PAElect 4 (Government Auditing)

College/Campus: College of Humanities and Social Sciences

Program/Degree: Bachelor of Public Administration

D. FUNDAMENTAL PRINCIPLES OF PUBLIC SECTOR AUDITING

FRAMEWORK FOR PUBLIC SECTOR AUDITING

MANDATE

An SAI will exercise its public-sector audit function within a specific

constitutional arrangement and by virtue of its office and mandate, which
ensure sufficient independence and power of discretion in performing its
duties. The mandate of an SAI may define its general responsibilities in
the field of public-sector auditing and provide further prescriptions
concerning the audits and other engagements to be performed.

SAIs may be mandated to perform many types of engagements on any

subject of relevance to the responsibilities of management and those
charged with governance and the appropriate use of public funds and
assets. The extent or form of these engagements and the reporting
thereon will vary according to the legislated mandate of the SAI
concerned.

In certain countries, the SAI is a court, composed of judges, with authority

over State accountants and other public officials who must render account
to it. An important relationship exists between this jurisdictional authority
and the characteristics of public-sector auditing. The jurisdictional function
requires the SAI to ensure that whoever is charged with dealing with
public funds is held accountable and, in this regard, is subject to its
jurisdiction.

An SAI may make strategic decisions in order to respond to the

requirements in its mandate and other legislative requirements. Such
decisions may include which auditing standards are applicable, which
engagements will be conducted and how they will be prioritized.

PUBLIC-SECTOR AUDITING AND ITS OBJECTIVES

The public-sector audit environment is that in which governments and

other public-sector entities exercise responsibility for the use of resources
derived from taxation and other sources in the delivery of services to
citizens and other recipients. These entities are accountable for their
management and performance, and for the use of resources, both to
those that provide the resources and to those, including citizens, who
depend on the services
delivered using those resources. Public-sector auditing helps to create
suitable conditions and reinforce the expectation that public-sector
entities and public servants will perform their functions effectively,
efficiently, ethically and in accordance with the applicable laws and
regulations.

In general public-sector auditing can be described as a systematic process

of objectively obtaining and evaluating evidence to determine whether
 information or actual conditions conform to established criteria. Public
sector auditing is essential in that it provides legislative and oversight
bodies, those charged with governance and the general public with
information and independent and objective assessments concerning the
stewardship and
performance of government policies, programs or operations.

SAIs serve this aim as important pillars of their national democratic

systems and governance mechanisms and play an important role in
enhancing public-sector administration by emphasizing the principles of
transparency, accountability, governance, and performance. INTOSAI P-20
Principles of Transparency and Accountability contain INTOSAI core
principles in this regard.

All public-sector audits start from objectives, which may differ depending
on the type of audit being conducted. However, all public-sector auditing
contributes to good governance by:
• providing the intended users with independent, objective, and
reliable information, conclusions, or opinions based on sufficient
and appropriate evidence relating to public entities;
• enhancing accountability and transparency, encouraging
continuous improvement and sustained confidence in the
appropriate use of public funds and assets and the performance
of public administration;
• reinforcing the effectiveness of those bodies within the
constitutional arrangement that exercise general monitoring and
corrective functions over government, and those responsible for
the management of publicly funded activities;
• creating incentives for change by providing knowledge,
comprehensive analysis, and well-founded recommendations for
improvement.

In general, public-sector audits can be categorized into one or more of

three main types: audits of financial statements, audits of compliance with
authorities, and performance audits. The objectives of any given audit will
determine which standards apply.

TYPES OF PUBLIC-SECTOR AUDIT

The three main types of public-sector audit are defined as follows:

 Financial audit focuses on determining whether an entity’s

financial information is presented in accordance with the
applicable financial reporting and regulatory framework. This is
accomplished by obtaining sufficient and appropriate audit
evidence to enable the auditor to express an opinion as to
whether the financial information is free from material
misstatement due to fraud or error.

 Performance audit focuses on whether interventions, programs

and institutions are performing in accordance with the principles
of economy, efficiency, and effectiveness and whether there is
room for improvement. Performance is examined against suitable
criteria, and the causes of deviations from those criteria or other
problems are analysed. The aim is to answer key audit questions
and to provide recommendations for improvement.
  Compliance audit focuses on whether a particular subject
matter is in compliance with authorities identified as criteria.
Compliance auditing is performed by assessing whether
activities, financial transactions and information are, in all
material respects, in compliance with the authorities which
govern the audited entity. These authorities may include rules,
laws and regulations, budgetary resolutions, policy, established
codes, agreed terms or the general principles governing sound
public-sector financial management and the conduct of public
officials.

SAIs may carry out audits or other engagements on any subject of

relevance to the responsibilities of management and those charged with
governance and the appropriate use of public resources. These
engagements may include reporting on the quantitative outputs and
outcomes of the entity’s service delivery activities, sustainability reports,
future resource
requirements, adherence to internal control standards, real-time audits of
projects or other matters. SAIs may also conduct combined audits
incorporating financial, performance and/or compliance aspects.

Public-sector auditing is indispensable for public administration, as the

management of public resources is a matter of trust. Responsibility for the
management of public resources in line with intended purposes is
entrusted to an entity or person who acts on behalf of the public. Public
sector auditing enhances the confidence of the intended users by
providing
information and independent and objective assessments concerning
deviations from accepted standards or principles of good governance.

All public-sector audits have the same basic elements: the auditor, the
responsible party, the intended users (the three parties to the audit), the
criteria for assessing the subject matter and the resulting subject matter
information. They can be categorized as two different types of audit
engagement: attestation engagements and direct reporting engagements.

ELEMENTS OF PUBLIC SECTOR AUDITING

THE THREE PARTIES

Public-sector audits involve at least three separate parties: the auditor, a

responsible party and intended users. The relationship between the
parties should be viewed within the context of the specific constitutional
arrangements for each type of audit.

