Uvodna obuka dri oagn feb 2011


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • and the public bodies controlled by these ministries
  • Limited number of auditors Most auditors have no audit experience, and need training Very limited amount of time available Impossible for SAIS (even with support from OAGN) to perform a full scale audit of the 2008 budget and present a report covering all risks identified. OAGNs understanding: deadline for the report to be presnted to Parliament is August 2009? Limitation of audit scope is necessary. Challenge of a life time! Planning and execution period has been identified Requires for progress to be pressed
  • The operations of a public sector entity, for example, may be evaluated in terms of its effectiveness, i e its success in meeting stated goals and responsibilities. Also, performance is judged in terms of efficiency, i e how well the resources available to the entity are used.
  • When performing corporate control, the OAG shall monitor the administration of the state’s interest in enterprises through this monitoring assess whether the relevant cabinet minister has performed his/her duties as an administrator of the state’s interests in accordance with the decisions and intentions of the Storting In 2005, monitoring by the OAG comprised 46 wholly-owned state limited companies 37 partly-owned state limited companies 5 regional health enterprises 5 state-owned enterprises 4 companies organised through separate legislation 26 student welfare organisations
  • In order to conduct corporate control, the OAG has formulated these four control perspectives to guide its efforts. Corporate control comprises all investigations that are deemed necessary to enable the OAG to provide a qualified assessment of the management of the state’s interests undertaken by the individual cabinet ministers. In wholly-owned state limited companies and wholly-owned state limited subsidiaries of these, this control may also comprise performance audits.
  • For most entities employee salaries will be the most important post on accounts, however a traditional financial audit will not indicate whether the entity is performing the activities they were given allocations to perform nor that they are reaching the objectives decided by parliament. Financial audits should establish whether the accounts give a true impression of the economic activities: Confirm that the accounts do not contain material errors or omissions Monitor whether the decisions and transactions on which the accounts are based: are in keeping with the decisions and intentions of the Storting and applicable regulations are acceptable in the light of norms and standards for government financial administration Other matters: Guidance of entities Prevent and uncover fraud
  • Reasonable assurance An audit in accordance with auditing standards is designed to provide reasonable assurance that the financial statements taken as a whole are free from material misstatement. (ISSAI 1200.5) Reasonable assurance is a high, but not absolute level of assurance due to inherent limitations to an audit as listed below. In terms of providing reasonable assurance the auditors should obtain sufficient and appropriate audit evidence to conclude that there are no material misstatements in the financial statements as a whole. Reasonable assurance relates to the whole audit process. If reasonable assurance cannot be achieved with the evidence provided the auditor should consider the impact of scope limitation on the audit opinion expressed. (ISSAI 1200.12) The limitations which are inherent in the audit process affect the auditor’s ability to detect material misstatements and in turn to provide absolute assurance on the financial statements. These limitations exist because of the following factors: • Only a sample of transactions or balances will be selected for the audit; • The inherent limitations of any accounting and internal control system, for example, the possibility of collusion; and • The fact that most audit evidence is persuasive rather than conclusive. In many instances the auditors will rely on professional judgement, in particular when deciding on the nature, timing and extent of audit procedures or drawing conclusions based on the audit evidence gathered. For example, the auditor needs to decide on the reasonableness of the estimates made by management in preparing the financial statements.
  • Key words: Media coverage? Court cases?
  • The state auditor’s role supports parliament responsibilities of: Oversight Insight Foresight. SAIS use tools such as financial audits, performance audits and advisory services to fulfil each of these roles.
  • Because of the above differences, there are certain areas that need to be emphasised more during public sector audits. These include the audit of compliance with laws and regulations and aspects relating to the value for money assertion.
  • The State Audit Act of the Republic of Serbia was passed in 2005 SAIS is in the process of compiling its own auditing standards and guidelines for each type of audit. The auditing standards are subordinate to legislation, but in areas where the requirements in the standards are stricter than those laid down in laws and instructions the standards should be complied with. Standards are to be based on INTOSAI’s standards for state audits and INTOSAI’s Code of Ethics. The purpose of these is to provide a content to the concept of ”best auditing practices in the OAG”. The guidelines for the different types of audits describe how audits should be performed.
  • Retningslinjer for revisjon Implementerings retningslinjer: 1000-2999 Regnskapsrevisjon 3000-3999 Forvaltningsrevisjon 4000-4999 Kontroll av disposisjonene Spesifikke retningslinjer: 5000-5099 Internasjonale Institusjoner 5100-5199 Miljørevisjon 5200-5299 Privatisering 5300-5399 IT revisjon 5400-5499 Revisjon av offentlig gjeld
  • Independence from the audit clients and outside interest groups is indispensable. Should strive to not only be independent of the audited clients and other interest groups, but also to be objective in dealing with the issues and topics under review. In all matters relating to the audit work, the independence of auditors should not be impaired by personal and external interests. Independence may be impaired for instance by external pressure or influence on auditors, prejudices held by auditors about individuals or clients, previous employment with the audited entity, close family ties or personal or financial dealings, which might cause conflicts of loyalties or conflicts of interests. Need for objectivity and impartiality in all work conducted by SAIS, particularly in reports Conclusions in audit opinions and audit reports should, be based exclusively on evidence obtained and assembled in accordance with international standards for auditing While the auditor should invite and take into account the view of others (e.g. client), it is vital that the auditors own conclusions should not be unduly impaired by such views.
  • Give an outline of the entire audit process and the main subjects that occur Understand the different audit phases and related activities Understand the concept of audit planning and auditing-by-objective
  • Organisation The plan must describe how the remaining auditing is to be organised and which auditors are to be included in the audit team. If it proves necessary to collaborate with other divisions and departments or to use special skills in the audit team, this must be stated. Estimated resources required Auditors must estimate the need for resources in the form of man-days and travel expenses. The estimate is based on the limits approved by the division manager, cf. 5.5 Planning further auditing. Time schedule Auditors must consider on which date or in which time period it would be most efficient to perform the audit. This can depend on factors such as the information that is available on various dates – for example with regard to the submission of accounts or the reporting routines in the administrative procedures. Auditors should provide an outline of when the audit programmes are to be conducted. When planning the schedule they must arrange a suitable distribution of the auditing work throughout the year so that it can be concluded in good time for the reporting. Auditors must also take into consideration that the result of the audit will be communicated to both the entity and the supervisory ministry before the work is concluded. Quality assurance of the plan The plan for the remaining auditing must be quality assured. If the plan contains any significant non-compliance compared with the previously approved plan, this must be clarified with the division manager.
  • PLANNING IS CRUCIAL - A NUMBER OF PEOPLE INVOLVED + LIMITED TIME Audit approach Estimated resources Time schedule Organisation Documentation Quality control Communication A need for common language and a common way of working: audit terminology and methodology
  • Topics Audit implications Basic Auditing terms Risk Analysis Materiality Documentation Audit plan/programs Findings/Considerations/Conclusions Communication/Reporting Quality assurance
  • An audit of the accounting is defined as the procedures that are required to confirm that the accounts are complete, accurate and reliable. This entails ensuring that expenses and revenues, stock and assets of any kind have been recorded in the accounts in keeping with the applicable rules. As the auditing and monitoring body for the Storting, the OAG is an external auditor and conducts financial auditing in line with audits that are performed by other auditing bodies – both private and public.
  • Assertions that are related to an audit of the accounting draw on general auditing theory and international auditing standards. The assertions are somewhat differently defined for balance sheet items and profit and loss items since balance sheet items relate to the situation on balance sheet day, while profit and loss entries describe the flows during the period. Basic auditing terms Existence A balance sheet item (asset or liability) represents an actual figure on the closing date. Ownership A balance sheet item represents a right or a liability for the entity on the closing date. Correct valuation Assets and liabilities are assessed in accordance with accepted valuation rules. Validity Transactions that are recorded in the accounts are related to the entity and to the period during which they have been recorded. Correct measurement All revenue and expense flows during the period are recorded correctly. Two of the assertions apply for all the information in the accounts. Completeness All the relevant information has been included in the accounts. Correct presentation and classification All the entries in the accounts are correctly classified and correctly described. 4.1.2 Assertions for compliance Three assertions have been derived for compliance. These are based on a three-part division of the definition and objective of financial auditing: • The dispositions comply with parliamentary decisions • The dispositions comply with laws and regulations • The dispositions are acceptable on the basis of norms and standards for financial management in the central government
  • Materiality in financial auditing is seen in relation to the fact that the information can contain errors or omissions or can be based on professional judgement. The costs of avoiding all errors and omissions can be so great that they exceed the benefit of such high precision. Errors of a certain size must therefore be accepted (materiality limit) provided that this is not of significance for the entity’s ability to implement the Storting’s budget resolutions and intentions or is not of critical importance for the users of the information. The assessment of materiality is based on both quantitative and qualitative considerations and is one of the factors that governs what is to be audited and the scope of the audit that is to be conducted. Errors that are due to random or unintentional actions are normally assessed as less serious than those that may result from deliberate actions.
