1

FAM Practical Notes

AUDITING
Auditing is the process by which the AGP evaluates the financial statements submitted for audit by the ministries,
departments etc., against thegovernment’ s accounting and financial administration policies to enablehim to prepare
a report or state an opinion on the financial statements.

TYPES OF AUDITS DEALT WITH

This Manual focuses on regulatory audit, as defined by INTOSAI Auditing Standards, which have been adopted by the
Department of the Office of the Auditor-General of Pakistan.

Regulatory audit embraces:

a) Attestation of financial records (Certification) and expression of opinions on financial statements
b) Attestation of financial accountability of the government administration as a whole
c) Audit of financial systems and transactions, including an evaluation of compliance with laws and regulations
d) Audit of internal controls
e) Audit of the administrative decisions taken within the audited entity
f) Reporting of any other matters arising from or relating to the audit that DAGP considers should be disclosed

LEGISLATIVE BASIS
The authority under which the Auditor-General of Pakistan conducts audits is given by Articles 168 to 171 of the
Constitution of the Islamic Republic of Pakistan.
Until 1 July 2001, most of DAGP’ s audit work was performed under Articles 168 to 171 of the Constitution, and the
Pakistan (Audit and Accounts) Order, 1973. On 1 July 2001, the Pakistan (Audit and Accounts) Order, 1973 was replaced
by the following two ordinances:
a) Auditor-General’ s (Auditor-General Ordinance)
b) Controller General of Accounts Ordinance, 2001 (Controller General Ordinance)
Section 7 (Certification Audit) of the Auditor-General’ s Ordinance, 2001states that “ The Auditor-General shall, on the
basis of such audit as he may consider appropriate and necessary, certify the accounts” … “of the Federation, of each
Province and of each district”.
Section 8 of the Auditor-General Ordinance mandates an audit of expenditures of the Federation and of each province.
Section 12 of the Auditor-General Ordinance mandates an audit of the receipts of the Federal Government and of
each Province and each district.
The INTOSAI auditing standards consist of four parts.
A) Basic principles
B) General standards
C) Field standards
D) Reporting standards

1- The basic principles are:

The basic principles for auditing standards are basic assumptions, logical principles and requirements which help in
developing auditing standards and serve the auditors in forming theiropinions and reports, particularly in cases where
no specific standards apply.
Auditing standards should be consistent with the principles of auditing.
a) The Department of the AGP will ensure compliance with the auditing standards in all matters that are deemed
material.
b) The Department of the AGP shall apply its own judgment to the diverse situations that arise in the course of
government auditing.
c) With increased public consciousness, the demand for public accountabilityof persons or entities managing public
resources has become increasinglyevident so that there is a need for the accountability process to be in placeand
operating effectively.
2

d) Development of adequate information, control, evaluation and reporting systems within the government will
facilitate the accountability process.
e) Appropriate authorities should ensure the spread of acceptable accounting standards for financial reporting and
disclosure, and audited entities should develop specific and measurable objectives and performance targets.
f) Consistent application of acceptable accounting standards should result in the fair presentation of the financial
position and the results of operations.
g) The existence of an adequate system of internal control minimises the risk of errors and irregularities.
h) Legislative enactments would facilitate the co-operation of audited entitiesin maintaining and providing access to
all relevant data necessary for acomprehensive assessment of the activities under audit.
i) All audit activities should be within the audit mandate of the AuditorGeneral of Pakistan.
j) The Department of the AGP shall work towards improving techniques forauditing the validity of performance
measures.

2 - GENERAL STANDARDS IN GOVERNMENT AUDITING

(Set out the basic requirements for undertaking the tasks)
This section deals with general standards in government auditing. Thegeneral auditing standards describe the
qualifications of the auditorand/or the auditing institution so that they may carry out the tasks relatedto field and
reporting standards in a competent and effective manner.
The general auditing standards are that the Department of AGP shall adopt policies and procedures to:
a) Recruit personnel with suitable qualifications.
b) Develop and train employees of the Department of the AGP to enablethem to perform their tasks effectively, and
to define the basis for the advancement of auditors and other staff.
c) Prepare manual and other written guidance and instructions concerningthe conduct of audit.
d) Support the skills and experience available within the Department of theAGP and identify the skills which are absent;
provide a good distribution of skills to auditing tasks and assign a sufficient number of persons forthe audit; and have
proper planning and supervision to achieve its goals.
e) Review the efficiency and effectiveness of the Department internal standards and procedures.

