Advancing Impact Measurement | Public Good App House
PPT Audit Office of the Institutions of BiH, SIGMA Workshop on Digital Auditing for SAIs, Skopje, November 2019
1. IT Audit
Experience and Challenges
SAI Bosnia and Herzegovina
Slaviša Vuković, Head of IT Unit
Nerman Velić, IT Auditor
Jasmina Okanović, Performance Auditor
Digaital auditing, Skopje, North Macedonia, November 2019
2. External, independent auditor of the institutions of Bosnia and
Herzegovina.
INTOSAI and EUROSAI member
Member of the Network of SAIs of candidate countries and potential
candidates and ECA
60 staff members
2 IT auditors
Main work output: audit reports, opinions and recommendations
About SAIBIH
AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
3. SAIBIH conducts:
Individual financial audits (including compliance audit) of 74 state entities
Annual audit of state budget execution
Performance audits
About SAIBIH
AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
4. Coordination Board
Composed of the AGs and DAGs of four audit offices:
The Audit Office of the Institutions of Bosnia and Herzegovina (hereinafter: SAIB&H)
The Audit Office of the Institutions in the Federation of B&H
Main Public Sector Auditing Office of Republika Srpska
Public Administration Audit Office of Brcko District (active observer)
Competences:
a) To establish consistent guides and instructions based on INTOSAI auditing standards;
b) To exchange professional experiences and strive to ensure consistent auditing quality;
c) To organize and coordinate developing activities of all of the four Audit Offices;
d) To assign auditing responsibility for the activities of common interest;
e) To appoint representatives in international bodies.
Working Group on IT
Public Audit in BiH
AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
5. Developed by the IT Audit WG, with the following top priorities:
Implementation of AMS
Using CAATs for more efficient audits
Implementation of IS for administration support
IS Development Strategic Plan 2016 - 2020
AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
6. Operational at the very beginning of public sector auditing in B&H
Wide scope of responsibilities
Member of EUROSAI ITWG and E-government Sub-group
Using WGITA IT Audit Handbook
IT Audit in SAIBiH
AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
7. IT Audit as part of:
financial + compliance audits (regular annual audits)
performance audits (depending on a topic)
We do not conduct independent IT audits.
IT Audit in SAIBiH
AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
8. Organisation of a special function for an IT audit
Integrated approach – IT auditor as a member of the audit team
Integrated approach means that the IT auditor is a member of the audit team responsible for a certain number of clients.
Advantages of this way of organization are that it helps understanding of the computer information systems by all the auditors
in the team and enables a better cooperation of IT auditors in all aspects of audit.
Main disadvantage is that it can happen that IT auditor is engaged in the work not directly connected with IT audit, irrational
use of resources and lack or loss of skills of IT audit. There is a risk of complete weakening of the IT audit function.
2 IT auditors (for the past 9 years)
Possibility of using an external expert - If a certain audit task requires specialized knowledge (for
example, knowledge of complex technical areas)
Organization of IT Audit Function
AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
9. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
Financial audits
Out of 74 regular annual audits, about 20 of them contain IT audit findings
Annual Audit Report on State Budget Execution and Annual Audit Report on Key Findings
and Recommendations regularly contain an IT audit chapter
Performance audits
Out of 40 performance audit reports published so far, 4 reports contains IT audit findings,2 of
which specifically addressed IT-related issues
Telecommunication solution in the institutions of BiH
E-operations in the institutions of BiH
IT Audit activities by SAI BiH
10. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
Objective of the Audit
To examine whether the institutions of Bosnia and Herzegovina have
put in place a legal framework and ensured adequate coordination
in order to establish e-operations by utilizing existing IT potentials thus
improving mutual communication, communication with the public
and businesses, enhancing transparency and reducing costs of
operation.
e-Operations in the institutions of BiH
11. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
Findings and Conclusions
The institutions of B&H failed to meet necessary prerequisites to
establish e-operations by utilizing already existing IT potentials and
improve mutual communication, communication with citizens and
businesses, transparency and reduce costs of their operations.
e-Operations in the institutions of BiH (cont.)
12. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
Findings and Conclusions
The institutions of B&H failed to put in place a proper legal
framework for efficient e-operations.
The relevant legislation has not been fully implemented, the Law on
Electronic Signature in particular.
Existing legal framework governing electronic operations is not fully in
line with the EU acquis.
e-Operations in the institutions of BiH (cont.)
13. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
Findings and Conclusions
No coordination has been established during IT systems
implementation processes.
Developed IT systems are not integrated, compatible nor
interoperable.
Lack of exchange of electronic data between the institutions.
e-Operations in the institutions of BiH (cont.)
14. AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
Recommendations
To fully implement the Law on Electronic Signature.
To fully align the existing legal framework with the relevant EU rules.
Ensure interoperable systems able to exchange data.
Ensure integration of both existing and newly introduced IT systems.
e-Operations in the institutions of BiH (cont.)
15. Thank you for your attention!
svukovic@revizija.gov.ba
nvelic@revizija.gov.ba
jokanovic@revizija.gov.ba
AUDIT OFFICE OF THE INSTITUTIONS OF BOSNIA AND HERZEGOVINA
16. AUDIT OFFICE OF THE INSTITUTIONS OF B&H
www.revizija.gov.ba
Hamdije Čemerlića 2/XIII, Sarajevo, Bosnia and Herzegovina Tel. +387 (0) 33 70 35 73 Fax: +387 (0) 33 70 35 65