Financial auditing provides independent assurance to Parliament that the financial statements of agencies and local governments are presented in accordance with Australian Accounting Standards, relevant regulations, Treasurer’s Instructions (agencies only) and other mandatory professional reporting requirements, and:
• are based on proper accounts
• present fairly the operating results and cash flows for the period under review
• show the financial position at the end of the financial reporting period.
Each year the Auditor General conducts:
- for the majority of State public sector entities, most of which operate under the Financial Management Act 2006:
- an opinion on the financial statements of the agency
- an opinion regarding the financial management-related controls in the agency
- an opinion on the key performance indicators (KPIs) of the agency and whether they are fairly presented, relevant and appropriate.
These agencies are required under the Act to have their annual reports tabled within 90 days of financial year end.
• for local governments, progressively from 2017-18
- a financial audit of the annual financial report
- any other matters required by the local government audit regulations.
• Under the Local Government Act 1995, local governments are required to accept their annual reports by 31 December and to publish them on their official website within 14 days after they have been accepted.
Agencies operating under other legislation receive an opinion on their financial statements.
You will find an overview of the financial auditing work undertaken this year on page 66. Appendix 2 is a complete list of agencies subject to financial audit.
Our Financial Audit team also conduct across government benchmarking audits (AGBAs) and focus area audits that focus on common business practices across the public sector and provide agencies and local governments with information about areas of better practice as well as potential deficiencies and pitfalls. A summary of these are available here.
Working with audit firms
We currently outsource about 35% of our financial audit work for state sector agencies and approximately 90% for our new local government audits to private sector firms. The Auditor General, or a delegate from the Office of the Auditor General (OAG), signs the audit opinion and is accountable for the work of our contract audit firm partners. We also outsource a small portion of our information systems audit work.
Auditors General outsourcing audits is common practice across jurisdictions and our contract management processes ensure that outsourced audits are efficient and cost effective and meet our audit quality standards.
We have been contracting out audits for many years and the benefits for the OAG and our clients, include:
• allowing us to better respond to the risks and needs of our clients
• partnering with accredited audit firms to develop innovative audit practices
• accessing specialist knowledge or skills we might not have or is costly to maintain
• learning from accredited audit firms to improve our audit processes, quality and reporting
• providing a mechanism for us to benchmark our cost effectiveness, audit processes, quality and reporting
• allowing us to complete and report on all audits in a timely manner.
In 2017-18, we partnered with: BDO Audit, Crowe Horwath, Deloitte, Ernst & Young, Grant Thornton, KPMG, PwC, RSM Bird Cameron, William Buck, Moore Stephens, Butler Settineri, AMD Chartered Accountants, Byfields, Lincolns, Macri Partners, and Anderson Munro & Wyllie.
Surveys of financial audit entities
We aim for continuous improvement and one way of doing this is by acting on feedback from our stakeholders. All audited entities have the opportunity to participate in our annual survey. The survey gauges how we are performing in the areas of audit process, audit reporting, audit value and overall performance, and highlights any areas we can improve.
A total of 130 out of 150 financial audit entities responded to our survey this year, a response rate of 87% (up from 81% last year). Our results improved from last year in all 3 key focus areas, as reflected in the high overall index of 82.3%. The results were particularly positive in relation to:
• the value of the assurance that entities obtain from the audit of their statutory financial statements (99%)
• the value of our recommendations to improve organisations’ financial management and internal controls (96%).
Our auditors’ professionalism, skills and knowledge remained the most highly rated aspects of the audit process.
Other areas where we have improved our performance include our staff being responsive to stakeholder needs and audit opinions issued in timely manner.
We are pleased to see that areas identified for improvement last year increased this year – including, audit program undertaken in a timely manner and communicating audit findings and issues in management letters.
Information systems auditing
Our information systems (IS) audits focus on the general computer controls of agencies with significant computer environments to determine whether these effectively support the accuracy and integrity of agency financial statements and key performance indicators (KPIs).
We also conduct audits each year of a sample of important non-financial computer applications and we also complete at least one broader scope IS audit on a specific topic, including passwords in 2018, malware in 2016 and database security in 2015.
