1. General Standards

1.10 Technical Training and Professional Proficiency
1.20 Independence
1.30 Due Professional Care
1.40 Confidentiality
1.50 Participation in Audit Work by Other Professionals and/or Specialists
1.60 Quality Control

2.10 General Planning
2.20 Specific Planning
2.30 Audit Programs
2.40 Permanent Files

3.10 Study and Assessment of Internal Control
3.20 Evaluation of Legal Compliance
3.30 Supervision of the Audit
3.40 Sufficient, Competent and Relevant Evidence
3.50 Working Papers
3.60 Communication of Observations (Negative Findings)
3.70 Representation Letter

4. Standards for Reporting on Government Audits

4.10 Written Reports
4.20 Timeliness
4.30 Report Presentation
4.40 Report Content
4.50 Special Report

NOTE TO THE BILINGUAL EDITION

We believe that the importance of a document presenting Government Audit Standards, warrants its international distribution, as an effort to contribute to the technical development of the Professional Auditor.

The edition of this book combines experience, with the updating and modernization of our standards, including the decision to issue the NAGU in a bilingual version (Spanish-English), in order to make them known outside the borders of Latin America.

If we have been successful in stimulating and continuing to share the different sources of technical information, we consider it timely and relevant that all professional in the world concerned with Government Auditing be able to access this contribution of the office at the Comptroller General of the Republic of Peru, always heedful of the opportunity to share documents such as this, which we take the opportunity of making available to you to promote quality and professional excellence.

PRESENTATION

The modernization of the State in the area government auditing requires compliance with the law of the National System of Audit and control and its modern focus on management audits in each of the entities that compose the System.

Our development mandate is to combine effective auditing with timely decisions so as to provide useful and reliable information for managing the State.

The modern audit, evaluates and provides information to the branches of government and public opinion regarding limitations, opportunities and improvements in public management and its performance in relation to plans, programs and budgets it reviews the levels of economy efficiency and effectiveness which permit government managers to make appropriate decisions.

Government auditing seeks to contribute to establishing an adequate organization and the resources necessary to achieve objectives and goals.

In its technical aspects government auditing has a procedural focus consistent with efforts to achieve change and modernization.

Between 1972 and 1988, in Peru we had "Technical Auditing Standards" that were substituted by "Audit Action Regulations", until the 27^th of September of this year when our "Government Audit Standards (NAGU), became effective to stimulate the professional development of government auditing, in parallel with modernization of the State.

This innovation in technical standards of government auditing is based upon "Generally Accepted Auditing Standards" (GAAS), "International Standards on Auditing" (ISA) and the government auditing standards issued by the International Organization of Supreme Audit Institutions (INTOSAI).

The "Government Audit Standards" are oriented to reinforce and update the development of governmental auditing, seeking opportunities for timely and effective services in public management. They permit the government auditor technical instruments that support the development of their professional activities in accord with the various changes taking place in governments at national and international levels.

In modern times, auditing has been converted into an integral element of the public sector accountability process. For this reason the government auditor needs agile and modern standards that orient him and permit government management to rely on his work seeking transparency in its management. In this context, the "Government Audit Standards" are oriented to unify government audit work and to obtain quality results.

A technical team from the office of the Comptroller General of Peru prepared the "Government Audit Standards" with contributions from various parts of the public sector. One of their purposes is to modernize audit procedures so as to facilitate government audit in accordance with our own national needs and new international trends in government auditing, as well to facilitate more agile audit procedures applicable in the entities of the National System.

We feel sure that the efforts made by the Office of the Comptroller, General of Peru and the application of the "Government Audit Standards" will contribute to better management in the public sector and consequently to the development of our country.

Víctor Enrique Caso Lay
GENERAL COMPTROLLER OF THE REPUBLIC OF PERU

Index

FOREWORD

As it nears conclusion, the 20^th Century might be characterized as the «Century of Quest for Accountability» in business and government as these spheres of human activity have become more and more sizeable, important, and complex. The development of formal requisites for financial management, accounting and reporting and for attesting to the good faith, reasonableness and credibility of such activities through the performance of professional, independent audits ahs been a major accomplishment during the Century which has contributed to the «Quest for Accountability ».

The most important occurrence during the 20^th Century contributing to the professional quality of auditing has been the recognition of the need for and the development of the professional auditing standards which govern and guide the work of the accountancy profession when performing the attestation function regarding management representations presented in the form of financial statements or in other formats.

First, generally accepted auditing standards (GAAS) were developed around the middle of the Century exclusively for financial statement audits by firms of certified public or chartered accountants. Originally in the form of ten specific statements of requisites of professional audits, they served to provide the first definitive professional criteria for the characteristics an character expected of the auditor,, for field work performed to develop and document audit evidence and for the formal reporting o the auditor’s opinion. Subsequently, more detailed statements elaborating upon and explaining GAAS were published by professional accountancy organizations culminating in the promulgation late in the Century by the Auditing Practices Committee of the International Federation of Accountants (IFAC) of its International Standards of Auditing (ISA) which provide the global frame of reference for the practice of professional auditing in the private sector by Certified or Chartered Public Accountants.

A parallel development in the field of internal auditing was the promulgation in 1977 of the Standards for the Professional Practice of Internal Auditing by the Institute of Internal Auditors. These standards, which have subsequently been expanded upon in formal statements on internal auditing standards (SIAS), are equally applicable for the performance of professional internal audits in both the private and public sectors.