• The auditor: In public-sector auditing the role of auditor is fulfilled

by the Head of the SAI and by persons to whom the task of
conducting the audits is delegated. The overall responsibility for
public-sector auditing remains as defined by the SAI’s mandate.

• The responsible party: In public-sector auditing the relevant

responsibilities are determined by constitutional or legislative
arrangement. The responsible parties may be responsible for the
subject matter information, for managing the subject matter or
 for addressing recommendations, and may be individuals or
organizations.

• Intended users: The individuals, organizations or classes thereof

for whom the auditor prepares the audit report. The intended
users may be legislative or oversight bodies, those charged with
governance or the general public.

SUBJECT MATTER, CRITERIA AND SUBJECT MATTER INFORMATION

Subject matter refers to the information, condition or activity that is

measured or evaluated against certain criteria. It can take many forms
and have different characteristics depending on the audit objective. An
appropriate subject matter is identifiable and capable of consistent
evaluation or measurement against the criteria, such that it can be
subjected to procedures for gathering sufficient and appropriate audit
evidence to support the audit opinion or conclusion.

The criteria are the benchmarks used to evaluate the subject matter. Each
audit should have criteria suitable to the circumstances of that audit. In
determining the suitability of criteria the auditor considers their relevance
and understandability for the intended users, as well as their
completeness, reliability and objectivity (neutrality, general acceptance
and comparability with the criteria used in similar audits). The criteria
used may depend on a range of factors, including the objectives and the
type of audit. Criteria can be specific or more general, and may be drawn
from various sources, including laws, regulations, standards, sound
principles and best practices. They should be made available to the
intended users to enable them to understand how the subject matter has
been evaluated or measured.

Subject matter information refers to the outcome of evaluating or

measuring the subject matter against the criteria. It can take many forms
and have different characteristics depending on the audit objective and
audit scope.

TYPES OF ENGAGEMENT

There are two types of engagement:

• In attestation engagements the responsible party measures the

subject matter against the criteria and presents the subject
matter information, on which the auditor then gathers sufficient
and appropriate audit evidence to provide a reasonable basis for
expressing a conclusion.

• In direct reporting engagements it is the auditor who measures or

evaluates the subject matter against the criteria. The auditor
selects the subject matter and criteria, taking into consideration
risk and materiality. The outcome of measuring the subject
matter against the criteria is presented in the audit report in the
form of findings, conclusions, recommendations or an opinion.
The audit of the subject matter may also provide new
information, analyses or insights.
 Financial audits are always attestation engagements, as they are based on
financial information presented by the responsible party. Performance
audits are normally direct reporting engagements. Compliance audits may
be attestation or direct reporting engagements, or both at once. The
following constitute the subject matter or the subject matter information
in the three types of audit covered by the ISSAIs:

a) Financial audit: The subject matter of a financial audit is the

financial position, performance, cash flow or other elements
which are recognized, measured and presented in financial
statements. The subject matter information is the financial
statements.

b) Performance audit: The subject matter of a performance audit is

defined by the audit objectives and audit questions. The subject
matter may be specific programs, entities or funds or certain
activities (with their outputs, outcomes and impacts), existing
situations (including causes and consequences) as well as
nonfinancial or financial information about any of these elements.
The auditor measures or evaluates the subject matter to assess
the extent to which the established criteria have or have not
been met.

c) Compliance audit: The subject matter of a compliance audit is

defined by the scope of the audit. It may be activities, financial
transactions or information. For attestation engagements on
compliance it is more relevant to focus on the subject matter
information, which may be a statement of compliance in
accordance with an established and standardized reporting
framework.

CONFIDENCE AND ASSURANCE IN PUBLIC-SECTOR AUDITING

The need for confidence and assurance

The intended users will wish to be confident about the reliability and
relevance of the information which they use as the basis for taking
decisions. Audits therefore provide information based on sufficient and
appropriate evidence, and auditors should perform procedures to reduce
or manage the risk of reaching inappropriate conclusions. The level of
assurance that can be provided to the intended user should be
communicated in a transparent way. Due to inherent limitations, however,
audits can never provide absolute assurance.

Forms of providing assurance

Depending on the audit and the users’ needs, assurance can be

communicated in two ways:
• Through opinions and conclusions which explicitly convey the level
of assurance. This applies to all attestation engagements and
certain direct reporting engagements.
• In other forms. In some direct reporting engagements the auditor
does not give an explicit statement of assurance on the subject
matter. In such cases the auditor provides the users with the
necessary degree of confidence by explicitly explaining how
findings, criteria and conclusion were developed in a balanced
 and reasoned manner, and why the combinations of findings and
criteria result in a certain overall conclusion or recommendation.

Levels of assurance

Assurance can be either reasonable or limited.

Reasonable assurance is high but not absolute. The audit conclusion is

expressed positively, conveying that, in the auditor’s opinion, the subject
matter is or is not compliant in all material respects, or, where relevant,
that the subject matter information provides a true and fair view, in
accordance with the applicable criteria.

When providing limited assurance, the audit conclusion states that, based
on the procedures performed, nothing has come to the auditor’s attention
to cause the auditor to believe that the subject matter is not in
compliance with the applicable criteria. The procedures performed in a
limited assurance audit are limited compared with what is necessary to
obtain reasonable assurance, but the level of assurance is expected, in
the auditor’s professional judgement, to be meaningful to the intended
users. A limited assurance report conveys the limited nature of the
assurance provided.

REFERENCE:

1. https://www.issai.org/wp-content/uploads/2019/08/ISSAI-100-
Fundamental-Principles-of-Public-Sector-Auditing-1.pdf