In the last two decades there has been an exponential growth in “Performance Auditing” in governments around the world, a phenomenon often characterized as an “audit explosion.”
Increasingly, Supreme Audit Institutions in most countries (e.g., the US Government Accountability Office, the UK’s National Audit Office) are allocating a greater share of their resources in order to conduct Performance Audits of government entities. Yet serious academic work examining the methodological foundations of Performance Auditing is conspicuous by its absence in the extant literature on Performance Auditing. In what follows, I will argue that it is time to rethink the Performance Audit Methodology and offer a possible way forward.
Much of the literature on the subject comes from various Supreme Audit Institutions. Academics have either only elaborated on the methodology adopted by these Supreme Audit Institutions or taken issue with the magnitude and direction of the impact of Performance Audit on the performance of government entities. To my knowledge no one has looked at the basic approach to performance auditing in government.
The dichotomy between “Performance Auditing” and “Financial Auditing” exists only in the government. In the private sector, financial statements are also the performance statements for the company. This is because the performance of a company in the private sector is measured primarily by the bottom line in its financial statement for the year.
The text book definition of ‘Financial Auditing’ is:
1. A financial audit, or more accurately, an audit of financial statements, is the verification of the financial statements of a legal entity, with a view to express an audit opinion.
2. The audit opinion is intended to provide reasonable assurance that the financial statements are presented fairly, in all material respects, and/or give a true and fair view in accordance with the financial reporting framework.
3. The purpose of an audit is to enhance the degree of confidence of intended users in the financial statements.
It stands to reason that the definition of a “Performance Audit” should parallel that of “Financial Audit” outlined above. In that case, the definition of a “Performance Audit” ought to be:
1. A performance audit, or more accurately, an audit of performance statements, is the verification of the performance statements of a legal entity, with a view to express an audit opinion.
2. The audit opinion is intended to provide reasonable assurance that the performance statements are presented fairly, in all material respects, and/or give a true and fair view in accordance with the performance reporting framework.
3. The purpose of an audit is to enhance the degree of confidence of intended users in the performance statements.
If we accept the above definition of Performance Auditing, then the inconsistencies between it and the current Performance Audit methodology recommended for use by INTOSAI (International Organization of Supreme Audit Institutions) – which is used by the Comptroller and Auditor General of India (CAG) and many other countries — becomes obvious.
• Inconsistency #1. First, it is clear from the above definition that a Performance Audit presupposes the existence of “Performance Statements” prepared by the agencies under review. However, INTOSAI’s approach to Performance Auditing recommends that auditors should first create the Performance Statement and then audit it. However, that is equivalent to saying that a Financial Auditor should first prepare an entity’s financial statement and then audit the same statement. At the very least there is a conflict-of-interest involved. A core principle of auditing is that one cannot do self-auditing—one cannot audit what one has created. No one would accept the validity of financial statements that are audited by the same chartered accountant that created these financial statements in the first place. It is indeed bewildering that this core principle is not the basis of INTOSAI’s recommended Performance Audit Methodologies.
Another way to visualize this counter-intuitive approach is to imagine an auditor arrives at a private sector company to audit its books and the company gives the auditor many mountains of raw financial data to audit. In private sector, the auditor would not accept the task and ask the company to call them back when the accounts are ready. However, the extant Performance Auditing Methodology recommends the auditor should undertake this task.
• Inconsistency #2. The second foundational challenge of INTOSAI-inspired methodologies is the subjectivity that inevitably creeps in when a performance audit is conducted based on goals, objectives, and targets created after-the-fact. As any professional evaluator will tell you, it is hard enough to design ex-ante systems. However, when they are created ex-post, they are susceptible to allegations of witch-hunt and political manipulation, among other subjective influences. There are plenty of examples of such Performance Audits that have led to the downfall of democratically-elected governments. In some cases, it was alleged that the fate of these governments depended on the performance assumptions made by auditors after the fact.
In view of these two methodological inconsistencies, most professional evaluators would consider current Performance Audit methodologies as unsatisfactory at best. Other problems highlighted by commentators about the current INTOSAI methodology seem so insignificant in comparison that it is not worth spending time on them until INTOSAI sorts out this fundamental methodological inconsistency.
* * * * * *
This blog is based on Praja Trivedi’s recent working paper entitled, “Auditing the Auditors: Evaluating the Methodology of Performance Audits.” It was recently listed on the Top Ten download list for Corporate Governance Network on Social Science Research Network (SSRN).