AUDIT QUALITY MANAGEMENT SYSTEM
advertisement
Presentation on audit quality management system - ASOSAI – research project by R.N. Ghosh SAI India 7th ASOSAI Research Project AUDIT QUALITY MANAGEMENT SYSTEM (AQMS) Background The 7th ASOSAI Research Project on ‘Audit Quality Management System’ approved in 33rd Governing Board Meeting of the ASOSAI held in Manila in October 2003. Background The objective of the was to provide guidance to member establishing an audit management system. project specific SAIs in quality Background 7 members opted to be the members of the research project – Bangladesh, China, India, Malaysia, Pakistan, Philippines and Yemen, with India chosen as the team leader. Background The model for the 7th Research Project, to be completed in 4 phases The phase I of the project - compiling prevalent audit quality management practices, both in private and public sector auditing. In phase II, Draft Audit quality management guidelines - prepared based on the findings from phase I. Presentation of Interim Report to Governing Board at in December 2004. Background During the phase III in 2005, audit quality management guidelines were to be piloted in a few SAIs,. In phase IV during 2006, the lessons from phase III are being reviewed & a final document would be prepared & presented to 36th Governing Board & the 10th Assembly of ASOSAI in September 2006. Board Actions – 34th Governing Board of ASOSAI in Dec 04 Approved the Draft Guidelines on AQMS Endorsed Phase III Strategies for implementation of the project Called upon Phase III implementing SAIs to accord high priority to the Project Milestones for the Research Project Interim review of the progress at 35th Meeting of the GB took place in September 2005 Phase III of the Research Project completed in December 2005 Methodology The team carried out a wide search of the best practices for audit quality management in • SAIs • Private sector auditing firms • Publications of professional Institute Compilation of best practices documented separately AQMS Guidelines The team identified policies, practices and guidance relating to the management processes that are present in SAIs: a) Leadership and Direction b) Human Resource Management c) Audit Performance d) Client and Stakeholder Relations e) Continuous Improvement AUDIT QUALITY MANAGEMENT SYSTEM revolves around these management processes AQMS Guidelines These policies, practices and guidance are contained in the six chapters which constitute these guidelines. Compliance with the guidelines would provide reasonable assurance that the SAI conducts its audits to ensure high quality & meet stakeholders’ expectations. AQMS Guidelines The guidelines have been designed for ensuring compliance with auditing standards, in particular the INTOSAI auditing standards, applicable legislative requirements and the office policies of the ASOSAI members. Need for Quality Quality has been defined as the totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs. Audit Quality Management In public audit, quality management involves a system composed of an organisation, the Supreme Audit Institution (SAI), its people – the auditors – and the audit process, all working together to produce outputs that fulfill the requirements of its stakeholders and the general public. AQMS Each component of the ‘Audit Quality Management System’ (AQMS) – structure, people and process aims towards customer satisfaction (in the context of the SAI, its clients and stakeholders), which is always the bottom line of any organisation Quality Management Principle The ‘quality management principle’ is the conceptual underpinning of AQMS. It is a comprehensive and fundamental rule or belief for leading and managing an organization, aimed at continually improving performance over the long term by focusing on the clients while addressing the needs of all other stakeholders. AQMS It is essential to have in place quality management, assurance and control policies and procedures in audit organizations The SAI should ensure that these policies and procedures are subject to review mechanism AQMS SAI’s ‘Quality Management System’ should be designed to provide ‘reasonable assurance’ in the light of the likelihood and magnitude of potential risks, that it conducts the audits, both regularity and performance, in accordance with the applicable legislative requirements, rules and regulations, Standards, policy manuals, guidelines and procedures. Quality Continuum Quality Control • The initial understanding of quality control was compliance to specifications and the quality control task was to identify and remove defects, achieved mainly through some form of measurement and inspection activity. Quality Control • Responsibility for quality was not with line functionaries, but was vested with separate staff departments. Quality Control • Quality a technical rather than a managerial function. • The requirements applicable to the day-to-day management of audit assignments • Quality control is product-centric. Quality Continuum Quality Assurance Quality Assurance is understood as planned or systematic actions necessary to provide adequate confidence that a product or service will satisfy given requirements for quality Quality Assurance Policies, systems and procedures established by SAIs to maintain a high standard of audit activity. Quality Assurance is process centric Quality Continuum Quality Management • Quality Management System (QMS) is a broader concept which comprises the organizational structure, procedures, processes and resources needed to implement quality management. Quality Management • It involves all processes in the operational life cycle of a service that affect quality, from initial identification of clients’ needs to final satisfaction of requirements. • It is designed to provide confidence to clients and stakeholders that requirements for quality will be achieved in delivered services. Quality Continuum Total Quality Management • ‘Total Quality Management’ (TQM) is a total, organization wide effort – through full involvement of the entire workforce and a focus on continuous improvement – that organizations use to achieve clients satisfaction. Quality Continuum - Total Quality Management • TQM is a comprehensive managerial philosophy and is a system of unyielding and continually improving effort by everyone in an organization to understand, meet and exceed the expectations of clients at continually lower cost. Quality Continuum These AQMS guidelines are based