas), the details of audit findings, and the results in the form of comment/ qualification/ audit assurance; additionally, features for audit planning, HR assignment and other ancillary activities can also be built in. Such software is commercially available off the shelf (e.g. Price Waterhouse Coopers’ Team Mate software), but it is likely that bespoke development of audit automation software for the IAAD is likely to be cheaper (considering the large number of licenses that would be required for off‐the‐shelf software) and is also likely to better meet our needs through appropriate customization.

Fine tune the FinancialAttest Audit Manual

Currently, the Financial Attest Audit Manual only lists the general principles for financial audit, and except for one Annexure providing certain limited information, does not provide detailed guidance specifically for certification ofGovernment accounts e.g. for individual Finance Accounts statements as well as Appropriation Accounts. Consequently, the manual needs to be fine tuned, with supporting detailed guidance, which will also form the basis for the detailed financial audit plan (as well as for the assurance memo).
 




17   A statement that “we found no significant evidence of weaknesses/ deficiencies etc.” provides negative assurance. While this is less satisfactory than positive assurance “our audit revealed that the internal controls were broadly adequate and effective…”, many of us in the IAAD may be more comfortable with such assurance, given the weight of historical precedence.


9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page38



6.3 Financial Attest Audit of Government Companies and Autonomous bodies

This strategy is about:

4G.         Building capacity for the forthcoming alignment of Indian Accounting Standards with IFRS from April 2011

4H.         Move towards conduct of certification audit of autonomous bodies exclusively by  commercial audit staff

The current system of attest audit of Government Companies envisages appointment of Chartered Accountants as statutory auditors by the CAG (who also issues directions for the conduct of the audit) combined with a system of supplementary audit of accounts (on a selective basis) by audit teams from the IAAD. This system provides a high level of assurance on the reliability of PSU accounts with an arrangement that minimizes duplication of audit effort and optimizes the utilization of scarce resources with the IAAD.

As a further improvement, a three‐phase system of audit has been introduced in respect of listed PSUs:

·      In the first phase, which is conducted after finalization of the accounts of the second quarter, a general review of accounting policies, changes and compliance with past observations is carried out.

·      The second phase audit is conducted after the draft annual accounts are received, and deviations/ deficiencies noticed are communicated to the PSU management for quick remedial action to improve the quality of its accounts.

·      In the third phase, the modifications made by the PSU’s management in the draft accounts are reviewed along with the statutory auditor’s report.

This innovative measure has substantially improved the quality of accounts of PSUs, reduced the timeframe for finalization, and also minimized the adversarial relationship between the PSU and the IAAD.

The main challenge to be faced by PSU audit teams is the forthcoming alignment of Indian Accounting Standards (IAS) with the InternationalFinancial Reporting Standards (IFRS) from 1st April 2011, which will have far‐reaching implications for our certification audit approach. Our main challenge is to build capacity to respond to these changes; the commercial audit wing has taken suitable steps such as (a) preparation of audit check lists for IFRS and (b) training of audit personnel. It is important that these measures are taken to their logical end so that the capacity to audit IFRS compliant accounts is established before 1st April 2011.

The other major area of certification audit is the auditof the accounts of autonomous bodies, which are prepared in line with a common format of accounts (based on accrual accounting principles) prescribed



9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page39



by the Ministry of Finance (in consultation with the CAG). The quality of maintenance of accounts across different autonomous bodies is inconsistent; correspondingly, the quality of certification audit needs to be substantially upgraded. While there are instructions for assistance from the CA wing in terms of commercial audit staff, in the long run we must ensure that all certification audit of autonomous bodies is conducted exclusively by commercial audit staff. Further, it would be desirable to move towards adoption of IFRS‐compliant Accounting Standards in respect of these bodies, which would ensure that thequality of their accounts is consistent with internationally accepted benchmarks.