  • The audit risk model is a model that helps auditors to determine how comprehensive the audit work must be to attain the desired assurance for the conclusions. The model consists of four elements: audit risk, inherent risk, control risk and detection risk.
  • The purpose of implementing audit procedures is to acquire adequate and appropriate audit evidence to substantiate auditors’ assessments and conclusions of the defined audit objectives.
  • Tests of controls are procedures that are conducted to test control activities that the entity’s management has established to manage risk. Testing of controls such as audit procedures can have two purposes. In the process analysis the purpose of tests of controls will be to assess internal control by testing whether the measures the management have initiated are satisfactorily followed up. The result of this testing of controls contributes to determining the scope and the angle of approach for the substantive tests that must be performed to procure sufficient audit evidence. In the analysis of residual risk, auditors can use tests of controls to procure evidence to show that the established internal control measures and control activities function when substantive tests alone do not provide adequate and appropriate audit evidence.
  • Substantive tests are direct tests of transactions and accounting items. Substantive tests are particularly necessary in cases where auditors cannot base their work on the entity’s risk management measures (internal control). When auditors conduct detailed audit procedures, they check the information directly by examining certain transactions, documents or assets. When they conduct analytical review procedures, auditors assess variance and reasonableness in the information after comparing it with historical data or estimated expectations. Inspections involve the auditors themselves checking the financial information, transactions and documents (voucher tests) or assets (physical tests) to ensure that the information is correct when compared with the submitted assertions about the accounts and the dispositions on which they are based. Observations are made when auditors consider the activities that are carried out in the entity – for example observation of inventory- and stock-taking. Control calculations involve auditors checking the calculations in documents – for example verifying that the rates used for calculating dues are correct. For entities that follow the Accounting Act, checking the writing-off of assets can be a relevant audit procedure for auditors to conduct. By enquiries/confirmation we understand that auditors gather information from persons within or outside the entity – for example in the form of bank statements and confirmations of balances. Analytical review procedures are procedures that assess variance and reasonableness in the available accounting information by comparisons, the use of ratios and other similar techniques. Analytical review procedures provide auditors with indications of whether there are material errors in the information. An example of this can be large variances in the figures from one year to the next
  • Audit evidence is the information auditors have acquired and documented to substantiate their assessments and conclusions. Audit evidence is gathered in all phases of the audit process. It is possible from the very start of the audit to use knowledge that has been acquired about the entity as independent audit evidence. Should it prove relevant to use information from previous years’ audits, auditors should investigate whether changes have taken place that can affect the validity of such evidence. New knowledge that is acquired must update and supplement existing information. The information collected forms a major part of the auditors’ documentation. Sufficiency is a measure of the scope of audit evidence. Auditors must collect enough evidence to enable them to substantiate their conclusions in relation to the audit objectives. It may be difficult to express in absolute terms how comprehensive the amount of evidence must be for it to be considered sufficient, but the need increases proportionally with the risk. If there is great probability that a risk element will arise and that the consequence of this will be of considerable significance, the auditors It is important for auditors to be critical of the scope and content of the information that is gathered. The standard also contains a requirement that the information must be necessary – in other words only information that is necessary should be collected. Appropriateness is a measure of the quality of the audit evidence, i.e. its relevance and reliability. Evidence is reliable if it fulfils the necessary requirements set for credibility. The reliability of audit evidence is affected by the source, internal or external, and by whether it is visual, written or verbal.
  • Assurance will be greater when there is a correlation between audit evidence procured from different sources or between different types of evidence. If information from one sources does not correspond with that from another, auditors must decide on the additional procedures that are necessary to allow the information to be used as audit evidence.
  • paradigm shift from auditing controls to auditing risk The annual financial audit will be conducted as required by state statutes for public accountability, however, audits should enhance public sector services Approach: Risk assessment Compliance audits Performance audits a structured identification and assessment of risks followed by decisions on the appropriate action to be taken in response to each significant risk which has been identified treat terminate transfer or tolerate.
  • Reading legal acts you quickly realise that the demands on companies are actually very imprecise. The “existence of internal controls” or the “implementation of a risk management system” are key requirements, but what do they mean in detail? Entities need guidance on how to work efficiently and at the same time, secure compliance. This is where COSO (Committee of Sponsoring Organziations of the Treadway Commission, USA) comes into play. There are two COSO frameworks: One for internal controls, which was released in 1992 – and a newer one for enterprise risk management, published in 2004. The COSO Enterprise Risk Management Framework describes all aspects needed for effective risk management within an entity. The framework is visualised as a three-dimensional cube with risk components entity & unit-level components risk management objectives This is not an audit methodology requirement or -tool, but auditors around the world find it helpful in order to develop and structure their work on risk assessment tasks, notably so for dimensions 1 and 3 above.
  • The management must make reviews of performance and efforts in order to ensure that the work in the process is actually carried out and is of the right quality. Controls that deal with aspects such as authorisations and reconciliations are normally incorporated into a process. These controls are intended to ensure that the process functions in an overall perspective – for example that descriptions of routines have been compiled or that the necessary activities have been carried out. In a procurement process in which goods are received, relevant control activities can be checking goods received against the order (type of goods, price and number/amount) and checking the invoice against the goods received. The entity must safeguard assets and sensitive information in a satisfactory way. In the case of information, this applies to both manual documents and IT systems. The entity must segregate duties adequately. Among other things this will prevent irregularities. Ensuring that several persons have the same area of work may also have a risk-reducing effect. It is not normally desirable to have the same person performing all the tasks in a process. For instance the same person should not order goods, endorse invoices, register invoices and authorise payment files. Requirements for satisfactory segregation of duties apply to both the processes that largely consist of manual routines and those that are IT-based. Control activities can be of a preventive, detective or corrective nature. Preventive controls are intended to prevent the occurrence of errors or undesired events. These can be controls that are integrated into a mechanical system or manual controls – for example the segregation of duties and functions. Detective controls are designed to give the management notification of errors or problems as they arise or immediately afterwards. Detective controls can be integrated mechanical controls, physical controls, or manual controls in the form of manual reconciliations. Corrective controls are used together with detective controls and neutralise the consequences of undesired events. Corrective controls can be mechanical controls or manual actions such as correcting errors.
  • These risk assessment procedures alone do not provide sufficient or appropriate audit evidence to base an opinion on. They may however assist auditors to focus their audit resources on the important or high risk areas. The procedures are essential in identifying risks of material misstatement. The auditor needs to determine what information is required, the person to whom these inquiries must be directed and the extent thereof.
  • Political decisions and supervisory authority Political decisions can be new tasks, a new form of affiliation resulting in new accounting principles, changed framework conditions resulting in changes for the administration (for example large reorganisation or the relocation of entire entities). Through their specific ministries, cabinet ministers are responsible for ensuring that parliamentary decisions are fulfilled. The follow-up takes place through the policy dialogue with the entity – for example in letters of allocation. The contents of such letters are intended to include purposes and goals as well as framework conditions defining how the entity is to perform its mandatory tasks. The ministry is ascribed the management, follow-up and monitoring of the entity’s operations. The entity’s letter of allocation must be in line with parliamentary decisions. Socio-economic factors and Social factors Unemployment often rises in periods of recession, leading to a greater demand for public services – for example from the Public Employment Service and the National Insurance Service. Society’s attitudes and expectations of the welfare state and its willingness to pay taxes and dues are examples of social factors that can be of importance for the possibility of some entities achieving their defined goals. Changes in level of education and settlement patterns are other examples of social factors that may exert influence. Cooperative partners and competitors Many entities are dependent on collaboration with private or public enterprises. These can be enterprises with closely related tasks or tasks that form part of a chain – for example the police collaborating with the prosecuting authorities, courts of law and the probation services. Private cooperative partners can be suppliers of goods and services or other operators outside the entity. If the entity’s goal achievement is dependent on a particular or complex item or service that can only be obtained from one or few suppliers, this may pose a risk for the entity’s goal achievement. Many government agencies have a monopoly on their production of goods or services. They therefore have little experience of competitors with alternative goods and services posing a threat or risk to their goal achievement. In many cases a lack of competition can increase the danger of inefficiency, and this in turn can threaten the entity’s goal achievement. Users One goal of government agencies is to have satisfied customers. Users’ requirements and attitudes can constitute a risk for the entity’s possibilities of attaining its goals. Strong user groups may affect the entity’s activities – for example through attempts to influence political decisions. The entity should have identified its users and the extent to which these users can affect the prioritisation of tasks and their performance. Equal treatment and legal protection are two requirements that users set for government administration. It is therefore important that the entity’s management is familiar with the content of these and similar basic principles and that it draws up strategies that adapt administrative procedures and information flow to the needs of the users. Technology Technological development is another factor that may have an impact on the entities’ ability to reach their goals, particularly entities that use and are dependent on information technology or other technology to produce or deliver their services. These entities are particularly vulnerable if technology ceases to function. Technological development in this context includes changes in large systems, in the development of software and hardware, and in infrastructure and information systems.
