Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Presentation- Integrity Assessment Tools for SAIs. Tirana, June 2017

104 views

Published on

Presentation made by the Head of the Financial Audit Methodology and Quality Control Department (The Audit Office of the Institutions of Bosnia and Herzegovina) during the Roundtable "The Role of Supreme Audit Institutions in Combatting Fraud and Corruption"

Published in: Government & Nonprofit
  • Be the first to comment

  • Be the first to like this

Presentation- Integrity Assessment Tools for SAIs. Tirana, June 2017

  1. 1. THE AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA INTEGRITY ASSESSMENT TOOLS FOR SAIS Dragoljub Kovinčić, Head of the Financial Audit Methodology and Quality Control Department Sarajevo, mart 2017.
  2. 2. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE 1. What is integrity? • Derived from the Latin word ‘in-tangere’ (untouched) • The integrity refers not only to the requirements such as being incorruptible but includes values such as honesty, sincerity, sociability, neutrality, scrupulosity, respectfulness, objectivity, decency. 2. What is a ‘SAINT’ workshop? Self Assessment INTegrity 3. Why „IntoSAINT?“ The self-assessment tools for SAIs
  3. 3. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE Why to invest into integrity? • Reputation, • Trust, • Credibility, • Independence, • High quality of work, • High standards of professional conduct of our staff, • Added value, • Leading by example – setting an example for others
  4. 4. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  Individual features: honesty, trust, decency  Conduct/behaviour in line with the established standards and rules  Ability and willingness to perform tasks in an appropriate way and with due care, taking all interests into account  Acting in line with the public and not the personal interest
  5. 5. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  The institutional integrity is based on conduct/behaviour of employees  Each institution is subject to integrity risks  Vulnerability and the effects of vulnerability differ  Management‘s responsibility to control risks/eliminate temptations
  6. 6. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  The basic prerequisite to trust the authorities  The integrity is a positive goal and the element of the institution’s quality  Good governance/management accountability element  Employee: correct/ethical behaviour  Employer: correct/ethical behaviour + elimination of temptations for the employees
  7. 7. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  Fraud/corruption< > lack of integrity; o Integrity violations cover a wider range of, i.e.  Conflict of interest  Publishing of confidential information  Discrimination/intimidation  Integrity is closely linked to ethics and culture  Conflicting value systems 1. Public duties<>personal duties
  8. 8. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE Opportunity Justification Pressure/ incentive
  9. 9. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE Negative (compliance) approach Positive (integrity) approac Rule base: imposed norms (law and regulations) Principle based: shared norms and values (decency) Hard controls Soft controls Opinion: people are bad Opinion: people are good Focus on preventing integrity violations Focus on facilitating good behaviour Legal focus Managerial focus Repression/reaction Prevention/proactive
  10. 10. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE 1. Ignoring the problem 2. Awareness / ‘signal to change’(incident/external influence) 3. Strict approach  Law and regulations  Supression: investigation (prosecution)/punishment 4. Acknowledging the supression shortcommings 5. Focus on prevention / integrity approach  Hard controls (internal controls, security...)  Soft controls (culture, managerial attitude...) 6. Balanced approach(prevention/supression)
  11. 11. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  Self Assessment INTegrity  A public sector tool developed in Netherlands  Promoting the awareness of integrity and the prevention of integrity violations  Assessment of vulnerabilities (risks)/and the level maturity of the integrity controls  Workshop with employees / uses the knowledge and experience of employees on risks and controls
  12. 12. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  Public Sector Integrity: SAI serving as good practice example (leading by example)  Implementation of the international integrity standards  Goal: To strengthen the role of SAI as a public sector integrity watchdog; exchange of the experience on integrity strenthening between SAIs  Expected outcome: the community on joint issues related to SAIs integrity and possible solutions
  13. 13. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  The goal is to use the collective knowledge and experience to assess:  Vulnerabilities of the processes The issues that we should be concerned about? What risks/temptations we notice?  The level of the ‘controls‘ system integrity‘ What is already there? The quality of it? Whether it is efficient?  Recommendations for further actions What is yet to be done?
  14. 14. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  The integrity concept covers a large scope, including, but not limited to fraud and corruption  Integrity controls are management’s responsibility  Self-assessment assists in promoting integrity =>SAINT  SAI‘s should lead by example and assist each other =>IntoSAINT