6.4 Reorientation ofapproach to Compliance Audit

This strategy is about:

4I.          Switching to a thematic approach for compliance audit (involving at least 80% of available
compliance audit resources), with assurance‐based reporting and follow‐up based on  recommendations

4J.          Reducing the number of compliance audits and IRs drastically, and introducing detailed audit  planning for thematic audits

4K.         Introducing audit automation software, for systematic documentation and working papers

Current Position

Review of compliance with laws and regulations is important in public audit,because rules provide the framework in which government decisions become transparent and against which internal controls can be substantively checked. This is an important area of audit work and the assurance process; its place and importance need reiteration in an environment where rules andby implication, auditare occasionallyseen by certain partiesas speed‐breakers or even as detrimental to innovation. However, our compliance audit, as currently practiced, has certain systemic weaknesses, which aresummarized below:


·      Not assurance oriented ‐ The compliance audit process is not oriented towards providing assurance or an overall perspective on governance and compliance issues. Instead, our Compliance Audit Reports/ Chapters depict isolated findings (which ‘came to our notice during the course of “test” audit’). The issue as to what the presence of certain selected findings in our Audit report means or implies is left vague; are we providing a kind of negative assurance to our stakeholders (i.e. we found no significant deficiencies)?

·      Oriented towards numerical targets – In a sense, our compliance audit is largely driven by numerical targets – primarily the number of draft paragraphs (DPs) featuring in the Audit Report, and secondarily the number/ percentage of Drawing and Disbursing Officers (DDOs) covered through transaction audits. Covering as many DDOs as possible through transaction audits (often of a week’s duration or less) is largely seen as an end in itself, rather than a means to an end.



9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page40



·      Inadequate attention to audit planning – The audit planning exercise consists mainly of categorization of units into A, B and C category units (according to a rough risk assessment), assigning audit periodicities and duration to such units, and trying to cover as many units as possible, given the available audit parties (which are generally divided and assigned to different types of receipts/ expenditure). No unit level audit planning is conducted and there is no identification of a limited number of high risk areas within a unit.

·      Indifferent quality of Inspection Reports (IRs) – Given the enormous number of units covered in compliance audit, an equally large number of IRs of indifferent quality are issued. The debate over whether our IRs can be made proactively disclosed through the Internet and also our general defense that the IRs represent “preliminary audit findings, which have not been approved by top management” is generally driven by our own perception of the poor quality of IRs; this is also confirmed by the negligible ratio of conversion of IR paragraphs into Audit Report paragraphs (i.e. findings which we are confident about defending publicly). It is next to impossible for the Group Officer (with his other priorities) to significantly improve the quality of so many IRs at his level; all he can do is some editing of the language, and drop some of the worse/ unsupported findings.

·      Huge volume of outstanding audit objections ‐ The other result of voluminous production of IRs of less than adequate quality is a growing “Objection Book” of outstanding audit objections, where the pressure for settling audit objections falls on the auditor and not the auditee; this is usually in the form of quantitative targets for reduction of outstanding audit paragraphs. Unfortunately, due to the lack of running themes across the audit objections, we cannot even easily suggest a set of key recommendations, which, if implemented, would reduce recurrence of such irregularities/ deficiencies.



Re­oriented Approach to Compliance Audit

While certain measures (e.g. integrated audits, DDO‐centric audit, internal control audits) have been taken over the last few years, we believe that the entire approach to compliance audit has to be oriented towards providing overall assurance on thegovernance and control structures on Ministries, Departments and other entities. For this purpose, the following measures need to be undertaken:

Switch to Thematic Approach

Instead of covering individual DDOs, we should switch to a thematic approach to compliance audit. The themes could be:

·      Chief Controlling Officers (CCOs)/ Departments/ Directorates as a whole, or components or parts thereof;




9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page41



·       Development or other activities within a District/ constituency or other geographical unit18;

·      Activities cutting across CCOs/ Departments/ Divisions e.g. (eg like PPP, environment management, procurement, vigilance etc)

The objective of the compliance audit will be to provide overall assurance on the theme, and associated governance/ control structures. Obviously, the HOD of the field office will need considerable flexibility in the type of themes to be selected (to provide adequate scope for innovation), as also the extent and depth of coverage of DDOs (or other entities) to be covered as part of the thematic audit. In general, the scope of these thematic audits will be narrower than those covered through full‐scale performance audits, and will be akin to “mini‐reviews” produced in the past. In time, at least 80 per cent of the available compliance audit resources should be devoted to compliance audits, with a maximum of 20 per cent (oreven less) to be allocated for one‐off audits of DDOs/ auditees.

