AFIN 432 PERFORMANCE AUDIT

Question 1

Performance auditing carried out by SAIs is an independent, objective, and reliable examination
of whether government undertakings, systems, operations, programmes, activities, or
organizations are operating in accordance with the principles of economy, efficiency and
effectiveness and whether there is room for improvement.

The main objective of performance auditing is to constructively promote economical, effective

and efficient governance and to contribute to accountability and transparency. Performance
auditing seeks to provide new information, analysis, or insights and, where appropriate,
recommendations for improvement (ISSAI 300/12, ISSAI 3000/18). By providing new analytical
insights, making information more accessible to stakeholders, providing an independent and
authoritative view or conclusion based on audit evidence, and providing recommendations based
on an analysis of audit findings, performance audits deliver new information, knowledge and
value (ISSAI 300/10).

A performance audit is an assessment of operations or functions, efficiency, effectiveness, and

compliance to legal and other requirements of an entity to determine whether functions are
working as intended along to implement improvements so that desired goals can be achieved,
and the same is mostly done in case of the governmental organizations and nonprofit making
organizations

The performance auditors will undertake the following steps as they conduct the audit of the
Logistics Committee:

1. Planning the audit:

Once the auditor receives the audit assignment, the planning phase is underway. Planning is the
most critical part of an audit engagement. A well thought out and planned engagement is the key
to audit efficiency. Planning begins with acquiring a knowledge of the audited entity and their
essential operations; delineating the scope of work; setting broad objectives that will be
specifically defined at the conclusion of the audit survey; assessing inherent risks and their
corresponding controls (and the resulting residual risks); developing the testing approach or
methodology to meet the audit objectives; allocation of audit resources; and the anticipation of
problems and making required adjustments.

2.Gathering Information about the Subject Matter

Information gathering begins before the formal entrance conference. This is the most fun that the
auditor will have (!). Once the audit has been announced, the auditor proceeds to conduct
research; review policies and procedures; conduct process walk-throughs and facility tours;
interview staff and management; and even “goggling”.

In the course of conducting a performance audit, auditors will obtain information regarding the
auditee and answer the following questions:

What rules, regulations, policies, and procedures govern the activities of the auditee?

To obtain the answers, the auditor will conduct research and inquiries. Ask the auditee if there
are specific regulations that they must abide by; conduct research on specific statutes and rules.
Review the current statutory authority, duties, responsibilities, and functions of the entity.

(i) Gain an understanding of the auditee’ s financial flow of resources

Performance auditors will have to understand the financial inflows and outflows of resources of
the auditee. Do they have revenues? What are the sources? In what form is this received? What is
their budget? What are their actual expenses? Who are involved in the process? Conduct
interviews and map the process.

(ii) What unique computer systems does the auditee utilize?

A large part of understanding an operation is getting to know activity-specific computer

applications. What does the application do for the entity? What type of data do they keep? Who
is responsible for the computer information? Who may have access to the information? Who or
what determines the level of access to the system. At the conclusion of the inquiry, we want to
know what computer data the auditee maintains and determine the reliability of computer
generated data for audit purpose. Performance auditors will establish whether the Logistics
Committee has a system which it uses to record all its transactions.
(iii) What key activities does the auditee perform?

It is critical that performance auditors identify the key activities performed by the Logistics
Committee and obtain an understanding of the process flows. Auditors will need to understand
these operational activities pertinent or relevant to the audit objectives. Process mapping will be
conducted by a thorough walkthrough and documenting the workflow process using
flowcharting software or narratives. After completing the documentation, the performance
auditors will provide a copy to the Logistics Committee, and have it reviewed for accuracy and
confirmation of the information.

3. Determine the Criteria

At this point in the engagement, it will be necessary for the performance auditors to define the
criteria and conclude or opine that the subject matter meets criteria. This will be really the entire
job in a nutshell.

