Week_1_-_Chapter_2.doc

8/10/2019 Week_1_-_Chapter_2.doc

1/20

1

WHAT IS GOVERNANCE?

Governanceis the exercise of economic and administrative

authority necessary to manage an entity's affairs.

Governanceis concerned with the processes by which decisions are

made and implemented so that the entity's affairs are conducted

properly and in accordance with the laws and other applicable

regulations.

The Organisation for Economic Co-operation and Development OECD! refers

to governance "

characterised by participation,

transparency, accountability, rule of law,

effectiveness, equity. Good governance

refers to the management of government

[governing body] in a manner that is

essentially free of abuse and corruption,

and with due regard for the rule of law ..

#n business$ the essence of governance relates to the structure

of separation of ownership and management.

#n the agency structure$ members or shareholders! of the

corporation rely on the management agents!.

These agents are the board of directors and managers who conduct the business

on behalf of the members. %hareholders and owners re&uire not only the laws$

but also other means to ensure that the management of the corporation act in the

best interest of the corporation and its shareholders or owners.

Management accept the accountability meau!e

th!ough "hich they #emont!ate the e$ecti%ene o&

thei! pe!&o!mance' Thi i the o!igin o& co!po!ate

go%e!nance'


2/20

2

The authority exercised by a governance body is underpinnedby transparency and accountability.

This is the context in which the auditor plays a role.

The independent auditor provides an obective assurance to the truth

and fairness of an 'account' that is prepared by the management and

which represents the way in which the corporation is run.

The independent auditor adds to the credibility of the conduct as

performed by the agent.

This accountability framewor( is part of the bac(bone of governance.

)ccountability is 'explaining or ustifng what has been done$ what is

being done and what is planned'.

)ccountability is giving of account$ a reporting of that for which one is

accountable.

Ente!p!ie Go%e!nance( A)!ame"o!*

Enterprise governance is a framewor( that covers both the corporate governance

regime and the business governance perspectives of an organisation.

the et o& !eponibilitie an# p!actice e+e!cie# by theboa!# an# e+ecuti%e management "ith goal o& p!o%i#ing

t!ategic #i!ection, enu!ing the ob-ecti%e a!e

achie%e#, ace!taining that !i* a!emanage# app!op!iately, an# %e!i&yingthat the o!ganiation. !eou!ce a!e

ue# !eponibly'.

The definition assumes the dual role of directors in both monitoring

conformance! and strategy performance!$ and ac(nowledges the inherent

tension between governance and value creation.


3/20

3

Enterprise governance is perceived as a model that can be applied to

corporations$ not-for-profit organisations and the public sector.

The conformance aspect$ based mainly on corporate governance best practice$

covers issues such as"

The roles of the chair of the board and top management e.g. the CEO's

responsibility to ensure accountability and independence!

The composition$ s(ills base$ remuneration and training of the board and

its committees

*oles of non-executive directors and audit$ nomination and remuneration

committees

The ade&uacy and reasonableness of compensation schemes for

executives

#nternal control structures$ ris( management and the role of internal audit

+ the financial reporting and disclosure regimeThe independence of the audit function and the reporting mechanisms.


4/20

4

THE AUDT!" A#D $!%E"#A#&E

Overall Objectives of the Auditor

To obtain reasonable assurance about whether the financial report as

a whole is free from material misstatement$ whether due to fraud or

error$ thereby enabling the auditor to express an opinion on whether

the financial report is prepared$ in all material respects$ in

accordance with an applicable financial reporting framewor(,

To report on the financial report and communicate as re&uired by the

)ustralian )uditing %tandards$ in accordance with the auditor's

findings

)%) states that management and those charged with governance have the

following responsibilities"

/or the preparation of a financial report in accordance with the applicable

financial reporting framewor($ including where relevant$ their fair

presentation,

/or such internal control as management and$ where appropriate$ those

charged with governance determine is necessary to enable the preparation of

a financial report that is free from material misstatement. whether due to

fraud or error$ and

To provide the auditor with

)ccess to all information$ of which management and$ where appropriate$

those charged with governance are aware that is relevant to thepreparation of a financial report such as records$ documentation and other

matters,

)dditional information that the auditor may re&uest from management

and$ where appropriate$ those charged with governance$ for the purpose

of the audit, and

0nrestricted access to persons within the entity from whom the auditor

determines it necessary to obtain audit evidence.


5/20

'

The following standards provide some examples of the auditor's interactions

with those charged with governance"

)%) 1 Consideration of 2aws and *egulations in an )udit of a

/inancial *eport #%) 1! re&uires the auditor to consider in detail

the laws and regulations in an audit of a financial report.

