Download presentation
Presentation is loading. Please wait.
Published byHubert Cross Modified over 9 years ago
1
Portfolio Committee on the Department of Police Auditor’s General perspective 2 March 2010
2
2 Reputation promise/mission The Auditor-General of South Africa has a constitutional mandate and, as the Supreme Audit Institution (SAI) of South Africa, it exists to strengthen our country’s democracy by enabling oversight, accountability and governance in the public sector through auditing, thereby building public confidence.
3
33 RISKS IDENTIFIED & FOCUS AREAS FOR 2010/11
4
44 SUPPLY CHAIN MANAGEMENT
5
55 SUPPLY CHAIN MANAGMENT Our approach: –To determine whether legislative requirements for fair, equitable, cost-effective, transparent and competitive procurement have been adhered to. –The subsequent management of contracts and whether payments are made only for goods and services received. –To identify and report possible fraud indicators to those charged with governance. The approach addresses expenditure and the disclosure of irregular, fruitless and wasteful expenditure
6
66 The objectives of the approach: –To ensure that significant risk due to fraud in procurement processes is appropriately and consistently responded to; –To ensure correct and consistent compliance testing and identification of irregular expenditure; –To ensure correct and consistent reporting of weaknesses; SUPPLY CHAIN MANAGMENT
7
77 Risk – Significant –Such risk will translate into a significant risk that affects the: –completeness assertion for the disclosures of irregular, fruitless and wasteful expenditure –The occurrence and compliance assertions for the expenditure classes of transactions affected by the types of procurement and transactions that give rise to such risk
8
88 SUPPLY CHAIN MANAGMENT Selecting our sample (including but not limited) to: –All awards from follow-ups / previous audits –All awards from employees having interest –All awards to possible fictitious suppliers –All awards to companies that are liquidated / deregistered –All awards that were registered within the past 12 months –All transactions not procured through a competitive bidding process (> R500k) or not through inviting 3 quotations (< R500k) –At least 2 suppliers with the highest number of contracts –At least 2 contracts awarded for construction projects that are significantly behind schedule
9
99 PRE-DETERMINED OBJECTIVES
10
10 PRE-DETERMINED OBJECTIVES Our approach: –2010/11 – Opportunity to get ready for Predetermined objective opinions –Understanding and testing of the internal policies, procedures and controls related to the management of performance information. –Understanding and testing of systems and controls relevant to collecting, monitoring and reporting performance information.
11
11 Audit criteria Main criteriaSub-criteria 1. Compliance with reporting requirements Existence Timeliness Presentation 2. UsefulnessMeasurability Relevance Consistency 3. ReliabilityValidity Accuracy Completeness
12
12 RISKS FOR PRE-DETERMINED OBJECTIVES Lack of effective, efficient and transparent systems and internal controls regarding performance management (applicable at an overall performance management level) –Reliability of reported performance information –Not all supporting source information provided to validate the completeness of the reported target –Completeness of reported targets could not be verified –Reported indicator not reliable, as no supporting source information was provided –Inadequate performance management systems Management at station and unit levels responsible for visible policing and investigating organised crime, does not exercise oversight responsibility over reporting of predetermined objectives to ensure that entries have occurred, are authorised and all entries have been captured.
13
13 Audit and confirm: - Existence of performance information - Consistency of performance information between: Strategic/annual performance plan, quarterly reports and annual performance report - Presentation in annual report - Reliability of reported performance information - The performance management systems Audit and compare reported performance information to relevant source documentation and conduct procedures to ensure validity, accuracy and completeness of reported performance information. FOCUS AREAS OF PREDETERMINED OBJECTIVES
14
14 FOCUS AREAS OF PREDETERMINED OBJECTIVES All indicators on programs: - Program 2 - Visible Policing - Program 3 - Detective Services - Program 4 - Crime Intelligence - Program 5 - Protection and Security Services National Intervention Unit (PTA) Public Order Policing Service (Welkom) Forensic Science Laboratory (PTA) Criminal Record Centre (JHB) Crime Intelligence (KZN) Ports of entry (JHB, KZN and FS) 24 Police station that’s been selected for the region audits
15
15 PURPOSE OF IT AUDITING To assist our financial auditors by reviewing the adequacy of controls implemented by management over the financial and performance information systems
16
16 RISKS IN THE IT ENVIRONMENT The following risks were identified: Lack of information technology (IT) governance framework and controls, which provides for the structures, policies and processes through which departments ensure that IT supports the organisation’s strategies Lack of department business continuity that will ensure that IT disaster recovery process is aligned to business requirements Lack of user access controls on the database and application systems, through which the department will ensure that only valid and authorised users are allowed access the systems and that user access is adequately separated when transactions are initiated, captured and approved (CAS and OPAM)
17
17 RISKS IN THE IT ENVIRONMENT Lack of change management controls that will ensure that changes to the existing information system environment are coordinated, scheduled, authorised and tested prior to implementation (CAS and OPAM) Inadequate management information system that will assist in confirming that only authorised people are allowed access to Numerus data centre (where department critical systems are hosted)
18
18 FOCUS AREAS FOR IT AUDITING The following management processes will be audited: IT governance Business continuity and disaster recovery Security and user access management Change management Physical and environmental
19
19 DISCUSSION AND QUESTIONS
20
20 Auditing to build public confidence
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.