4. Risk Assessment and Internal Control Reviews

A risk assessment is the identification and analysis of relevant risks to achievement of objectives.
The purpose of risk assessment is to focus audit work on important program elements or audit
areas that may be at risk (“what can prevent the entity from meeting their own objectives?”).
There are really two phases to the risk assessment (1) assessing the inherent risks, and (2)
assessing the control risks.

Assessing inherent risks answers the “who cares?” question. Assessing the control risks answers
the “do they have controls about these items I care about?” question. The performance auditors
will assesses inherent risks first (“decide if we care”) and evaluates controls second.

Identifying risks and vulnerabilities will enable the audit team to determine appropriate issues for
audit and maximize effectiveness. There should be no preconception of the adequacy of existing
procedures and controls. In order to document the risks identified during the planning phase, a
Risk Register will be completed.
5. Refine and Define the Audit Objectives

At this point in the process, the performance auditors will have enough information to ascertain
what is important and what needs to refine and define the specific audit objectives. The specific
audit objectives will be finite, testable, and definitive.

6. Select Testing Methodologies

This is the phase where the performance auditor will select the appropriate audit tests to answer
the audit objective question. The methodology defines for the auditor (and the audit team) the
answer to the question, “how will I answer the audit objectives?” for this engagement. The
development of the audit program specifies the specific tasks and tests needed to answer the
audit objective question. There are three types of tests commonly used by auditors:

 Substantive Tests or Tests of Details

 Test of Controls
 Dual Purpose Tests

Substantive tests provide assurance on risks “while the auditor is there” and control tests provide
assurance on “will everything be in order when the auditor is away”. In most cases, to satisfy the
sufficiency requirement, auditors do both types of tests. Note that methodologies have varying
strengths and relevance depending on the audit objectives.

Completing the Planning Phase

The conclusion of the planning phase is highlighted by the planning memorandum. The planning
memorandum will document the essential background information and present key decisions
about the objectives and scope. The planning memorandum will provide an audit plan for
meeting the objectives of the audit.

A planning memorandum will be created by the auditor in-charge within 30% to 40% of the
budgeted project time. The attachments for the Risk Register and the planning memorandum in
the electronic working paper database will include the Principal Auditor and Audit Director as a
reviewer. Approval should be obtained prior to beginning fieldwork.
After obtaining approvals of the audit plan, the auditor in-charge will be responsible for entering
the specific audit program steps into the electronic working paper database.

After conduction the performance audit, the auditors will write a report. The report will be as
follows:

To : The Government of the Republic of Zambia

From : The Performance Auditors

Subject : Audit report for the Logistics Committee

Date : Today

We have conducted the audit of the Logistics Committee on the finances provided by the
Government of the Republic of Zambia for a budget line to provide a school, clinic, road,
farming inputs to support economic activities in the area.

Our findings are as follows:

1. Logistics Committee did not keep any records to show how the funds were utilized.
2. Logistics Committee was not economical, ineffective and inefficient in the manner they
spent the funds.
3. Logistics Committee does not have internal controls in place to assist in monitoring the
flow of funds and activities in its operations.
4. The funds provided by the government of the republic were misappropriated and the
intended beneficiaries did not receive any of the promised amenities.

Recommendations

The members of Logistics Committee must pay back the whole sum of F50,000 back to the
Government of the Republic of Zambia so that a community in Northern Province can receive
the required amenities.

Performance Auditors
Question 2

1. Special features of performance auditing

A performance auditor has the following features:

(i) Reliability: Reliability: Reliable criteria result in consistent conclusions when

Reliable criteria result in consistent conclusions when used by another auditor in the
same circumstances.
(ii) Objectivity: Objective criteria are free from any bias of the auditor or management.
(iii) Usefulness: Usefulness: Useful criteria result in findings and conclusions that Useful
criteria result in findings and conclusions that meet users’ information needs.
(iv) Understandability: Understandable criteria are clearly stated and are not subject to
significantly different interpretations.
(v) Comparability: Comparability: Comparable criteria are consistent with those used
Comparable criteria are consistent with those used in performance audits of other
similar agencies or activities and with those used in previous performance audits of
the entity being audited.