Meanwhile, during the latter third of the 20^th Century, the public sector, which had been characterized by ad hoc, fragmentary, and ineffective efforts to provide some measure of attesting to the fidelity of financial operations, often in the form of the presentation and detailed review of «accounts» by individuals not necessarily qualified to do so, at last began its own «Quest for Accountability». As the 20^th Century closes, decreasing new sources of revenues and increasing demands for public services are causing governments to become very serious about the proper use of financial resources and their accountability and audit.

Two Supreme Audit Institutions pioneered in the development of professional auditing standards for the public sector. In Latin America, the Peruvian Comptroller General’s Office under the leadership of Comptroller General Oscar Vargas Prieto, and in North America, the United States General Accounting Office under the leadership of Comptroller General Elmer B. Staats, promulgated during 1971 professional government auditing standards based upon private sector GAAS adapted to the public sector in each respective country. This represented a great step forward in the «Quest for Accountability» in both countries and in the Americas. The United States’ standards provided for «expanded scope audits» taking government auditors into the areas of economy, efficiency and effectiveness and later adopted the term «performance auditing» to describe this. Since 1971 a number of other countries across the world have issued government auditing standards adapted to their needs but generally based on GAAS and the standards already issued by other countries. Logically, both the U.S.A. and Peru have needed to update their standards over the years.

Finally in the latter part of the Century the Internal Organization of Supreme Audit Institutions (INTOSAI) promulgated professional auditing standards applicable to audits performed by nations’ principal audit agencies to provide guidelines for countries in developing their own government auditing standards.

Latin America’s and Peru’s «Quest for Accountability» in the public sector began in 1971 with the promulgation of Latin America’s first «Organic Law of the National System of Audit and Control» and of Latin America’s first professional auditing standards for the public sector. The newly revised Peruvian governmental auditing standards enumerated above and their promulgation reiterates the dedication to the «Quest for Accountability» on the part of the Office of the Comptroller General of the Republic of Peru which pioneered in this field in Latin America.

PRINCIPAL ADVISER ON ACCOUNTING AND AUDITING
PUBLIC SECTOR MODERNIZATION DIVISION LATIN AMERICA
AND THE CARIBBEAN REGION
THE WORLD BANK

Index

I. INTRODUCTION

The Government Audit Standards (NAGU), are the criteria that set out the personal and professional requirements of the auditor, oriented to provide uniformity and achieve quality in government audit work.

They constitute a technical means for strengthening and unifying the professional performance of the government auditor and permit evaluation of the development and the results of his work, thus promoting economy, efficiency and effectiveness in the management of the entity audited.

They are based on the Law of the National System of Audit and Control, its Regulations and Generally Accepted Auditing Standards (GAAS). GAAS are applicable in their totality when performing a financial audit, and when appropriate can be applied when performing an audit of specific financial matters and other special examinations. However, performance audits require specific and complementary standards to satisfy their own needs.

The auditors should choose and apply tests and other audit procedures that, in their professional judgement, are appropriate in the circumstances so as to achieve the objectives of each audit. These tests and procedures should be planned in such way that they permit obtaining sufficient, competent and pertinent evidence upon which to reasonably base their opinions and conclusions related to audit objectives.

Auditors of the Comptroller General's Office, Internal Audit Units of public agencies and auditing firms designated by the Supreme Audit Institution are responsible for observing the Government Auditing Standards. Professionals and specialists of other disciplines who participate in the government audit process must also observe them.

The standards are flexible, allowing for its adaptation and updating, where necessary. They serve as criteria for assessing efficiency and effectiveness of audit work. Their structure is as follows:

a) Code, is the reference number for the group of standards and their order within the group.

b) Title, is the short name of the standard.

c) Standard Statement, is a short presentation of the standard.

d) Detailed Explanation, is part of the standard that assists in its interpretation and proper application.

e) Scope Restriction, is the part of the standard that specifies any exceptions to its observance.

Index

II. CONCEPTUAL FRAMEWORK

1. GOVERNMENT AUDITING

A Government Audit is the objective, systematic and professional examination of the financial and/or managerial operations, carried out after they have been executed, performed in the entities subject to the National System of Audit and Control, including the preparation of the respective report.

It should be performed based on the Government Audit Standards and the specialized provisions issued by the Comptroller General's Office, applying the techniques, methods and procedures established by the accountancy profession.

Its objectives are:

a. Assess the adequate use of the public resources, determining compliance with laws and regulations.

b. Determine the reasonable presentation of financial information.

c. Determine the degree of achievement of established goals, of results obtained in view of assigned resources, and of compliance with plans and programs established by the entity examined.

d. Recommend measures to promote improvements in public management.

e. Strengthen the system of internal control of the entity audited.

Government audits are performed by auditors of the Office of the Comptroller General of the Republic, of Internal Audit Units of the entities subject to the National System of Audit and Control, and of auditing firms designated for such purpose.

The Government Auditor is the professional who meets all of the requirements needed for the performance of audit work in the entities subject to the National System of Audit and Control, applying Generally Accepted Auditing Standards (GAAS), International Standards of Audit (ISA), and these Government Audit Standards (NAGU).

Government audit is external when it is performed directly by the Comptroller General's Office, by Internal Audit Units of entities of the System other than the entity audited, and by duly authorized and designated auditing firms.

It is internal when it is performed within entities of the System by their own Internal Audit Units.

The government audit process includes the following steps: (i) planning, (ii) field work and (iii) reporting. It begins with the preparation of the respective audit plan and culminates when the report is sent to the head of the entity examined and, in the case of internal and firm executed audits, a copy is sent to the Office of the Comptroller General of the Republic.