)%) 3 Communication with Those Charged with 4overnance

#%) 3! specifically discusses the communication necessary to

occur between the auditor and those charged with governance of an

entity.

)%) 31 Communicating Deficiencies in #nternal Control to Those

Charged with 4o vet-n4overnance and 5anagement #%) 31!

re&uires the auditor to communicate deficiencies in internal control to those charged with governance.

)%) 671 #dentifring and )ssessing the *is(s of 5aterial

5isstatement through 0nderstanding the Entity and #ts Environment

#%) 671! refers to the identification and assessment of ris(s of

material misstatements through understanding the environment of

the entity.

)%) 66 The )uditor's *esponses to )ssessed *is(s #%) 66!follows )%) 671 #%) 6!1! which deals with the auditor's responses

to assessed ris(s and approaches to the audit plan in a manner to

ensure such ris(s are considered in the nature and extent of

obtaining audit evidence.

The main !ole o& the e+te!nal au#ito! i to gi%e anin#epen#ent opinion on the t!uth an# &ai!ne o& the

/nancial tatement o& the o!ganiation'


6/20

(

Co!po!ate Go%e!nance 0con&o!mance1an# the Au#iting )unction

Corporate governance is the framewor( of rules$ relationships$ systems andprocesses within and by which authority is exercised and controlled in

corporations.

#t encompasses the structure$ the systems and the relationships among parties

such as the board of directors$ management including (ey officers!$ auditors$

regulators$ shareholders and the public.

The principles of corporate governance were highlighted in the )%8 Corporate

4overnance Council's Corporate 4overnance 9rinciples and *ecornrnendations

To ensure the basis for an effective corporate governance framewor(

through the promotion of transparency and efficient mar(ets$ legal and

regulatory re&uirements$ division of responsibilities among

different government authorities to ensure the public interest is

served$ and the provision of supervisory and enforcement authorities

To ensure e&uitable treatment of shareholders by enhancing their rights and

authorities and clarifying the role of institutional investors in a fiduciary

capacity

To deal with conflicts of interest with the principles covering disclosures,

the role of providers of corporate information such as rating agencies, the

duties of the auditors and their accountability to shareholders, and the

protection of minority shareholders' rights.

:a(er and Owsen' 'argued that the role of auditing need not be constrained

within the narrow bounds of investor decision ma(ing$ but should be viewed in

relation to the wider needs of various sta(eholder groups and society generally.

)udited financial reports should render assurance that"

the financial statements are right

the company will not fail

there has been no fraud

the company has acted within the law

the company has been competently managed

the company has adopted a responsible attitude to environmental and societal

matters.


7/20

)

*usiness $overnance +per,or-ance andAuditing and Assurance /ervices

)lthough the role of monitoring performance is mainly the responsibility of theboard$ the application of tools$ techni&ues and practices directly involves the

accountant and some of the assurance services provided in assisting

management and the board.

)ccountants and auditors - the traditional gate(eepers of the financial reporting

regime play a significant role in strengthening both corporate and

business governance.

Their roles can be summarised as follows:

They provide assurance of the integrity and reliability of the internal

control and ris( management systems of clients.

They ensure an awareness of$ and use relevant measures to detect$

possible financial misstatements such as earnings management

practices!.

They ensure audit independence through safeguards and professional

development programs.

They enhance audit &uality control processes.

They actively practise the code of conductThey monitor the development of and adherence to auditing standards

nationally and internationally.


8/20


9/20

ISS2ES IN GOVERNANCE

Inte!nal Cont!ol an# Ri* Management

*is( management is referred to as the entire culture$ process

and system established to manage opportunities and minimise

or control adverse ris(s.


10/20

1

Enterprise ris( management is defined in the framewor( as"

a process eected by an entity5s board o, directors

-anage-ent and other personnel applied instrategy setting and across the enterprise designedto identi,y potential events that -ay aect the entityand -anage ris6s to be 7ithin its ris6 appetite toprovide reasonable assurance regarding theachieve-ent o, entity ob8ectives.

A typical ris6

-anage-ent syste-involves planning9understanding the

co-pany5s ris6 appetiteand pro:le9 identi,ying

ran6ing -onitoringreducing and reporting

ris6s9 i-ple-entingcontrols9 and ta6ing

;


11/20

11

Ente!p!ie Ri*Management

E*5 consists of eight interrelated components.

