This guideline is meant to give SAI guidance on how to conduct an audit on the ethics in public sector entities.

1. AUDIT OF ETHICS
Albana Gjinopulli MSC CIPFA CIA
Director of Methodology and Development
ALSAI – Supreme Audit Institution of Albania
Tirana, June 2017

2. EUROSAI- Task force on Audit & Ethics
 The guideline is meant to give SAI guidance on how to
conduct an audit on the ethics in public sector entities
 In line with ISSAI 5700
 Who is the guidance for and how it can be used

3. What is an Audit of Ethics
 An audit of Ethics is a process by which various
dimensions of ethical conduct of an organisation can be
evaluated
 The Audit of Ethics addresses the ultimate responsibility
and corresponding accountability of the organisation
leadership to promote and ensure that its management of
all levels and its staff behave in an ethical way and by
doing so refrain from acts of fraud and corruption.
 An Audit of Ethics may be used if there are specific issues
or perceived risks that need to be addressed

4. What is an Audit of Ethics
 Behavioural issues such as leadership, system , integrity
 Identify areas of concern
 Evaluate the extent to any perceived problems
 Suggest ways forward by which these problems can be tackled
 When there are no concerns
 act as an ethical health check
 Identify existing good practice
 Further strengthen the organisation
The audit of Ethic looks at the ethical health of the organisation

5. Types of Audits of Ethics
 Compliance Audits
 Cultural Audits
 System Audits

6. Why SAI should audit the Ethics
 Charts from yesterday
 So many problems with compliance, make us forget about
other issues like ethics and integrity
 Although most cases of fraud and corruption are related to
ethical behaviour of individuals or organisations and their
integrity

7. Why SAI should audit the Ethics
Structure of economic damage according to audit scope year 2016, in 000 ALL

8. Why SAI should audit the Ethics
 Reform and modernisation of state administration and
public management
 Ethics turned out to be part of public governance and
performance.

9. What is the role of SAI
 Beside their traditional role to audit the execution of
state budget, public spending and management of public
property, the SAIs contribute to good management of
public money and are an important pillar in the National
Integrity System.
 Are expected to contribute combating fraud and
corruption

10. Benefits from Audits of Ethics
 Embodies the view that ethics has real and practical
implications in achieving goals, mission and vision of public
sector entities
 Encourages ethical behaviour and ethical decision making
 Strengthening the existing mechanism for monitoring
implementation of ethical principles and encourages the
establishment of missing processes and/or relevant control
activities.
 Adds value and contributions to the improvement of
management, controls and governance of the audited
organisation
 Leads to help restoring trust and confidence in public org.
 Draws the attention of Parliament and public to the
importance of ethical management

11. SAI mandate to audit ethics
 No specific mandate to audit ethics
 General mandate of SAI usually provide the power that
either audit ethics /integrity as a general subject or to
include ethical issues within the other audits.
 Traditionally, the audit of ethics was part of audits such
as compliance and financial audits.
 Ethics is increasingly recognised as element of public
organisation performance/potential topic for
performance audits.
 Audit of ethics may be organised in combination or as
part of the main types of audit.

12. Definitions – what do we mean with
ETHICS & INTEGRITY
 Ethics- defines what is good for individual and society and
establishes the nature of obligations and duties that
people owe themselves and one another.

13. Definitions – what do we mean with
ETHICS & INTEGRITY
 Integrity- refers to something or someone that is
untainted, intact and untarnished - refers to virtue.
Incorruptibility and the state of being unimpaired.

14. Definitions – what do we mean with
ETHICS & INTEGRITY
Organisational ethics – ethics
policies of an organisation ,
ethical thinking and ethical
behaviour of board,
management and employees.

15. Definitions – what do we mean with
ETHICS & INTEGRITY
 Ethical – relates to moral principles.
 Ethical behaviour – prevention and detection of fraud and
corruption
 General expectations are that public servant should......
 Serve the public interest with fairness
 Manage the public resources properly
 Impartial treatment based on legality and justice
Public ethics are perquisites to underpin the public trust and are
a cornerstone of good governance

16. Management of Ethics or integrity
 Ethics Management – planning, implementation and
coordination of activities of an organisation in
achievement of the institutional integrity of that
organisation.
 Management control and internal control - element of a
control system that enable the organisation to reach its
goals, hard controls and soft controls
 Internal control explicitly recognises ethical operations as
an element of general objective to be achieved through
effective, build in and on-going internal control by
management and other personel

17. Subject matter for ethics audits
 Audit problem / what is auditable
 Ethics policy
 Propriety of behaviour
 Ethical culture / climate
 Ethical infrastructure
 Ethics/integrity management and control ( including risk assessment)

18. Examples of inherent vulnerable proccesses

19. Approaches in auditing ethics
Perspective
Expected result
Possible SAI’s activity
Identifying risks and highlighting the
responsibility of public managers
Raise awareness on ethics’ management
• Disseminate the key elements of ethics
management and control
• Encourage public organisations’ self-
assessment and ethics related strategies
• Work with other ethics or anti- corruption
bodies in activities intended to promote
ethical conduct
Supporting a more robust internal
control system
Reinforce the ethics component of the internal control
system
• Give guidance to public organisations’
internal auditors
• Review internal audit work
• Include or reinforce the analysis of the
ethics component of the internal control
environment in the SAI’s traditional audits
Overseeing and holding public
managers to account
Enforce ethical standards and ethics’ defined policies (general
or subject related)
• Assess the compliance to those standards
and policies, either in the SAI’s ordinary
audits or in ethics focused audits
• Detect corruption and unethical behaviour
Improving ethics management in public sector organisations
• Include ethics related questions in the SAI’s
ordinary audits
• Assess the existence, efficiency and
effectiveness of the ethics
management/control system in selected
organisations
• Assess the ethical culture in selected
organisations
Creating insight into the whole public
sector integrity
Improving the public sector integrity framework
• Conduct transversal or cross- cutting
analysis and assessments
• Assess the existence, efficiency and
effectiveness of a national ethics
infrastructure/integrity framework/integrity
system
• Identify and assess national strategies to
address wide integrity weaknesses