The preparation and presentation of the audit report is a joint responsibility of the auditor-in-charge and the supervisor of the audit.

The types of government audit are determined by the audit objectives, and are classified as either financial audits or performance or management audits.

a. FINANCIAL AUDIT

A financial audit includes the audit of financial statements and the audit of specific financial matters.

The objective of a financial statement audit is to determine if the financial statements of the audited entity present reasonably its financial condition, the results of its operations, and its cash flows in accordance with generally accepted accounting principles. This type of audit is usually performed in the entities subject to the National System of Audit and Control by auditing firms designated by the Office of the Comptroller General of the Republic.

The audit of specific financial matters is applied to programs, activities, functions or segments to determine if these are presented based on established or specifically stated criteria.

Generally Accepted Auditing Standards and International Standards on Auditing that rule the accounting profession of the country are applicable in all their aspects to the financial audit.

b. MANAGEMENT AUDIT

Its objective is to assess the degree of economy, efficiency and effectiveness of the management of public resources, as well as the performance of public officials and employees, in regard to the achievement of established goals and the extent of achievement of the programmed results or benefits foreseen in budgetary legislation or by the entity in approving the program or the investment.

The management audit may, among others, seek the following purposes:

1. Determine if the entity acquires, protects and uses its resources in an economic and efficient way.

2. Establish the causes for inefficiencies or uneconomic practices.

3. Assess if the objectives of a program are proper, suitable or relevant, and the extent to which they produce the desired results.

Generally, at the conclusion of a management audit the auditor does not express an opinion on the overall level of management or the performance of the officials. Therefore, these standards do not foresee that the auditor present an opinion of this nature. Rather, the auditor should present in his report, findings and conclusions regarding the extent and quality of management or performance, as well as a description of the specific procedures, methods and internal controls, where efficiency and effectiveness may be improved. If he thinks there is potential for improvement, the auditor should recommend appropriate corrective actions.

The term special examination is applied to the audit that may include or combine a financial audit of lesser scope than that required for issuing an opinion based on generally accepted auditing standards, with a management audit, dedicated generally or specifically to the review of the management of budgeted resources in a given period, as well as compliance with applicable legal provisions.

It also may have as specific objectives, among others, the determination as to whether budget programming and formulation has been done taking into consideration the goals established in the entity's work plan, the assessment of the degree of compliance and efficiency of budget execution based on the regulations that govern it, and compliance with established goals and objectives, as well as the determination of efficiency, reliability and timeliness of entity budget evaluation.

Likewise, specials examinations are performed to investigate accusations of different kinds and to review donations received, as well as bidding processes, public indebtedness activities, and compliance with government contracts, among others.

The special examination is performed by the Office of the Comptroller General of the Republic and by the Internal Audit Units of the System, as part of the scope of work necessary to issue the annual report on the Public Accounts of the Republic prepared by the Accountant General of the Nation.

Index

III. GOVERNMENT AUDIT STANDARDS

The Governmental Audit Standards are classified into four groups:

1. General Standards: Technical training and professional proficiency, independence, the exercise of due professional care, confidentiality, participation of other professionals and specialists and audit quality controls.

2. Standards for Planning Government Audits: General planning, specific planning, audit programs and permanent files.

3. Government Audit Field Work Standards: Study and evaluation of internal control, evaluation of legal compliance, supervision of audit work, sufficient, competent and pertinent evidence, working papers, communication of findings, and management representation letters.

4. Standards for Reporting on Government Audits: Written form, timeliness, presentation and contents and special reports.

Index

NAGU 1. GENERAL STANDARDS

The standards that compose this group are related to the auditor's qualifications and proficiency and the quality of his work.

These standards, which are also applicable to the performance of field work and reporting, deal with technical training and professional proficiency, independence, the exercise of due professional care, confidentiality, participation in the audit by other professionals and specialists, and audit quality control.

Technical training constitutes preparation in applying auditing techniques and continuous professional development, as well as the development of the necessary skills to assure the quality of the audit work.

To comply with this standard the auditing units within the National System of Audit and Control should promote and carry out training programs covering the necessary techniques required to guarantee the professional competence and proficiency of the personnel who work in the government audit process.

Professional proficiency is the quality that characterizes the auditor by his level of professional competency and ability under the requirements and obligations demanded by audit work.

NAGU 1.20 INDEPENDENCE (*)

An independent attitude is the quality that permits reliance that the judgements made by the auditor are based upon objectively evaluated elements of the aspects examined.

The auditor should consider not only whether he is independent and whether his attitudes and activities allow him to work with independence, but also whether there might exist any reason why others might question his independence.

He should avoid taking part in any audit in cases where incompatibility or conflict of interest exists.

The auditor shall be free of personal and professional impediments so as to guarantee an impartial and objective work in the entity examined. He is prohibited from participating in audit activities of entities where he has previously worked or which involve areas or aspects in which he made decisions or participated directly or indirectly.

Government auditors are prohibited from receiving benefits of any kind, on behalf of themselves or any other person, from individuals or companies related to the entity being audited.

He is also prohibited from taking part in partisan political activities during the time he serves as an auditor. He may not issue opinions, take part in decision-making, or participate in the management or administration of the entity being examined.

Mechanisms to fully protect the independence of the auditor shall be established in the entities which compose the National System of Audit and Control. These shall include provisions for presentation of a personal representation letter in which the auditor states his independence.

