The Auditor-General’s main functions include financial statements audits, performance audits, performance statements audits and assurance reviews.
To assist in fulfilling these audit functions, the Auditor-General has wide access and information-gathering powers. These powers are balanced by confidentiality provisions in the Auditor-General Act 1997. A person conducting an audit must not disclose any information except in the course of undertaking the Auditor-General’s functions. A person provided with a proposed audit report or any other report must not disclose any information from that report, unless the Auditor-General has consented to the disclosure.
The ANAO treats all audit-related information as ‘in-confidence’. Sensitive information that, in the Auditor-General’s opinion, is not in the public interest will not be included in public reports. In exercising this discretion, the Auditor-General considers the reasons listed in section 37 of the Auditor-General Act, which include national security and international relations, Cabinet deliberations, Commonwealth-State relations and unfair prejudice to commercial interests.
Consistent with the Protective Security Policy Framework (PSPF), all ANAO staff and contractors hold security clearances appropriate for the work they are performing and classification of the information they are accessing. ANAO officials and contractors comply with the relevant requirements of the PSPF as implemented by entity being audited, subject to the independence of the Auditor-General or the conduct of the audit not being compromised. The ANAO retains the security classification assigned to information by the source entity. Information obtained during an audit or review is stored securely at all times and used only for audit purposes.
The Auditor-General is exempt from the application of the Freedom of Information Act 1982 (FOI Act) and Information Privacy Principles (IPPs) set out at section 14 of the Privacy Act 1988. However, to the extent appropriate, the ANAO provides information on request in the spirit of the FOI Act, particularly in relation to the administration of the ANAO, and complies with the spirit and intent of the IPPs.
Auditor-General reports and the annual Defence Major Projects Review are tabled in the Parliament and on the same day that reports are tabled, or authorised for publication, they are published on the ANAO website. Auditor-General reports are presented for tabling to both Houses of Parliament, and can be authorised for publication even if a House of the Parliament is not sitting. Senate Standing Order 166 allows for Auditor-General reports to be authorised for publication by the President of the Senate, or nominated alternative. Following the tabling of an audit report, the JCPAA or another committee of the Parliament may conduct inquiries using Auditor-General reports as key information sources.
The primary purpose of financial statements is to provide relevant and reliable information to users about a reporting entity’s financial performance and position. In the public sector, the users of financial statements include Ministers, Parliament and the community. The preparation of timely and accurate audited financial statements is also an important indicator of the effectiveness of an entity’s financial management, which fosters confidence in an entity on the part of users.
The ANAO’s financial statements audits, undertaken in accordance with the ANAO Auditing Standards, provide an independent examination of the financial accounting and reporting of public sector entities. They provide independent assurance that financial statements have been prepared in accordance with the Government’s financial reporting framework and Australian accounting standards. The ANAO audits the financial statements of approximately 250 entities.
The ANAO directs audit effort to areas most expected to contain risks of material misstatement, whether due to fraud or error, with correspondingly less effort directed at other areas. Risks may arise due to the nature of, or changes in, the entity’s business environment and business and accounting processes, including information technology. Sources of risk include changes in the entity’s functions or objectives, complexity, financial market volatility, global uncertainty, or changes in legislation or the financial reporting framework.
Effective two-way communication between the ANAO and the entity is a key element of a successful audit. Throughout the audit the ANAO undertakes regular meetings and liaison with the entity to deal promptly with any issues that may emerge. Additionally, audit teams will provide written reports and letters to the key stakeholders within the entities as the audit progresses.
Once financial statements audits are completed the Auditor-General, or delegated officials, provide the relevant minister the auditor’s report with the financial statements. The auditor’s report includes the Auditor-General’s opinion as to whether the financial statements comply with appropriate legislation and the Accounting Standards, and present fairly the financial position and performance of the entity.
Auditor’s reports include Key Audit Matters consistent with ASA 701 Communicating Key Audit Matters in the Independent Auditor’s Report for entities included in the Interim Report on Key Financial Controls of Major Entities report as well as for the Consolidated Financial Statements of the Australian Government.
