Appendix : Our strategic risks and risk management
| Risk | Management of risk | |
|---|---|---|
| 1 | Loss of independence – independence underpins the value of the Auditor-General's work and reporting. Losing that independence in fact or appearance, whether by failure on the part of the Auditor-General, her staff, or her appointed auditors to act independently or otherwise, would undermine trust in our organisation. |
We manage this risk by applying the Auditor-General's independence standards. The Auditor-General sets a high standard for independence for her employees and the auditors she appoints to carry out audits on her behalf. Monitoring the independence standards, including for the two statutory officers and all employees, is carried out through a system that includes regular declarations of interest and, where necessary, implementing measures to mitigate conflicts of interest. Senior managers in the Office monitor and regularly assess any factors that may threaten auditor independence. We are satisfied that the Office has appropriate plans to reduce the effect of these factors to an acceptable level. |
| 2 | Audit failure – the risk that we issue an incorrect audit opinion with material effect or a report that is significantly wrong in nature or process. |
The Auditor-General adheres to professional auditing standards, including implementing and complying with the revised quality control standards from the New Zealand Institute of Chartered Accountants and the External Reporting Board, supplemented by the Auditor-General's auditing standards to address public sector matters not covered by general auditing standards. We monitor adherence to auditing standards through external quality assurance regimes (such as participating in New Zealand Institute of Chartered Accountants' practice reviews and, from time to time, international peer reviews). Our internal quality control procedures include carrying out quality assurance reviews of all our appointed auditors and our Office products on a risk basis and to ensure reviews of all auditors and products over a three-year period. Before performance audits are presented to Parliament, a process of external report clearance and internal substantiation and review is observed. |
| 3 | Loss of capability – the risk that we are unable to retain, recruit, or access people with the technical and other skills our audit work requires. | We carry out ongoing training and development of our staff and our appointed auditors and their staff on matters necessary for audit work. We provide management programmes, leadership development initiatives, and professional development programmes for our own staff. |
| 4 | Loss of reputation – the risk that we lose reputation or credibility that affects our ability to maintain effective relationships with stakeholders. This could arise either because of failings in one of the three risk areas listed above or because of external expectations and perceptions about the role of the Office or its findings on any particular matter that has been the subject of audit scrutiny. The Auditor-General's discretionary mandate is broad, and it is inevitable that we will not meet all expectations. |
Managing this risk requires the exercise of judgement about where to focus our audit effort and how best to report while also achieving the greatest likelihood of public sector improvement. There are a number of ways this risk is managed in our day-to-day work:
|