Due professional care means using sound judgement in establishing audit scope, and in the selection of applicable audit methods, techniques and procedures.

It also implies that the auditor apply sound judgement in selecting the appropriate tests and other audit procedures to be applied and in evaluating and reporting on audit results.

Proficiency, mature judgement and competence are acquired by the auditor through constant audit practice under adequate supervision and by means of continuing professional education.

Higher supervisory levels shall see that their staff's conduct and performance conform to the standards which govern the National System of Audit and control. Where lack of compliance or transgression is noted, they should report such acts to the appropriate official so that the corresponding corrective measures may be taken.

Confidentiality involves maintaining strict discretion regarding the audit's process and results, and not disclosing findings, data or situations that become known to the auditor during the performance of his professional activities.

Only staff directly related to the direction and performance of audit work should have access to the information related to the examination.

The National Audit and Control System Internal Audit Units shall establish policies to ensure adequate confidentiality. The obligation to maintain confidentiality continues even after the auditor leaves his position.

The governmental auditor should conduct his professional activities in accordance with the applicable Codes of Professional Ethics.

Non-audit professionals or specialists are individuals or firms that possess competency, knowledge and experience in certain technical areas other than government auditing, whose services may be used according to the objectives and the scope of the examination.

When the work of such specialized support staff is needed, the auditor must ascertain their competence and skills in their respective specialties prior to their engagement.

They will work under the direction of the auditor-in-charge and are required to observe all the applicable government audit standards.

They should periodically draft and present segments of their work, and at its conclusion they should prepare a documented report, including their conclusions, observations and recommendations in accordance with objectives of the examination and the applicable standards.

Quality control consists of the body of policies and procedures, as well as specialized technical resources employed to assure that audits are performed according to government audit standards.

An adequate internal quality control system should provide reasonable assurance that: (i) government audit standards are being followed, (ii) adequate audit policies and procedures have been established, (iii) requirements for professional quality are being observed, and (iv) training is being offered and properly documented supervision is being performed.

An adequate internal quality control system includes the establishment of policies and procedures in regard to:

a) General Quality Controls: relative to the development of basic normative technical provisions for the performance of the government audits, auditor selection and training, and personal qualities.

b) Field Work Controls: relative to the supervision of work delegated to qualified staff, audit team management with adequate instructions, and inspection to determine degree of compliance with procedures designed to maintain audit quality.

c) Controls After Completion of Work: relative to the establishment of policies and procedures to confirm that the audit quality control procedures have worked satisfactorily and to assure quality of reports.

Index

NAGU 2. STANDARDS FOR PLANNING GOVERNMENT AUDITS

This group of standards has as its objective the establishment of general technical criteria that will permit appropriate planning of the audit of entities subject to the National Audit and Control System in order to achieve proposed goals.

The standards presented in the following paragraphs are related to general planning, specific planning, audit programs and permanent files.

The Annual Government Audit Plan is the document that provides an overall view of the audit activities and the universe of entities and/or areas, as appropriate, to be examined during a year. It is to be prepared according to the policies and other provisions established by the Office of the Comptroller General of the Republic.

The Annual Plan is of a confidential nature, for which purpose audit management shall adopt prudent measures. It is the obligation of all the personnel involved in audit actions to maintain complete confidentiality regarding its contents.

The Comptroller General, under the authority conferred by the Law of the National System of Audit and Control, issues the policy guidelines that govern planning of government audits in accordance with National Development Plans and Programs and approves the Annual Audit Plans of the entities subject to the System.

In the Office of the Comptroller General each line organizational unit shall annually plan its activities. In the case of the entities subject to the System, the Plan will be prepared by the head of the Internal Audit Unit, based on established priorities for the achievement of the organizational or sectorial objectives and goals, as may be the case.

The Annual Audit Plans shall be flexible in order to allow for approved changes considered necessary in the circumstances.

The individual entity plans shall be consolidated into the National Government Audit Plan prepared according to Institutional Audit Objectives and Policy Guidelines approved by the Office of the Comptroller General of the Republic.

The structure of the institutional plan contents shall be in harmony with the objectives and outlines of the Institutional Policies contained in the National Plan approved by the Comptroller General.

The Office of the Comptroller General and the Internal Audit Units that compose the System, shall periodically evaluate execution of the Annual Audit Plans preparing the corresponding report.

Due to the nature of their selection and designation by the Comptroller General's Office, auditing firms are exempted of the observance of this standard.

The planning of the audit implies the development of a general strategy to ensure that the auditor has thorough knowledge and understanding of the activities, systems of control and information and the legal provisions applicable to the entity so he can assess the audit risk level as well as choose the nature, timing and scope of the applicable procedures.

Audit planning should include the assessment of the entity to be audited's managerial performance compared with established objectives, goals and programs.

The information needed by the auditor to plan the audit varies accordingly to the audit objectives and the nature of the entity to be examined. In some cases a preliminary review can be made prior to preparing the plan for audit field work. A preliminary review is an effective support method applied to select the specific areas where the audit will be performed, and obtain information to be used in planning. It is a process that helps to rapidly obtain information on the organization, programs, activities and functions of the entity, but without yet performing detailed verification procedures.

