Issues Identified in the Audit
The aim of the report is to critically analyse the auditing report of health department’s procurement and management. The paper will provide a reflection on contract management and applying the procurement principles. The report has identified that the contract made was having poor governance and leadership. This lead to unnecessary costs and additional procurement. This report will clearly separate the issues that are being identified from investigations. The aim of the report is to focus and identify the important issues. After analysing all the factors the factors will be analysed from a personal point of view. The report has summarised annual audits received from 4 public universities. The common control weakness that were identified are there were some issues regarding the purchase card procedures, the policies regarding the payroll and humanities were not applied promptly and lead to several problems. Moreover, the institution lacks in providing better communication. This is very much necessary to develop a better form of communication between different locations. There were several issues faced with the control over information system. Each year audit is being conducted at selected universities and TAFEs. The report will encounters all the issues encountered while undergoing the audit.
This part of the report will discuss about the issues that are identified from the audit report. The audit consequences on the financial declarations, controls and key presentation indicators. The audit has been done with the help of 4 universities and 5 TAFEs for the year 2017. The main reason behind auditing is to determine the financial health. The issues that are being identified in these audit will be analysed and described. This audit is being conducted so that the institution can ensure the sector procedures frequently and create an accurate financial reports. Thus it is important for the management team to keep record of accounts. This is very much necessary to maintain an effective internal control system and this is essential for maintaining accurate report. This will also help the management to encounter the irregularities faced while dealing the work in an electronic environments and while following the manual procedures and will help the management to take preventive measures once the fault is being detected. The audit has issued clear options for controlling and managing the financial statements and KPIs for 4 public universities and 5 TAFEs. Apart from these audit options were being issued for 7 other small agencies and for 46 certificates.
Consequences of Issues on Financial Reporting, Controls, and Key Performance Indicators
There were several issues faced in different levels of the institution. The main issues that were faced with the management team. There were total 60 issues raised with financial and management. The control over these two sector was weak and was being identified at the universities and TAFEs. This issues were identified in the last year itself but it remained unresolved from the previous year. The audit confirmed that there were total 114 issues identified with the information system control at 5 TAFEs and 4 universities. The issues faced by the intuitions remained unsolved by 33% from last year onwards. In the last year, there were 77 issues encountered and from this 36% were unresolved from last years. Apart from this, the annual and long service leave liability for the university has decreased by 1.9% and for the TAFEs it is decreased by 0.3% in 207 and all total about $321 million.
The second issue faced was with the financial control and reporting. Every agency has the responsibility to maintain and develop an internal system that will control on all the internal activities and procedures so that it can ensure the governmental compliance and accurate recording and reporting of financial information and KPSs. The control framework for internal system includes controls towards the human resource management of the agency and for financial. The framework also includes procedures for information system management and for governance processes. The main reason to maintain a better internal framework for the agency is that it will prevent fraud cases. The error occurs mainly when the internal control falls weak, this is the time when the frauds and errors are more likely to arise. With the implementation of AG Act the auditor general needs to form an opinion on the controls over universities and TAFEs. The opinion needs to be formed and the compliance is based on the university control. The audit also involves assessing the ability of internal control system and procedures to prepare report that will record the reliable financial information and KPIs. There were total 0 cases where the financial and management control went weak towards the universities and TAFES in the year 2017. Whereas in the year 2016, this was 62. From this identified risks, 6 control weakness were having major impacts and needed to be migrated on an urgent basis. The management team needs to look after these issues on an urgent basis. From the identified risks, 32% weaknesses related to the concern were having medium urgency and needs to be mitigated as soon as possible. In case these issues are not being addressed in time, it may lead to serious risks. Around twenty eight percent issues were unresolved from the last year.
Need for Clear Communication and Adequate Internal Control Systems
Apart from these the common control weakness that were identified are as follows:
The procedure followed for purchasing the card were not followed by the institution, thus it is necessary to ensure that proper procedures are being followed while purchasing the card. This are as follows:
- This is the responsibility of each cardholder to submit their documents to the agency, so that the officers can understand that the payment is done by authenticate person and for agency purpose only.
- There is a need to set a timeline for the cardholders and they can purchase item within that time itself.
- The bank took initiative to cancel the cards of the former employee.
Secondly comes the payroll and human resources policies. This policies were also not followed properly and needs to be applied routinely for better working. This includes:
- There is a need for commencement of staff, this results in checking the identity after the appointments.
- All the procedures that comes after termination of any employee were not clear. The return policy for the employees were both fixed.
- This is necessary to analyse and make sure that the payroll reports are being submitted to the cost centre managers. This includes reports being reviewed, signed and returned properly by following correct procedures.
Another factor that is important for every institutions are to have good communication between the several campuses. The communication is necessary for every aspect including administration, human resources, finance services and payroll, as this will help in reducing these shortcomings. Apart from these, it is needed to maintain a proper document that will contain all the important policies and procedures.