Our IS audit work is a very important part of our audit program as it reveals the common information system weaknesses that can seriously affect the operations of government and potentially compromise sensitive information held by agencies. Our IS audit reports contain recommendations that address these common weaknesses and as such, have a use broader than just the agencies we specifically audited.
Our performance audits assess the efficiency and effectiveness of agency and local government activities, services and programs. These audits can also identify instances of waste, legislative non-compliance, examples of good practice and make practical recommendations for improvement.
We conduct performance audits under section 18 of the Auditor General Act 2006 and in accordance with Australian Assurance Standards. Summaries of the Auditor General’s reports tabled in 2017-18 are available here.
We deliver 2 types of performance audits:
• broad scope performance audits, which focus on the effectiveness and efficiency of larger programs, projects, services or functions
• narrow scope performance audits, which have a tighter focus and may assess internal agency controls, compliance with legislation, policy and good practice, and information systems.
We also conduct selective follow-up audits to assess actions taken in response to our recommendations, as well as changes and improvements that result. However, responsibility for following up the recommendations of the Auditor General’s reports lies with the management and audit committee of each agency or local government. The Public Accounts Committee (PAC) also has a key role in following up agency action on Auditor General’s reports.
Surveys of performance audit entities
Shortly after we table a performance report in Parliament, we invite the entities involved to complete a survey. Like our financial audit surveys, the surveys of entities subject to performance audit focus on our audit process, reporting, value and our overall performance.
The nature of audit work includes close scrutiny and possible criticism of agency performance, and we understand that this can influence the responses to the survey. Nevertheless, the surveys provide a valuable way for us to identify areas for improvement.
The survey response rate this year was 90%, with 27 of the 30 individuals invited to participate providing a response – this is broadly consistent with 93% for last year. Overall, the 2017-18 results were largely positive with audited entities more likely to agree that:
• the auditors understood their organisations
• they were provided adequate opportunities to comment on the findings and issues before the final report was tabled
• they were informed of significant findings and issues as they arose during the audit.
We use the results of these surveys to identify where we may need additional effort or training to improve our approach. We were therefore particularly pleased to see the increased positive response this year to our auditors understanding the audited organisation and its operating environment. This was an area we focused on following concerns raised last year.
The results this year suggest that we need to consider:
• how we demonstrate to entities the professional skills and knowledge of our auditors
• that entities may not recognise either the value of our audits in helping them improve the performance of the audited activity or the value to Parliament of assurance and transparency of their functions
• if we are clearly communicating our audit findings and issues in the tabled audit report
• why some respondents have questioned the factual accuracy of a specific tabled audit report.
Aggregate performance index scores
For performance and financial audits, the survey analysis includes the calculation of aggregate performance indices across the 4 focus areas of audit process, audit reporting, audit value and our overall performance.
The aggregate index for an area is the average of the individual question indices for survey questions across that specific area. The index for a question is the average response for each question across all respondents.
The financial audit survey results were favourable overall in 2017-18, with results remaining consistent or better than those achieved in 2016‑17. The performance audit survey saw decreases in all focus areas except for audit process. This highlights the need for us to maintain our focus on continuous improvement activities.
Performance audit topic selection
Deciding what to audit is a key part of the Auditor General’s independence and is not subject to direction from Parliament or government. We have to exercise this independence responsibly, so we have processes in place to make sure our selection of topics is objective, robust and transparent.
We draw topic ideas from a range of sources including members of Parliament, parliamentary committees, agencies, local governments, community and our employees.
We assess and review potential topics against our criteria, priority themes and KPIs. We seek to select a program that is balanced in its coverage, contains topics that matter to Parliament and the community, and that reflects how and where the state is spending taxpayer’s money.
A key part of establishing our forward audit program is firstly discussing potential topic ideas with key stakeholders that may have a view on the topic, the timing of the potential audit or any other considerations that may influence the effectiveness and efficiency of the audit program. This includes discussions with PAC and Estimates and Financial Operations Committee as well as the relevant directors general and chief executive officers.