Once he has finished the preliminary review and collection of information the auditor should document his work with the following:

a. A description of the entity's activities, summarized for the working papers, supported by the documentation obtained from the entity such as procedure flowcharts of the most important areas of activity, etc.

b. An Audit Planning Memorandum, with the following basic structure:

• Audit Objectives, which are the expected results.
• Audit Scope, extent of the audit work to be performed including areas of in-depth review, degree of testing and periods to be examined.
• Description of the Activities of the entity to be audited.
• Legal Provisions Applicable, especially those relative to areas of in-depth review.
• Reports to be Issued and Due Dates
• Identification of Critical Areas including selection of tests to be applied. This is done in cases where objectives are preestablished.
• Focus Points, important situations to keep in mind during the performance of the examination, including any allegations of irregularities received.
• Staffing, name and category of the auditors that will compose the audit team together with the individual task assignments according to their competence and experience.
• Officials of the entity to be examined.
• Participation of other professionals and/or specialists, according to the areas to be examined.
• Allegations of Irregularities, pertinent to significant activities of the entity being examined.

The auditor-in-charge and the supervisor have the responsibility to prepare of the Audit Planning Memorandum. Its review and approval are the responsibility of higher level officials.

In the entities subject to the System, the head of the Internal Audit Unit will approve the Audit Planning Memorandum.

Audit programs contain an orderly list of procedures to be applied during the audit process. They serve to guide the development of competent and sufficient evidence to achieve the established audit objectives.

They are prepared based upon knowledge of the entity and its systems. The auditor relies on this knowledge to establish the nature, timing and extent of the audit procedures to be applied.

The audit program must be flexible to allow for changes, improvements and adjustments that the auditor, based on his judgement and that of his supervisor, considers pertinent during the conduct of the audit.

Audit programs guide the auditor's action and are used to control the work done. They also permit evaluation of audit progress and adequacy of procedures applied, assuring that the results achieved are in accord with established objectives.

The audit program should be sufficiently detailed to serve as a guide and a means to control adequate performance of the audit work.

The auditor-in-charge and his supervisor have the sole responsibility for the preparation of the respective audit programs.

The permanent file is composed of a group of basic documents containing copies and/or summaries or extracts of relevant information for continuous reference or needed for future examinations such as:

* Financial Statements

The file should be updated periodically in order to allow for easy use, especially during the audit planning stage.

The organization of the permanent file is the responsibility of:

Full observance of this standard is not required of auditing firms since the examinations they perform are subject to designation by the Comptroller General. They should maintain permanent files in accordance with this standard only for the entities they audit.

Index

NAGU 3. GOVERNMENT AUDIT FIELD WORK STANDARDS

This group is essentially composed of standards applied in performing audits. Their purpose is to assure that the tests and other procedures selected based upon the auditor's judgement are appropriate in the circumstances to achieve audit objectives.

The standards set out below refer to: Study and evaluation of internal control, assessment of legal compliance, supervision of audit work, gathering of sufficient, competent and pertinent evidence, working papers, communication of findings during the audit and the letter of representation.

NAGU 3.10 STUDY AND ASSESSMENT OF INTERNAL CONTROL (*)

The internal control system consists of the organizational plan as well as the methods, procedures and internal audit function established within a public entity to safeguard resources from waste, loss or misuse, verify the accuracy and reliability of financial and managerial information, promote efficiency in operations and achievement of objectives, and stimulate compliance with organizational policies and legal provisions. A sound internal control system also stimulates detection of possible deficiencies and illegal acts if they exist.

Entity management is responsible for the designing and maintaining of a sound internal control system within the entity. Its structure includes the following:

a) Control Environment, which refers to the general outlook, watchful attitude and actions taken by management regarding control and its importance to the entity.

b) Information and Recording Systems, methods and records set up by management to identify, collect, analyze, classify, record and report the entity's transactions.

c) Control Procedures, consist of additional policies and procedures established by management to provide reasonable assurance that the entity's specific objectives will be met.

The study and assessment of the internal control system seeks to obtain more precise knowledge about the significant aspects of the entity's organization and operations as well as to modify as considered necessary the audit program and the detailed application of the audit tests and procedures, especially in the critical areas that serve as a basis for establishing audit objectives and scope, formulating recommendations to be considered for inclusion in the report and determining the assurance level of the controls installed by the entity.

The study and assessment of the internal control system should be adapted to the type of audit being done: financial, management or special examination.

The auditors may extend the assessment of policies, procedures, practices and controls applicable to the programs, operations and activities subject to audit to the extent they deem necessary to meet audit objectives.

The information obtained about the internal control system should be adequately documented taking into account its form of presentation and the auditor's judgment.

There are two steps in the assessment of the internal control system:

When the records and information systems are computerized the auditor should ascertain whether the internal controls are functioning adequately in order to provide confidence in the integrity of the data processed electronically.

Upon completing the assessment the auditor should prepare a Memorandum on Internal Control directed to the chief executive of the entity.

During the performance of the government audit the assessment of compliance with laws and regulations is also important because government organizations, programs, services, activities and functions are generally created by law and are subject to more specific legal requirements than the private sector. Such provisions establish, among other things, what is to be done, who is to do it, the goals and objectives to be achieved, the population to be served, how much can be spent and on what.

The information sources of legal provisions are many. An adequate primary source is the audited entity since it knows the applicable legislation. When the entity receives funding from another level of government and the source is known, auditors can resort to the funding organization to obtain and/or verify the information related to the pertinent provisions.

Where an assessment of compliance with laws and regulations is required, the auditor should plan the audit in such a manner that reasonable assurance is provided of detecting possible abuse or illegal acts that could significantly affect audit results.