  • The next step in understanding the entity is to identify internal factors. It is important for auditors to keep to a general level in this context while they make more detailed investigations in the process analysis. Identifying internal factors provides auditors with grounds for deciding whether the entity is following the defined framework conditions. Overriding regulations laid down by the Ministry of Finance, 12 December 2003: • Regulations for financial management in central government • Provisions for financial management in central govt. The entity’s management The management is responsible for supervising and performing the entity’s tasks. Based on goals and performance requirements set by the Storting, the management draws up both one-year and multi-year plans, as well as a risk and materiality assessment that forms the basis for compiling strategies on how the management can handle detected risks that threaten goal and result achievement. The management is also responsible for ensuring that the entity complies with the laws and regulations that apply for its operations. The management’s attitudes and values affect the way in which the entity is run. They also influence the types of risk and how much risk the management accepts. The management’s system for risk management Auditors must examine whether the entity conducts risk assessments, whether the entity has a methodological approach, how often the entity conducts risk assessments, who takes part in them, in which parts of the entity the assessments are conducted, which types of risk are included in the analysis Organisation Auditors must acquire an overview of the entity’s size and complexity and of how it is organised and divided – for example into departments, divisions and operational units. This is important in order to decide the most appropriate way auditors can approach and organise the audit. In addition it is important that auditors see how the organisation has created the conditions for internal control activities through the assignment of responsibility and tasks. Ethical values and irregularities The entity’s ethical values are based on the management’s preferences, assessments and philosophy. These preferences and assessments are transferred to norms of conduct and reflect the management’s attitudes to ethical values. If the entity does not follow ethical values, this can lead to undesirable behaviour, which in turn may result in irregularities. Auditors must acquire information about the management’s attitudes to ethical values and whether irregularities have occurred in the entity. Personnel policy The entity may be vulnerable with regard to key competencies, and must therefore be aware of the expertise that is required in both the short and long term to enable it to perform its primary and secondary tasks. The need for competence affects recruitment, pay policy and training programmes. In general, entities organise their various tasks through job descriptions. Auditors must collect information about the personnel policy. Information and communication The entity has information and communication channels that it uses to disseminate and receive information. The management is dependent on having the required information available at the right time as a basis for making its decisions. Many entities are dependent on information technology in their production process or for their delivery of services and are therefore extremely vulnerable when errors or deficiencies arise in the technical systems. Auditors must gather information about the main information and communication systems and must acquire sufficient knowledge about how the IT environment influences financial matters, operations and other functions that are of crucial importance to the entity. Internal audit Auditors must find out whether the entity has established an internal audit. It may be appropriate for auditors to acquire information about the plans and reports of such internal audits, and they must decide whether they can use the information in their work, cf. the OAG’s auditing standards.
  • Estimating risk can be done in numerous ways. On strategic level we have chosen simplicity, illustrated by the diagram Estimating probability Auditors must assess how probable it is for risk elements to be realised and – if this is the case – the time frame in which this may happen. The greater the probability of a risk element being activated in the accounting period in question, the higher the risk will be. Auditors must assume an advisory role to prevent future errors and omissions. They must therefore also assess risk elements that may be activated in the future. Auditors estimate probability as high or low and give reasons for their estimate. Estimating consequence When estimating consequence, auditors must assess the impact of a risk element if it is realised. The considerations of materiality already made by auditors are used when assessing the consequence. The overall consequence of several events within a certain period must be used as a basis. Systematic errors are given a higher degree of consequence than individual errors. Efficient and effective emergency plans, back-up plans, the opportunity to relocate production and insurances can reduce the consequences of an event. In this context auditors must assess materiality in relation to both the transaction and decisions made – the dispositions – and the impact on the accounts. Auditors estimate the consequence as high or low and give reasons for their estimate.
  • The documentation can be compiled and stored on paper, film, and electronic or other media. Working papers constitute material compiled by auditors or the OAG. These papers show what the auditor’s planning of the auditing has been based on, the date of the performance of the audit, the scope of the audit procedures conducted, the results of the audit, the grounds for auditors’ assessments and professional judgement, and the conclusions that have been drawn. Source material is documentation that has been prepared by others and that auditors have considered relevant for the audit. Material that does not contain facts that are relevant should only be included in the source material to the extent auditors regard it as a deficiency if such facts are not described. Indexing All documentation must be indexed. The index system must be logical and as self-explanatory as possible, and must give each individual document a unique identificator. The system must also be flexible so that it is easy to insert new documents. Indexing must be structured in a manner that enables the assignment, entity, or accounting year to be identified, and must if appropriate refer to the relevant procedure or process. In addition, cross-references must be made between the information in the various working papers. These cross-references are intended to ensure a continuous two-way audit trail between the planning, the performance and the summary or conclusion of the work.
  • The working papers must be adequate and sufficiently detailed to provide a full understanding of the audit. The working papers must be dated and signed by the auditor who is conducting the audit. The signature will then testify who has carried out the audit, made the assessments and drawn the conclusions. The dating must indicate when such actions were carried out since the date may have significance for subsequent assessments and conclusions – particularly if substantial changes are made after the work was performed but before the accounts were submitted. In such situations auditors cannot base their conclusions on previously performed auditing activities without first verifying that they are still valid Auditors must document their work, and the documentation must also include any communication – both written and verbal – they have had with the entity. Factors indicating that there may be irregularities or errors must be documented separately stating what steps auditors have taken in the matter. The scope of the documentation may vary and depends partly on the size and complexity of the entity. Auditors should limit the amount of information that is to be filed to that which is directly relevant to the auditing work. The documentation must be of a scope that allows another auditor who has no knowledge of the assignment to gain an understanding of the work that has been carried out and of the basis on which the assessments and conclusions have been made.
  • Describes what and how much evidence is required to be gathered and evaluated, and how, when and by whom it is to be gathered and evaluated Auditors prepare audit programs in respect of evidence gathered and evaluated in each of the control testing, substantive testing and opinion formulation stages. It is prepared, or revised, as part of the operational planning activities of those three audit stages and documented as part of the audit working papers. The nature of the planned procedure describes what evidence is required and how it is to be gathered, the timing describes when the evidence is to be gathered, the extent describes how much evidence is needed.
  • There are many definitions of sampling out there, but in general sampling involves selecting individual items from a population, to enable you to draw a conclusion on the population as a whole. In an audit, sampling procedures are used because it is not practical to examine every single item in a population. For example, the auditor may select an audit sample of non-current assets, and verify their existence, condition and value. It would not be practical for the auditor to track down every single asset on the books. But, if all the items in the audit sample are verified then it may be appropriate to draw the conclusion that all the assets are correctly recorded in the books (assuming the audit sample has been selected correctly and is of sufficient size)
  • Before you can begin a sampling procedure you must define the population that you wish to test. The population is all of the items that contain the characteristic that you wish to understand. Thankfully, in the case of audit sampling the population is usually easy to define, e.g. all the assets on the asset register, all the sales during the period under review, etc. However, there may be occasions where we need to sample over time or space, and the population may be more difficult to define, for example an investigation into call centre waiting times at different times of the day. In these cases the focus may be on discrete observations or periods. The basis for selecting an audit sample is the list of items from which the audit sample is being chosen, which is called the sampling frame. The sampling frame may be identical to the population, but this is not always the case. For example, if an internal audit department were investigating customer satisfaction levels in a shop, it would be impossible to identify all the customers who have purchased from that shop. Therefore, an appropriate sampling frame may be all the customers on a specific date. It is vital that the sampling frame is representative of the population. In the above example, the shop may be considerably busier at weekends than on a Monday. Therefore if the date chosen to sample customers is a Monday, when staff have more time to spend with each customer, the results of the testing may indicate that customers are very satisfied. However, in reality the majority of customers (who shop on weekends) may have a much lower satisfaction level. Selecting an appropriate sampling frame that is representative of the population is a matter of auditor judgement. The audit sample must also be representative of the population for the results to be valid, and this is often dependant on the sampling method chosen. For example, in the above scenario, if the auditor is left to select customers at random (haphazard sampling) they may be inclined to approach more attractive customers, who may also receive preferential treatment from staff based on their physical appearance. In this case a different method of selecting the audit sample would be more appropriate, for example approaching every 10 th customer (systematic sampling).