3 - FIELD STANDARDS IN GOVERNMENT AUDITING

The purpose of field standards is to establish the criteria or overallframework for the purposeful, systematic and
balanced steps thatthe auditor has to follow.
The field standards establish the framework for conducting and managingaudit work.
The field standards applicable to all types of audit are:
a) The auditor shall plan the audit in a manner which ensures that an audit ofhigh quality is carried out in an economic,
efficient and effective way and in a timely manner.
b) The work of the audit staff at each level and audit phase shall be properly supervised during the audit; and
documented work shall be reviewed by asenior member of the audit staff.
c) The auditor, in determining the extent and scope of the audit, shall study and evaluate the reliability of internal
control.
d) In conducting regularity (financial) audits, a test should be made ofcompliance with applicable laws and regulations.
e) Competent, reliable, relevant and reasonable evidence should be obtained to support the auditor’ s judgment and
conclusion regarding the organisation,programme, activity or function under audit.
f) In regularity (financial) audit, and in other types of audit when applicable,auditors should analyse the financial
statements to establish whetheracceptable accounting standards(e.g. IPSAS) for financial reporting and disclosure
arecomplied with.

4 - REPORTING STANDARDS IN GOVERNMENT AUDITING

This standard is to assist and not to supersede the prudent (sensible) judgment of theauditor in making an opinion or
report. The expression “reporting” embraces both the auditor’ s opinion and other remarks on a set of financial
statements.
a) At the end of each audit the auditor shall prepare a written opinion or report,as appropriate, setting out the findings
in an appropriate form;
3

Its content should be easy to understand and free from ambiguity, include only information which is supported by
competent, reliable, and relevant audit evidence, and be independent, objective, fair and constructive.
b) It is for the Department of the AGP to decide finally on the action to be taken in relation to fraudulent practices or
serious irregularities discoveredby the auditors.
With regards to regularity audits, the auditor shall prepare a written report, which may either be a part of the report
on the financial statements or a separate report, on the test of compliance with applicable laws and regulations.

THE AUDIT CYCLE CONTAINS FIVE BASIC PHASES:

a) Planning
c) Fieldwork (Execution)
d) Evaluation
e) Reporting
f) Follow-up

1-Planning Phase(General Audit planning + Activity & Resource planning):

A - GENERAL AUDIT PLANNING
The general audit planning phase is where most key planning decisions aremade. It involves:
Step 1 Establish audit objectives and scope;
Step 2 Understand the entity’ s business;
Step 3 Assess materiality, planned precision (accuracy) and audit risk;
Step 4 Understand the entity’ s internal control structure;
Step 5 Determine components;
Step 6 Determine financial audit & compliance with authority objectives, anderror/irregularity conditions;
Step 7 Assessment inherent risk and control risk
Step 8 Determine mix of tests of internal control, analytical procedures andsubstantive tests of details.

Step 1 – Establish overall audit objectives and scope

The audit objective is astatement of what is to be achieved by the audit (Financial Certification or Audit of Compliance
with Rules & Regulations or Both). In case of Certification audit for example, the objective will be to ensure the
following audit assertions in the financial statements:
1 – Existence
2 – Completeness
3 – Regularity
4 – Measurement
5 – Presentation & Disclosure
The audit scope is a statement of what areas will be looked at, what workmust be done and what will not be done and
the methodology (e.g. FAM)to be used to achieve the audit objectives.

Step 2 – Understand entity’ s business

The auditor should assemble and review material that will enable the teamto gain a sufficient knowledge of the
business to assess materiality,determine components, identify error conditions, etc.

