Seoul, Korea – October, 2014 Brazilian Court of Accounts.
-
Upload
marylou-preston -
Category
Documents
-
view
215 -
download
3
Transcript of Seoul, Korea – October, 2014 Brazilian Court of Accounts.
Working Group on Public DebtINTOSAI
Seoul, Korea – October, 2014
ISSAI 5450GUIDANCE OF AUDITING ON PUBLIC DEBT
INFORMATION SYSTEM
Brazilian Court of Accounts
SUMMARY
Objective
Why PDIS should be evaluated
Brazil – economics indicators
Background
ISSAI 5450 – improvements and changes
Comparison: 2nd and 3rd version of ISSAI 5450
Next steps
OBJECTIVE
To help the WGPD to develop a guidance on audit of Public Debt Information Systems (PDIS) that can be useful for all the INTOSAI community
What are we doing?
Auditing on general controls and application controls of Public Debt Information Systems
What is the object of
guidance?
WHY PDIS SHOULD BE EVALUATED?
ISSAI 300 - Principles of Performance Auditing
Auditors should choose a result-, problem- or system-oriented approach, or a combination thereof, to facilitate the soundness of audit design.
- a system-oriented approach examines the proper functioning of management systems, e.g. financial management systems
WHY PDIS SHOULD BE EVALUATED?
ISSAI 5410 - Guidance for Planning and Conducting an Audit of Internal Controls of Public Debt
Computer-based debt information systems have major implications for audits of sovereign debt operations. Auditors must have sufficient computer expertise to perform tests of the internal controls built into computer systems, which are commonly classified into general and application controls.
WHY PDIS SHOULD BE EVALUATED?
UNCTAD: Principles on promoting responsible sovereign lending and borrowing
Debtors should make public disclosure of their financial and economic situation, providing among others the following information: (i) accurate and timely fiscal data; (ii) level and composition of external and domestic sovereign debt including maturity, currency, and forms of indexation and covenants; (iii) external accounts; (iv) the use of derivative instruments and their actual market value; (v) amortization schedules and, (vi) details of any kind of implicit and explicit sovereign guarantees. (11. Disclosure and publication)
WHY PDIS SHOULD BE EVALUATED?
IMF: Revised Guidelines for Public Debt Management
Debt management activities should be audited annually by external auditors. Information technology (IT) systems and risk control procedures should also be subject to external audits. In addition, there should be regular internal audits of debt management activities, and of systems and control procedures. (Transparency and Accountability)
WHY PDIS SHOULD BE EVALUATED?Relevant info for decision making
demands security, reliability, accuracy and readiness from
the information systems
32%
23%18%
17%7% 4%
Creditors Base - December/ 2013
Financial Institutions Investment funds Pension fundsNon-residents Government Insurers
2004 2005 2006 2007 2008 2009 2010 2011 2012 20130%
5%
10%
15%
20%
25%
30%
35%
40%
0
1
2
3
4
539.3%
21.9%24.8%
2.9
4.2
Maturing in 12 months (%)Medium-term
BRAZIL: GROSS DOMESTIC PRODUCT
3,3 3,4 3,6 3,7 3,8 4,0 4,3 4,2 4,6 4,7 4,7 4,8
2,7
1,1
5,7
3,2
4,0
6,1
5,2
-0,3
7,5
2,7
1,0
2,3
2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 PIB - em valores de 2013 Taxas Reais de Crescimento - em %GDP REAL GROWTH (%)
BRAZIL: INFLATION
BRAZIL: CENTRAL GOVERNMENT GROSS DEBT
37591 37834 38078 38322 38565 38808 39052 39295 39539 39783 40026 40269 40513 40756 41000 41244 414870
500
1,000
1,500
2,000
2,500
3,000
0
10
20
30
40
50
60
70
80
90
100
DBGC em R$ Bilhões DBGC em % do PIB
R$ B
illio
n
% G
DP
GROSS DEBT R$ billion GROSS DEBT – GDP (%)
Background – ISSAI 5450 (1st version)
Brazilian Court of Accounts headed the investigation theme “Evaluation on Information Systems Related to Public Debt Management” in July 2009 (Kyiv, Ukraine)
First version draft presented in the WGPD meeting in September, 2012 (Helsinki, Finland)
The draft was submitted to the WGPD members for comments
Comments from Lithuania, USA, Moldova
Background – ISSAI 5450 (2nd version) The exposure draft of the ISSAI 5450 “Guidance of
Auditing on Public Debt Information System” has been approved by the Steering Committee of the Knowledge Sharing Committee (KSC)
WGDP Secretariat submitted to INTOSAI Professional Standards Committee (PSC) in June, 2013
PSC submitted the Exposure draft of the ISSAI 5450 to INTOSAI community for comments in July, 2013
Comments received until November, 2013
ISSAI 5450 – INTOSAI Community
CommentsArgentina MalaysiaAustralia MoldovaCanada NetherlandsChile OmanChina PolandHonduras ThailandHungary United States of AmericaIndia United Arab EmiratesKazakhstan United KingdomKuwait VietnamLatvia Zambia
ISSAI 5450 (3rd version) - main improvementsImprovement Who did suggest? Where is it?
Description of the importance of auditing the system public debt and the possible consequences of not performing it
Austrália, Latvia Page 1
Description of the objectives of the debt information system
Australia Page 1
Explanation about the importance of this guide within a large context
United Kingdom, Latvia, India Pages 1, 2
Indication of the necessity of a process mapping
Argentina, Australia, United Arab Emirates
Pages 6, 7, 20
Setting out the importance of a risk based audit approach
Australia, United Kingdom, United Arab Emirates, Hungary
Pages 6, 7, 21
Highlight in Application Controls United Kingdom, Honduras, Chile, United Arab Emirates, Poland, Netherlands, India,
Hungary
Pages 11 to 18
ISSAI 5450 (3rd version) - main improvements
Improvement Who did suggest? Where is it?
Creation of a specific list of application controls (testing matrix)
Chile, United Arab Emirates Pages 27 to 37 (matrix)
Mention of the functions, queries and connections that the public debt system should provide
Hungary, Chile Pages 27 to 37(matrix)
Making references to INTOSAI documents United Kingdom, India, USA, Hungary
Pages 7, 9, 18
Indication of the necessity of an IT expert (the table of sophistication level was removed)
Argentina, Kwait, Chile Page 6
Modification on the document structure Australia, United Kingdom, Hungary
Entire document
Improvement of the text structure Australia, Canada, Malaysia, Hungary
Entire document
Testing Matrix – General and Application Controls
Matrix Structure
REQUIREMENT/FUNCTIONALITY
GENERAL/APPLICATION CONTROL TESTING PROCEDURES
TESTING AREAS
GENERAL CONTROLS
APPLICATION CONTROLS
- Organizational controls- Physical Access controls- Logical Access controls- Environmental controls- Program Change controls- Business Continuity Planning and
Disaster Recovery
- Documentation standards- Input controls- Processing controls- Output controls
ISSAI 5450: Comparison
2nd version 3rd version0
5
10
15
20
25
30
35
40
ISSAI 5450: 2nd X 3rd versions
Pre-textual elements PlanningGeneral Controls & Testing Matrix Application Controls & Testing MatrixBibliography
N.
Pa
ge
s
Pages2nd
version3rd
version
1 1
14 21
16 7
6 5
2 4
Next Steps
The approval of the last version of the ISSAI 5450 – Guidance of Auditing on Public Debt Information System
Becoming a INTOSAI document at the INCOSAI 2016
THANKS!
Seoul, Korea - October, 2014