The auditor is not necessarily trained to investigate certain kinds of illegal acts which due to their special nature or complexity are the duty of the authorities responsible for investigating these kinds of misdeeds or applying the respective legal actions. However, he must be aware of the characteristics and types of potential risks in the area being audited and the illegal acts that may occur in it, in order to be able to identify indications that these acts may have occurred.

An audit performed in accordance with the governmental audit standards will not guarantee the discovery of all abuse or illegal acts. Nor does the subsequent discovery of such acts committed during the period examined necessarily mean that the auditor's performance has been inadequate, if the audit has been made in accordance with the established government audit standards.

Supervision is a technical process that consists of directing and monitoring the audit from its beginning until the appropriate management level approves the report.

During the government audit the supervision shall be performed by the auditor-in-charge, the audit supervisor and the immediately higher levels directly related to the audit process.

Supervision must be applied during planning and execution of the audit and during preparation of the resultant audit report.

Evidence of supervision must be left to permit establishing the timing and technical support of audit work performed.

The number of audit projects supervised will depend on audit objectives and scope, complexity of the work and external conditions, such as the distance between the entities to be examined.

The evidence should be examined to be sure that it meets the basic tests of sufficiency, competence and relevance. The working papers should reflect the details of the evidence and disclose how it was obtained.

CHARACTERISTICS OF EVIDENCE

a. Sufficiency

Evidence is sufficient when it is so objective and convincing that the auditor can use it to support his findings, conclusions and recommendations. Evidence will be sufficient when, as a result of the application of one or more tests, the auditor establishes reasonable assurance that the facts disclosed are adequately proven. Professional judgement is required to determine whether evidence is sufficient. When appropriate, statistical methods may be used for this purpose.

b. Competence

To be competent evidence should be valid and reliable. In evaluating the competence of evidence, the auditor should carefully consider whether reasons exist to doubt its validity or completeness. If so, he should obtain additional evidence or reflect the situation in his report.

The following assumptions are useful in judging the competence of evidence, but they must not be considered sufficient in themselves to determine competence.

• Evidence obtained from independent sources is more reliable than that obtained from the audited organization.
• Evidence developed under a good system of internal control is more reliable than that obtained where such control is weak, unsatisfactory or nonexistent.
• Evidence obtained through physical examination, observation, inspection or computation is more reliable than evidence obtained indirectly.
• Original documents are more reliable than copies.

• Testimonial evidence obtained under conditions where persons may speak freely is more credible than testimonial evidence obtained under compromising conditions (e.g., when the persons may be intimidated).

c. Relevance

Relevance refers to the relationship of evidence to its use. The information used to prove or disprove an issue is relevant if it has a logical, sensible relationship to that issue. If not, it will be not be relevant and therefore should not be included as evidence.

When appropriate, the auditor should obtain from officials of the audited entity written representations regarding the relevance and competence of evidence gathered.

a. Physical Evidence

Physical evidence is obtained by direct inspection of activities, property or events. Such evidence may be documented in a memorandum (where the results of the inspection or observation´s results are summarized), photographs, charts, maps, or actual samples.

b. Documentary Evidence

Documentary evidence consists of created information such as letters, contracts, accounting records, invoices and management information on performance. 

 c.   Testimonial  Evidence

Testimonial evidence is obtained from others through statements received in response to inquiries or through interviews. Statements important to the audit should be corroborated when possible with additional evidence. It is also be necessary to evaluate testimonial evidence to be sure that the individuals are not biased or only have partial knowledge about the audited area.

d.  Analytical Evidence

Analytical evidence includes computations, comparisons, reasoning and separation of information into components.

When computer processed data are an important or integral part of the audit and its reliability is essential to accomplishing audit objectives, the auditor should satisfy himself that the data are relevant and reliable.

To determine the reliability of the data, the auditor:

a) May conduct a review of the general and application controls in the computer based systems including tests as are warranted; or

b) If the general and application controls are not reviewed or are determined to be unreliable, may conduct other tests and procedures.

When computer processed data are used by the auditor, or included in his report, for background or informational purposes and are not significant to the audit results, citing the source of the data in the report will usually satisfy the reporting standards for accuracy and completeness of his report.

NAGU 3.50 WORKING PAPERS

The working papers are the link between the planning and performance of the audit and the audit report. Therefore, they should contain the evidence necessary to support the findings, opinions and conclusions presented in the report. They may include tapes, photographs, videos and records.

There is no substitute for an adequate understanding of the audit objectives, the reasons for performing a certain task and knowing how the task helps to meet the objectives. This understanding is achieved when the auditor has his working papers adequately planned and organized, and when he receives precise instructions from his supervisors. The practice of clearly stating the purpose of all working papers is very useful in ensuring that the information obtained is directly related to audit objectives and reporting.

Working papers seek to:

a. Contribute to audit planning and performance.

b. Provide the principal support for the auditor´s report.

c. Permit adequate execution of audit work, its review and supervision.

d. Provide evidence of the work done and support for the conclusions, comments and recommendations included in the report.

e. Facilitate audit quality control reviews.

Proper working papers must be:

a. Complete and accurate to provide proper support for findings, opinions and conclusions, and to enable demonstration of the nature and scope of the work conducted. Conciseness is important, but not at the sacrifice of clarity and completeness just to save time or paper.

b. Sufficiently clear, understandable and detailed so that by reviewing them an experienced auditor, who has not been directly involved in the audit, would reach similar conclusions and recommendations. They should not require oral explanation.

c. Legible and neat, otherwise they may lose their worth as evidence.

d. Restricted to relevant information, that is, limited only to pertinent and significant matters related to achieving the audit objectives established.