Step 3 – Assess materiality, planned precision, and audit risk

Materiality, planned precision and audit risk are key concepts whenconducting an audit that will result in the Auditor-
General expressing anopinion on the financial statements of an audit entity.
Materiality: When the Auditor-General states that the financial statements“properly present, in all material
respects”, he/she is stating that thefinancial statements are not materially misstated.
An error (or the sum ofthe errors) is material if the error (or the sum of the errors) is big enough toinfluence the users
of the financial statements. Therefore the auditor mustdetermine what amount is considered material.
Planned precision: Planned precision is the auditor’ s planned allowance forfurther possible errors. To determine it,
the auditor first estimates the mostlikely error that will exist in the financial statements as a whole.Thisestimate is
4

referred to as the “expected aggregate error.” The auditor thensubtracts the expected aggregate error from the
materiality amount to arriveat planned precision.
Audit risk: The opinion paragraph of the standard unqualified auditor’ sreport begins “In my opinion …” This means
that the auditor is not statingthat he/she is absolutely certain that the financial statements “properlypresent in all
material respects”.
Rather, the auditor is stating that he/she has some degree of assurance that is less than100% that the financial
statements are not materially misstated which is referred as “reasonable assurance”.
The auditor should determine what level of confidence is required. If the auditor wants to be 95%confident that the
financial statements are not materially misstated, this means that the auditor is prepared to take a 5% risk that he/she
will fail to detect errors summing to more than the materiality amount.

Example: Audit risk in this case is therefore 5%. Using a 5% audit risk and a Rs. 3,000,000 materiality amount, when
the auditor states, “In my opinion, these financial statements present fairly, in all material respects …”, the auditor is
stating, “I have 95% assurance that the financial statements are not misstated by more than Rs. 3,000,000” .

Step 4 – Understand entity’ s internal control structure

Internal control structure is the plans and actions ofan organisation, including management's attitude, methods,
procedures, andother measures that provide reasonable assurance that the following general objectives are achieved:
a) Assets are safeguarded
b) Laws, regulations, and management directives are complied with
c) Reliable financial Statements
The auditor should have an up-to-date understanding of theentity’ s internal control structure.
The required level of understanding depends on the extent to which theauditor intends to rely on the internal controls
to reduce his/her substantive tests. Even when no reliance is intended, some knowledge is still required.

Step 5 – Determine components

Auditors normally do not plan audits for the financial statements as awhole. Rather, they divide the financial
statements into parts and plan each part separately.
For an audit of financial statements, the most logical way of dividing up thefinancial statements is to consider each
line item (e.g. Asset, Liability, Expenditure, Income) in the financial statementsto be a separate component. Sometimes
the financial statements include several different groupings of the same total amount. For example, expenditures may
be grouped by:
a) The ministries, departments, agencies, etc.
b) Economic function (general public services, defense affairs);
c) Object element (payroll expenditures, operating expenditures)
The auditor normally selects grouping that makes it the easiest to plan, perform & evaluate audit work.

Step 6 – Determine financial audit and compliance with authority objectives,and error/irregularity
conditions
Having divided the audit into components, the auditor needs to define attest and compliance objectives, as applicable,
and define what is considered tobe an error or irregularity. For a financial statement audit, a component is considered
to be in error if:
a) It is not valid (asset or liability does not exist or revenue or expenditure has not occurred)–existence objective; or
b) The statement of asset, liability, revenue or expenditure is not complete–completeness objective; or
c) The asset is not owned by entity, or the liability is not owed by theentity – the regularity objective; or
d) The asset or liability is not properly valued or is misclassified, or therevenue or expenditure is not properly measured
or is misclassified – thevaluation or measurement objective
e) The financial statement presentation is not proper – the presentation objective.
5

Compliance with authority objectives:

For Certification audit the auditor should test for compliance withthose laws and regulations that are related to the
audit of the financialstatements while in the case of regularity audit compliance of all the applicable laws and
regulations will be observed and major non-compliances will be considered as irregularity condition.

Step 7 – Assess inherent risk and control risk

Inherent risk: Inherent risk is the chance of material error occurring in thefirst place assuming that there are no internal
controls in place. “Materialerror” may be a single error or the sum of multiple smaller errors. Inherent risk is assessed
at this stage as it determines how much testing ofinternal controls and substantive testing the auditor needs to
perform in total to achievehis/her desired level of reasonable assurance (95% in our illustration).
Control risk: Control risk is the chance that the entity’ s internal controlswill not prevent or detect material error.
Again, “material error” may be oneerror or the sum of multiple smaller errors. Control risk is assessed at this stage as
it determines the amount ofassurance that the auditor can obtain from his/her tests of internal control.