primarily on ‘quality management system’ principles. However, they contain several significant elements of total quality management. Quality Control in the Audit Process Quality control is operational techniques and activities during audit processes of planning, execution and reporting. Quality control is a process in the course of which an SAI intends to fulfil quality requirements. Quality Control Characteristics • Quality to be built into the audit process rather than relying on post audits or checklists • Responsibilities for each player in the control process be clearly defined • An efficient control process be put into place for effective implementation of AQMS; Quality Control Characteristics • Controls should be result focused; • Too many controls result in no control; • Practitioners of the AQMS should participate in the continuous evolution of the control framework. Quality Control in the Audit Process Quality control consists of all measures and procedures carried out within the audit process to guarantee the quality of audit work and of the resulting report. Quality Control in the Audit Process Quality control in the audit process provides reasonable assurance that: the audit has examined significant matters; and that the results of the audit, contained in the audit report, are an accurate reflection of the true conditions of the matters under consideration. Quality Control in the Audit Process For AQMS, laying down quality control policies, procedures and measures is the first pre-requisite Detailed guidelines and checklists could be prepared by SAIs to ensure quality control in planning, execution and reporting of audit Quality Management Quality Management encompasses both Quality Control and Quality Assurance Quality Management goes beyond quality control in audit processes to include • Leadership & Direction • • • • Human Resource Management Audit Performance Client & Stakeholder Relations Continuous Improvement Audit Quality Management System for ASOSAI member nations Leadership and Direction Human Resource Management Audit Performance Client & Stakeholder Relations Continuous Improvement Audit Quality Management System Leadership and Direction • Tone at-the-Top • Vision, Mission, Core Values and Auditing standards • Strategic Direction & Planning • Strategic Audit Planning • Portfolio and Risk Management Audit Quality Management System Human Resources Resourcing and recruitment Training and capacity building Performance Management & appraisal • Personnel Welfare & Benefits • • • Audit Quality Management System Audit Performance • • • • Audit Planning Staffing for the audit IT Tools Other Tools & Guidance Audit Quality Management System – Audit Performance • Conducting the Audit • Consultation & Advice • Evidence & Documentation • Supervision and review • Reporting & Follow-up Audit Quality Management System Client & Stakeholder Relations • Communicating Audit messages • Feedback from Clients and Stakeholders • Relationship between legislative Committees & SAI Audit Quality Management System Continuous Improvement • • • • • Internal Audit Internal Quality Assurance Review Peer Review Lessons learned Other inputs to Continuous Improvement • Monitoring progress and assessing impact Internal Audit & Internal Quality Assurance Review Internal Audit assesses whether operating systems within SAI function efficiently as per established policies & procedures Internal Quality Assurance Review assesses whether individual engagements are performed in terms of applicable standards, policies & guidance Implementable Good Practices Leadership and Direction Establishment of Policy Unit for managing Strategic Planning Process Audit Advisory Board Implementable Good Practices Human Resources • SAI may seek assistance from Experts and Specialists • Certificate Course in Performance Auditing with a University/academic institute Implementable Good Practices • Exchange placements for SAI officials from other SAIs countries as reciprocal arrangements • Accept staff from other agencies & legislative secretariat for temporary assignment Implementable Good PracticesHuman Resources • SAI to prepare an individual development plan • Naming & honouring the Auditor of the year • High performers may be allowed to opt for training courses, domestically and internationally Implementable Good Practices Audit Performance • Electronic database of audited entity profiles • Quality assurance at various stages of the audit process Implementable Good Practices • SAI to develop policy guidelines for forensic audit • An IT specialist to be member of all entities with ERP or other significant computer systems Implementable Good Practices – Audit Performance Knowledge-management Group Office INTRAnet site to have important guidance, tools and other specialised material for audit Implementable Good Practices Quality Reviewer for major financial and performance audits Consultation with specialists and experts Multiple level review procedures for major audits Managerial Quality Assurance Implementable Good Practices – Audit Performance Performance Audit Management Committee Specialist to help in drafting Report Design Group Audit reports of different SAI’s to be discussed in presentation sessions Implementable Good Practices – Client & Stakeholder Relations Post-tabling report dissemination Communicating the audit message to the public – use of plain language Illustrative Good Practices Survey of the Legislators & senior Government functionaries Database of recommendations Following up each major performance audit Implementable Good Practices Client & Stakeholder Relations More governance-centric themes to be taken up for discussion Time-limit for response to committee’s recommendations Illustrative Good Practices – Client & Stakeholder relations Separate unit within SAI for liaison with legislative committees Long term secondments of SAI functionaries to the legislative secretariats Implementable Good Practices Managing other external relations • Mutually supportive & good relations with Ministries & other agencies • Good relations with media Implementable Good Practices • Effective & professional relations with private sector auditors & other professional associations • Good & mutually beneficent relations with academic community Implementable Good Practices – Continuous Improvement Summary of internal quality assurance reviews to be disseminated Internal self-evaluation of audits Good relations with other SAIs & international organisations