A copy of the auditor’s report and the financial statements are included in entities’ annual reports, which are provided to the responsible minister for tabling in the Parliament.
The Auditor-General reports on audits of financial statements to the Parliament twice a year. The first of these reports, Interim Report on Key Financial Controls of Major Entities, reports on the ANAO’s examination in specific entities of the relevant internal controls, including information technology system controls, to support the preparation of financial statements that are free from misstatement. The second report, Audits of the Financial Statements of Australian Government Entities, reports on the results of the financial statements audits of all Commonwealth entities.
Prior to the reports being tabled in the Parliament, an extract from the final draft of the report relating to individual entities is provided to the responsible minister for their information. A copy of the full final report is provided to the Prime Minister and Minister for Finance.
The main phases of a financial statements audit involve planning and developing the annual audit strategy, obtaining evidence, completing testing and analysis, and reporting.
A performance audit is a review or examination of any aspect of the operations of an entity which is undertaken in accordance with the ANAO Auditing Standards. The ANAO’s performance audits are presented to the Parliament and identify areas where improvements can be made to aspects of public administration. They often make specific recommendations to assist public sector entities to improve performance. Performance audits may also involve multiple entities and examine common aspects of administration or the joint administration of a program or service.
The ANAO identifies subjects for audit through its planning processes and consults with the Parliament, through the JCPAA, and Australian Government entities during the development of the annual audit work program. The annual audit work program aims to provide a balanced program of activity informed by risk, which: promotes accountability, transparency and improvements to public administration; responds to the interests and priorities of the Parliament of Australia; follows up on past recommendations; identifies trends for improvement, or declines in performance across government. Each performance audit has a specific objective which is approved by the Auditor-General and advised to the entity and other relevant parties at the beginning of the audit.
Performance audits involve engagement between the ANAO and the audited entity as well as other stakeholders involved in the program or activity being audited. The main phases of a performance audit involve audit planning, evidence gathering and analysis, and reporting.
Throughout the audit the ANAO undertakes regular meetings and liaison with the entity to deal promptly with any issues that may emerge. Additionally, the ANAO provides written reports on preliminary audit findings and the final proposed audit report to key stakeholders within the entity as the audit progresses. The entity has the opportunity to provide comments and a formal response to a proposed report, and the Auditor-General Act provides a period of 28 days for this purpose. An entity response received within this 28 day period is included in the performance audit report.
Performance audit reports are tabled in Parliament as soon as practicable after completion and published on the ANAO website on the day of tabling. Performance audits that are in-progress are listed on the performance audits in progress page.
More information about the ANAO’s approach to performance auditing, including information about how subjects are identified for audit, is available in A guide to conducting performance audits.
The ANAO’s performance statements audits assess the quality and accuracy of Australian Government entity performance statements. The intent of these audits is to drive improvements in the transparency, reliability and quality of performance reporting across the Australian Government sector. High quality performance statements promote accountability by keeping the Parliament and public informed about entity performance, including whether policies and programs are delivering the intended results.
The ANAO’s program of performance statements audits has been (and will continue to be) expanded progressively since the commencement of the pilot program in 2019. It will involve the audit of ten entities in 2022–23, growing to 24 entities by 2024–25.
Performance statements audits are structured similarly to financial statements audits with a planning, interim and execution phase. This structure is intended to allow the audited entity to address matters identified during the interim phase, and to reflect on final findings in the following reporting year.
During the planning phase our auditors plan the nature, timing and extent of audit procedures, and learn about the entity and the environment it operates in. Publicly available documentation is collected to aid this process. The ANAO will also typically request some internal entity performance documentation, for example, material explaining the context and evidence base for the performance measures included in the entity’s PBS and corporate plan. During this phase an audit strategy will be sent to the entity, setting out audit criteria, milestones and responsibilities.