Reduce the number of compliance audits and IRs drastically

Adoption of a theme‐based compliance audit approach will inevitably result in a drastic reduction in the number of compliance auditsconducted and IRs issued, and indeed in the number of DDOs/ auditees

covered19. In our view, there is nothing – either explicit and implicit – in our audit mandate, which prescribes that we must inevitably cover all (or most DDOs) with some kind of periodicity (every 1, 2, 3, 5 or even 10 years), and failure to do so is in a sense a failure of audit. This view may have been appropriate several decades ago, where there were a relatively small number of DDOs. In the current era, with some larger States having lakhs of DDOs on the civil side alone, focusing on the coverage of DDOs is inappropriate.



Detailed Audit Planning

Instead of just planning for the number of DDOs to be covered, we will have to move towards detailed audit planning for each thematic audit (with specific audit objectives, audit criteria, and issue analysis – on a simplified basis), adopting most of the rigour followed for performance audit planning. In order to provide reliable assurance, we also need to have long‐term planning for each wing/ field to ensure that all significant areas are covered either through thematic audits or full‐scale PA reviews, and no material/ significant area is omitted and “falls through the cracks”. Such compliance audit planning will also require a substantial allocation of audit time – allocating 20% of the total time for compliance audits for audit planning would not be unreasonable.

Assurance‐based Reporting

The reporting of thematic audits should beassurance‐based, highlighting negative findings or positive findings (or absence of deficiencies) in perspective to our audit sample. Further, the reporting should cover all the audit objectives/ focus areas indicated in the audit plan, and should also give specific
 


18 E.g. the KBK Districts in Orissa (covering the erstwhile Kalahandi, Bolangir and Koraput Districts)

19 With a corresponding increase in the duration of each audit


9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page42



recommendations. HODs should be free to decide whether and how specific audit findings (in the form of extracts of the thematic IRs / sub‐ IRs) would be made available to lower‐level functionaries of DDOs/ individual units (in addition to the main IR).

Follow‐up based on Recommendations

Follow‐up action on audit findings should flow from our recommendations; such recommendations could include recommendations for systemic improvement, financial recovery, as also action to fix accountability and responsibility for irregularities, fraud etc.

Systematic Documentation and Working Papers

As recommended for financial audits, an assurance memo (in the form of an aide memoire) would need to be prepared at the conclusion of each compliance audit, summarizing the results of audit in respect of each area indicated in the audit plan. Also, for appropriate cross‐reference and documentation of working papers, introduction of audit automation software for compliance audits would be necessary. It may, however, benoted that while the checklists for financial audit would be relatively uniform, similar checklists / individualaudit steps in respect of compliance audit are likely to vary widely from audit to audit; the automation software will also have to provide forsuch flexibility, and also incorporate provisions for preparing and updating libraries of audit processes for common themes, which are likely to be replicated across States.





Audit Scope Limitation

The issue of non‐production of records mayalsoneed to be dealt with squarely. It could be argued that the remedyfor non‐production of recordslies in intensive interaction with the Ministry but such “intensified” efforts on each audit is a depletion of audit time and resources. International auditing standardsprovide that “in all cases when a reasonable assurance cannot be obtained and a qualified opinion in the auditor’s report is insufficient in the circumstances for the purposes of reporting to the intended users of the financial statements, the auditorcan disclaim an opinion”. Audit scope limitations and/ or disclaimerscould be considered in extreme situations – both for financial and compliance audits ‐ and its efficacy tested with the Executive.

6.5 Strengthening Performance Audit

The highlights of this strategy are:

4L.          Since Performance Audits greatly enrich public accountability and enable the CAG of India to
make practical contributions to improving the efficiency and effectiveness of the public

administration, there is a need to increase the allotted party man days on such audits from the current exposure of around 10 per centto 50 per centby 2020.




9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page43


4M.        New strategies to strengthen the process of Performance Audits like greater stakeholder

involvement, fine‐tuning audit methodology and redefining the follow‐up process, need to be institutionalised so that Performance Audits make the desired impact.