Step 8 – Determine mix of tests of internal control, analytical procedures andsubstantive tests of details
The auditor needs to select a combination of tests of internal control, analytical procedures and substantive tests of
details that, in total, willprovide the desired level of assurance that expenditures are notincomplete by an amount
greater than the materiality amount. These methods can be used in different combinations. For example:
a) Place a lot of reliance on the internal controls. Under this option, the auditorwould perform a lot of tests of internal
control, supplemented by onlylimited analytical procedures, and select a very small sample of transactions for
substantive tests of details
b) Place very little reliance on the internal controls. Under this option, theauditor would do fewer tests of internal
control than in the first option, butwould perform more rigorous analytical procedures and/or select a larger sample
of payroll transactions for substantive tests of details.

B - ACTIVITY AND RESOURCE PLANNING

This phase primarily involves taking decisions made during general planning phase & using them to build audit
programs that will beused during the fieldwork phase. The steps are introduced below:
1-Develop audit programs
The audit programmes provide the auditor with a list of all the proceduresto perform.
The auditor can use the error conditions identified during the general planning phase, or a previous audit programme
for the entity, as a starting point for the development of the audit programmes.
The auditor should also determine what information the entity managementare required to make available for the
audit work.

2-Establish resource requirements and timing considerations

For each audit determine:
a) The number of auditors with required level of seniority and skill sets
b) Related out-of-pocket expense budgets
c) Timing of the work
Factors to consider in establishing resource requirements and timing
The following factors should be considered when setting the budgets:
a) Size of the entity
b) Complexity of the entity and its transactions
c) Audit risk
d) Inherent risk
e) Quality of the internal control structure
f) Experience of the staff performing the audit

2-CONDUCTING THE AUDIT PHASE (FIELDWORK/EXECUTION)

The auditors will use information from planning phaseduring the fieldwork stage to performthe audit work.
Compliance Testing
6

In conducting the audit, the first step is to evaluate the effectiveness ofinternal controls. This is done through
compliance testing.
To determine how well internal controls are being applied, the auditorshould test the controls with a sample of
transactions.
Any significant instances of non-compliance:
- Should lead the auditor to identify weaknesses in controls
- Report the specific weaknesses in the controls
- Consider the implications on the financial statements
- Reconsider the extent of reliance on the controls
Substantive Testing
For Certification audit purposes, substantive testing is required to determinehow much assurance can be placed on
financial assertions. Substantive testing includes two procedures:
1-Substantive Analysis
2-Tests of Details

1 - Substantive Analysis
Substantive analysis is a means of deciding whether data appearreasonable and acceptable and therefore may allow
the auditor to conductless detailed testing of transactions.
2 - Tests of Details
Tests of details are the application of one or more of the following audittechniques to individual transactions that
make up an account balance:
a) Re-computation
b) Confirmation
c) Inspection
d) Cut-off tests

Selecting items for tests of details

Normally only a proportion of theitems within an account are tested even though the auditor wants toconclude about
the account as a whole. This is done by:
a) Selecting key and highvalue items
b) Taking a representative sample
c) A combination of both

Evidence
The auditor requires evidence to support all information presented in theaudit report. The opinion in the audit report
must be backed by appropriate evidences to support the opinion of qualification/un-qualification and observation on
compliance with authority violations etc. in the audit report.

Attributes of Evidence
To support the auditors’ findings, conclusions and recommendations theevidence must be:
a) Sufficient
b) Relevant
c) Reliable
d) Objective

Types of Evidence
Evidence can take the form of observation, documentation, analysis,interview responses, and confirmation through
interview or written response. Evidence can be classified according to the following:
a) Documentary (originals and not photo copies)
b) Observational
c) Physical (Actual photos etc.)
7

d) Oral
e) Analytical (evidence obtained from analysis)

Developing Conclusions and Recommendations

Conclusions should focus on significant issues. These are generallyconcerned with:
a) Misappropriations in financial statements and in-appropriate disclosures
b) Non-compliance with rules and regulations
c) Failures to measure and report on the efficiency of operations and the effectiveness of the programmes

Development of Recommendations
When developing recommendations, the auditor should consider:
a) The most significant causes of the weaknesses observedand what needs to be done to strengthen themanagement
framework to correct the underlying cause
b) The feasibility and cost of adopting a recommendation
c) Effects, if the recommendationsare adopted.