  • Auditors record findings for each procedure. “ Completed without errors” is used when auditors do not find any non-compliance from the purpose of the procedure. “ Completed with errors” is used when auditors find non-compliance from the purpose of the procedure. All variances that are revealed must be recorded as “completed with errors”. Completed with errors can result in auditors being obliged to conduct further audit procedures to reveal the scope and consequence of the error. “ Assigned low priority” is used when auditors have deliberately chosen not to conduct the procedure. Auditors must state the reasons for this, and the low priority should be clarified with the person who approved the plan for the remaining auditing work. “ Not appropriate” is used when auditors assess an audit procedure as no longer relevant. Auditors must state reasons for this. In the event of indications of irregularity, auditors must consider whether such irregularity can be of significance for the assessment of other internal control activities. They must also assess whether the indication of irregularity concerns persons who are involved in other internal control activities. If this is the case and auditors have acquired assurances from these, they must consider whether such assurances can still be utilised. Indications of irregularity, errors or omissions can result in auditors being obliged to implement more audit procedures.
  • Auditors must assess which findings are to be communicated to the entity while the work is in progress, and whether the communication is to be made verbally at the summarising meeting or in the form of a letter. open and constructive dialogue with the entity about any weaknesses that were revealed can also contribute to clarifying any misunderstandings. Communicating audit findings constitutes part of the auditors’ advisory role.
  • Auditors must make sure that they have an adequate basis to enable them to reach conclusions by verifying that sufficient and appropriate audit evidence has been procured. This will ensure that the risk of material errors existing in the accounts and/or the dispositions has been reduced to an acceptable level (assessing audit risk). The conclusions must be substantiated by documentation of the work performed. Findings from all types of audit procedures that were conducted in strategic analysis (procedures for risk assessment), in process analysis (tests of controls), and in the analysis of residual risk (substantive tests and tests of controls) must be included in the material on which the conclusions are based. If auditors have not procured sufficient and appropriate audit evidence to enable them to reach a conclusion, they must attempt to acquire further evidence. If it proves impossible to obtain sufficient and appropriate audit evidence, auditors must express their reservations in the conclusions.
  • Communication applies to ALL of these key values.
  • Different types of communication sometimes require different methods. Communication both causes and solves problems.
  • The purpose is a bit different to the ISSA I 1220 because it is performed after the final reporting to the Norwegian parliament. The quality control is therefore not inforced to prevent the auditors from reporting the wrong conclusions. For this we have the quality assurance-system.
  • Uvodna obuka dri oagn feb 2011

    1. 1. Uvodna obukaDRISVRI Srbije, Beograd, 1. februar 2011.
    2. 2. Prezentacija Kancelarije generalnogdržavnog revizora Norveške (OAGN)• Zamenici generalnog direktoraG-din Knut Lien i g-dinTor Digranes• Pomoćnik generalnog direktoraG-đica Elizabet Slatbroten• Viši savetnikG-đa Merete Nordling 2
    3. 3. 3
    4. 4. 4Odbor generalnih državnih revizoraGeneralni sekretar Pravni sekretarijatSektor I(Finansijska revizija)Ministarstva:finansija,državne uprave i reforme,kulture i veraSektor II(Finansijska revizija)Ministarstva:odbrane,ribolova i priobalja,poljoprivrede i ishrane,životne sredine,rudarstva i energetike,saobraćaja i komunikacijaSektor III(Finansijska revizija)Ministarstva:pravde i unutrašnjih poslova,obrazovanja i istraživanja,lokalne uprave i regionalnograzvoja,trgovine i industrije,spoljnih poslovaSektor IV(Finansijska revizija)MetodologijaMinistarstva:rada i socijalne inkluzije,omladine i jednakosti,zdravlja i zdravstvene zaštite,(norveška Uprava za rad isocijalnu zaštitu)Revizija svrsishodnosti - Sektor IIzrada metodologije i savetodavna funkcija,Politike na nivou države,Korporativna kontrolaMinistarstva:rada i socijalne inkluzije,državne uprave i reforme,zdravlja i zdravstvene zaštite,lokalne uprave i regionalnog razvoja,trgovine i industrijeRevizija svrsishodnosti - Sektor IIMinistarstva:finansija,ribolova i priobalja,odbrane,kulture i vera,obrazovanja i istraživanja,poljoprivrede i ishrane,životne sredine,rudarstva i energetike,saobraćaja i komunikacija,spoljnih poslovaAdministracijaOdgovornosti:informaciono-komunikacione tehnologije,interna administracija i finansije,informacije i dokumentacija,međunarodna saradnja,ljudski resursiGeneralni državni revizor
    5. 5. 5Ciljevi uvodne obuke1. Podrška DRIS da uvede novozaposlene uposao2. Podrška DRIS u uspostavljanju praktičnogokvira za finansijsku reviziju3. Podrška DRIS u izvođenju revizije završnogračuna budžeta za 2010. godinu:• blagovremeno• najkvalitetnije
    6. 6. 6Nacrt obuke• Šta je revizija?• Nezavisnost vrhovnih revizorskih institucija (VRI) i Etičkikodeks• Okvir• Postupak revizije• Finansijska revizija• Analiza rizika i materijalnosti• Dokumentacija• Programi revizije• Nalazi revizije• Razmatranja i zaključci• Komunikacija i izveštavanje• Kontrola kvaliteta
    7. 7. 7RasporedUtorak, 1. februar 2011. DAN 109:00-16:00 Uvodna rečŠta je revizija?OkvirNezavisnost VRI i Etički kodeksPostupak revizije
    8. 8. 8RasporedSreda, 2. februar 2011. DAN 209:00-16:00 Finansijska revizijaOsnovni revizijski terminiRevizija bazirana na rizikuAnaliza rizika i materijalnosti
    9. 9. 9RasporedČetvrtak, 3. februar 2011. DAN 309:00-16:00 DokumentacijaProgrami revizijeNalazi revizijeRazmatranja i zaključciKomunikacija i izveštavanjeKontrola kvaliteta
    10. 10. Šta je revizija?
    11. 11. 11Termin ”revizija”• Nezavisno ispitivanje i procena finansijske idruge evidencije• Od strane imenovanog revizora koji obavljasvoj zadatak• Da bi se obezbedili kompetentni, relevantni irazumni revizijski dokazi i usklađenost saprimenljivim zakonima i propisima• Da bi se omogućilo donošenje zaključaka oreviziji i izrazila odgovarajuća mišljenja ofinansijskim izveštajima.
    12. 12. 12Revizije se mogu podeliti u tri glavnekategorije:• Finansijske revizije• Revizije usklađenosti (pravilnostiposlovanja)• Korporativna kontrola• Revizije svrsishodnosti(učinkovitosti, učinka)
    13. 13. 13Revizija svrsishodnosti• Revizija svrsishodnosti je studija entiteta (ili grupeentiteta) u cilju merenja njegovog učinka, uzfokusiranje na:• Efektivnost• Efikasnost• Kriterijumi za efektivnost i efikasnost nisu jasnoustanovljeni• Revizija svrsishodnosti ima tendenciju da zahtevasubjektivnija mišljenja nego revizije finansijskihizveštaja ili revizije usklađenosti.