The universities and TFAEs are having significant leave liabilities, this includes $255 million and $66 million respectively and requires proactive management. The combined liability for universities and TAFEs was $321 million, was less than 2016 and similar to 2015. Each year audit is being conducted so that the controls related to the information system can be understood and the working of the information system can be analysed.
The selected universities and the TAFEs conducts audit in order to analyse the working of the information system. The audit check the working of controls that are being designed. The audit is also used to determine the effectiveness of this operating system. This enables secured and reliable processing of this information system. The institution conducted audit on the information system controls at 4 universities and 5 TAFEs in the year 2017. There were total 114 weakness were being determined with the information system control and among this 3% were marked as significant and 75% were having moderate weakness. This means there is a need to take measures that will help in improving the condition. After the audit of 2017, only the important aspects were being resolved and all the 33% issues remained unsolved. The second report that was going to be published by the mid of 2018 aims at solving all the issues related to information system control. The issues that were related to information system control were related to the weak security provided by them. This is necessary to provide better security towards the information stored within the system. This system possesses threats in aspects of security and this includes weak passwords, unauthorized and inappropriate access to the information system, vulnerabilities that can effect a system. Whereas the issues related to the operations finding ended up having 40% issues, this includes the issues with handling the information, monitoring, processing the information and logging the activity performed by the user, managing and reviewing the access privileges. This is very much necessary to understand the importance of having a proper control over the information system maintained within the institution. In case the problems faced by the information system controls are not being addressed on time, it may lead to affect the confidentiality of the data maintained within the institution. The integrity and availability of the computer system will be at threat. Thus it very much essential to understand and take measures that will help in mitigating this issues, so that it will not affect the institution.
Proactive Management of Leave Liabilities by Public Universities and TAFEs
In order to improve the working of the institution, it is very much necessary for the institution to mitigate the issues identified while auditing the institution. Each year the institution conducts audit and prepares a report on this and based on the issues the institution needs to take steps, so that this issues can be fixed on an urgent basis. But it is being observed that the institution fixes only those issues which are significant and leaves the other issues unresolved. This is necessary to resolve all the issues on an urgent basis as it may lead to impact the institution in case the issues are being kept unresolved. For example based on the types the issues were being divided and marked and from all this issues marked in the audit of 2016 only 3 to 5% issues are being solved and the remaining issues left unresolved. Thus, it is recommended to the institution to work on every issue annually so that it will not create any impact on the institution.
Conclusion
The above report has discussed about the issues that are faced and determined in the time of audit. The audit report has described and analysed the annual audits for 4 universities and 5TAEs. The issues raised with management and information sectors are being described. Several techniques are needed to maintain proper ways so that the common control can be maintained properly. These controls are related to purchasing card procedures and payroll and human resource policies. The report has discussed about the issues that were found during the investigations. The findings are being discussed. The report has discussed about the way leave liabilities are being managed by universities and TAFEs. Moreover the important issues are being identified and analysed critically. The last part of the report contains the issues that are faced with maintain proper information system control. Lastly, the paper has provided a recommendation based on the audit report.
References
Flynn, Lori, David Svoboda, and William Snavely. “Hands-On Tutorial: Auditing Static Analysis Alerts Using a Lexicon & Rules.” In Cybersecurity Development (SecDev), 2017 IEEE, pp. 1-2. IEEE, 2017.
Hoffmann, Romuald, Maciej Kiedrowicz, and Jerzy Stanik. “Risk management system as the basic paradigm of the information security management system in an organization.” In MATEC Web of Conferences, vol. 76, p. 04010. EDP Sciences, 2016.
Kavanagh, Michael J., and Richard D. Johnson, eds. Human resource information systems: Basics, applications, and future directions. Sage Publications, 2017.
Laudon, Kenneth C., and Jane P. Laudon. Management information system. Pearson Education India, 2016.
O’Grady, Winnie, Steve Morlidge, and Paul Rouse. “Evaluating the completeness and effectiveness of management control systems with cybernetic tools.” Management Accounting Research 33 (2016): 1-15.
Peltier, Thomas R. Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications, 2016.
Reinhart, Carmen M., and Kenneth S. Rogoff. “Financial and sovereign debt crises: Some lessons learned and those forgotten.” Journal of Banking and Financial Economics 2 (4) (2015): 5-17.
Romney, Marshall B., and Paul John Steinbart. Accounting information systems. Boston, MA: Pearson, 2015.
Simkin, Mark G., Carolyn S. Norman, and Jacob M. Rose. Core concepts of accounting information systems. John Wiley & Sons, 2014.
Soomro, Zahoor Ahmed, Mahmood Hussain Shah, and Javed Ahmed. “Information security management needs more holistic approach: A literature review.” International Journal of Information Management 36, no. 2 (2016): 215-225.
Yu, Yong, Man Ho Au, Giuseppe Ateniese, Xinyi Huang, Willy Susilo, Yuanshun Dai, and Geyong Min. “Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage.” IEEE Transactions on Information Forensics and Security 12, no. 4 (2017): 767-778.