These processes are derived from the way management runs a business"

#n the internal environment$ management establishes a ris( management

philosophy the ris(-ta(ing approach! in order to form a ris( culture while

integrating ris( management with related initiatives.

*is( obectives are set in four categories - strategic$ operations$ reporting

and compliance. %ome organisations include the obective of safeguardingresources. These obectives allow management and the board to focus on

separate aspects of ris( management

Event identification is a process where both external and internal factors that

might affect event occurrence are considered. The identification

methodology may use a combination of techni&ues and tools$ loo(ing at both

the past and the future.

*is( assessment then allows an entity to consider how potential events mightaffect the achievement of obectives. Two perspectives are determined -

li(elihood and impact

*is( response options are identified by management$ which considers the

impact of the event in relation to ris( tolerances$ evaluates costs and benefits$

and designs and implements response options.

Control activities are the policies and procedures that ensure ris( responses

are properly executed throughout the organisation$ at all levels and in all

functions. Control activities are closely aligned with general and application

controls

9ertinent information and effective communication are re&uired to allow

E*5 responses to changing conditions in real time. #nformation can be

&uantitative$ &ualitative$ internal and external. Communication channels

should also ensure personnel can communicate ris(-based information across

business units$ processes or functional areas.


12/20

12

There is a direct relationship between obectives$ components and units.

The ERM mat!i+ in p!o%i#e an o%e!%ie"'

)%) 671 states that the auditor shouldobtain sufficient understanding of the

internal control structure to plan the audit and develop an effective auditapproach.

The auditor should use professional judgement to assess audit ris( and to

design audit procedures to ensure ris( is reduced to an acceptably low level.

#n assessing the internal control structure$ auditors should gain an

understanding of whether the internal control structure can ensure that the

conduct of the business is orderly$ including the ability to prevent and detect

fraud$ error$ non-compliance$ and the misappropriation of assets.

The auditor should gain an understanding of the business and the company

environment to appreciate ris(s that might be embedded within the nature of the

business and the approach underta(en by the management in dealing with such

ris(s. These are inherent risks.

5oreover$ the auditor in planning the audit will spend time reviewing the

internal control of the company in other to assess the li(elihood of control

failures. These are control risks


13/20

13

INTERNA3 AN4 O5ERATIONA3A24ITING IN THE GOVERNANCE

5ROCESS

The (ey audit roles performed by professional accountants that provide

assurances on the ade&uacy of conformance and the strategic values of business

performance.

Internal Auditing

An independent ob8ective assurance and consulting

activity designed to add value and i-prove an organi


14/20

14

O!ganiational an# &unctional #i$e!encebet"een inte!nal an# in#epen#ent au#ito!

Following the introduction of CLERP 9 in Australia and the Sarbanes-Oxley

Act in the nited States! it is now prohibited for external auditors to provide

internal audit services for audit CLentsin order to "reser#e the a""earance of

inde"endence$

#mportant criteria in assessing the performance of internal auditing by the

external auditor are"

O!ganiational Statu'#nternal auditors should report to the highest level of management and be free of

any other operating responsibility. internal auditors need to be free to

communicate with the external auditor.Scope o& Inte!nal Au#iting'

The external auditor should consider not only the nature and extent of theinternal audit assignments$ but also the extent to which management acts on

internal audit recommendations.

Technical competence#nternal audit functions should be performed by those with ade&uate technical

training and proficiency.4ue p!o&eional ca!e'#nternal audits should be properly planned$ supervised$ reviewed and

documented. External auditors should consider the ade&uacy of audit manuals$

wor( programs and internal audit wor(ing papers.


15/20

1'

perational Auditing

Operational auditing has been used in the past to evaluate a variety of activities

that include management's performance$ management's planning and &uality

control systems$ and specific operating activities and departments.

Operational auditing is sometimes (nown as value-for-money or performance

auditing.

%his ty"e of auditing relates to an entity&s non-financial o"erations$

#t is the systematic process of gathering evidence to ascertain whether a

process or operation is effectively and efficiently run.

The #e/nition o& ope!ational au#iting encompaee$ecti%ene an# e6ciency

0nli(e a financial statement audit$ an operational audit does not end with a

report on the findings$ but extends to ma(ing recommendations.

Three approaches have been suggested"

The ris(-based audit approach identifies the areas of greatest ris( and uses

an obective;ris(;controls formula and a matrix to document and analyse an

effective audit program. The ris(-based approach also distinguishes

between control ade&uacy what should be! and control effectiveness what

is!.

The value-for-money audit approach defines attributes of effectiveness and

focuses on effectiveness$ efficiency and economy of operations from

customers< viewpoints.