    14. 14. 14Korporativna kontrola• Prati upravljanje državnim vlasničkimučešćima u preduzećima• Ocenjuje da li nadležni ministar vrši dužnostivodeći računa o državnim interesima
    15. 15. 15Sadržaj korporativne kontrole• Usklađenost sa odlukama i nameramaParlamenta• Obezbeđivanje društvene odgovornosti iostvarenje ciljeva sektorskih politika• Efektivno i ekonomično stabilno upravljanje• Tačne informacije za Parlament i VRI
    16. 16. 16Revizija usklađenostiFunkcionisanje revizija usklađenosti zavisi odproverljivih i priznatih standarda, kao što su:• zakoni i propisi• politike i procedure
    17. 17. 17• Pouzdanost računa• Potpunost, realnost poslovanja, itd.• Usklađenost (legalnost i regularnost)•Parlamentarne odluke, zakoni i propisi,norme i standardi za finansijsko upravljanje• Ostala pitanjaFinansijska revizija
    18. 18. 18Zahtevi za revizoreTokom rada na reviziji, revizori treba da se pridržavaju i uzimaju uobzir sledeće zahteve:• Profesionalni skepticizam ili priznavanje da mogu postojatiokolnosti koje uzrokuju materijalno pogrešna iskazivanja.Profesionalni skepticizam povećava i proširuju koncept dužnepažnje i od fundamentalnog je značaja za planiranje i izvođenjerevizije. (ISSAI* 1200.15) (ISSAI 1200 P18)• Profesionalno rasuđivanje revizora vodi ka informisanimodlukama i odgovarajućoj primeni relevantnih znanja i iskustavana činjenice i okolnosti. (ISSAI1200.16)• Dovoljni i odgovarajući revizijski dokazi treba da se pribave da bise revizijski rizik smanjio na prihvatljivo nizak nivo i omogućilorevizoru da izvede zaključke i bazira revizorsko mišljenje. (ISSAI1200.17)*ISSAI – Međunarodni standard vrhovnih revizorskih institucija
    19. 19. 19Opšti ciljevi revizora• Pribaviti razumno uveravanje o tome da li su finansijski izveštaji ucelini oslobođeni materijalno pogrešnih iskazivanja, bilo usledkriminalne radnje ili greške, kako bi se omogućilo da revizorizrazi mišljenje o tome da li su finansijski izveštaji sastavljeni, usvakom materijalnom pogledu, u skladu sa primenljivim okviromfinansijskog izveštavanja; i• Podneti izveštaj o finansijskim izveštajima i saopštiti ga u skladusa ISSAI i u skladu sa nalazima revizora.• Komunicirati sa korisnicima, rukovodstvom, onima koji suzaduženi za upravljanje, ili stranama van entiteta, o pitanjmaproisteklim iz revizije, u skladu sa zahtevima standara ilizakona. (ISSAI 1200.9 & 11)
    20. 20. Izveštaji DRIS za 2008. i 2009.Prezentuje DRIS• Vrhovni državni revizori Života Antić i LjubicaJanković-Andrijević• Ukupno maksimalno 20 minuta20
    21. 21. Okvir21
    22. 22. 22Uloga DRIS u društvu• Važan preduslov demokratije• Kamen temeljac dobrog upravljanja u javnom sektoru• Da pruži nepristrasne, objektivne ocene toga da li sejavnim resursima odgovorno i efektivno upravlja ucilju postizanja nameravanih rezultata• Da pomogne javnim entitetima u postizanjuodgovornosti, integriteta i u unapređenju poslovanja• Da ulije poverenje građanima Republike Srbije injenim zaintersovanim stranama (stejkholderima)
    23. 23. 23Uloga DRIS u društvu1. Nadzor se odnosi na to da li entiteti javnogsektora rade ono što treba da rade i služi zadetektovanje i sprečavanje javne korupcije.2. Uvid pomaže donosiocima odluka time štoobezbeđuje nezavisnu ocenu programa,politika, poslovanja i rezultata javnogsektora.3. Predviđanjem se identifikuju trendovi i noviizazovi.
    24. 24. 24Ključni aspektirevizijeRazmatranja privatnogsektoraRazmatranja javnog sektoraOcena dobiti Kompanije u privatnom sektoruimaju za cilj ostvarenje dobiti odnjihovog poslovanja.Entiteti javnog sektora, kao što suministarstva, ne treba da ostvaruju dobit,već da koriste primljena sredstva zapružanje kvalitetnih dobara i uslugajavnosti i relevantnim zainteresovanimstranama.Zakoni i propisi Privatni sektor je manje regulisan, apažnja se posvećuje da se ne prekršezahtevi zakona.Zakoni i propisi su zahtevniji u javnomsektoru i regulišu većinu aktivnosti.Izveštavanje Eksterni revizori podnose izveštajakcionarima kompanije.Eksterni revizori podnose izveštajParlamentu, a ne rukovodstvu subjektarevizije.Godišnji finansijskiizveštajiPrivatni sektor sastavlja godišnjefinansijske izveštaje kao instrumentodgovornosti akcionarima.Javni sektor sastavlja godišnje finansijskeizveštaje kao instrument odgovornostiParlamentu i opštoj javnosti. To obuhvata idodatne zahteve u pogledu obelodanjivanja.
    25. 25. 25INTOSAI (Međunarodna organizacijavrhovnih revizorskih institucija)• Međunarodna organizacija vrhovnih revizorskihinstitutcija (INTOSAI)• Organizacija koja pod svojim okriljem okupljaeksternu revizijsku zajednicu• Autonomna, nezavisna i nepolitička• Nevladina• Konsultantski status kod Ekonomskog i društvenogsaveta (ECOSOC) Ujedinjenih nacija• Osnovana 1953. godine• 188 članica, 2 pridružene članice• DRIS je članica INTOSAI
    26. 26. 26IFAC (Međunarodna federacijaračunovođa)• Globalna organizacija za računovodstvenu profesiju• Ima za cilj da zaštiti javni interes podsticanjemvisokokvalitetne prakse svetskih računovođa• 157 punopravnih i pridruženih članica u 123 zemlje ijurisdikcije, prvenstveno nacionalnih profesionalnihračunovodstvenih tela• Predstavlja 2,5 miliona računovođa zaposlenih ujavnoj praksi, industriji i privredi, vladi i akademskomsvetu
    27. 27. 27Okvir za revizijuZakoni i instrukcijeStandardi revizijeFinansijskarevizijaRevizijasvrsishodnostiKorporativnakontrolaPosebne smernice za različite vrste revizije
    28. 28. 28INTOSAI standardi revizijeNivo Opis Dokumenti1 Osnovni principi •Limska deklaracija2 Preduslovi zafunkcionisanje državnihrevizorskih institucija•Etički kodeks•Nezavisnost3 Fundamentalni principirevizije•Standardi revizije4 Smernice za reviziju •Finansijska revizija•Revizija usklađenosti•Revizija svrsishodnosti
    29. 29. ISSAI okvir• Nivo 1: Osnovni principi - ISSAI 1• Nivo 2: Preduslovi za funkcionisanje vrhovnihrevizorskih institucija - ISSAI 10 – 99• Nivo 3: – Fundamentalni principi revizije - ISSAI100 – 999• Nivo 4: Smernice za reviziju – ISSAI 1000 – 5999• Finansijska revizija 1000 – 1999• Revizija svrsishodnosti 3000 – 3200• Revizija usklađenosti 4000 – 4200• Korporativna kontrola
    30. 30. 30Pravni i institucionalni okvir• Pravni okvir propisuje ovlašćenja, dužnosti i prava Državnerevizorske institucije (DRI)• Standardi revizije Državne revizorske institucije sadrže opštepostulate i principe za obavljanje celokupnog rada na reviziji iprimenljivi su na sve vrste revizija koje se vrše.
    31. 31. 31Okvir za reviziju DRISPrezentuje DRIS• Zakon o budžetskom sistemu• Zakon o Državnoj revizorskoj instituciji• Poslovnik Državne revizorske institucije• Etički kodeks
    32. 32. Nezavisnost VRIiEtički kodeks
    33. 33. 33Zašto je važna nezavisnost VRI?• Vrhovne revizorske institucije mogu daostvaruju svoje zadatke na objektivan,nepristrasan i efektivan način samo ako supotpuno nezavisne od subjekta revizije i akosu zaštićene od spoljnih uticaja.• Kredibilitet od javnosti, klijenata, donatora itdzavisi od stvarne i predviđene nezavisnostivrhovnih revizorskih institucija
    34. 34. 34Principi nezavisnosti VRI• Meksička deklaracija o nezavisnosti (2007)- Postojanje odgovarajućeg i efektivnog ustavnog /statutarnog / pravnog okvira i de facto primenaodredaba ovog okvira- Nezavisnost čelnika i članova VRI, uključujući isigurnost mandata i zakonskog imuniteta priuobičajenom obavljanju njihovih dužnosti- Dovoljno široka ovlašćenja i puno diskreciono pravo uobavljanju funkcija VRI- Neograničen pristup informacijama
    35. 35. 35Principi nezavisnosti VRI- Pravo i obaveza da podnose izveštaj o svom radu- Sloboda da odlučuju o sadržaju i vremenuobjavljivanja izveštaja o reviziji, kao i o njihovomobjavljivanju i daljem širenju- Postojanje efektivnih mehanizama za praćenjerealizacije preporuka VRI (follow-up)- Finansijska i upravljačko/administrativna autonomija iraspoloživost odgovarajućih ljudskih, materijalnih imonetarnih resursa.
    36. 36. 36Etički kodeks• Etičkim kodeksom se ustanovljavaju etičkizahtevi i obezbeđuje konceptualni okvir zaosiguranje usklađenosti sa pet suštinskihfundamentalnih principa profesionalne etike.• Od svih revizora se zahteva da uoče svakupretnju za te fundamentalne principe i,ukoliko pretnje postoje, da primene zaštitnemere radi osiguranja da se ti principi nekompromituju.