Performance Audits (PAs) greatly enrich public accountability and enable the CAG to make practical contributions to improving the efficiency and effectiveness of the public administration. PAs analyze and assess the performance of government programmes or public services. In contrast to financial audit, PAs focus on the activity rather than the accounts and flow of money. In contrast to compliance audit, PAs relate mainly to intentions behind government interventions and to the concepts of economy, efficiency and effectiveness rather than mere compliance to certain laid down rules and regulations. PAs in India assume even more significance as the funds allotted for development schemes of Government of India have been increasing manifold over the years. However, there is no credible system for evaluation of the effectiveness and impact of these schemes as the systems within the ministries for internal audit and internal evaluations are inadequate. In such a scenario, in India,PAs by the CAG are one of the most comprehensive tools available for making a critical evaluation of such schemes.

Currently, most field offices devote roughly10 to 15% of audit party maydays on Performance Audits20. Considering the positive impact PAs havebeen having on improving governance, it would be our endeavor to increase this to 50% by 2020.

Parallely,there is also a need to strengthen the process of Performance Audits, a few strategies for which are discussed below. While many of these strategies (e.g. balanced reporting, use of innovative evidence gathering techniques etc.) have been used in some performance audits and by some field offices, there is a pressing need to institutionalize these strategies across all field audit offices and for all performance audits.

Greater stakeholder involvement

Identifykey stakeholders with due care

The Legislature (in particular, the members of PAC/ COPU) and the Executive are our primary stakeholders for performance audits. However, in addition, some of the other stakeholders who could be consulted, could include

·      Planning Commission, our Audit Advisory Boards, Prime Minister’s Office and Ministry of Finance

·      Research/monitoring agencies like National Council for Applied Economic Research, Institute of Economic Growth, Centre for Monitoring of Indian Economy etc

·       Media organizations;

·       Civil Society Organisations;
 


20Although their contribution to the printed Audit Reports is substantial – typically more than 50 per cent of the material for the Audit Reports.


9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page44



·      Considering an individual Member of Parliament/Legislative Assembly as a stakeholder and doing a PA on a constituency as a whole (either all governance functions or some specific sectors like social development, health etc.)

·      General public (for connecting with the general public, new methods such as surveys, advertisements in papers etc. have, and can be used for eliciting their views)

Selection of Performance Audit Topics in Consultation with Key Stakeholders

To ensure the success of any PA, it is imperative to actively involving all key stakeholders (other than just the audited entities) in the audit process so that theactual concerns of all parties are flagged at the initial stage of the audit process itself. Selection of topics for PAs in consultation with key stakeholders is a sound strategy in ensuring that PAs find ownership at a later stage. This aids in buildingup pressure on the audited entities to act on the recommendations of audit, and also helps in minimizing the adversarial relationship that often develops between the auditee and the IAAD. For this purpose, formal and structured interactions at periodic intervals (in addition to informal meetings) are necessary. AIso, in addition to selection of PA topics, stakeholders could also be consulted on its scoping and audit objectives.


The final decision on the selection of PA topics is ultimately that of the CAG;the role of other stakeholder is only advisory and consultative. However, the international practice is to take serious note of requests from the stakeholders (primarily legislative). As mentioned earlier, our US counterpart, GAO, takes pride in stating that between 86 to 94 per cent of the programme audits (over the last three years) were undertaken in response to legislative requests.

Evolving criteria for evaluation in consultation with stakeholders other than the executive/audit

Most government programmes especially in the social sector do not have performance indicators which can act as benchmarks for assessment of the programme. Even where indicators have been defined, they do not take on board the concerns of other key stakeholders. Thus there is a need to set parameters, agreeable to key stakeholders, on the basis of which the programmes can be evaluated. Such criteria that are evolved in consultation with key stakeholdersmay be quite different from those evolved by the policy making or implementingagencies. These criteria can be the guiding principles for audit evaluation of such schemes.

