What to Expect—An Auditee's Guide to the Performance Audit Process

6—Planning phase of a performance audit

In the planning phase of a performance audit, the audit team of the Office of the Auditor General (the Office or OAG) acquires appropriate knowledge of the audited entity, the activities, or programs to be audited, and current issues facing the entity. Based on that knowledge, the audit team develops an examination plan as a basis for conducting an orderly, efficient, and cost-effective audit.

Some general points of information are the following:

  • The level of the entity officials participating in audit meetings and briefing sessions will depend on such factors as the subject matter for discussion and availability of individuals. However, we believe that it is important that the deputy head of the audited entity be sufficiently briefed on both planned and current audit work.
  • To reinforce ongoing communication, contact persons for both the OAG and the audited entity should have the authority and responsibility to set up regular meetings throughout the audit, ensure that appropriate individuals attend, and help resolve any problems or barriers to completing the audit. The entity's OAG contact/liaison person should coordinate entity comments.
  • The audit team maintains a register of documents requested and received during an audit. When the OAG requests information from an audited entity, the entity should respond to such requests expeditiously. As a guide, information that is easily accessible should normally be provided within five working days of the request. For less readily available information, the audited entity should provide the information within a time frame agreed on as reasonable between the audit team and entity officials. Documents may be provided in electronic and/or hard copy format, as appropriate and applicable in the circumstances.

Additional resource

  • Communiqué (TBS-OAG): Office of the Auditor General's Access to Records and Personnel for Audit Purposes, emailed to deputy heads on 7 August 2007

Related information sheets

Steps and interaction between the OAG and the audited entity in the planning phase

OAG

Audited Entity

Audit notification

At the start of a performance audit, the audit team will

  • notify the deputy head by letter of the OAG's intention to conduct an audit, and will request confirmation of the confidentiality of OAG numbered/controlled documents, such as the entity plan summary and draft chapters, and their return within one week of tabling of the report;
  • provide the entity's OAG contact/liaison person with the names and security clearance levels of OAG and contract staff initially assigned to the audit who will require access to the entity (if any changes to this list are required during the audit, the audit team will notify the entity's OAG contact/liaison person in a timely manner); and
  • offer to hold an entrance meeting with entity officials, including the deputy head where appropriate, to discuss the planned audit to gain a better understanding of the areas subject to audit. In advance of the meeting, the audit team notifies the audited entity of the main topics to be discussed, including the preferred language(s) of communication, especially regarding audit documents provided to the audited entity.

The deputy head is expected to

  • confirm, in writing, that controlled documents, such as the entity plan summary and draft chapters, will be treated in a confidential manner and returned within one week of tabling of the report; and
  • inform those in the entity who need to know about the audit, as well as the departmental audit committee.

The OAG contact/liaison person is expected to inform those in the entity who need to know of the names and security clearance levels of OAG and contract staff. The audited entity is expected to provide the audit team with access at all convenient times to audit information, reports, and explanations, as the OAG deems necessary to complete the audit.

If an entrance meeting is held, the entity is expected to ensure that the appropriate entity officials attend this meeting to discuss the planned audit and topics for discussion so that the audit team can gain a better understanding of the areas subject to audit. The OAG contact/liaison person is expected to inform the audit team of the preferred language(s) of communication, especially regarding audit documents provided to the audited entity.

Within one month of the offer to hold an entrance meeting

The audit team sends a solicitor/client privilege letter to assure the deputy head or other senior management that when the OAG requests access to documents that may be subject to solicitor/client or other privileges, it does so pursuant to its powers under the Auditor General Act. Consequently, the audited entity's disclosure of such documents to the OAG does not amount to a waiver of any privilege attached to the documents.

Within two weeks of receiving the solicitor/client privilege letter, the deputy head or another senior management official with signing authority at the assistant deputy minister (ADM) level is expected to sign the attached letter, send a copy to those in the entity who need to know, and return the letter to the OAG.

During the survey period

The audit team

  • acquires a sound knowledge of the audit subject through discussions with entity staff and review of documentation in order to develop an examination plan, which will serve as the basis for the entity plan summary, and
  • identifies its initial information needs and specifies areas in the audited entity and locations/sites where it expects to conduct preliminary fact finding.

The entity is expected to

  • arrange timely meetings between senior management and other entity staff and the OAG to discuss the audit subject matter;
  • provide the audit team with the information needed to understand the areas subject to audit, (for example, lines of responsibility, sources of criteria, risks, management concerns, and previous related internal audits, evaluations, or studies); and
  • facilitate any field visits to entity or project sites.

Prior to meetings, the audit team notifies the entity of the main topics to be discussed.

Entity officials are expected to be prepared to answer questions related to the main topics to be discussed at meetings with the audit team.

Early in the process, the audit team and entity officials will review the audit schedule and key milestones in the process with entity officials. Should any variations from the schedule become necessary, the parties should discuss how best to compensate by adjusting deadlines so that there is adequate time to ensure the quality of reports in both official languages.

Entity officials are expected to indicate whether any necessary variations from the audit schedule and key milestones are required and, if applicable, to discuss with the audit team how best to compensate for this while respecting the OAG report production schedule.

The audit team seeks agreement with entity officials, during the planning phase, on how the OAG will debrief senior management of the audited entity and, if requested, the departmental audit committee, on the results of the audit.

Entity officials are expected to reach an agreement with the audit team, during the planning phase, on how the OAG will debrief the audited entity on the results of the audit.

The audit team may, at its discretion, request advice from the entity with respect to individuals who may be useful advisors on the audit. If the audit team has any concern about whether an advisor has a conflict of interest, it may seek the advice of the entity. Once the advisors have been selected, the audit team may provide the names to the entity for information purposes.

When requested, the entity is expected to provide advice to the audit team on potential advisors for the audit. The entity may wish to consult with its department audit committee on this matter.