2. Ideas that form the basis of performance auditing

Economy, Efficiency, and effectiveness

[A]Economy: Keeping the cost low

Economy is minimising costs of resources used in performing an activity. The resources used
should be available in due time, in and of appropriate quantity and quality and at the best price.

Auditing economy focuses the audit on how the audited entities succeeded in minimising the cost
of resources (input), taking into account the appropriate quality of these resources. This part of
the audit focuses only on the input by asking: “Are the resources used available in due time, of
appropriate quantity and quality, and at the best price?”

Considerations of economy often lead to examining processes and management decisions

regarding the procurement of goods, works and services.
[B] Efficiency: Making the most of available resources

Efficiency assesses the relationship between inputs and outputs. Auditing efficiency means
asking whether the inputs have been put to optimal or satisfactory use or whether the same or
similar outputs (in terms of quantity, quality and turnaround time) could have been achieved with
fewer resources. In other words, “Are we getting the most output – in terms of quantity and
quality – from our inputs?”. Therefore, efficiency is about the maximum output obtained for a
given level of input or the minimum level of input required for a given output level. Quality is an
important concept on the input side, both in efficiency and economy.

Efficiency is a relative concept, meaning that a process, instrument or programme is either more
or less efficient than another. For an audit on efficiency, you, need to conduct some comparison.

[C] Effectiveness: Achieving the stipulated aims or objectives

Effectiveness deals with outputs, results or impacts. It is about the extent to which policy
objectives have been met in terms of the generated output. It is concerned with the relationship
between goals or objectives on the one hand and outcome on the other. The question of
effectiveness consists of two parts: first, to what extent the objectives are met and second, if this
can be attributed to the output of the policy pursued

Audit of effectiveness will concentrate on outputs, results or impacts. When assessing

effectiveness, SAIs considers whether and how a government policy, programme or activity is
meeting its goals.

Question 3

The choice of public management will affect performance auditing.

Auditors should choose a result-, problem- or system-oriented approach, or a combination

thereof, to facilitate the soundness of audit design.

The overall audit approach is a central element of any audit. It determines the nature of the
examination to be made. It also defines the necessary knowledge, information and data and the
audit procedures needed to obtain and analyse them.
Performance auditing generally follows one of the following approaches:

Rules Based Approach and Principles Based Approach

When an institution is a rule-bound government administration the performance auditors will use
the Rules Based Approach. Since there will be legal requirements for the institution the
performance auditors will be auditing to follow the rules laid down. There will be legal
consequences if the board fails to follow the requirements mentioned in the Act. The
performance auditors will use the legal requirements which the firm is expected to adhere to and
check if the firm is following them. The basis for aufit will be compliant or non compliant to the
rules.
On the other hand, when the philosophy of an organisation is management by objectives, the
audit approach performance auditors will use it the Principles Based Approach. When
performance auditors use this approach, they will assess if those charged with the corporate
governance of the firm adhere to the best practices laid out, while having some space for
flexibility based on different circumstances. Compliance or non-compliance Judgements are
being made by the owners of business in this method.

Question 4

(a) the auditor and the SAI must be independent

Because government organizations act as “agents” to use resources and authority to accomplish
established goals, governments must account for how they used the resources and what they
accomplished. Accordingly, good governance requires regular financial and performance
reporting that is validated for accuracy by an independent auditor. Accountability also implies
imposing penalties or sanctions against those who have misapplied the resources for purposes
other than intended.

For a performance audit to be effective, it is essential that the audit staff be independent from
management. They should work in an unbiased, correct and honest way and that they report
directly to the highest level of authority within the organisation. This allows the performance
auditors to present unbiased opinions on their assessments of internal control and objectively
present proposals aimed at correcting the revealed shortcomings.