20. Approaches in auditing ethics
which strategies exist (adv and disadv)
 Raising the awareness activities – conduct or collaborate in
such initiatives about the ethics management which can have a
preventive effect in fighting corruption
 Audit of ethics or integrity control system – control
environment implies that the organization must demonstrate
integrity and ethical values (part of ordinary audits).
Advantages...
 Raising no mandate doubts, no additional resources , covers a wide
number of organizations
 General conclusion as result of compared analyses
 Collaborate with other auditors to reinforce the integrity control
environment
 Encouraging the work of internal auditors to audit ethics.

21. Approaches in auditing ethics
which strategies exist ( adv and disadv)
 Audit of ethics infrastructure within the organization
 The efficiency in the functioning of the ethics infrastructures
 Whether bodies have undertaken the required activities and developed
appropriate practices to promote ethical values and ethical principles
 While the ethical standards were being effectively achieved, assessing the
level of their application and the actions taken in case of breaches to
ethical conduct
 Subject focused and transversal audit approaches
 Tone at the top
 Whistle blowing arrangements
 Conflicts of interest
 Discrimination and equity
 Leaking of sensitive information
 Integrity in public procurement
 Gifts and hospitality

22. Approaches in auditing ethics
which strategies exist ( adv and disadv)
 Audit of ethics infrastructure within the whole
government
 Conduct a government wide inventory and
analyses of laws and regulations ( related with
ethics and integrity)
 Assess the ability of the institutional structures to
prevent and fight corruption
 Evaluate the implementation of policies in order
to enhance the integrity
 Conduct a global performance audit to assess
efficiency and effectiveness of the national
integrity system

23. What is the relation with other types of
audits
 Financial audit – as part of control environment
 Compliance audit – compliance with laws, rules and
regulations. Treated as secondary element that can effect
the audited subject
 Performance audit – provides new information analyses,
insights recommendations for improvements
 When the audit of ethics is main scope of the audit –
focus on ethics management and ethics
infrastructure.

24. Main challenges
 Adopting codes and mechanisms – are not enough
 Creating ethical culture – key of the issue
 Verification of
 Existence of tools
 Implementation of programmes
 Their impact on organisational culture, values and behaviour
 Constraints related with audit culture, confidentiality timelines
and budget
Involvement of stakeholders and raise the likelihood of
widely accepted outcomes and future actions will be
taken.

25. Audit framework and criteria
 The audit of ethics - covers aspects of strategic and
operational levels with an appropriate mix of hard and
soft controls, both tangible aspects with ethics – related
policies, functions and activities, and intangible aspects –
overall ethical culture of the organization.
 Carrying out analyses of risks to ethics
 Designing specific audit questions and procedures
 Assessing findings against a selected set of criteria
 Adding value through showing areas and possibilities for
improvement

26. Audit criteria
 Assessment criteria should include
 Good governance criteria for evaluation of the construction of an
ethics management system
 Compliance criteria for verification of the functioning of hard
controls
 Outcome criteria addressing ethical culture
 Source of criteria
 National level
 Specific requirements
 International level
 Types of criteria
 Government criteria
 Compliance criteria
 Outcome criteria

27. Audit Planning
 Objective of planning
 Selection of topics
 Audit design – audit scope , subject matter and objectives
 Understanding the audited object and its environment
 Audit approach and audit plan
 Material
 Risk assessment
 Data collection
 Audit program

28. Methods and tools

29. Reporting and communication
 The audit report of the audit of ethics shall follow the
standards applicable for any audit report:
 It comprises sections on: introduction; objectives
(clearly stating the purpose and reason of the
audit); audit scope, approach and criteria;
observations; conclusions; and recommendations.
 It must be objective, complete, clear, convincing,
relevant, accurate, constructive, and concise. An
effective quality control system is required to
help ensure that the reports exhibit these
qualities.

30. Reporting and communication
 Audit evidence
 Audit findings including corruption and non-compliance
incidents
 Recommendations
 Confidential issues
 Publication
 Communication of audit results
 Impact
 Follow – up
 Communication with auditees through the audit process

31. Reporting and communication

32. IMPACT
The audit and the recommendations given on the basis of
the particular facts and findings identified are able to
produce the following types of improvements in the public
sector:
• Increasing the effectiveness of the control systems in
place, since ethics is a relevant factor of risk assessment
and an element of the internal control environment of the
organisation
• Encouraging the set-up of missing processes and/or
relevant control activities
• Stimulating and improving the set up and functioning
of ethical infrastructures in public bodies
• Improving prevention of fraud and corruption
• Increasing public awareness

33. IMPACT
• Stimulating relevant training and education on ethics
• Fostering the consistent application of rules and
regulations related to ethics and ethical behaviour
• Enhancing ethical behaviour and ethical decision
making
• Strengthening mechanisms for monitoring the
implementation of ethical principles
• Decreasing the number of breaches and
irregularities
• Improving prevention of fraud and corruption
• Increasing public awareness


34. IMPACT
• Change of management practices
• Increased public officials’ accountability
• Amendments to legislation introduced
• Dismissal of public officials
• Sanctions applied to identified cases

35.  SAIs and their auditors face challenges when auditing
ethics.
 The main lessons coming from the experience of facing
those challenges in assessments and audits already
conducted are included into the session What should
auditors make sure to do and what should they really try
to avoid?
 Wish you a successful audit of ethics.......
 Thank you ...........