Documenting the Work Performed

Adequate documentation is important for several reasons. It will:
a) Serve as evidence of the auditor's compliance with DAGP’ s Auditing Standards
b) Help to ensure that delegated work has been satisfactorily performed
c) Increase the efficiency and effectiveness of the audit
d) Help the auditor's professional development
e) Serve as a source of information for preparing reports etc.

Standards for Working Paper Files

Every working paper should clearly show:
a) The name of the audit entity and audit area
b) The period covered by the audit
c) The date the work was performed
d) Initials of the preparer
e) Cross-references to schedules, notes and other documents that support the working papers
g) Cross-references of all amounts and other information in the audit report tothe working papers supporting the
amounts and information
h) Evidence that the audit procedures were performed
i) An explanation of any “tick marks” that appear on the working paper
j) The date and initials of the reviewer

3-EVALUATION PHASE (EVALUATING AUDIT RESULTS)

Evaluating Certification Audit Results
The errors and deviations such as potential monetary errors,compliance with authority violations, internal control
deviations, etc. identified during the fieldwork stage need to be evaluated and concluded during the evaluation phase.
Error evaluation is done in stages:
1. First the auditor reaches a conclusion on the results of each test
2. The auditor reaches a conclusion on each component
3. The auditor reaches a conclusion on the financial statements as a whole
Error evaluations are performed by projecting the findings from arepresentativesample to the population as a whole.

Known Errors
The known error is the sum of the errors that the auditor actually findsduring the audit. If for example, the auditor
tests a sample of 181 supplier invoices out of apopulation of 30,000 and finds 5 overstatement errors totaling Rs.4,000
then the known error is Rs.4,000.

Most Likely Error (MLE)

8

The most likely error (MLE) represents the auditor’ s best estimate of theerror in the population.
In the example, the auditor has only selected a sample of 181 supplierinvoices out of a population of 30,000invoices
amounting to Rs.100,000,000 (Population value). There are likely to be moreoverstatement errors than just the Rs.
4,000 found in the sample. Theauditor needs to estimate the most likely error in the population based onthe results
of the sample.
The auditor has a known error of Rs. 4,000. However, he has onlyselected a sample of 181 supplier invoices out of the
30,000 supplierinvoices in the population. The auditor needs to determine the most likely error (MLE) in the
population.
To arrive at the MLE, sampling uses a concept called “tainting”. Tainting isthe percentage by which each physical unit
is in error. In our example, we have the following:

A/B=C

What we have, then, are 5 items in the sample having errors totaling 278.33%. The average percentage error in the
sample is therefore 1.53775% (278.33% ÷ 181). Assuming the sample is representative of the population, then
theaverage percentage error in the population would be 1.53775%, and theMLE for the population as a whole would
be Rs. 1,537,750 (Rs.100,000,000 x .0153775).

Upper Error Limit (UEL)

The upper error limit (UEL) represents the maximum possible error thatcould exist in the population at a given
confidence level.
UEL= MLE + Further Possible Error

Further Possible Error

The further possible error is the difference between the UEL and the MLE.It has two components – basic precision and
precision gap widening.

Basic Precision
Basic precision is the possible error that could exist in the population evenif no errors are found in the sample. It
therefore represents the upper errorlimit when the most likely error is nil.

Basic Precision = Average Sampling Interval x Basic precision factor

Precision Gap Widening

Precision gap widening is the additional further possible error that results from finding errors in the population.
9

PGW=Average sampling interval x Adjusted tainting for over/understatement

1 - CONCLUDING ON THE RESULTS OF EACH TEST

1.1 - Concluding on the Results of Each Test of Internal Control
The auditor should reach a conclusion on a test of an internal controlsample by determining the number of internal
control deviations (violationsof specific internal controls) in the sample, and the maximum possible deviation rate, and
then comparing the maximum possible deviation rate tothe tolerable deviation rate.

1.2 - Analytical Procedures

The auditor should investigate significant fluctuations identified byanalytical procedures and evaluates the results. If
the investigation is completed successfully, the auditor will have obtainedthe desired amount of assurance from the
analytical procedure.

1.3 - Substantive Tests of Details

The auditor should determine the known error, the most likely error and the upper error limit, and then compares the
upper errorlimit to the materiality amount to determine if there is the required amountof assurance.

2 - CONCLUDING ON THE RESULTS OF EACH COMPONENT

Having concluded on the results of each individual test of internal control, analytical procedure and substantive test
of details, the auditor must combine these results to reach a conclusion on the component beingaudited.