  15. 15. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  Moderator and co-moderators(key role),  Selection of the workshop participants,  List of processes within the institution  Moderators and co-moderators – preparations (day 1)  Workshop (day 2 and 3)  Summarizing questionnaire results and conclusions and drafting of the self-assessment report (day 4)  Reporting to management – weaknesses, recommendations (day 5)  Further actions – action plan development Practical Self-Assessment Workshop
  16. 16. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE 1. Definition of object (organisation and processes). 2. Assessment of vulnerabilities, vulnerability enhancing factors, vulnerability profile (low, medium, high) 3. Assessment of the integrity controls‘ system maturity 4. Gap analysis 5. Recommendations (eliminating vulnerabilities, controls strengthening)
  17. 17. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE List of processes within an institution  Prepare earlier discussions with participants  Vulnerable processes are present in all public institutions  Some activities and processes are inherently more vulnerable than others  Some factors may enhance the vulnerability of certain processes
  18. 18. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE
  19. 19. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  What are the inherent vulnerabilities? (QUESTIONNAIRE, grades 0-not important, 3-very important)  What are the vulnerability enhancing factors? (QUESTIONNAIRE, 0-not important, 3-very important)  What is the vulnerability profile? (the combination of inherent vulnerabilities and vulnerability enhancing factors)
  20. 20. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE 1. Complexity 2. Change/dynamics 3. Governance/management 4. Employees 5. Earlier problems
  21. 21. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE
  22. 22. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  What is the level of the integrity controls system maturity?  Existence of controls  Implementation of controls  Effectiveness
  23. 23. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  Hard controls: 3. Responsibilities 4. SAI legal framework 5. Integrity legislation and regulations 6. Administrative organisation/internal control 7. Security  General controls: 1. Integrity policy framework 2. Vulnerability/risk analysis 13. Recruitment and selection 14. Response to integrity violations 15. Accountability and transparency 16. Audit and monitoring  Soft controls: 8. Values and standardsi 9. Professional SAI standards 10. Integrity awareness 11. Management attitude 12. Organisational culture
  24. 24. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE QUESTIONNAIRE, INTEGRITY CONTROL MATURITY LEVEL
  25. 25. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  To link the integrity controls system with the vulnerabilities established  What is the vulnerability profile?  Does the integrity controls system protect the institution from the vulnerabilities established?  What are the remaining/residual vulnerabilities?
  26. 26. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE • Vulnerability is measured based on the total score and the vulnerability profile • Resilience is calculated based on the integrity controls system maturity • Balance is achieved by reducing vulnerabilities and enhancing controls
  27. 27. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  What can be done in order to reduce the institution‘s vulnerability?  What can be done in order to strengthen the institution‘s resilience?  What are the priorities?  Action plan
  28. 28. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE How will the self-assessment assist the institution in leading by example in terms of integrity and to perform its duties while using public funds in an ethical way?  Self-assessments conducted in certain SAIs  Self-assessment report with recommendations  SAI’s action plan to eliminate shortcomings
  29. 29. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  What are the strengths of the self-assessment tool?  Relying on employees,  Discussing weaknesses,  Discussing good practices,  Discussion, debate,  Collective solutions,  Strengthening the awareness on the impact of employees (individual accountability)  Strengthening the awareness on the impact of the collective – organisation (collective accountability)  Strong audit (key process)  All the weaknesses and recommendations stemming from ‘base’
  30. 30. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  What are the weaknesses of the self-assessment tool?  Participants selection (different profiles?),  Process selection (what processes are important/relevant?),  Questionnaires are not being presented to participants beforehand,  Lack of understanding of methodology (questionnaires)  Presenting of attitudes justifying weaknesses (lessening the problem),  Passive participation,  Expressing attitudes related to management,  Subordinates fearing their superiors,  Integrity awareness,  Culture, customs
  31. 31. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  What are the expectations of the SAI regarding the self-assessment?  High quality self-assessment report,  Real weaknesses,  Real good practice (controls),  Realistic and implementable recommendations,  Implementation (integrity strengthening)
  32. 32. URED ZA REVIZIJU INSTITUCIJA BOSNE I HERCEGOVINE  How can these tools be used within the Network?  Trained moderators,  Mutual support between SAIs,  Exchange of experience,  Public self-assessment report?  Public action plan?
  33. 33. Thank you for your attention! dkovincic@revizija.gov.ba

×