The process audit approach examines the effectiveness of processes and

distinguishes value-added from non-value-added activities$ building the

control framewor( into the processes. =

Typically$ there are five phases to an operational audit and each phase must be

completed. These phases are 7! preliminary preparation$ ! field survey$ 6!

program development$ >! audit application and 1! reporting and follow up.


16/20

1(

A24IT COMMITTEES

#t is a special committee formed by the board of directors.

#deally it is a group of outside directors who have no active day-to-day

operational role and who liaise between the independent auditor and the boardof directors.

Audit committees comprise in the main representatives from:

o ?on-executive directors

o #nternal audit

o External audit

o Executive directors!.

#t provides a forum where members of the governing body$ management and

auditors can address issues relating to the management of ris( and financial

reporting obligations

)udit committee members of the listed companies must be independent.

Independent' means that"

The member may not accept any (ind of compensation from the issuer$ or its

affiliates$ other than in the capacity of a member of the board

The member may not be an affiliated person of the issuer or a subsidiary of

the issuer other than in the capacity of a board member.

An au#it committee "ill ha%e peci/c inte!et in

the entity7 /nancial !epo!ting, inte!nal cont!ol

t!uctu!e, !i* management ytem, an# the

inte!nal an# e+te!nal au#it &unction'


17/20

1)

They were formed so that a company can be more

responsive to the needs of those interested in financial

reporting.

Their formation is itself a recognition of the responsibilities

of both the corporation and its auditor to the public

investor.

They have been formed to !ein&o!ce au#ito! in#epen#ence$particularly the appearance of independence$ from the management of a

company whose financial report is being audited by the auditor.

@ith respect to audit committees$ specific re&uirements apply to companies on

the %A9;)%8 )ll Ordinaries #ndex - they are subect to )%8 2isting *ule 7.=$

whereby an entity included on that index at the beginning of its financial year

must have an audit committee during that year.

The following recommendations are pertinent"

The au#it committee houl# be t!uctu!e# o that it

consists only of non-executive directors$

consists of a maority of independent directors

is chaired by an independent chair$ who is not the chair of the board$

has at least three members.

The audit committee should have a formal charter.

The audit committee should report to the board on the following matters:

Assessment of whether external reporting is consistent with information and

knowledge available to them and whether it is adequate for shareholders

Assessment of the reporting processes

Procedures for the selection and appointment of the external auditor and the

rotation of the audit partner

Recommendations for the appointment or removal of an auditor

Assessment of the performance and independence of the external auditor, with

special consideration if there is the provision of non-audit services

Assessment of the performance and obectivity of the internal audit function

!he results of its review of risk management and internal compliance and control


18/20

10

o f an Effective Audit Committee

)n audit committee of non-executive directors could act as an intermediary

between management and the external auditor.

The auditor$ therefore$ need be less concerned about being replaced in the event

of a disagreement with management.

The main obectives of an effective audit committee include the following

)ssisting the directors in discharging their responsibilities with due care$

diligence and s(ill, in particular$ the audit committee is concerned with"

financial statements and financial information

the appropriateness of accounting policies used

ade&uacy of financial management policies and procedures

ade&uacy and monitoring of internal control structuresproper ris( management plans and processes

business practices

protection of assets$ including intellectual property

compliance with relevant laws$ regulations$ standards and best practice

guidelinesOthe! bene/t inclu#e(

#mproving the credibility and obectivity of the accountability process

including financial reporting!,

)ssisting the board of directors to discharge its responsibility to

exercise due care$ diligence and s(ill,

#mproving the effectiveness of the internal and external audit functions

and the communication between the board of directors and the external

and internal auditors,

The audit co--ittee usually has oversight

responsibilities o, the :nancial reporting and auditing


19/20

1

/acilitating the maintenance of the independence of the external

auditor, strengthening the role and influence of non-executive

directors.

Relationhip o& the Au#it Committee "ith theInte!nal an# E+te!nal Au#ito!

!erformance Auditing

A pe!&o!mance au#it i an in#epen#ent,ob-ecti%e an# ytematic aement o& publicecto! entitie. p!og!am, !eou!ce,

in&o!mation ytem, pe!&o!mance meau!e,monito!ing ytem an# legal an# policy

compliance'

9erformance audits play an important role in improving the administration and

management practices of public sector entities. 9erformance audits involve the

evaluation of the implementation of specific government programs$ policies$

proects and activities.


20/20

2

9erformance auditing captures the economic and compliance aspects of

an activity.

Documents

Week_1_-_Chapter_2.doc