Risk Analysis
The audit of public sector carried out by supreme audit institutions (SAIs) plays an important role in the process of enhancement of citizens´ life as it draws the attention of public funds administrators to irregularities in their spending. To ensure the greatest benefits from the work of SAIs, it is necessary to focus the audits with the utmost precision on risk areas in the public funds management. Risk analysis is an important tool for identification of such areas.
Supreme audit institution and its access to data and information
The basic step in a risk analysis is to acquire the necessary data and information. The supreme audit office (SAO) has an access to information systems (IS) which are used by public administration entities for their work. There are approx. 7 000 such IS in evidence in the Czech Republic, unfortunately not all IS are useful for the SAO. The SAO primarily uses the information from the IS which collect data about the budget, public procurement, subsidies from national sources or EU funds, etc.
The SAO also uses information from the public registers (business register, register of economic entities, ...), the statistical office, etc. Other important source of information are so-called “unstructured data”. These are for example closing accounts of individual chapters of the state budget, register of contracts, and Open Data (information made available by public administration and other entities).
In order to streamline the processing of data from the IS, the SAO has built its own data warehouse. The most valuable data are stored in the data warehouse in pre-defined data structures.
The data from the data warehouse are accessible to all auditors via user interface from their desktops.
Analysis performance
Complex analytical activities are carried out by a special analytical department which analyses data from all accessible sources according to requirements from audit departments and the SAO management. Apart from data analyses, the analytical department carries out also complex analyses of selected areas.
The focus of such analyses is to make the search for information more efficient and effective for the auditors so they can concentrate on their main audit work.
The concentration of the most analytical activities into one department makes the processes more efficient, enables automated procedures for repeated queries, and provides a better summary of already performed analyses.
The use of analyses
The performed complex analyses are used by the audit departments to identify potential risks in a given area. They help to find weak spots where is the greatest probability of breach of the 3E rules, or noncompliance with the legal provisions safeguarding the management of public funds and property. The identified risks are consequently evaluated according to their importance, i.e. what impact they would have on the volume of inputs and outputs (quantitative view) or on the fulfilment of the expected benefits (qualitative view).
Following the results of risk analyses the audit questions are prepared. At the same time it is necessary to evaluate whether the audit can bring answers to the specified questions. The end result of this process is a proposal of audit which would be focused on the areas with great risks. Such audit has potential to bring an added value as it can identify significant shortcomings the remedy of which would lead to improvement of public funds management.