Transcript RISK MANAGEMENT - Makerere University

PRE-AUDIT/POST AUDIT PRESENTATION
Charles Barugahare
Director Internal Audit
1
•
•
•
•
•
•
•
•
•
PRESENTATION OUTLINE
Definitions and back ground of Pre/Post
Auditing
Merits and Demerits of pre and post
Auditing
Risk assessment in MUK
Pre- Auditing in Makerere University
Post -Auditing in Makerere University
Auditing in the college system
Way forward 1st July 2011 and beyond
Conclusion
Questions/Comments
2
Definition/Back ground to Auditing
• Internal auditing (IA) is an independent
objective assurance and consulting activity
designed to add value and improve
organization’s operations (iia definition)
• Independence & objectivity aspects are very critical
• Consulting refers to furnishing Council, Mgt and
staff with analysis, appraisals, recommendations
and capacity building aspects
• Add value & improving operations covers
– recommending use of best practices,
– identification of new risks/new required controls
– Being able to handle emerging business issues
3
Definition & background of IA Cont’d
IA is aimed at evaluating and improving
the effectiveness of;
•Risk management,
•controls,
•and governance processes
4
Definitions cont’d
•Pre -Auditing –refers to an examination of documents
supporting a transaction or a series of transactions before
they are paid for and recorded.
•Post- Auditing refers to the review of documents or a series
of transactions after the transaction has been recorded or
consummated.
5
Rational for pre- Audit
• Rising incidents of illegal, irregular, wasteful
and anonymous disbursements of public funds
• Marked inadequacies in internal controls
Case for Selective pre -auditing
• Not all transactions are subject to pre-auditing
–only transactions or areas considered to have
issues above.
6
Rational for post audit
• Able to review more areas than under pre- audit
• Possible to assess the organisation's resources and ensure that all
resources (human,material, and financial) are utilised appropriately so
that the best possible results are achieved;
• Able to produce meaningful reports for mgt & Council attention
• Able to verify the reliability and suitability of the information systems;
• Able to ascertain compliance to policies, laws independently
• Able to inform the management of any irregularity or anomaly revealed
and to recommend appropriate measures for their elimination;
• Able to Follow-up on whether the recommendations by the internal
auditors/external Auditors have been implemented.
7
Merits/Demerits of Pre/post audit
PRE
POST
• Looks at transactions
• Some transactions are impractical
to pre-audit
• Errors are identified & corrected
before transaction
• Narrow scope
• Generally limited or no reports
• Auditors are part of operations
• Looks at risks, processes, controls
• Its practical to audit for all
activities or risky ones
• Errors are identified after
payment/transaction
• Wider scope
• Generally reports produced
• Auditors independent of
operations
• Recommended best practice
• Traditional practice
8
PRE- AUDITING IN MUK
• The key areas currently pre-audited are;
– Verification of all deliveries
– Reviewing all payment vouchers
– Verification of all pay change reports
– Reviewing all accountabilities
– Certifying certain project reports
9
Verification of deliveries
1. Must audit verify all deliveries or critical
deliveries?
2. If some, who verifies the rest?
3. How do we select those to be verified by
Audit and those by the rest?
4. How do we monitor that those verified by
others are actually verified?
10
Verification Cont’d
• The Answer to 1 is NO, only critical deliveries require to be
verified
• Critical deliveries can be determined by amount or nature of
delivery– Nature – All capital items continue to be verified by Audit
– Amount – All transactions above 2million ( micro procurements)
– In the Colleges- The transactions below 2M, the person responsible for
administration receives the items and be verified by AccountantReporting.
– For Administration Units ---------------???
– Audit to review on an going basis stores records and reports
– Audit to be represented in opening all procurement bids above 30M
11
Other pre-audit aspects in the
schedule
• See details in the schedule
12
Post auditing in MUK
• The audit structure, staffing and positioning
were all planned for a post audit set up
• Council has pronounced itself post auditing
• The risk assessment and the demands from
mgt, Audit committee and stakeholders are
driving the post audit approach.
13
Current post audit situation
• About 70% pre- Audit and 30% post audit.
• No comprehensive risk assessment, Audit
areas selected judgementally or using rough
assessments
• Limited skills and knowledge in most staff
• Limited computer skills
14
Post Audit cont’d
• Limited access to computerized systems
• Limited guidelines
• Limited exposure by most staff on Audit
program set up, identifying and documenting
audit evidence, report writing etc.
15
Post audit -Going forward
• Staffing with technical/practical skills
improved
• Strategize to give more attention to post audit
• Documentation and marketing post auditing
• Refer assessment done by the Committee
16
Auditing in the college System
• Auditing will remain a central activity in the
university
• Post auditing largely influenced this decision.
• More in the pre- template
17
End
Questions, comments & remarks!!!!!!!
Thank you
18