Independence comprises the following:

{i). Independence of mind: The state of mind that permits the conduct of an engagement without
being affected by influences that compromise professional judgment, thereby allowing an
individual to act with integrity and exercise objectivity and professional skepticism.

(ii). Independence in appearance: The absence of circumstances that would cause a reasonable
and informed third party to reasonably conclude that the integrity, objectivity, or professional
skepticism of an audit organization or member of the engagement team had been compromised.

(b) the auditor and the SAI must possess the required competence

As performance auditing is time-consuming and costly, it is essential that the audit is properly
planned, and that the implementation of the plan can be regularly monitored and corrective
action can be taken when appropriate. The audit plan should be written and documented and then
submitted to the SAI´s management for approval.

Collectively the audit team should have the necessary professional competence to perform the
audit. All team members need to understand the meaning of the audit questions in the same way,
the terms of reference of the work assigned to them, and the nature of responsibilities required of
them by the applicable auditing standards. Nevertheless, one person, usually the most
experienced or the highest-ranking auditor, may be appointed team leader. The team leader is
responsible for executing the audit work, as well as allocating tasks to the team members. The
team leader ensures high quality and timely production of the output by the audit team. It is good
practice to seek opportunities for staff development as part of the audit work. An example could
be to select a less experienced auditor as team leader while ensuring support and coaching from a
more experienced auditor

When making an audit plan, it is important to determine the timetable and the resources needed.
The auditor also has to consider if there is a need to consult with internal or external experts
(consultants, other auditors) in order to enhance the quality of the audit. A milestone plan may
help the team break down the audit process into smaller parts. This makes it easier for the team
to assess how realistic the use of resources is compared to the work needed. If the plan shows
that the timelines are too tight, the team may need to expand the timelines or consider which
audit questions are the most important ones, and spend time and resources accordingly.
Sometimes less important questions can be answered by using less time-consuming data
collection methods, such as using available secondary sources as opposed to using questionnaires
or interview data.

(c) the auditor and the SAI must exercise due care and concern in complying with the INTOSAI
Auditing Standards.

The SAI should ensure that the performance auditors comply with the professional ethics:
integrity, independence, objectivity and impartiality, professional secrecy and competence, as
well as other ethical requirements. Possible measures are for example to present a booklet about
the Code of Ethics and having staff to sign a declaration that ethical requirements will be
followed, that they don’t have personal or external impairment, as well as declaring their
financial interests. Employees can also be required to obtain approval to engage in outside
activities.

According to ISSAI 100:35, a SAI should establish and maintain procedures for ethics and
quality control on an organisational level that will provide it with reasonable assurance that the
SAI and its performance auditors are complying with professional standards and applicable
ethical, legal and regulatory requirements. ISSAI 30 Code of Ethics and ISSAI 40 Quality
Control for SAIs contain guidance in this regard. The existence of these procedures at SAI level
is a prerequisite for applying or developing national standards based on the Fundamental
Auditing Principles.

Ethical principles should be embodied in an auditor’s professional behaviour. The SAIs ethical
policies should address ethical requirements and emphasise the need for compliance by each
individual auditor. Auditors should remain independent so that their reports will be impartial and
be seen as such by the intended users.

The SAI needs to ensure that the auditors comply with the ethical requirements in each audit
engagement. One recommended tool to achieve this is to request auditors to sign a declaration
before each main study. Auditors should be honest, reliable and truthful when conducting an
audit. Auditors should remain independent so that their opinions/conclusions/findings will be
impartial and be seen as such by third parties. Independence is freedom from situations and
relationships which could impair the auditor’s objectivity. Independence is an attitude of mind
and appearance. It safeguards the ability to perform an audit without being affected by influences
that might compromise professional judgment.
References

ACCA Paper F8. 2020 Audit and Assurance. 2020 Edition. Bpp Publication

ACCA Paper P7 2021 Advanced Audit and Assurance , 2021 Edition Kaplan Publication.