The auditor should consider the results of all tests of internal control,analytical procedures and substantive tests of
details and use professional judgment to estimate the most likely error and the maximum possible errorin the
component.

The auditor may conclude that the most likely error and the upper error limit determined from his substantive tests of
details are the best estimates of the most likely error and the upper error limit in the component as a whole.

3 - REACHING THE CONCLUSION

The comparison that the auditor performs at the end of this stage of theevaluation process is essentially the same as
the comparison that the auditormakes when evaluating the results of an individual substantive test ofdetails. If the
upper error limit is less than or equal to the materiality amount, the results are acceptable. If the upper error limit
exceeds themateriality amount, the results are unacceptable.

Evaluating Regularity Audit Results

The auditor does not need an accurate prediction of the extent ofirregularities, but wants to know:
a) Whether the occurrence of irregularities is low enough to be ignored
b) What factors have contributed to the irregularities, that have to be corrected
c) The impact of the irregularities

4-REPORTING PHASE
The reporting phase involves performing some final clearance proceduresand issuing an audit certificate (opinion) on
the financial statementsor Audit Report&Management Report of the regularity audit containing Accounting, Controls
and Compliance related observations.
In the certificate on financial statements, the auditor expresses an opinion as to whether:
10

a) The financial statements properly present in all material respects, thegovernment’ s financial position, the results
of its operations, its cash flowsand its expenditure andreceipts by appropriation.
b) The sums expended have been applied, in all material respects, for thepurposes authorised by Parliament, and have,
in all material respects, beenbooked to the relevant grants and appropriations.
Reporting involves preparing and presenting the following:
1. Audit report
2. Management report
3. Report on the Controls
4. Performance audit report

Clearing Observations, Conclusions and Recommendations

Before the auditor can publish a report on findings or an opinion on financial statements, the audit observations,
conclusions andrecommendations must be cleared with entity management.

The Certification Report and Types of Opinion

The Certification Report is the product of the Certification Audit work.

When to Give an Unqualified Opinion

As per DAGP’ s Auditing Standards, “anunqualified opinion is given when the auditor is satisfied in all material respects
that:
a) The financial statements have been prepared using acceptable accounting bases and policies which have been
consistently applied
b) The statements comply with statutory requirements and relevant regulations
c) View presented by financial statements is consistent with the auditor's knowledge of the audited entity
d) There is adequate disclosure of all material matters relevant to the financialstatements.

Reservations in the Auditor’ s Opinion

There are three general types of reservation that the auditor may express:
1. qualified
2. adverse
3. disclaimer
Reservations are issued (and un-qualified report will not be issued) when any of the following circumstances occur,
andthe effect is or may be material:
a) Scope limitation
b) Departure from the government’ s accounting principles
c) Uncertainty affecting the financial statements

1-Scope limitation
A scope limitation has occurred when the auditor has notbeen able to apply all the tests and procedures and as a result
does not have sufficient appropriate audit evidence to form an opinionon financial statements.

2-Departure from government’ s accounting principles

A departure from thegovernment’ s accounting principles occurs when there is:
a) An inappropriate accounting treatment
b) An inappropriate valuation of an item in the financial statements
c) A failure to disclose all of the information required

3-Uncertainty
An uncertainty normally involves a significant contingency orother event that is primarily dependent on future
developments or futuredecisions by parties other than entity officials.
For example, the government may have guaranteed loans to third parties who are now experiencing financial
difficulties. In these circumstances, the auditor (and entity officials) might not have sufficient information to determine
what amount, if any, the government may ultimately be required to pay.
11

Qualified Opinion
Qualified opinion is issued where the auditor is faced with a scopelimitation, a departure from the government’ s
accounting principles, or anuncertainty, but the matter at hand:
a) Is not critical to an understanding of the financial statements
b) Can be explained clearly and concisely

Adverse Opinion
An adverse opinion is issued when there is a departure from government’ s accounting principles that is:
a) So pervasive and fundamental that the auditor is unable to describe clearlyhow the financial statements are affected
b) So significant that it overshadows a clear description of how the financial statements are affected
In these circumstances, a qualified opinion would not be adequate. Thewording of an adverse opinion makes it clear
that:
a) The financial statements do not properly present, in all material respects, thegovernment’ s financial position, the
results of its operations, its cash flowsand its expenditures and receipts by appropriation
b) The sums expended have not been applied, in all material respects, for thepurposes authorised by parliament and
have not been booked to the relevant grants and appropriations

Disclaimer of Opinion
Where the auditor is unable to arrive at an opinion regarding the financial statements taken as a whole due to a scope
limitation or uncertainty that isso fundamental, pervasive or significant that a qualified opinion would notbe adequate,
a disclaimer is given.
The wording of the disclaimer makes itclear that an opinion cannot be given.

