Communications
I. Guidance Note on Interaction with audited entities
Reference No. I/B/8/117-PPG/53-2013 dated 14.5.2013
The main objective of performance auditing is to promote accountability by assisting those charged with governance and with oversight responsibilities in improving performance, rather than merely to identify weaknesses or past errors. A successful outcome of a performance audit is when audited entity management implements the audit recommendations and there is a positive impact on the performance of the entity. This objective can be achieved, to a large extent by building and sustaining professional working relationships with the audited entities, ensuring an effective interaction and involvement of the audited entities in the audit process. This guidance note would supplement the instructions in the Performance Auditing Guidelines and provides detailed guidance on application of Regulation 72 of the Regulations on Audit and Accounts 2007.
It would require:
- Understanding the entity, its environment, internal control framework, etc.
- Having two way communication, at regular intervals.
- Professional and objective behaviour throughout the audit process.
Keeping this in view, it has been decided that interaction at the following stages of performance audit process is must.
1. Audit plan finalization
The Principal Accountant General/Accountant General may elicit suggestions from the executive or those charged with governance of the audited entities for the subjects or areas which could be selected for Performance audits. This will also help in understanding the concerns of the audited entities and would also supplement the risk assessment exercise being undertaken in SAI India for finalisation of topics of Performance Audit. It would also give us a chance to appreciate the governance and regulatory issues concerning the audited entities.
2. Intimation of audit
Audited entities must be informed about the intention of taking up the pilot study for the planned performance audit as well as commencement of planned performance audit with scope and extent of audit well before the commencement of Audit. The intimation should also include the constitution of audit team, the selected sub units, if already decided and the tentative time schedule. The intimation may also refer to the management's responsibility and request their cooperation for successful completion of audit assignment. Further, wherever, special permission is required for access of records, site visits etc., it should be obtained from the appropriate authority and placed on the record. Acknowledgement of this communication may be requested and placed on record.
3. Entry Conference
Entry conference at the commencement of performance audit is to be held with Secretary to the Government of the concerned department by the Accountant General. In case the Secretary or equivalent officer is not available, the Group Officer is to convene the conference. Wherever, more than one department/agency is involved, representation from such agencies/departments should be insisted upon. The purpose of this conference is to inform the entity about the areas to be audited along with audit objectives, the audit approach and the time-frame within which the audit is expected to be carried out.
Audit criteria/parameters/norms against which performance audit will be benchmarked should be also discussed. Usually Acts, Rules, norms laid down by audited entity, internal guidelines etc., are adopted as criteria. In the absence of Government/Department /agency norms, norms/criteria adopted other than those stated above must be discussed and consensus arrived at with the Audited entity on the norms/Criteria that would be adopted for evaluation. A protocol for conduct of audit is to be set up during this conference including nomination of liaison officers, production of records, arranging joint inspections, authentication of audit evidence including photographs etc, issuing of audit observations, time period for replies to be received and other logistic arrangements. This conference also gives the opportunity to discuss the concerns of the audited entity on the subject matter. The entry conference should be followed by preparing minutes of the proceedings which should be shared with the audited entity and acknowledgement requested.
4. Field Audit
Audit team leader is expected to hold a meeting with the in-charge of the audited entity/ the field units selected for audits to inform them of specific audit objectives and scope and time schedule of the audit on the very first day of the audit programme. It gives an opportunity to the audit team to be introduced to the persons responsible for conduct of audit in the audited entity. It is expected that during this meeting the audit team gets an understanding of the general state of internal controls and areas of concern or high risk, if any. Protocol already agreed for conduct of audit may be reiterated in this meeting.
Audit teams are required to keep a record of information and documents requested (audit requisitions) and received throughout the field audit. The details of interviews taken, joint inspections etc., should also be kept. The views of the audited entity at responsible level may be sought while developing audit findings/recommendations. The audit team leader or the group officer in charge should hold an exit meeting with the officer in charge of audited unit at the close of audit to seek his observations on the audit conclusions and recommendations, if not already got in response to the audit memos. The minutes of such exit meeting should be prepared and shared with the audited entity and acknowledgement requested. For reporting of instances of fraud and corruption, audit parties may be instructed to not to wait for completion of audit and bring the instances to the notice of higher authorities such Group officer/Accountant General.
5. Exit Conference
The performance audit should be concluded with an exit conference with the Chief Executive of the audited entity. Wherever, more than one department/agency is involved, representation from such agencies/departments should be insisted upon. The draft Audit report including the responses of the audited entity must be issued at least two weeks before the holding of the exit conference. The Accountant General or the Group officer should lead the exit conference as representatives of the SAI India.
All audit findings, conclusions and recommendations are to be discussed and as far as possible direct responses of the audited entity are to be solicited and recorded. It is also a platform to arrive at an agreement with audited entity about audit conclusions and recommendations as far as possible. The attempt should be to get the audited entity to respond directly to each recommendation so that these can be published in final audit report. It will also allow the audit team to clarify any point of doubt that the entity may like to raise. The minutes of exit conference should be recorded and endorsed to the entity with a request to acknowledge the minutes with in period of two weeks stating that in case of non receipt of acknowledgement with in stipulated period, it will be presumed that audited entity concurs with the minutes. In case, head of audited entity does not respond to audit's request for holding exit conference, Pr. AG/AG should try to convince the head of entity to hold the conference citing Regulation 76 of the Regulation of Audit and Accounts 2007. In case, the exit conference could not be held even after pursuance, this fact could be recorded in the report.