Once established, we make our forward audit program topics list available on our website. When an audit has begun, we expand this to include the audit details such as objective, focus and timeframes.
Opinions on ministerial notifications
When a Minister decides not to provide certain information to Parliament concerning the conduct or operation of an agency (usually a decision taken in response to a parliamentary question), then requirements under section 82 of the Financial Management Act 2006 and section 24 of the Auditor General Act 2006 (AG Act) come into force. Essentially, the Minister is required to notify the Auditor General and the Auditor General is then required to form an opinion and report to Parliament on the reasonableness and appropriateness of the Minister’s decision.
A significant number of ministerial notifications are referred to the OAG each year, and this year we received 27.
Quality is a value of our Office and is fundamentally important to everything we do. We have a framework that establishes and maintains quality over the audit work we perform. At every opportunity we demonstrate and promote our belief that audit quality is more than meeting professional standards.
Our framework includes a Quality Assurance Plan, which our Audit and Risk Management Committee (ARMC) approves on an annual basis. We link this plan to our Strategic Plan and it plays a vital role in terms of internal control, risk management, corporate governance and compliance monitoring.
Technical training is a critical overarching part of the Quality Assurance Plan. We regularly deliver training sessions on what quality is, its importance and the role and responsibilities for audit quality.
We are often asked who audits the Auditor General… and the answer is, many people do! We are subject to various oversight and review processes, which we value as they hold us accountable to those we serve and provide us and our stakeholders with assurance that our processes are effective, efficient and evolving as necessary.
Our internal auditors provided their 2017-18 report on 28 June 2018. This year, 6 key areas were audited, which were developed in consultation with our ARMC, the ICT Committee and Executive.
The report concluded:
‘Overall, in our opinion the practices reviewed are sound and the OAG has once again demonstrated a high level of focus in managing the control environment.
In our opinion, based on the functions/areas subject to review, the Office’s control environment is of a good standard for the scope areas examined. There are some opportunities for improvement, albeit minor. Reflecting the number, nature and potential value of observations we assess a ‘B+’ rating.’
We have already implemented 4 of the 17 recommendations that provide opportunities for improvement and we expect to have the remainder in place by the end of September 2018.
Self-assessment against our audit reports
As detailed on page 42, many of the audits we conduct of other agencies also have relevance to our Office, especially our AGBAs. For this reason, we self-assess our own internal processes and controls against the audit criteria used for these audits.
In 2017-18, our Business Services unit self-assessed our performance against the criteria used in the audits of:
• Agency Gift Registers
• Controls over Purchasing Cards
• Tender Process and Contract Extensions.
In July 2017, a senior auditor from the Australian National Audit Office conducted a review of the OAG under the Australasian Council of Auditors- General (ACAG) external review framework. The review considered the first 2 sections of the framework – office governance and audit practice management. These reviews are important to the OAG, as they allow us to take stock of where we are at, provide us with continuous improvement opportunities and challenge our thinking. The review resulted in 9 recommendations, all of which we accepted and implemented.
This year we also organised an independent review of the structure of our Business Services unit to identify efficiencies and enhance operations to optimise the delivery of corporate services to the Office, within our established resources. This is particularly important if we are to meet the additional demands of local government audit.
In August 2016, the Joint Standing Committee on Audit issued its review of the operation and effectiveness of the OAG and the AG Act. The Auditor General met with the new committee in November to discuss progress with the recommendations.
We were pleased to report that we had addressed all the recommendations under our control. The only key concern raised was around the recommended changes to the AG Act to address restricted access to cabinet documents and documents under legal professional privilege. A review of the AG Act and other relevant legislation is currently underway.
Working with Parliament
Unlike public sector agencies, we do not report to a government minister but report directly to Parliament. As our key client, we strive to keep Parliament informed on public sector accountability and performance and we have developed a number of initiatives to promote quality relationships with Parliament and parliamentary committees.
Parliamentary liaison program
Our parliamentary liaison program ensures that we provide Parliament with relevant and timely information, in keeping with our obligations under the AG Act. This benefits Parliament and us, and supports our mission to help improve public sector performance and accountability by reporting independently to Parliament.