AUDIT REPORTS OTHER THAN OPINIONS ON FINANCIAL STATEMENTS

There are two general types of reports:
1. Audit reports
2. Management reports.

Audit Report:
Audit reports are reports that are made public and/or that are presented tothe appropriate public accounts committee
(PAC) or other external party. These reports would deal with matters of such significance that they requirethe
attention of Members of the Assembly.

Management reports:
Management reports are reports addressed to entity officials. They containmatters of a lesser significance and matters
relating to:
1. Internal controls
2. Compliance with authority violations
3. Performance matters
4. Accounting policies used to prepare financial statements

COMPLIANCE AND PERFORMANCE REPORTS

A report on a compliance audit or a performance audit should drawattention to the key issues and concerns raised by
the audit.
The reader should be able to understand the significant issues, the underlying causes ofany weaknesses observed and
any recommended actions to improve themanagement of the area covered in the audit.
The focus should be redirected onto controls rather than individualcases of non-compliance. If not, the auditor can
expect to find similarproblems being reported every year.

Structure of the Compliance and Performance Reports

The audit report should normally state:
a) The context (background and description of area audited)
12

b) What was done (audit objective and audit scope)

c) What was expected to be found (audit criteria and/or laws and regulations)
d) What was found (findings and observations)
e) What can be concluded (the impact of what was observed)
f) What should be done to improve (recommendations)
g) In some cases management comments.

5-AUDIT FOLLOW-UP PHASE

The follow-up phase involves returning to the entity at a later date to determine if entity officials have:
a) Corrected errors identified during the audit
b) Implemented recommendations made by the auditors.

Timing of the Follow Up

1-Correction of Errors
The auditor should try to ensure that entity officials should correct errorsbefore the completion of the following year’ s
audit.
There are two reasons for this:
a) Errors that affect closing balances in one yearwill affect the opening balances for the following year.
b) The same type of error may recur in the following year.

2-Implementation of Recommendations
The timing of the follow up willdepend on:
a) The seriousness of the matters raised
b) A realistic time period for entity officials to implement the recommendation
c) The time period reflected in the entity’ s action plan and agreed to by DAGP and the PAC

Performing the Follow Up

1-Correction of Errors
When1-audit level of assurance is desired, the auditor should determinewhat work entity officials have performed to
investigate the errors.
When 2-review level of assurance is desired, the auditor’ s proceduresprimarily involve asking entity officials what
actions they have taken and what the results were, without verifying the work performed.

2-Implementation of Recommendations
At this stage the auditor will audit or review the work performed by entityofficials to deal with the matter raised in
the recommendation.
If entity officials will needan extensive period of time to deal with the recommendation, the officialsshould also be
asked to identify milestones and issue progress reports.
When reviewing the implementation of recommendations, the auditor’ s focus should be on determiningwhether the
identified internal control weakness, compliance with authorityviolation, etc. was appropriately dealt with.

REPORTING THE RESULTS OF THE FOLLOW UP

1-Correction of Errors and Implementation of Recommendations
Follow up work is often reported in the same way as the original errors orrecommendations were reported. They can
be included in reservations to the audit opinion or in audit reports or management reports.
In addition, if the matter was addressed in a PAC hearing, the auditor wouldusually need to prepare a report to the
PAC outlining the results of thefollow up.