    37. 37. Principi za DRIS?37• Nezavisnost• Objektivnost• Nepristrasnost• = Politička neutralnost
    38. 38. 38Sukob interesa• Revizori treba da štite svoju nezavisnost i daizbegavaju svaki mogući sukob interesa odbijanjempoklona ili nagrada koji bi mogli da utiču ili bi mogloda izgleda kao da utiču na njihovu nezavisnost iintegritet.• Revizori treba da izbegavaju sve odnose sarukovodstvom i zaposlenima subjekta revizije i drugihstrana koji mogu uticati, kompromitovati ili ugrozitisposobnost revizora da postupaju ili da se smatra dapostupaju nezavisno. Stoga se očekuje da revizoriobjave takve interese i da se isključe iz revizijskihposlova koji se tiču tog subjekta.
    39. 39. 39Sukob interesa• Revizori ne treba da koriste svoju zvaničnu poziciju ubilo kakve privatne svrhe i treba da izbegavajuodnose koji uključuju rizik od korupcije ili koji moguuzrokovati sumnju u njihovu objektivnost ilinezavisnost.• Revizorima je zabranjeno da koriste informacije kojesu dobili tokom obavljanja svojih dužnosti zaobezbeđivanje lične koristi sebi i drugima.• Revizorima je takođe zabranjeno da obelodanjujuinformacije koje bi mogle da obezbede nepravednu ilineopravdanu prednost drugim pojedincima iliorganizacijama, kao i da koriste takve informacije dabi naudili drugima.
    40. 40. 40Poverljivost informacija• Revizori moraju uvek da se pridržavaju najvišegstepena poverljivosti informacija.• Ni pod kakvim okolnostima ne treba da obelodanjujutrećim stranama informacije pribavljene tokomprocesa revizije, bilo u usmenom ili pisanom obliku,osim u svrhe ispunjavanja zakonskih obaveza VRI.• Poverljivost je obavezujuća pre, tokom i nakonizvršenja revizijskih zadataka.
    41. 41. Postupak revizije41
    42. 42. 42Audit processActivity Purpose
    43. 43. 43Zaključivanje iizveštavanjeZaključivanje iizveštavanjeProcena revizijskih dokaza.Komunikacija sa subjektomrevizije i Parlamentom.Formulisanje mišljenja oreviziji.Procena revizijskih dokaza.Komunikacija sa subjektomrevizije i Parlamentom.Formulisanje mišljenja oreviziji.Kontrola kvalitetaDokazivanjeKontrola kvalitetaDokazivanjeKontrola kvaliteta idokazivanje tokomrevizijeKontrola kvaliteta idokazivanje tokomrevizijeAudit processActivity Purpose
    44. 44. 44Potrebna je struktura• Pristup• Procenjeni resursi• Vremenski raspored• Organizacija• Dokumentacija• Kontrola kvaliteta• Komunikacija
    45. 45. Planiranje za 2011.Prezentuje DRIS• 4 vrhovna državna revizora?• Kratak pregled svake oblasti• Bez detalja o oceni rizika (ovo će bitiprezentovano drugog dana)• Maksimum 20 minuta x 4 (ukupno oko 1,5sat)45
    46. 46. 46Zaključivanje iizveštavanjeZaključivanje iizveštavanjeProcena revizijskih dokaza.Komunikacija sa subjektomrevizije i Parlamentom.Formulisanje mišljenja oreviziji.Procena revizijskih dokaza.Komunikacija sa subjektomrevizije i Parlamentom.Formulisanje mišljenja oreviziji.Kontrola kvalitetaDokazivanjeKontrola kvalitetaDokazivanjeKontrola kvaliteta idokazivanje tokomrevizijeKontrola kvaliteta idokazivanje tokomrevizijeAudit processActivity Purpose
    47. 47. Uvodna obukaDan 2VRI Srbije, Beograd, 2. februar 2011.
    48. 48. Rekapitulacija 1. dana• Šta je revizija?• Okvir• Nezavisnost VRI i Etički kodeks• Postupak revizije48
    49. 49. 49Predmeti• Finansijska revizija• Osnovni revizijski termini• Revizija bazirana na riziku• Analiza rizika i materijalnosti
    50. 50. Finansijska revizija
    51. 51. 51Cilj finansijske revizije• Cilj finansijske revizije je da omogućirevizorima da formiraju mišljenje sarazumnim uveravanjem o tome da li sufinansijski izveštaji i druge finansijskeinformacije• kompletne,• tačne i• pouzdane.
    52. 52. 52Revizijske implikacije• Institucije čiju reviziju vršima dajusledeće tvrdnje o transakcijama kada ihprezentuju u svojim računima: Validnost – Evidentirane transakcije se odnose na taj entiteti na period tokom kog su evidentirane Tačno merenje – Evidentirane transakcije su navedene utačnim iznosima Potpunost – Postojeće transakcije su evidentirane Tačna klasifikacija i prezentacija – Transakcije unete uračune su ispravno klasifikovane• Revizor mora da testira tačnost ovihtvrdnji
    53. 53. 53Osnovni revizijski termini• Tvrdnje• Smer revizije• Materijalnost• Revizijski rizik• Revizijski postupci• Revizijski dokazi
    54. 54. 54TvrdnjeRevizija računaRezultat Validnost TačnoodmeravanjePotpunostTačnaklasifikacija iprezentacijaSaldo Postojanje Vlasništvo ProcenaRevizija usklađenosti (pravilnost poslovanja)Parliamentarne odluke Zakoni i propisi Norme i standardi zafinansijsko upravljanje ucentralnoj vladi
    55. 55. 55Osnovni revizijski termini - tvrdnjeTvrdnje za reviziju računa(Stavke bilansa stanja)• PostojanjeStavka bilansa stanja (aktiva ili pasiva) predstavljastvarnu cifru na datum zaključivanja.• VlasništvoStavka bilansa stanja predstavlja pravo ili obavezu zaentitet na datum zaključivanja.• Tačna procenaSredstva i obaveze se ocenjuju u skladu saprihvaćenim pravilima procene.
    56. 56. 56Osnovni revizijski termini – tvrdnje,nastavakTvrdnje za reviziju računa (stavke dobitka i gubitka)• ValidnostTransakcije evidentirane u računima se odnose naentitet i na period tokom kog su evidentirane.• Tačno merenjeSvi tokovi prihoda i rashoda tokom perioda su tačnoevidentirani.
    57. 57. 57Osnovni revizijski termini – tvrdnje,nastavak• Tvrdnje za reviziju računa(Celokupnih računa)• PotpunostSve relevantne informacije su uključene u račune.• Ispravna prezentacija i klasifikacijaSve stavke u računima su ispravno klasifikovane iopisane.
    58. 58. 58Osnovni revizijski termini – smerrevizije• Odabrati smer revizije znači usmerititestiranje tako da revizijske tvrdnje mogu bitiverifikovane ili neverifikovane.• Najvažniji je za tvrdnje o kompletnosti ivalidnosti• Prihodi se verifikuju od osnove do računa• Rashodi se verifikuju od računa do osnove
    59. 59. 59Osnovni revizijski termini -materijalnostDefinicija materijalnosti• Revizori smatraju greške i omaškematerijalnim u slučajevima u kojima bikorisnici verovatno vršili druge ocene idonosili druge odluke da su bili svesni ovihgrešaka.
    60. 60. 60Osnovni revizijski termini –materijalnost• Granica kvantitativne materijalnostiKvantitativno određivanje materijalnosti se postižepostavljanjem numeričke vrednosti za to koliko velikamora biti računovodstvena greška da bi bilaprihvaćena, a da revizori ne smatraju da računisadrže materijalne greške.• Kvalitativna materijalnostRevizori vrše ocenu svih kršenja budžetskih odluka,propisa i/ili normi i standarda koji mogu da utiču nakorisnike finansijskih izveštaja.
    61. 61. 61Osnovni revizijski termini –revizijski rizikInherentni rizik• Verovatnoća da u finansijskim informacijamaili u entitetu uopšte postoje greške i propustikoji su materijalni – ili pojedinačno ili zbirno –kada se sve moguće mere interne kontrolemogu zanemariti.
    62. 62. 62Osnovni revizijski termini – revizijskirizik, nastavakKontrolni rizik• Verovatnoća da materijalna greška ili propustneće biti sprečeni ili uočeni i ispravljeni uračunovodstvenim sistemima i sistemimainterne kontrole tokom razumnog vremena.Detekcioni rizik• Verovatnoća da suštinski testovi revizoraneće uočiti greške koje ne otkrijuračunovodstveni sistemi ili sistemi internekontrole.
    63. 63. 63Osnovni revizijski termini – revizijskirizik, nastavakRevizijski rizik• Celokupna verovatnoća da će nakonzavršetka revizije postojati materijalne greškeili propusti koje neće biti uočeni.• Revizijski rizik je proizvod prethodnoopisanih faktora rizika.
