Documentation of the work done, processes and procedures used is a central part of Governance Auditing as it provides documentary evidence for traceability of the work done, for future reference and records. Governance Audit documents comprise of Governance Audit files and working papers namely schedules, checklists, diary Governance Audit programmes.
Governance Audit Files
They are management tools used in the planning, organizing, coordination, controlling, monitoring and evaluation of audit processes and procedures.
Types of Governance Audit Files
a) Current Governance Audit File (CGAF)
The File shall contain information and audit evidence relating to the current period under review, the purpose of which is to support the opinions and statements made in the audit report.
b) Permanent Governance Audit File (PGAF)
The File shall contain information of continuing importance which would be updated at each Governance Audit exercise not limited to useful background information; terms of engagement, internal governance processes and structure notes. Other significant documents with historical information though not directly relevant to the current year’s Governance Audit include signed copies of leases, contracts and financial statements for previous years.
Layout of Governance Audit Files
All files shall follow a standard numerical and alphabetical sequence. Hard section dividers or coloured paper dividers shall be used to clearly distinguish file sections. Individual working papers shall be numbered and filed logically within a common framework.
Indexing of Governance Audit Files
Data profiling using indexing shall be performed so that unstructured working documents are analyzed and the user is provided with a searchable audit trail.
The use of standardized Governance Audit files and working papers improve the efficiency with which Governance Audits are carried out and reviewed. They are an integral part of quality control tools. They form the core component and content of Governance Audit files and:
a) Assist in the planning and performance of the Governance Audit and to enable a methodical approach to be used;
b) Assist in the supervision and review of Governance Audit work done;
c) Record Governance Audit evidence resulting from the Governance Audit work done to support the Governance Auditor’s opinion;
d) Provide details of problems encountered including difficult and contentious issues, how these were resolved, and conclusions reached; and
e) Enable an experienced reviewer, not party to the governance audit, to understand the work done and the basis of principal decisions taken.
Contents of Working Papers
All Governance Audit working papers shall be sufficiently complete and detailed to provide an overall understanding of the governance audit. The working papers shall include the following:
a) Information obtained in understanding the Organization and the environment in which it operates.
b) Evidence of the Governance Auditor’s understanding of governance structures and instruments
c) Evidence of the internal governance controls and assessment of the control environment.
d) Evidence of the planning process including Governance Audit plan, time schedules, programmes and changes thereto.
e) Identified and assessed governance and compliance risks.
f) Record of the nature and extent of Governance Audit procedures performed.
g) Names of the persons that performed the Governance Audit procedures
h) Dates of when Governance Audit was performed.
i) Correspondence and notes of discussions.
j) Engagement Letter
k) Letter of representation.
l) Conclusions made the Governance Auditor on significant aspects of the governance audit.
m) Evidence that consultations done were documented and any contentious issues fully resolved.
n) Copies of previous Governance Auditor’s Report.
Preparation and Presentation of Working Papers
a) Governance Audit working papers shall be prepared and presented manually or electronically.
b) All working papers shall be clean, neat, legible and in permanent ink.
c) All working papers shall clearly contain:
(i) Client’s name;
(ii) Subject matter;
(iii) Governance Audit period;
(iv) Governance Auditor’s initials and the date prepared; and
(v) Schedule reference number.
d) Telephone and other discussions held with clients or with third parties concerning the organization’s affairs shall form part of the working papers and filed in the Audit File.
e) File notes comprising of telephone and other discussions shall contain:
(i) Organization’s name,
(ii) Date of conversation
(iii) Persons involved
(iv) Subject matters discussed and
(v) Any conclusions reached or action agreed on.
f) The file notes shall be filed in the Governance Audit file, and if appropriate, a copy sent to the client for confirmation of accuracy.
Ownership and Retention of Working Papers and Files
a) All working papers are the property of the Governance Auditor.
b) Every Governance Auditor shall adopt appropriate procedures for maintaining confidentiality and safe custody of working papers and Audit files.
c) All working papers and Audit files shall be retained for a period long enough to meet the needs of the practice and in accordance with the legal and professional requirements of record retention.
d) While working from the client’s premises, working papers and Audit files shall be kept in safe custody and wherever possible not be left at the client’s premises overnight. And in case they are left overnight, they must be stored securely under lock and key.
e) Working papers and Audit Files shall be availed to third parties where required law or for quality control or Peer Reviews.
f) Where Working papers and Audit Files have to be availed to third parties, the Governance Auditor shall notify the client.