The form and content of working papers are affected by factors such as:

a. The nature of the audit.

b. The type of report to be issued.

c. The nature and complexity of the entity and its activities.

As a general rule working papers should contain:

a. The Audit Planning Memorandum and the Audit Program duly cross-referenced to the working papers.

b. Objectives, scope and methodology, including the criteria used to select samples.

c. Information as to how the information was obtained including references to basic documents and the individuals who provided them (sources).

d. Documentation of work that supports significant conclusions and opinions.

e. Adequate indexing and cross-referencing to summaries and lead schedules.

f. Conclusions related to each of the component area examined.

g. Date and signature of the person who prepared each page.

h. Evidence of supervisory review of work performed.

The working papers are property of the auditing units which compose the National System of Audit and Control or the auditing firms whose work was authorized by the Comptroller General's Office.

The auditor must protect the confidentiality of the working papers, taking care to assure that at any time or in any circumstance their content is not improperly disclosed.

Observations refer to findings resultant from the application of the audit procedures in response to the audit objectives, and constitute deficiencies or irregularities technically developed based upon evidence gathered in the audited entity.

Observations form the basis for the conclusions and recommendations presented in the report and should be:

a. Based on facts and supported by evidence.

b. Objective.

The government auditor should develop his findings and record them in duly cross-referenced and documented working papers.

Complete and clear development of findings requires identifying the attributes of Condition, Criteria, Cause and Effect.

Communication of observations is the process by means of which the auditor, having identified the findings, immediately makes them known to the officials and employees of the entity under examination who may be involved so that they may present additional documented information.

The auditor-in-charge should communicate the observations in order to offer the individuals involved the right of defending themselves according to legal provisions in force.

Communication is made in written form, confidentially and directly, and its receipt should be acknowledged.

The action described above allows the auditor to have all the elements needed to exercise the judgement necessary to sufficiently and competently formulate the comments, conclusions and recommendations to be contained in the Audit Report.

The reference to officials and employees in this standard also includes those that are no longer employed by the audited entity.

The auditor-in-charge and the supervisor are responsible for preparing the formal communication of observations.

The observation to be communicated must relate to significant facts germane to the Audit Planning Memorandum.

The time limit for reply is mandatory and shall be established in the judgement of the auditor-in-charge according to legal provisions in force.

If the officials or employees involved cannot be reached they shall be notified by announcement in the official newspaper or another newspaper whose principal circulation is in the area of the audited entity.

The failure to present additional information on the part of the official or employee by the time limit should be included in the report along with the facts related to the observation.

The auditor-in-charge and the supervisor are responsible for promptly evaluating the additional information received, which shall be filed with the working papers and properly cross-referenced.

A paragraph regarding compliance with the communication of observations shall be included in the Introduction section of the report.

The letter of representation is the document by means of which entity chief executive and/or the pertinent heads of organizational units of the entity audited state that they have placed at the disposition of the auditor all the information required including any significant events which have occurred during the period examined through the date of conclusion of the field work.

If the chief executive and/or unit heads refuse to give the auditor such a letter, this situation shall be stated in the audit report.

Index

NAGU 4. STANDARDS FOR REPORTING ON GOVERNMENT AUDITS

This group of standards establishes the technical criteria for the Government Audit Report's content, preparation and presentation as a result of management audits and special examinations. Generally Accepted Auditing Standards (GAAS) and International Standards of Audit (ISA) which govern the accountancy profession in the country are applicable to all aspects of content, preparation and presentation of reports on government financial audits.

The standards presented in this section are also applicable to some financial audits.

The standards which follow govern the preparation of the report, establishing the reporting format, timing, presentation and content of the audit report and the special report.

This standard is not intended to limit or prevent discussion of findings, judgements, conclusions and recommendations with persons who have responsibilities within the entity or area being audited. On the contrary, such discussions are fully encouraged. However, a written report should be prepared regardless of whether such discussions are held.

Written reports are necessary to:

a. Communicate the results of audits to officials at all appropriate levels of government.

b. Make the results less susceptible to misunderstanding.

c. Make the results of the examination available to the pertinent authorities.

d. Facilitate follow-up of findings and recommendations to determine whether appropriate corrective actions have been taken.

To be of maximum use, the report must be timely. Thus compliance with the dates set for completing the different audit phases is important. A carefully prepared report may be of little value to decisionmakers if it arrives too late. The auditor must plan for the timely issuance of the audit report and conduct the audit with this goal in mind.

The auditor must not assume that the user of the report possesses detailed knowledge about the matters covered in it.

For a report to be concise, it should be no more extensive than necessary to transmit its message: Therefore it requires:

b. Inclusion of specific details when considered necessary in the auditor's judgement.

The report must not omit important matters, nor use superfluous words and concepts which lead to erroneous interpretations. It is important for the auditor to bear in mind that an excess of details may confuse the user and obscure the report's principal objective.

Accuracy requires that the evidence presented be true and that findings be properly portrayed. It is based on the need to be sure that the information presented is reliable so as to avoid errors that may diminish the report's credibility and cast doubt on its validity.

Facts should be presented objectively and in a balanced manner, that is, with sufficient information that permits the user an adequate interpretation of the issues mentioned.

This standard seeks to regulate the content of reports on financial audits (long form reports) management audits, as well as that of other kinds of reports derived from them such as the report on special examinations, assuring uniformity of terminology and structure, as well as a clear and precise presentation of the results of the examination.

Additionally, an Executive Summary will be issued.