Maximise our domain knowledge and enhance our understanding of critical issues from stakeholders

Keeping abreast of the latest developments in any sector is key for any auditor to come up with timely and critical recommendations that lead to improvement in the overall governance. While domain knowledge can be acquired by theoretical research, it is imperative to tap the huge practical knowledgebase which the informed stakeholders have. This is possible by ensuring that we have structured and periodic stakeholders meetings.



9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page45



Fine­tune the Performance Audit Methodology

Balanced Reporting

Traditionally auditors have shied from reporting the good performance of the executive due to the lack of an assurance based audit approach,which resulted in lack of appreciation of good performance and led to an imbalance inperformance auditreporting. Balanced Reporting should be encouraged as reporting on both positive and negativeperformance is essential in bringing out a fair representation of performance. Balanced reporting will also ensure that the audited entity is more positive in acting on the deficiencies pointed out as they come along with an endorsement of good performance,wherever achieved. Specifically, we need to eschew the practice of excluding areas from our Audit Reports, where we do not have “good” (i.e. strong negative) findings.

While of late we have been adopting balanced reporting in our Performance Audit, we need to move towards institutionalizing this practice with well defined guidance for doing the same.

Suggesting good practices both local and international

Following up important audit findings with a bouquet of best practices (including positive innovations) being followed both locally and internationally is a step forward to make the recommendations of audit more user‐friendly. This facilitates the public administration to contemplate solutions best suited to local conditions. This also enables other stakeholders to influence policy makers in making more effective policy level interventions which are based on successful practices adopted both locally and worldwide.


Enhanced and widespread use of innovative methods of collection of collateral evidence


·      Field Inspections ‐ There is need to institutionalize joint site inspections and extensive field visits, with photographic evidence gathering. Field visits are able to pinpoint the specific gaps in the implementation at the ground level and photographic evidence helps in establishing the risks various criticalprojects suffer from.

·      Surveys ‐ Widespread beneficiary surveys help in identifying the actual levels of delivery of benefits to the targeted citizens.

·      Use of IT ‐ There is also a need to extensively use Information Technology for data compilation, collation, and analysis. Extensive collation of huge volumes of grass root level data relating to compliance with rules, regulations and programme guidelines, as well as status of implementation will help in driving home audit conclusions more effectively. Recommendations have been made for automated audit software for financial / compliance audits; these could also be considered for extension to performance audits (although this would require greatly enhanced flexibility for customization of checklists, collation of All‐ India/ across the State data etc.)



9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page46



Hastening the time taken to conduct Performance Audits

Normally it takes around a year for a PA report to be printed from the time of selection of the topic. While for all‐India PA reports, this time frame could be justified, there is a need to speed up the process for other PA reports which do not involve audit being conducted all over the country. This is particularly relevant for PAs which deal with topical issues. While the time taken for field audit need not be compromised, the processing of the PA reports both at the field office level and the headquarters office level needs to be speeded up so that the PA reports are printed within 3 to 4 months of selection of the topic.

Follow­ up of Performance Audits based on recommendations

Currently the audit findings used in the PAs to arrive at audit conclusions are treated as individual comments warranting individual response and individual action taken reports. Action taken to address the final conclusion and the recommendations that flow from them are not considered adequate to address the PA. For example in a PA on procurement systems in any department, the individual cases of defective procurements are used to arrive at some larger systemic conclusion followed by a recommendation by the auditor. The PA requires action to be taken on the larger point i.e. the particular systemic deficiency that led to defective procurement and not necessarily the individual cases used to arrive at that audit conclusion. It has been our experience that the audited entities tend to address the individual cases and often tend to ignore the main governance issues.

In order to ensure that the recommendations are addressed, it is suggested that in future, for all PAs, we pursue the action taken through just follow up on the recommendations made. Cases where the executive has either not accepted the recommendations or has not acted upon the accepted recommendations can be brought to the notice of the Parliamentary Committees. In this way, only a PA report whichhaslow acceptability by the audited entities would get discussed in Parliament/Legislature. This procedure would also act as an incentive to the executive to address the recommendations of audit more seriously. This would also ease the Parliament/Legislature of the heavy load of reports that it has to deal with.
























9th September,2010                          Strategic Plan‐2020 prepared by Group of Officers                                              Page47

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)