1.1 Public audit should provide assurance to the stakeholders that public programmes and public investments are being administered economically, efficiently and effectively and thereby significantly contribute to the improvement of public policy, delivery of public services and quality of governance for the benefit of the people. The assurance should extend to expressing an opinion on the fairness with which the government financial statements are prepared and presented. The audit should also ensure that the transactions comply with laws, rules and regulations.
1.2 Quality has been defined as the totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs. In public audit, quality management involves a system composed of an organisation, the Supreme Audit Institution (SAI), its people – the auditors – and the audit process, all working together to produce outputs that fulfill the requirements of its stakeholders and the general public. The components of the ‘Audit Quality Management Systems’ (AQMS) – structure, people and process aim towards customer satisfaction (in the context of the SAI, its clients and stakeholders), which is always the bottom line of any organisation. Customer satisfaction is always identified with quality and hence quality is expected of everyone in the organisation and of every output generated. The SAI is no different from any other institution in its mission to satisfy clients’ and stakeholders’ needs and expectations. Improvement in quality of audit can reduce time and cost of audit and increase productivity and efficiency of auditors, thus raising the level of performance.
1.3 The ‘quality management principle’ is the conceptual underpinning of AQMS. It is a comprehensive and fundamental rule or belief for leading and managing an organization, aimed at continually improving performance over the long term by focusing on the clients while addressing the needs of all other stakeholders. It is essential to have in place quality management, assurance and control policies and procedures in audit organizations and the SAI should ensure that these policies and procedures are subject to review mechanism. SAI needs to foster quality attitude, supported by systematic quality systems and adequate policies, procedures, records, technologies, financial and human resources and structures.
1.4 SAI’s ‘Quality Management System’ should be designed to provide ‘reasonable assurance’ in the light of the likelihood and magnitude of potential risks, that it conducts the audits, both regularity and performance, in accordance with the applicable legislative requirements, rules and regulations, audit standards, policy manuals, guidelines and procedures. Reasonable assurance recognizes that the cost of managing risks should not exceed the benefits likely to be derived. Reasonable assurance should not be construed to mean absolute assurance of all aspects of quality for each individual audit and for the audit process.
1.5 The audit quality management system in the SAI should generally consist of following elements:
Leadership & Direction, Human Resource Management, Audit Performance, Client & Stakeholder Relations & Continuous Improvement
These elements are discussed in detail in subsequent chapters.
1.6 The quality management system should be designed to ensure compliance with the SAI’s Auditing Standards, which should be aligned with the INTOSAI Auditing Standards. This system should also ensure that the audit is conducted in accordance with the applicable legislative requirements, SAI policy guidelines and instructions, etc. and the audit practices and procedures are in line with the auditing standards and international best practices. The quality management system should guide SAI staff in managing performance and regularity (financial and compliance) audits.
1.7 SAI should develop appropriate criteria for obtaining assurance for each of the above elements of the quality management system. A model framework with the criteria and the key instruments to be employed is given in Appendix-A.
1.8 Quality as a management concept has evolved over the years. The initial understanding of quality control was compliance to specifications and the quality control task was to identify and remove defects, achieved mainly through some form of measurement and inspection activity. Responsibility for quality was not with line functionaries, but was vested with separate staff departments. This had the effect of making quality a technical rather than a managerial function. Thus, quality control is product-centric.
1.9 Quality Assurance, however, is understood as planned or systematic actions necessary to provide adequate confidence that a product or service will satisfy given requirements for quality. Quality Assurance is process centric.
1.10 Quality Management System (QMS) is a broader concept which comprises the organizational structure, procedures, processes and resources needed to implement quality management. It involves all processes in the operational life cycle of a service that affect quality, from initial identification of clients’ needs to final satisfaction of requirements. It is designed to provide confidence to clients and stakeholders that requirements for quality will be achieved in delivered services.
1.11 ‘Total Quality Management’ (TQM) is a total, organization wide effort – through full involvement of the entire workforce and a focus on continuous improvement – that organizations use to achieve clients satisfaction. TQM is both a comprehensive managerial philosophy and a collection of tools and approaches for its implementation. Total quality is the unyielding and continually improving effort by everyone in an organization to understand, meet and exceed the expectations of clients at continually lower cost. The concept of total quality stresses learning and adaptation to continual change as keys to organizational success.
1.12 These AQMS guidelines are based primarily on ‘quality management system’ principles. However, they contain several significant elements of total quality management.
1.13 Quality control is operational techniques and activities during audit processes of planning, execution and reporting. Quality control is a process in the course of which an SAI intends to fulfill quality requirements. In the context of this document, the actual audit process is contained in chapter-4 – ‘Audit Management’.
1.14 In many cases, quality control measures are not distinctly separate from the actual audit processes but are part thereof. It is important to emphasize that the absence of a separate quality control system does not necessarily imply absence of any quality control. SAIs can exercise quality control in different ways throughout the audit without actually calling it quality control.
1.15 The following are the characteristics or principles applicable in ensuring best audit quality control measures:
Quality should be built into the audit process rather than relying on post audits or checklists;
Responsibilities for each player in the control process should be clearly defined and properly communicated;
An efficient control process should be put into place for effective implementation of AQMS; controls should respond to key risks in a timely manner and should be result focused;
Too many controls result in no control;
Controls are built in a cascade; and
Practitioners of the AQMS should participate in the continuous evolution of the control framework.
1.16 The standards of quality and the quality control procedures for the audit process - chapter-4 – are contained in Appendix – B.