    64. 64. AR = IR x CR x DRgde je• AR= Dopušteni revizijski rizik da bi materijalno pogrešnoiskazivanje moglo ostati neuočeno u bilansima i sa njimapovezanim tvrdnjama.• IR= Inherentni rizik, rizik od materijalno pogrešnog iskazivanja utvrdnji, pod pretpostavkom da nema sa njim povezanih kontrola.• CR= Kontrolni rizik, rizik da interna kontrola neće pravovremenosprečiti ili uočiti materijalno pogrešno iskazivanje koje se možejaviti u tvrdnji.• DR= Detekcioni rizik, rizik da postupci revizora neće uspeti dauoče postojanje materijalno pogrešnih iskazivanja.9-64Osnovni revizijski termini – revizijskirizik, nastavak
    65. 65. 65Osnovni revizijski termini – Revizijski postupci• Postupci za ocenu rizika• Testovi kontrole• Suštinski testovi
    66. 66. 66Osnovni revizijski termini – Revizijski postupci• Postupci za ocenu rizika:• upitnici za rukovodstvo i druge• analitički postupci• analiza trendova• analiza koeficijenata• analiza poslovnih očekivanja• Zapažanja i inspekcija
    67. 67. 67Osnovni revizijski termini – Revizijski postupciTestovi kontrole koji se koriste u• analizi procesatestiranje da li su mere koje je iniciralo rukovodstvonastavljene na zadovoljavajući način.• analize rezidualnog (preostalog) rizikanabaviti dokaze koji pokazuju da ustanovljene mereinterne kontrole i kontrolne aktivnosti funkcionišukada sami suštinski testovi ne pružaju adekvatne iodgovarajuće revizijske dokaze
    68. 68. 68Osnovni revizijski termini – Revizijski postupci• Suštinski testovi• Detaljni revizijski postupci• inspekcija• zapažanja• kontrolna izračunavanja• upitnici/potvrde• Postupci analitičkog pregleda• analitički suštinski testovi
    69. 69. 69Osnovni revizijski termini – RevizijskidokaziDa bi dokumentovali dovoljnost i prikladnost revizijskihdokaza, revizori moraju da navedu:• revizijske dokaze na kojima se zasnivaju ocene izaključci (delokrug)• od čega i koga su dobijene informacije (izvor)• kako se obezbeđuju revizijski dokazi (revizijskipostupci)• period na koji se primenjuju dokazi, kao i datumkada su pribavljeni
    70. 70. 70Osnovni revizijski termini – Revizijskidokazi• Ovo što sledi treba da se koristi kao osnova zaocene:• Eksterni revizijski dokazi (treće strane) su pouzdaniji odrevizijskih dokaza koji su prikupljani interno.• Revizijski dokazi koji se interno stvaraju su pouzdaniji akoentitet ima efektivne procedure računovodstvene i internekontrole.• Eksterni dokazi su pouzdaniji ako ih pribave direktno revizorinego da ih prikupi sam entitet.• Revizijski dokazi u obliku dokumenata i pisanih izjava supouzdaniji od usmenih izjava.• Revizijski dokazi u obliku originalnih dokumenata supouzdaniji od kopija ili faksova
    71. 71. Revizija bazirana na riziku
    72. 72. 72Revizija bazirana na riziku• Razmatra ciljeve, rizike i adekvatne kontrolekao međusobno zavisne koncepte kojimoraju zajednički da funkcionišu da bi biliuspešni• Obuhvata dve povezane aktivnosti:1. Pruža nezavisno uveravanje o upravljanjurizicima2. Formira mišljenje u stepenu u kom sustabilne kontrole sprovedene i održavaneradi ublažavanja značajnih rizika
    73. 73. COSO ERM73Interno okruženjePostavljanje ciljevaIdentifikacija događajaProcena rizikaUmanjenje uticaja rizikaAktivnosti kontroleInformisanje i komunikacijaNadzorStrategijaOperativnostIzveštavanjeUsklađenostOrganizacionajedinicaPoslovnajedinicaDivizijaNivoentitetaKomponente rizikaNivoi organizacijeCiljevi upravljanja rizikom
    74. 74. 74Ocena rizikaUtvrditi kontrolne aktivnosti (koje sprovode subjektirevizije za minimiziranje utvrđenog rizika):• pregledi rezulatata rada i napora• kontrole integrisane u tok procesa• fizička zaštita• raspodela dužnosti i funkcija
    75. 75. 75Ocena rizikaUtvrditi rezidualni rizik da bi:• Izvršili efikasnu i efektivnu reviziju baziranuna riziku• Planirali i izvršili dalje postupke revizije da bitestirali tvrdnje rukovodstva• Pribavili odgovarajuće, neophodne i dovoljnerevizijske dokaze koji će omogućiti donošenjezaključaka o tvrdnjama rukovodstva iciljevima revizije
    76. 76. Postupci ocene rizikaSvrha• da pomognu revizoru da razume entitet i njegovo okruženjeZahtevi• treba da budu dovoljni za utvrđivanje i ocenjivanje rizika odmaterijalno pogrešnih iskazivanja i o finansijskom izveštaju i osvakoj relevantnoj tvrdnji76
    77. 77. 77Opšta ocena rizika OAGN• Sastavlja se opšta ocena rizika za svako ministarstvo• Ova ocena rizika je zajednička za sve vrste revizije,vrši se istovremeno i čini osnovu za saradnju irazmenu iskustava.• Revizori takođe koriste veći deo informacija na kojese oslanja ova ocena rizika i u strateškoj analiziministarstava i entiteta.
    78. 78. Kako?• Upitnici i diskusije sa rukovodstvom i ostalima unutar ili izvan entiteta:• zaposlenima na različitim nivoima entiteta• upoznatim licima van entiteta• drugim revizorima uključenim u druge revizije koje se vrše u entitetu• Analitički postupci - primeri:• izdaci i aproprijacije• isplate zarada, poput dečjih dodataka i penzija prema demografskim raspodelama• Kamata kao procenat dugovanja u poređenju sa ustanovljenom stopom zajmoprimanja• Razmatranje dokumenata poput:• zakonodavnih izveštaja ili zapisnika• dodatnih dokumenata koje pripremi rukovodstvo za zakonodavne vlasti, kao što suizveštaji o radu ili zahtevi za finansiranje• svedočenja zvaničnika• ministarskih i drugih direktiva• zvaničnih poslovnika.• Ponovno izvođenje aktivnosti interne kontrole78
    79. 79. 79Šta razmatrati?Eksterni faktorivxcvxcv vxcvxcv vxcvxcvvxcvxcv ENTITET vxcvxcvvxcvxcvvxcvxcvvxcvxcv
    80. 80. 80Interni faktorivxcvxcvvxcvxcvvxcvxcvvxcvxcvvxcvxcvvxcvxcvvxcvxcvENTITET
    81. 81. 81Ocena rizikavxcvxcv vxcvxcvvxcvxcvvxcvxcvVisokoPoslediceNiskoVerovatnoćaNisko Visoko
    82. 82. 82Oblast visokogrizikaElementi rizika TvrdnjeFinansijska revizija Revizija usklađenostiValidnostTačnomerenjePotpunost IspravnaprezentacijaiklasifikacijaPostojanjeVlasništvo TačnovrednovanjeZakoni ipropisiPolitike iprocedurePrimer OAGN
    83. 83. Ocena rizika DRI za 2011.Prezentuje DRI• Vrhovni državni revizori, Ljubica Janković-Andrijević i Život Antić?• Samo glavni elementi• Maksimalno 30min x 2, ukupno 1 sat83
    84. 84. Uvodna obukaDan 3VRI Srbije, Beograd, 3. februar 2011.