This program includes:
• briefings for new ministers, members of Parliament and parliamentary committees
• regular meetings and briefings with parliamentary committees and key parliamentarians
• briefing parliamentarians on our tabled reports
• briefings to our parliamentary oversight committees on our proposed forward audit program and current audits
• providing information to support inquiries by parliamentary committees.
We use the results of our members of Parliament survey, together with direct feedback throughout the year, to identify any potential initiatives or improvements that could further enhance our parliamentary liaison program.
In June 2018, PAC commenced its latest hearings in review of agency responses to Auditor General’s reports. PAC plays an important role in examining whether government policies and programs meet the objectives for which public money is allocated. One way PAC performs this role is by following up agency responses to recommendations contained in our performance audit reports.
The work PAC does in following up our reports and keeping agencies accountable for their response to our recommendations is hugely valued by our Office. This process is currently selective, and is effective this way as one agency being called to notice through a PAC follow up causes all agencies to pay attention. Selective reporting on agency follow ups is an important reminder to the sector that they are accountable and subject to Parliament scrutiny.
PAC is currently examining agency responses to more than 20 performance audit reports from 2015 and 2016. We continue to assist PAC, where appropriate, in this important process.
We have also been involved in, or provided information to assist a number of other parliamentary inquiries during 2017-18. This included the:
• Joint Standing Committee on the Corruption and Crime Commission on its inquiry into public sector procurement of goods and services and its vulnerability to corrupt practice
• Community Development and Justice Standing Committee on its inquiry into the protection of crowded places from terrorist acts.
We also provided information to assist Government’s Service Priority Review and the Special Inquiry into Government Programs and Projects.
Parliamentary requests for investigation
We occasionally receive requests for audit from parliamentary committees, which we consider thoroughly. Our August 2017 report on Non‑Clinical Services at Fiona Stanley Hospital was based on a request from the Education and Health Standing Committee.
Members of Parliament survey
Our regular survey of members of Parliament assists us to monitor our performance in meeting our outcome of an informed Parliament on public sector accountability and performance. Through this survey, members can share their views in areas such as satisfaction with our services and the effectiveness and usefulness of our products.
Table 17 shows our results against 4 key areas. Although results declined or stayed the same in most areas, we continue to perform well and score highly in dealing with matters of significance to Parliament (93%); satisfaction with our reports and services (92%) and this year we saw a significant increase (+8%) in members saying that our services and reports were useful to Parliament (94%).
While the majority of members said the OAG was effective in achieving its desired outcome of informing Parliament on public sector accountability (77%), this was a decline on previous years and is something we will closely monitor and where possible, address.
Consistent with previous years, members were positive about the Auditor General’s reports and services, with members commenting that they:
• were relevant, open and easy to digest
• were accessible and summarise areas of concern concisely
• generated debate and discussion on quality improvement or greater transparency.
Just over half of the respondents said that a report tabled in the last 12 months was helpful to them. Members most commonly cited reports’ usefulness, relevance and their own personal or professional interest in these reports as the main reasons for finding them helpful.
We use an independent research company to conduct the survey. The results are important in understanding how we are performing and how well we are meeting the needs and expectations of our clients. They also inform our ongoing quality assurance and continuous improvement efforts and are used to measure the effectiveness of a number of our Strategic Plan initiatives.
We have a number of other avenues which allow members to engage with us and provide comments outside the survey process, including the briefing opportunities in our parliamentary liaison program.
Working with our peers
Australasian Council of Auditors-General
ACAG is an association established by Auditors General in 1993. It allows Auditors General to share information and business intelligence and supports the development of effective and efficient auditing methods and practices by members.
ACAG also enables Auditors General to express their collective opinions, where appropriate, on financial accounting and auditing and assurance standards and related issues such as exposure drafts issued by the Australian Accounting Standards Board, Australian Auditing and Assurance Standards Board and their international equivalents.
We also participate in ACAG’s subgroups, which provide mutual benefits and learning opportunities between audit offices.