6. Draft Final Report
Draft final report, after the approval of functional DAI/ADAI, including the responses of the audited entity/minutes of exit conference should be issued to the head of the audited entity or persons charged with governance, as the case may be, as a numbered and confidential copy requesting responses to the audit conclusions and recommendations within a period of two weeks. The response of the audited entity to the specific recommendations should be incorporated in the Draft final report.
7. Follow up activities
The Accountant General is required to maintain a database preferably in electronic format, of audit recommendations and periodically follow them up with the head of audited entity and the Government to ensure compliance and timely corrective action. Constant interaction with Departmental Audit Committees should be maintained to avail an opportunity to follow up on outstanding audit observations, non-implemented accepted recommendations and understanding audited entity's concerns. It is expected that at least two meetings in a year must be organised for follow up activities.
Communications Contd.
II. Confidentiality of materials for Audit Reports.
Reference No. III/s/5/258-PPG/24-2013 dated 27.7.2013
- Comptroller & Auditor General of India, under Article 151 of the Constitution, discharges a constitutional obligation in the submission of Audit Reports to the President/Governor, that are tabled before the Parliament/State Legislatures. As per the extant instructions, Audit Reports are treated as confidential documents till they are tabled in the Parliament/State Legislature(s). Privilege is also being claimed in respect of draft audit paras and bond copy of the Audit Reports sent for signature of the CAG. According to the well established parliamentary practice, usage and convention, it is improper to give premature publicity in the press for matters connected with the business of the House i.e. in respect of Audit Reports prior to its tabling in the House.
- The issue of maintenance of confidentiality of the Audit Reports has been reconsidered in the light of the recent media reports on leakage of audit reports prior to its tabling in the Parliament/State Legislatures. It has been decided that in order to maintain confidentiality/secrecy of draft Audit Report and the material for Audit Report, the following points should invariably be practiced:
- The confidentiality may be claimed once a conscious decision is taken by the Head of the Department in the field office to develop any audit observation whether in the form of Draft Para/Long para/Review etc for probable inclusion in the Audit Report.
- Any such material and records relating thereto should have restricted access and placed in password protected computers. The level up to which the access to report material is to be provided should be decided by the Head of the Department in the field offices. The ultimate responsibility for confidentiality would remain with the Head of the Department.
- A confidentiality statement (annexure-A) should be got signed from those dealing with the report material (including outside parties engaged for design and printing of report) and placed on record.
- All the pages of the material decided to be processed for inclusion in Audit Report should be marked as Confidential and issued to the Audited Unit or Administrative Department/ Government in Sealed Cover with a remark "To be opened by addressee only".
- While forwarding the draft material to the audited unit or concerned Administrative Department/Government for verification of facts and figures mentioned in the draft material for Audit report and for eliciting their comments thereon, it should categorically be mentioned that views expressed in the material so issued are interim and may change depending upon the response of audited unit or concerned Administrative Department/Government. Besides, it should also invariably be mentioned in the forwarding letter that the audited unit/Administrative Department/Government should also exercise due care to ensure confidentiality of draft material for Audit report.
- The report material may invariably be sent through official mail and to the official addresses only with a request to acknowledge receipt.
- In case, the material is transmitted by Email the following should be expressed:
"This electronic mail message and any attached file(s) contain information intended for the exclusive use of the individual or entity to which it is addressed and may contain information that is proprietary, privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information may be subject to legal restriction or sanction. Please notify the sender of any unintended receipt and delete the original message along with all attachments thereto without making any copies."
- The above instructions may be strictly followed to ensure the confidentiality/secrecy of the material contained in the draft Audit Report and may also be brought to the notice of all the Officers/staff connected with the Audit Report work for strict compliance. In addition to the above, HODs may also place further controls as deemed fit to ensure confidentiality of Audit Reports.
Annexure-A
Confidentiality Statement For the employees of Indian Audit And Accounts Department
I <name and designation> S/o/D/o_________________________ solemnly affirm on _____________ day of <name of Month> of <year > that:
- I will not divulge any information gained by me during the discharge of my duties. I will keep the information contained in audit work papers, draft reports etc confidential.
- I understand that any breach of confidentiality will attract suitable action against me under the CCS (Conduct) Rules.
Date:
Place:
(Name and Designation)
Annexure-B
Confidentiality Statement To be obtained from outside parties engaged for printing and design of report etc.
(to be obtained on stamp paper of Rs, 50/- attested by oath commissioner/Notary public)
I <name > S/o/D/o_________________________ resident of <________________> solemnly affirm on __________ day of <name of Month> of <year > that:
- I will not divulge any information/content of audit report handed over to me for the purpose of < purpose to be mentioned such as printing and designing etc.>. I will keep the information contained in audit reports confidential.
- I understand that any breach of confidentiality will attract suitable action against me under the applicable laws as deemed fit by Indian Audit & Accounts Department.
Date:
Place:
(Name of Printer / Designer)
|