    85. 85. Rekapitulacija 2. dana• Finansijska revizija• Osnovni revizijski termini• Revizija bazirana na riziku85
    86. 86. Predmeti• Dokumentacija• Programi revizije• Nalazi revizije• Razmatranja i zaključci• Komunikacija i izveštavanje• Kontrola kvaliteta86
    87. 87. 87Zaključivanje iizveštavanjeZaključivanje iizveštavanjeProcena revizijskih dokaza.Komunikacija sa subjektomrevizije i Parlamentom.Formulisanje mišljenja oreviziji.Procena revizijskih dokaza.Komunikacija sa subjektomrevizije i Parlamentom.Formulisanje mišljenja oreviziji.Kontrola kvalitetaDokazivanjeKontrola kvalitetaDokazivanjeKontrola kvaliteta idokazivanje tokomrevizijeKontrola kvaliteta idokazivanje tokomrevizijeAudit processActivity Purpose
    88. 88. Dokumentacija
    89. 89. 89Documentation• INTOSAI’s standard relating to audit evidence states that thedocumentation must:• confirm and support the auditor’s opinions and reports• increase the efficiency and effectiveness of the audit• serve as a source of information for preparing reports oranswering any enquiries from the audited entity or from anyother party• serve as evidence of the auditor’s compliance with AuditingStandards• facilitate planning and supervision• help the auditor’s professional development• help to ensure that delegated work has been satisfactorilyperformed• provide evidence of work done for future reference
    90. 90. 90Documentation• Glossary of terms• Working papers• Source material• Scope and content• Organisation and filing
    91. 91. 91Working paper requirements• Should give information about theassessments of risk and materiality, theplanning of the auditing work, a description ofthe audit procedures, and the scope of theseprocedures• Must document performed audit procedureswith a description of the scope of the control,selection criteria, date of their performanceand the findings that have been made
    92. 92. 92Working paper requirements• Should summarise in an appropriate mannerthe findings and results that have emergedduring the audit process and must draw thenecessary conclusions• Should contain all the material aspects thatrequire auditors to use their professionaljudgement, as well as auditors’ conclusionsconcerning these aspects• Should be signed and dated by the auditorand stored systematically
    93. 93. Audit programs
    94. 94. 94Audit programs• Describe how the audit approach is to beimplemented• Step-by-step• Detail the nature, timing and extent of theplanned audit procedures
    95. 95. 95How?• Tests• A database?• Working paper templates
    96. 96. 96An OAGN example• ProcurementsMicrosoftWord-dokument
    97. 97. SAI Serbia examplesPresented by SAIS• Supreme State Auditors Zivota and Ljubica?• Maximum 10 minutes in total97
    98. 98. Audit samplingWhat is it?• Selecting individual items from a population,to enable you to draw a conclusion on thepopulation as a wholeWhy do auditors do this?• Because it is not practical to examine everysingle item in a population98
    99. 99. Basic steps1. Define the population you wish to test2. Decide on the sampling frame• Professional judgement1. Pick the audit sample99
    100. 100. On picking the audit sample• There are many factors to consider:• what sampling method to use (statisticalvs. non statistical sampling)• how big the sample should be• what the required comfort level is• etc.• Fairly complex maths is involved• Sample size calculators and tables areavailable100
    101. 101. Nalazi revizije
    102. 102. 102Implementacija revizijskih postupaka• Evidentiranje revizijskih nalaza• Ocenjivanje revizijskih nalaza• Saopštavanje revizijskih nalaza tokom revizije
    103. 103. 103Evidentiranje revizijskih nalaza• Revizori evidentiraju ishod svakog revizijskog postupka – nalaze – bezobzira na to da li su greške uočene ili ne.• Mora biti naznačeno da li ili ne greške mogu biti značajne za narednezaključke.• Revizori evidentziraju nalaze u radnim papirima koji moraju da budu:• Adekvatni, ali ne toliko detaljni da prikriju važne informacije.• Dobro organizovani da omoguće naknadno uveravanje u kvalitet iodobrenje.• Revizori moraju da sastavljaju radne papire koji zajedno sa prikupljenimdokazima dokumentuju ishod revizijskih postupaka koji su sprovedeni.• Radni papiri treba takođe da ukažu i ko je izvršio reviziju, kao i kada jeona izvršena.
    104. 104. 104Razmatranje revizijskih nalaza• Revizori evidentiraju nalaze za svaki postupak.• “Kompletirano bez greške” se koristi kada revizori nepronađu nikakvu neusklađenost sa svrhom postupka.• “Kompletirano sa greškama” se koristi kada revizori pronađuneusklađenost sa svrhom postupka.• “Pripisan nizak prioritet” / “Nije prikladno”• U slučaju naznaka neregularnosti, revizori moraju da razmotreda li takva neregularnost može da bude značajna za ocenudrugih aktivnosti interne kontrole.
    105. 105. 105Saopštavanje revizijskih nalaza tokom revizije• Doprinosi sprečavanju budućih grešaka ipropusta• Razjašnjava sva pogrešna shvatanja ipogrešna tumačenja• Otvoren i konstruktivan dijalog sa subjektimarevizije
    106. 106. Razmatranja i zaključci
    107. 107. 107Razmatranja i zaključciSvrha:• Odlučiti da li su zadovoljene tvrdnje oračunima i dispozicijama• Odlučiti da li postoje materijalne greške ilipropusti u računima i pratećimdispozicijama• Obezbediti osnovu za podnošenje izveštajao radu revizije namenjenih entitetima,ministarstvima i Parlamentu
    108. 108. 108Zaključci• Osnova za zaključivanje• Zaključci za ciljeve revizije• Zaključci za tvrdnje• Zaključak za entitet
    109. 109. Komunikacija i izveštavanje
    110. 110. 110Ciljevi učenja• Pokazati uvid u profesionalno ponašanje uodnosu sa subjektima revizije• Razumeti važnost otvorenog dijaloga
    111. 111. 111Poverenje, Pouzdanost, Kredibilitet, Poštenje,Nezavisnost, Objektivnost, Nepristrasnost,Politička neutralnost, Izbegavanje sukobainteresa, Poverljivost, Kompetentnost,Profesionalni razvoj, Istinoljubivost,Nekorumpiranost i IntegritetPrincipi kojima treba da se rukovodezaposleni DRIS
    112. 112. 112Komunikacija• Verbalna - pisana• Interna - eksterna (npr. mediji)• Viši nivo (npr. Parlament) – niži nivo
    113. 113. 113Grupno vežbanjePripremite se za sastanak na nivouministarstava. Sastanak ima jednu svrhu:Upoznati ministarstvo sa DRIS i predstavitipredstojeću reviziju računa za 2008. godinu
    114. 114. 114Izveštavanje• Podnošenje izveštaja subjektima revizije inadzornom ministarstvu• Podnošenje izveštaja Parlamentu• Budžet i računi• Rukovođenje, postizanje ciljeva i rezultati
    115. 115. 115Nezavisnost, objektivnost i nepristrasnost• Moraju da se primenjuju na sva rad koji DRISobavlja, a naročito na izveštaje• Zaključci u mišljenjima i izveštajima revizije treba dase baziraju isključivo na dokazima koji su pribavljeni isastavljeni u skladu sa međunarodnim standardimarevizije• DRIS treba da traži i uzima u obzir gledište drugih(npr. subjekata revizije), ali je ključno da zaključciDRIS ne budu nepotrebno narušeni takvim gledištima
    116. 116. Kontrola kvaliteta
    117. 117. OAGN: three levels1. ”Everyday” controls at operational level• Peer review throughout the audit• Double-checking, second opinion1. Milestone management level controls• Final approval of the work carried out and theresults1. Annual quality control and user survey117
    118. 118. 118Annual quality control• An annual systematic review of the division’sauditing work• Includes a review of all tasks that auditors arerequired to perform pursuant to the Act andInstructions• Conducted by a working group appointedinternally at the OAGN• Reports to the Secretary General
    119. 119. 119Objectives of the quality control• Ensure quality and efficiency in financialaudits• Contribute to a harmonized practice ofmethodology and professional judgment• Provide recommendations as to the practiceof methodology• Enhance employee audit skills• Review and monitor internal qualityassurance
    120. 120. 120Procedures for the quality control• Commences once annual audits arecomplete• Not part of internal quality assuranceprocedures• As a minimum, one division per department issubject to control• Audit assignments selected for review reflecta variety of risk levels and size• Quality Control guidelines are updated on ayearly basis
    121. 121. 121Quality control includes evaluation of• the quality assurance system,• how divisions are organized and managed,• quality assurance procedures in the divisionand• how selected audit assignments (includingreporting) are carried out
    122. 122. 122Follow-up procedures• The Board of Auditors General are informedabout conclusions• Follow-up procedures• Seminars/workshops• Recommendations• Responsibility for the procedures• The financial audit methodology division• Each department and division
    123. 123. 123Annual user survey - financial audit• OAGN regularly seeks feedback from auditees• Annual user survey is being sent to all entities subjectof financial audit, together with concluding audit letter• Seven questions relating to:• Professional relations• Communication• Audit value• Guidance
    124. 124. 124Relation to OAGN Strategic Plan 2010 - 2014SP consists of 5 main goals, 21 secondary goals, 38 resultindicators. User survey for financial audit seeks to measure:1.1 OAGN keeps a good dialouge with Parliament and governmentadministration about audit processes and results1.2 The government administration finds that the OAGN’s guidance role iscarried out in a relevant and constructive way2.3 OAGN’s managers and employees have a common understanding andpractice of OAGN’s audit methodology and guidance role2.4 OAGN presents it’s audit results in a good, balanced and credible way
    125. 125. 1254 result indicators developed for this purpose:• Min. 80 % of government administration perceives theirdialogue with OAGN as good• Min. 80 % of government administration finds that OAGN’sguidance is given in a relevant and constructive way• Min. 80 % of government administration finds that the OAGNpresents it’s findings in a good, balanced and credible way• Min. 75 % of government administration finds that OAGNhas adequate competence to perform it’s tasks.