Nincs diacm

1
EVALUATION OF INTERNAL CONTROL SYSTEMS
Experience of the State Audit Office, Hungary
2
Key points
Evaluation of controls - methodological aspects
Experience of an audit of internal controls
operating in the field of the central budget
The Public Internal Financial Control System in
Hungary - present situation and plans of
improvement
1
3
Basic requirements to any kind of audits
High level of audit assurance
Economy, efficiency and effectiveness
Sufficient and appropriate evidence
Risk analysis and risk assessment
Quality control
Appropriate documentation(documentation of work
processes, methods, decisions, findings and
quality control reviews, etc.)
2
4
Main goals of the risk analysis
Substantiating the programs of the audit tasks
Supporting the overall planning
activities(annual planning)
Gathering overall information about operation of
the control systems
3
5
PLANNING STAGE OF AUDIT
Understanding the entity, its activities and its
accounting and internal control systems
Information gathering phase
Determination of materiality
Preliminary risk assessment
Initial evaluation phase
Determination of - detailed audit objectives
and scope - audit approaches SBA - test
of controls DST - substantive procedures
(including sampling)
Phase of designing the audit hypotheses and
decision makings
Developing the audit plan and detailed
program
Planning phase
4
6
OUTPUTS OF THE RISK ASSESSMENT
The risk assessment should results
1. Determination of inherent and control risk
levels as an input to the audit plan and
programme
2. Determination of accounting areas with high
risk for
- Developing an effective audit approach
- Designing audit procedures to ensure that the
audit risk is reduced to an acceptable low
level
- Helping auditors in their professional
judgement
3. Base for the audit opinion on regularity
concerning internal controls
4. Basic information for next audits (permanent
files of SAI)
5
7
OBJECTIVE OF TEST OF CONTROLS
The objective of tests of controls is to
reinforce that preliminary risk assessment of the
internal control system is valid in order to
apply a system based audit approach. The
auditors task is to obtain sufficient,
appropriate (relevant and reliable) evidence of
? the existence in practice and continuous,
consistent operation of all key controls (
the question is where and when)
? the effectiveness of the key controls (the
question is how).
The auditor will usually test only the strongest
controls - the key controls - related to a
particular assertion.
6
8
System Based Audit Process
Plan the Work
Ascertain the relevant System Control
Document the relevant systems control
Evaluate the operations of the Systems Controls
by compliance tests
Control ineffective
Control effective
Select perform full substantive tests
Select perform compliance tests restricted
substantive tests
Carry out final review
Prepare an audit report
7
9
PURPOSE OF THE EVALUATION OF CONTROLS(preliminar
y risk assessment and test of controls)
As a part of a regularity audit - to give inputs
to the audit programme - to substantiate the
system based audit approach - In case of
explicit audit objective to reach
conclusions about the appropriateness of the
internal control system
As a separate audit task - Audit of the control
systems (Systems Audit)- to reach
conclusions about the operation of the system
of internal control
Compliance tests
The test of controls should be preceded by
preliminary assessment of the control system
8
10
(No Transcript)
11
Overall risk levels of developing of control
systems in the central budgetary sphere from the
aspects of reliability of the financial
statements
28
50
22
9
12
Risk levels of the areas of the internal control
system

• Low- Treasury data controls- Accounting
  regulation- IT support of accounting
• Moderate- Overall regulation
• High- Internal audit- IT operation- IT
  regulation

10
13
Inherent risk level of central budgetary
institutions
20
53
27
11
14
Some characteristic control risk levels in
central budgetary institutions
Low
Medium
High
of institutions
12
15
(No Transcript)
16
CONTROL AND AUDIT IN THE WHOLE SYSTEM OF
PUBLIC FINANCE
System of Public Internal Financial Control (PIFC)
Financial Management Control (FMC)
Independent Internal Audit(IA)
Harmonisation and co-ordination(MoF)
13
17
PIFC
FMC
Inspection
Internal Audit
Treasury Ex ante, opera-tion and ex-post
controls.
1. Government level
GCO
GCO
Department of Supervision and Audit .
Audit of EU - Performance funds
audits Audit of the
- System audits. F/S of under- lined
institu- tions
2. Budgetary chapter level
- Ex ante, - operation and - ex-post
controls - Manage- ment control, etc.
3. Level of budgetary institutions
(Including Ministries as institutions with own
budget)
Internal Audit unit or auditor
14
18
External audit The State Audit Office of the
Parliament
Regularity audits
Performanceaudits
Comprehensive audits
Combined regularity and performance audits of the
activities of the central institutions and local
governments and of the state owned enterprises
Audit of Closing Accounts Bill of the central
budget- Sector appropriations- Accounts of
national economy - Administration accounts of
line ministries- Review of supervision audits
of the F/S of subordinated institu-
tions. Other regularity audits
Audit of the - economical- effective and-
efficientperforming of the activities and
programs (both on central and local levels ).
15