WORKING PAPERS
Working papers are usually maintained in two categories:
a) Permanent file
b) Current files [Planning file + Execution file + reporting file (in case of Certification Audit)]
13

FORM AND CONTENT OF WORKING PAPER FILES (CURRENT AND PERMANENT FILES)
1-Current Files
The Current working paper file should include:
a) Information concerning the government programme(s), the industry, economic environment and legislative
environment within which the entityoperates.
b) Evidence of the planning process including audit programmes and anychanges thereto.
c) Evidence of the auditor’ s understanding of the accounting and internalcontrol systems and programme
performance.
d) Evidence of inherent and control risk assessments and any revisionsthereof.
e) Analyses of transactions and balances.
f) A record of the nature, timing & extent of audit procedures performed & the results of such procedures.
g) Evidence that the work performed by junior auditors was supervised and reviewed.
h) An indication as to who performed the audit procedures and when theywere performed.
i) Copies of communication with experts and other third parties.
j) Copies of letters or notes concerning audit matters communicated to ordiscussed with the entity.
k) Copies of the auditor’ s report.

2-Permanent File
The permanent audit file includes information that will beof continuing importance to the audit activity in the
particular area of audit. This may include:
a) Copies of relevant government legislation, regulations, guidelines.
b) Role of entity, Vision and Mission Statements.
c) Copies of the Estimates, kept up-to-date.
d) Copies of long-term contracts/leases.
e) Loan agreements, schedules of amortization for debts and special assets.
f) Extracts of minutes.
g) Reports to management and management’ s response.
h) Organization charts telephone book and locations ofoperation.
i) Chart of accounts.
j) Summary of accounting principles used by the organisation.

QUALITY ASSURANCE
Quality is performing an audit effectively, following up all errors and deviations.
Elements of quality assurance framework have been introducedthroughout FAM:
a) DAGP’ s Auditing Standards
b) Annual planning processes
c) The process tools and supervision instruments with which the auditor plans, performs, evaluates, reports and
follows up individual audits

QUALITY ASSURANCE DURING THE PLANNING PHASES FOR INDIVIDUAL AUDITS

1-Quality Assurance through Following a Logical Framework
The audit cycle guides auditors through the general and detailed planningprocesses in a logical order. This helps ensure
that:
a) The most critical planning decisions are made first
b) All required planning decisions are made
c) The end result is an audit plan that, if followed, will result in an efficient &effective audit.

2-Quality Assurance through Documentation and Approval of PlanningDocuments

a) Audit programmes, checklists and forms support many of the general and detailed planning decisions.
Audit programmes, checklists and forms, together with thedocumentation supporting them, are maintained in:
1-Updated permanent file
14

2-Updated planning file

3-Updated audit planning memorandum
4-Updated audit programmes

b) Review of the plan, which the Deputy Auditor Generalor the responsibleDeputy Auditor General should supervise
and approve.

3-Quality Assurance through Assigning Appropriate Staff

Proper staffing of the audit team is essential to assuring a quality audit.
This includes having enough team members to perform all planned auditactivities as well as ensuring that all required
skills sets, includingsupervisory and special technical skills, are available to the audit team asneeded.

4-Quality Assurance through Budgets

Budgets should be thoroughly monitored for the time spent and acomparison of actual hours spent to the budget.
The exercise of preparingthe budget itself can help to ensure an efficient and effective audit.

5-Quality Assurance during the Fieldwork Phase forIndividual Audits

There are various quality assurance measures that guide the auditor inperforming and documenting the fieldwork,
such as:
a) Revising planning decisions should unanticipated matters arise during the fieldwork phase?
b) Applying documentation standards
c) Providing on-the-job supervision
d) Reviewing audit working paper files
e) Reporting and monitoring time spent by each resource on every audit activity

6-Quality Assurance during the Evaluation Phase

Evaluation activities include an appropriately detailed review and approval of:
a) All monetary errors, compliance with authority violations and internal control deviations found, and the assessment
of their causes
b) The calculation of the most likely error and the upper error limit for each test, each component and financial
statements as a whole
c) Assessment of overall financial statement presentation and thereasonableness of the overall results
d) The assessment of the achieved level of assurance
e) The documentation supporting the discussion of the results of the error evaluation with entity officials
f) The follow-up work performed by entity officials
g) How unacceptable results were dealt with

7-Quality assurance during the reporting phase

The following tools are provided to ensure the quality of the auditors’ opinions and statements:
a) Management representation letters
b) Audit completion checklists
c) Memoranda recommending signature

8-Quality assurance during the follow up phase

The follow up phase is a major component in assuring the quality and thepositive impact of the audit process, which
contributes to the quality of theaudit work and the use that is made of its findings.