Integrity Coordinating Group
The OAG is a member of the Integrity Coordinating Group (ICG) an informal forum of 5 independent integrity agencies. The purpose of the group has been to use their combined voice to promote and strengthen integrity in Western Australian public bodies.
Outputs of the ICG have included guidance papers and seminars that promote the concept of integrity in government.
Members currently include the independent officers of the Auditor General, the Western Australian Ombudsman, the Public Sector Commissioner, the Corruption and Crime Commissioner and the Information Commissioner.
The new Auditor General with other integrity officers of the ICG will consider the purpose of the group to determine its future direction.
State Records Commission
Under section 58 (b) of the State Records Act 2000, the Auditor General is an ex-officio member of the State Records Commission.
Public sector entities use public funds to provide services, deliver programs and manage assets. Good records support good decision-making, effective business practice and improve accountability and efficiency.
A common theme across many of our audits is poor recordkeeping practices. Through our audit work with agencies we continue to support the proper safeguarding, retention and integrity of official records and highlight and encourage continuous improvement in this important aspect of public administration.
Working with our stakeholders
We receive information from many different sources that assists us to perform our functions. We treat this information confidentially, applying best practice processes, as recommended by the Western Australian Ombudsman. We manage all feedback, suggestions and concerns in a way that demonstrates our values of integrity, quality and respect.
Our website includes information on how to contact us and provides an opportunity to submit feedback on current audits or suggest a future audit topic. Information received through these avenues may be examined under the AG Act, and can be considered as part of our topic selection process.
Referrals and enquiries
Referrals can be an early warning of issues relating to the performance, probity and compliance of the public sector. We record and review all referrals and enquiries to identify any trends and wider issues across state and local government.
When considering the issues referred to us, our focus is on systemic weaknesses rather than a one-off issue affecting an individual. We assess relevant issues against our internal protocols and in an ethical and objective manner to determine if further investigation is warranted. This can potentially lead to an audit. If the issue is outside our mandate, we will assist individuals to redirect their issues to those who can best assist.
Where matters cross jurisdictional boundaries, such as the work of the Corruption and Crime Commission or the Public Sector Commission, we have processes in place to communicate with other integrity agencies to highlight potential issues, while maintaining confidentiality.
In 2017-18, we experienced a 62.5% increase in the number of referrals and enquiries lodged with us. This increase was largely due to our new role in auditing local governments.
In 2017-18, the average number of days we took to respond was 2.2 working days, similar to last year. We responded to 96% of all referrals and enquiries within our working day target, which was similar to last year’s outcome. The majority of issues were specific to our new role in local government audit that required additional research into the provisions of relevant legislation.
Public interest disclosures
The OAG is an accountability agency to which people can make public interest disclosures (PID) under the Public Interest Disclosure Act 2003.
The Act establishes us as the appropriate authority to receive PIDs that relate to substantial unauthorised or irregular use of, or substantial mismanagement of, public resources.
In 2017-18, we spent 75 hours on PID matters. We assessed 4 matters, all of which met the PID criteria.
The Auditor General appoints key employees, including members of Executive, as PID officers. Appropriate training is provided for these employees so they can receive and manage PIDs effectively.
We define a complaint as any expression of dissatisfaction or concern made about OAG, its staff, external contractors, services, products or practices.
We received 1 complaint in 2017-18. The complaint was the result of a miscommunication about a client’s specific requirements, which we addressed promptly to the satisfaction of the complainant and the OAG.
As shown in Table 19, we receive very few complaints, however, we have a comprehensive process in place to ensure any complaints are addressed promptly and the complainant is satisfied that we will take appropriate action to rectify the matter. In this regard, we adhere to the Ombudsman’s guiding principles for effective complaint management namely:
• Enabling complaints – arrangements for enabling people to make complaints are customer focused, visible, accessible and supported by management. Complaints can be made via our website, or by email, mail or phoning the OAG.
• Responding to complaints – our procedures for responding to complaints ensure they are handled objectively, fairly and confidentially. Timeframes are included for each step of the process.
• Accountability and learning – the reporting mechanisms for managing complaints help us work towards continuous improvement.
Our Executive receive a report on all complaints received and identified risks are reported to the ARMC.