The interim phase occurs before the entity prepares its performance statements for the year. Auditors assess the performance measures included in the corporate plan, Portfolio Budget Statements, Portfolio Additional Estimates Statements, and the internal control framework for supporting the production of performance statements. This interim assessment provides an understanding of the likelihood or risk of errors within the performance statements and allows for detailed testing to be planned and undertaken. Audited entities are provided with an Interim Management Letter at the end of this phase, presenting the ANAO’s findings and recommendations for comment and response. This provides an opportunity for the entity to address any issues that have been identified before the final phase.
During the execution phase the ANAO’s focus is on gathering evidence (including conducting sampling) that is sufficient and appropriate to address the audit objectives — and to form and support the audit conclusion. Importantly, the ANAO provides assurance on the quality and reliability of performance statements in the audit conclusion — it does not provide an opinion on the entity’s performance. The audit conclusion is discussed with the entity before formal provision of the Final Management Letter, which contains the final findings and recommendations of the audit. The Final Management Letter is provided to the entity for comment and response. The entity’s responses to — and action on — findings and recommendations are a key reference point for the next audit in the following reporting year.
In addition to performance audits and financial statements audits, the Auditor-General undertakes other assurance activities. These can consist of reviews undertaken on request or by agreement with an auditee, may be initiated on the basis of information obtained in the course of performing an Auditor-General function, or in response to requests from stakeholders, including parliamentarians, parliamentary committees, a resolution agreed to by the Senate, community groups and members of the public, or at the discretion of the Auditor-General.
Assurance reviews that are initiated in response to a request from a stakeholder are conducted under section 19A(1) of the Auditor-General Act 1997 (the Act) and in accordance with the Australian Standard on Assurance Engagements (ASAE) 3000 Assurance Engagements Other than Audits or Reviews of Historical Financial Information, issued by the Australian Auditing and Assurance Standards Board, which forms part of the ANAO Auditing Standards.
Once relevant inquiries have been concluded by the ANAO, the findings from an assurance activity may be handled by issuing correspondence, or the review report may be presented to the Parliament under section 25 of the Act. Following its presentation and receipt, assurance review reports are published on the ANAO website. An assurance review provides a limited level of assurance and the review report includes a description of the assurance engagement circumstances, and a positive or negative form of expression of the conclusion.
The Defence major projects report (MPR) is an annual priority assurance review conducted in accordance with guidelines endorsed by the JCPAA. Increased transparency and accountability on progress with major Defence equipment acquisitions has been a focus of Parliamentary interest for some time. Beginning in 2007–08, an annual program has been established in conjunction with the Department of Defence to enable the ANAO to review and report to the Parliament on the status of major Defence acquisition projects, as set out in the Defence Major Projects Report. The review includes information relating to the cost, schedule and the progress towards delivery of required capability of individual projects as at 30 June each year.
The ANAO defines audit quality as the provision of timely, accurate and relevant audits, performed independently in accordance with the Auditor-General Act, ANAO Auditing Standards and methodologies which are valued by the Parliament. Delivering quality audits results in improved public sector performance through accountability and transparency.
It is the Auditor-General’s intention that audits conducted by the ANAO should be conducted to the same standards required of the auditing profession in Australia and consistent with the international public sector auditing community, to the extent that they are not inconsistent with the provisions of the Act or other relevant legislation.
The ANAO Auditing Standards also incorporate Auditing Standard ASQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Reports and other Financial Information, other Assurance Engagements and Related Services Engagements (ASQC1). ASQC 1 requires the ANAO to establish and maintain a system of quality control to provide it with reasonable assurance that the ANAO complies with the ANAO Auditing Standards and other applicable requirements and that reports issued by the Auditor-General are appropriate in the circumstances.
The ANAO has policies and procedures to promote an internal culture based on the recognition that quality is essential in performing audits. These policies and procedures address each of the following elements:
The ANAO quality framework includes policies and processes to monitor compliance with the policies and procedures contained in the framework, particularly as they relate to the performance of audits. In addition to progress reviews at specified points by the audit executive and Auditor-General for in-process audits, monitoring processes under the quality framework include:
For more information see Quality assurance framework and plan and external audits and reviews.