Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

PPT Audit Office of the Institutions of BiH, SIGMA Workshop on Digital Auditing for SAIs, Skopje, November 2019

23 views

Published on

PPT Audit Office of the Institutions of BiH, SIGMA Workshop on Digital Auditing for SAIs, Skopje, November 2019

Published in: Government & Nonprofit
  • Be the first to comment

  • Be the first to like this

PPT Audit Office of the Institutions of BiH, SIGMA Workshop on Digital Auditing for SAIs, Skopje, November 2019

  1. 1. IT Audit Experience and Challenges SAI Bosnia and Herzegovina Slaviša Vuković, Head of IT Unit Nerman Velić, IT Auditor Jasmina Okanović, Performance Auditor Digaital auditing, Skopje, North Macedonia, November 2019
  2. 2.  External, independent auditor of the institutions of Bosnia and Herzegovina.  INTOSAI and EUROSAI member  Member of the Network of SAIs of candidate countries and potential candidates and ECA  60 staff members  2 IT auditors  Main work output: audit reports, opinions and recommendations About SAIBIH AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
  3. 3. SAIBIH conducts:  Individual financial audits (including compliance audit) of 74 state entities  Annual audit of state budget execution  Performance audits About SAIBIH AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
  4. 4. Coordination Board  Composed of the AGs and DAGs of four audit offices:  The Audit Office of the Institutions of Bosnia and Herzegovina (hereinafter: SAIB&H)  The Audit Office of the Institutions in the Federation of B&H  Main Public Sector Auditing Office of Republika Srpska  Public Administration Audit Office of Brcko District (active observer)  Competences:  a) To establish consistent guides and instructions based on INTOSAI auditing standards;  b) To exchange professional experiences and strive to ensure consistent auditing quality;  c) To organize and coordinate developing activities of all of the four Audit Offices;  d) To assign auditing responsibility for the activities of common interest;  e) To appoint representatives in international bodies.  Working Group on IT Public Audit in BiH AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
  5. 5. Developed by the IT Audit WG, with the following top priorities:  Implementation of AMS  Using CAATs for more efficient audits  Implementation of IS for administration support IS Development Strategic Plan 2016 - 2020 AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
  6. 6.  Operational at the very beginning of public sector auditing in B&H  Wide scope of responsibilities  Member of EUROSAI ITWG and E-government Sub-group  Using WGITA IT Audit Handbook IT Audit in SAIBiH AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
  7. 7.  IT Audit as part of:  financial + compliance audits (regular annual audits)  performance audits (depending on a topic)  We do not conduct independent IT audits. IT Audit in SAIBiH AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
  8. 8. Organisation of a special function for an IT audit  Integrated approach – IT auditor as a member of the audit team  Integrated approach means that the IT auditor is a member of the audit team responsible for a certain number of clients.  Advantages of this way of organization are that it helps understanding of the computer information systems by all the auditors in the team and enables a better cooperation of IT auditors in all aspects of audit.  Main disadvantage is that it can happen that IT auditor is engaged in the work not directly connected with IT audit, irrational use of resources and lack or loss of skills of IT audit. There is a risk of complete weakening of the IT audit function.  2 IT auditors (for the past 9 years)  Possibility of using an external expert - If a certain audit task requires specialized knowledge (for example, knowledge of complex technical areas) Organization of IT Audit Function AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
  9. 9. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA  Financial audits  Out of 74 regular annual audits, about 20 of them contain IT audit findings  Annual Audit Report on State Budget Execution and Annual Audit Report on Key Findings and Recommendations regularly contain an IT audit chapter  Performance audits  Out of 40 performance audit reports published so far, 4 reports contains IT audit findings,2 of which specifically addressed IT-related issues  Telecommunication solution in the institutions of BiH  E-operations in the institutions of BiH IT Audit activities by SAI BiH
  10. 10. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA Objective of the Audit To examine whether the institutions of Bosnia and Herzegovina have put in place a legal framework and ensured adequate coordination in order to establish e-operations by utilizing existing IT potentials thus improving mutual communication, communication with the public and businesses, enhancing transparency and reducing costs of operation. e-Operations in the institutions of BiH
  11. 11. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA Findings and Conclusions The institutions of B&H failed to meet necessary prerequisites to establish e-operations by utilizing already existing IT potentials and improve mutual communication, communication with citizens and businesses, transparency and reduce costs of their operations. e-Operations in the institutions of BiH (cont.)
  12. 12. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA Findings and Conclusions The institutions of B&H failed to put in place a proper legal framework for efficient e-operations. The relevant legislation has not been fully implemented, the Law on Electronic Signature in particular. Existing legal framework governing electronic operations is not fully in line with the EU acquis. e-Operations in the institutions of BiH (cont.)
  13. 13. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA Findings and Conclusions No coordination has been established during IT systems implementation processes. Developed IT systems are not integrated, compatible nor interoperable. Lack of exchange of electronic data between the institutions. e-Operations in the institutions of BiH (cont.)
  14. 14. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA Recommendations To fully implement the Law on Electronic Signature. To fully align the existing legal framework with the relevant EU rules. Ensure interoperable systems able to exchange data. Ensure integration of both existing and newly introduced IT systems. e-Operations in the institutions of BiH (cont.)
  15. 15. Thank you for your attention! svukovic@revizija.gov.ba nvelic@revizija.gov.ba jokanovic@revizija.gov.ba AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
  16. 16. AUDIT OFFICE OF THE INSTITUTIONS OF B&H www.revizija.gov.ba Hamdije Čemerlića 2/XIII, Sarajevo, Bosnia and Herzegovina Tel. +387 (0) 33 70 35 73 Fax: +387 (0) 33 70 35 65

×