The report should follow the following structure:

II. CONCLUSIONS

In this section the auditor should present his conclusions, which are judgements of a professional nature based on the observations resulting from the examination performed. The conclusions shall make reference to the evaluation of the examined entity's managerial results as regards achievement of objectives and goals programmed, as well as the use of public resources in terms of economy, efficiency and effectiveness.

Likewise, in his conclusions the auditor should point out the nature of irregularities incurred by officials or employees whether administrative, civil or penal. According to the functional competence of the units of the National System of Control and Audit, when the irregularity involves a penal infraction this should be disclosed in terms of a presumed criminal act.

At the end of each conclusion, the auditor should make reference to the number of the observation in which the detailed facts are presented.

III. OBSERVATIONS

In this part of the report the auditor presents:

• All the information, which in his judgement permits knowledge of facts or circumstances which significantly influence the examined entity's management, such as knowledge of difficulties or circumstances under which management had to work, if this was the case, without prejudice to requirements for maintaining objectivity and impartiality that should guide the auditor in preparing his report

• The observations resulting from the examination.

The principal aspects which should be taken into account when drafting the observations are:

1. Observations shall refer to significant matters and shall include sufficient and competent information related to the results of the evaluation made of the examined entity's management, as well as its use of public resources in terms of economy, efficiency and effectiveness.

2. Background information needed to help understand the observations should be included.

3. The term observation refers to any relevant deficient situation disclosed by the performance of audit procedures and shall be structured accordingly to the attributes (condition, criteria, cause and effect) considered of interest for the entity audited.

Each observation should be written in narrative form, bearing in mind the following aspects relative to its presentation:

a. Heading

This is the title used to describe the matter observed.

b. Condition

This term refers to the description of an irregular situation or a deficiency found, the degree of deviation of which should be established.

c. Criteria

These are the transgressed legal, operational or control standards that govern the operations of the examined entity. The development of criteria for the presentation of the observation must specifically state the pertinent provision and its applicable text.

d. Cause

This is the fundamental reason for the condition or the reason why the criteria or standard was not observed. Its identification requires the auditor's skill and professional judgement and is necessary to develop the constructive recommendation that will prevent the recurrence of the condition.

e. Effect

This is the real or potential, qualitative or quantitative consequence resultant from the finding which is indispensable to establish its importance and recommend that management take the required actions to correct the condition. When possible the auditor should disclose in his report the quantification of the effect.

4. At the conclusion of the development of each observation the auditor shall indicate succinctly the additional information presented by the individuals involved in it, as well as his opinion after the assessment of the observed events and the information received.

5. If during the examination the auditor discovers notable achievements by the examined entity related to audit scope and objectives, he may decide to include comments on them in his report.

6. In the case of possible irregularities the auditor should demarcate and determine the type of responsibility of each person implicated, based upon proper coordination with legal counsel.

IV. RECOMMENDATIONS

Recommendations constitute the measures suggested to management of the entity audited oriented to surmounting the observations or findings resultant from the evaluation of managerial activities. They should be directed to those public officials who are in a position to have them carried out.

The report should contain constructive recommendations which, based upon the findings and conclusions, promote the adoption of corrective actions that permit significant improvements in management and/or performance of the public officials and employees, emphasizing achievement of entity and program objectives and goals and improving economy, efficiency and effectiveness.

The recommendations should be oriented to surmount causes of the problems observed, refer to specific actions and be directed to those responsible for taking them. Additionally, measures recommended must be feasible to implement and their cost must be justified by the expected benefits.

The recommendations should contain a description of courses of action to optimize achievement of institutional, sectorial and national goals and objectives.

When preparing recommendations the auditor should place emphasis on defining the measures needed to implement timely corrective action based on the nature of the observations.

Recommendations to effect compliance with applicable laws and regulations and improve internal controls should also be made when significant instances of noncompliance are noted or significant weaknesses in controls are found.

APPENDICES

In order to maximize conciseness and clarity of the report, a minimum number of indispensable appendices may be employed to complement or broaden significant information contained in the report.

They may refer, among other aspects, to the analysis of additional information presented by individuals involved in the observations, technical and legal reports related to the nature of the findings and consolidated financial statements where presented unaudited.

SIGNATURE

The report should be signed by the auditor-in-charge, the audit supervisor and the respective executive official of the Comptroller General's Office. In the case of internal audit units of the National System of Audit and Control they should be signed by the auditor-in-charge, the supervisor and the head of the respective unit.

If warranted, the report may also be signed by the legal counsel or other professional and/or specialist.

The application of this standard will permit the auditor, based on his professional judgement and in observance of the applicable legal provisions, to perform his work in cases where reasonable evidence that a criminal act has been committed comes to light during the conduct of his work on the audited entity.

If the audit has been performed by the Office of the Comptroller General of the Republic the Attorney General is responsible for investigation and prosecution. Where performed by the internal audit units of the System and designated auditing firms the sectorial office of the Attorney General or the adjunct prosecutor is in charge.

When the proceedings are initiated in the appropriate prosecutor's office, the above mentioned internal audit units or firms shall transmit a copy of the special report to the Comptroller General's Office and (in the auditor's judgement) to the chief executive of the entity, unless there is reasonable evidence to believe that he may be involved.

The presentation of the special report does not relieve the auditor of the duty to recommend immediate measures for the recovery of the property or funds of the State.

During the preparation of the special report the auditor should have in mind the basic structure of the governmental audit report.

Index

FootNotes

(*) Generally Accepted Auditing Standard

Index