Back

Appendix - 2

GENERAL STATEMENT OF XIIINCOSAI ON PERFORMANCE AUDIT, AUDIT OF PUBLIC ENTERPRISES, AND AUDIT QUALITY (Extract)

II    AUDIT OF PUBLIC ENTERPRISES

30. The growth in government activity carried out in the form of public enterprises underlines the importance of effective audit of these entities. The definition, nature and scope of public enterprises vary widely between countries, reflecting their different constitutions, economic systems and circumstances. But each country should have its own clear and consistent definition of a public enterprise, covering in particular the enterprise's relationships with government and its responsibilities for public accountability. It is desirable that the definition be embodied in legislation.
31. The substantial involvement of public funds, capital investment and other resources in public enterprises requires full public accountability, which can be guaranteed only through audit by SAIs. SAIs should seek to ensure that the scope of their responsibilities extends to the audit of all public enterprises, including subsidiary bodies created by the enter prises themselves. Changes in the constitution or status of the bodies concerned should not be used to reduce or remove audit by the SAI. It is desirable that the SAI's responsibilities and the necessary powers to exercise them be embodied in legislation.
32. In order to undertake effective audit of public enterprises SAIs should be independent of government, especially in the provision of necessary resources (including staffing, finance and training). They should also have complete access to obtain all necessary information for the purposes of their audit.
33. In some countries the audit of public enterprises may include direct audits and supervisory audits by the SAI or other methods. Whether or not the SAI is responsible for the financial audit of public enterprises, it should have the power to conduct performance audits.
34. SAIs should take a leading role in the development of auditing and reporting standards relevant to public enterprises and should ensure that the audit is conducted to the highest professional standards and with full regard to the public interest.
35. Public accountability requires that public enterprises themselves demonstrate that they have used resources with due regard to economy, efficiency and effectiveness. This includes setting pre-determined objectives and performance targets, measuring achievement and publishing relevant information on performance. SAIs should encourage the management of public enterprises to measure their own performance against clear objectives and performance targets. Enterprises should be required to provide fully informative financial statements and publish sufficient additional information on performance and results to ensure proper public accountability.
36. Independent reports by the SAIs are an essential element in providing information, assurance and advice. In order to meet the requirements of public accountability and to ensure that effective action can be taken to remedy weaknesses in control, improve systems for securing value for money and ensure provision of independent, relevant and timely information on the performance of public enterprises, SAIs should be empowered to report the results and recommendations of their audit of public enterprises, as appropriate, to management, the government and, in particular, the highest political bodies in each country.
37. SAIs should establish arrangements to preserve confidentiality where necessary.
38. SAIs should follow up the action taken by the management of public enterprises and government to remedy weaknesses' and improve systems, and should report again if sufficient progress is not made.

39. SAIs should ensure effective planning, clear audit objectives, system atic review and balanced reporting in all aspects of their audit of public enterprises.
40. Key aspects in the audit of public enterprises include the analysis of financial and economic performance through examination of profit ability, productivity and performance by comparisons of budget out turn, trends, ratios within and between enterprises, both public and private, and by evaluations such as cost-benefit analysis. SAIs should recognise that while these methods and techniques are relevant to the measurement of performance of public enterprises, difficulties in overall performance measurement will arise where enterprises have social or environmental objectives. SAIs accordingly should ensure that the techniques they use are relevant, valid and meaningful.
41. SAIs should be alert to the possibility that enterprises may attempt to expand their activities without proper authority.
42. In their audit approach to public enterprises SAIs, whilst retaining their independence, must recognise the nature and circumstances of the bodies concerned, and acknowledge that the enterprises require an adequate level of autonomy and flexibility to discharge their commercial and operational responsibilities, as well as their responsibilities for public accountability. SAIs should seek to develop audit methods and techniques which take into account the different issues and objectives involved.
43. SAIs should seek to develop and use computer-assisted audit techniques in the audit of public enterprises, such as in sampling and interrogation of data and in carrying out complex cost-benefit, ratio and other analyses, where these are practical and cost effective.
44. The possible use of multi-disciplinary teams is relevant to performance audits of public enterprises as in the case of performance audit generally, and the same considerations apply regarding development of specialist skills and access to consultants where appropriate.
45. SAIs should encourage the development of experience and expertise by exchange of information on reports and case studies and by other methods, such as exchanges of staff between SAIs.

46. The following definition of internal control should be considered by the INTOSAI Internal Control Standards Committee:

The whole system of financial and other controls, including the organisational structure, methods, procedures and internal audit, established by management within its corporate goals to assist in conducting the business of the enterprise in a regular, economic, efficient and effective manner; ensuring adherence to management policies; safeguarding assets and resources; securing the accuracy and completeness of accounting records; and producing timely and reliable financial and management information.

47. Many features of internal control are common to any organisation, whether it is a public enterprise, government institution or private company. In public enterprises, however, the range of controls is likely to be wider and public enterprises should establish sound standards and procedures covering all the elements of internal control. All elements of internal control are important; and the quality of staff operating the controls is essential to an efficient and effective system.
48. SAIs should ascertain the general control environment in which each enterprise operates and can place specific reliance on internal controls, where appropriate and cost-beneficial, provided the SAIs have deter mined, evaluated and tested the operation of the controls. In evaluating the quality of internal control, SAIs should concentrate on key controls. Where controls do not exist or do not operate properly, additional audit testing is required. Although the responsibility for internal control rests with management, SAIs should make recommendations, where necessary, for improvements in such systems. SAIs should recognise that the cost to the enterprise of implementing controls must be appropriate to the risks involved.
49. Internal audit is an important but distinct aspect of internal control. The management of public enterprises should be clearly responsible for defining the role of internal audit and ensuring that the internal audit has an appropriate level of authority and independence, including the right to report to senior management at the highest level.
50. Although recognising that the objectives of SAIs and internal audit are different, there should be a close working relationship between them. SAIs can reduce the amount of their audit coverage provided they have confirmed the independence, competence, scope and quality of internal audit work. Where SAIs intend to place specific reliance on internal audit they should evaluate it like any other element of internal control.
51. Where internal audit does not exist, SAIs should strongly encourage and support its introduction and development as an important element of internal control.
52. Developments in the role and methods and techniques of SAIs, and in internal control, should recognise and draw upon the work of the INTOSAI standards committees on Auditing, Accounting and Internal Control. Similar attention should be given to the work of other interna tional standard-setting activities; and to the results of relevant research in this field.