Public Sector Auditing
Describe the purpose of making a preliminary survey. Discuss how making a preliminary survey relates to the preparation of the audit program. Please explain in own words. Raise thoughtful questions, analyze relevant issues, build on others’ ideas, synthesize across readings and discussions, expand the perspective, and appropriately challenging assumptions and perspectives. (See below to get an idea and answer the question.)
Planning The Audit
To plan a performance audit, you need to: (a) understand the missions, objectives, and goals of the agency, program, or function being audited; (b) assess the risk of ineffective or inefficient performance; and (c) prepare audit program that helps you reach conclusions about the entity’s performance. To do it, you need to make a preliminary survey before gathering evidence leading to conclusions. The preliminary survey may help you reach tentative conclusions about the entity’s control environment and its internal controls, but additional work will be needed before you reach final conclusions.
Scope of the Preliminary Survey
Audit staffs do not have unlimited resources, so the auditor needs to concentrate on those matters where risk is greatest and eliminate or reduce audit effort in areas where risk is least. The preliminary survey allows you to get generally familiar with the entity’s goals and objectives, management control environment, control practices, reporting system, and risk assessment process. This, in turn, helps you identify areas requiring greater and lesser degrees of audit effort. The scope of the preliminary survey will depend partly on whether the entity, program or function has been audited previously. If there has been a previous audit, the auditor should review the permanent file, as discussed in the section on the opening conference. Much of the preliminary survey would then be devoted to updating the permanent file. If there has been a change in key personnel, the auditor will also need to assess whether the change has affected the control environment.
Thinking About What Might Go Wrong
After you have a good understanding of the entity’s mission, goals and objectives, you need to start thinking about the major things that might go wrong in the program or function you are auditing. Consider, for example, the kinds of losses or the types of failures that might occur because of inefficiencies, poor strategies, or ineffective controls. It is too soon to foresee everything that could go wrong, but thinking about it helps you focus on what to expect in the rest of the preliminary survey, which involves getting familiar with the entity’s basic policies and controls. Under the Government Auditing Standards, in planning the audit, auditors should assess risks of fraud occurring that is significant within the context of the audit objectives. If you were auditing an agency responsible for awarding and administering highway construction contracts, for example, you should at least bear in mind that the agency might pay too much, that the work might not be completed on time, or that the work done might not meet construction specifications. Keeping those things in mind will help you think about the controls that the agency needs to have to avoid those problems.
Getting Familiar with the Basic Policies and Controls
As part of the preliminary survey, you need to get generally familiar with the entity’s basic policies and controls, including the control environment and reporting system. The objective here is to help you make a preliminary assessment of risk so you can select the major areas of audit emphasis. This part of the survey need not be exhaustive, because detailed audit programs can be prepared once you start working in the individual areas selected for audit. You would, however, want to raise questions and review enough material to understand the basic policies and controls regarding the problems you visualized when considering what might go wrong. The preliminary survey should include a brief “walk through” of the entity’s facilities. This should not be an idle tour, however. Observing the employees at work (or not working), the general attitude of the employees, the nature of the facilities, and the security (where security is important) will help in preparing the audit program. The auditor also needs to obtain a general understanding of the entity’s control system by meeting key managerial personnel and getting copies of important documents related to the control system. These discussions with key managers will also help you assess the control environment. Major documents related to the control system include:
●organization charts, showing lines of responsibility, and job descriptions of managerial
and supervisory personnel
● policy manuals
● procedures manuals, showing details of work flow and approval requirements
● all regular and ad hoc reports used by managers at all levels to assess performance, as well as performance reports sent to higher levels within the government and to oversight agencies, such as the legislature and to higher level governments
Procedures manuals can be lengthy and generally should not be read during the preliminary survey. On the other hand, reviewing policy manuals, the managerial reporting system, and actual managerial reports is likely to be productive at this stage of the audit. In particular, see if the managerial reports contain information about the efficiency and effectiveness of the entity and review those reports during the preliminary survey because that will help you plan the audit steps. Remember, the objective at this stage is to know enough about the agency’s goals and objectives, the control environment, the major strategies and controls, and the monitoring system in order to select areas for audit concentration.
Assessing Audit Risk and Outlining the Major Audit Objectives
When you have completed the preliminary survey, you are ready to assess audit risk, to establish the major audit objectives, list the major audit areas (and major steps within those area), and estimate the amount of time you want to spend to satisfy each major objective or to perform each major audit area.
Making decisions about likelihood and impact of something going wrong requires judgment. The preliminary survey provides information to help you exercise that judgment. Having a good understanding of the entity’s missions, goals and objectives provides data to help you consider what might go wrong and the impact of something going wrong. Understanding the policies, control environment, and the monitoring system provides data to help you decide the likelihood of something going wrong. For example, lax managerial attitudes toward control and discipline, lack of clear requirements regarding supervisory approval and authorization, lack of performance standards, weak performance monitoring, and failure to follow up on problems all increase the likelihood of something going wrong. Risk needs to be assessed not only in planning the audit, but also in the data gathering stage of the audit. For example, based on the preliminary survey, you may decide to devote limited effort to a particular area. If the evidence starts to show that the likelihood of something going wrong is greater than you originally thought, however, you may need to devote additional resources to that area. Of course, the opposite may also occur.