Thank You!

You are attempting to access subscriber-restricted content.

Are You Ready to Experience Everything Internal Auditor (Ia) Has to Offer?

​Public Sector Auditors Under Attack

Auditors can defend themselves by focusing on the quality of their work and enforcing professional standards.

Comments Views

​Public sector auditors, as the guardians of public funds and sound governance, face unique challenges and pressures compared with their counterparts in the private sector. Importantly, they must consider the public sector mandate to serve the public good while maintaining their independence and upholding the principles of good governance.

However, the politics of the systems in which the auditors work often put pressure on or conflict with those principles. Such pressure has always been present, but it is more intense in the current charged political environment. This requires public sector internal auditors to find a working balance that will enable them to do their jobs.

Auditors can work to avoid these situations by focusing on the quality of their work, knowing and enforcing professional standards, showing their department's independence and lack of political bias, and importantly, establishing relationships before a crisis occurs.

Recent Threats to Auditor Independence

The political pressures auditors face burst into public view in April and May when then U.S. President Donald Trump dismissed five inspectors general: Michael Atkinson, intelligence community; Glenn Fine (acting),  Department of Defense; Christi Grimm (acting), Department of Health and Human Services; Steve Linick, Department of State; and Mitch Behm (acting), , Department of Transportation.

 The 1978 Inspector General Act, which created the position and offices, established an environment of independence for the activities of the inspectors general by defining such areas as their removal from office and limits on policymaking and political activities. Additionally, the federal government's Yellow Book — the Generally Accepted Government Auditing Standards (GAGAS) promulgated by the U.S. Comptroller General — lists several principles related to the independence of inspectors general, including audit organization independence, and an independent conceptual framework. GAGAS also identifies threats to their independence, including:

  • Bias threat.
  • Familiarity threat.
  • Undue influence threat.
  • Management participation threat.

Jon Rymer, a financial services consultant who served as inspector general for the Department of Defense and for the Federal Deposit Insurance Corporation says he sees many of these threats playing out in the dismissals of the five inspectors general, along with other concerns. One is that many current inspectors general were not confirmed by the Senate, but are in their positions in an acting status, as was the case with Fine, Grimm, and Behm. Confirmation is vital because it means the inspectors general have backing of the Senate, he explains. Another very troubling concern, Rymer says, is that the five seemingly were not terminated for cause, but for conducting, or planning to conduct, particular audits. In essence, they appear to have been dismissed for doing their jobs.

These types of firings can lead to a loss of respect for the oversight function at that agency and a loss of support for its inspector general's position. This can make it harder to recruit and retain workers, and can cause agency management to be less cooperative.

Forms of Attack

The current highly politicized, highly partisan atmosphere creates a climate in which audit clients can challenge auditors in other ways. One is to attack their credibility by finding an alleged personal or political issue that can be exploited in the media. Another way, perhaps more common, is to attack the quality of their work.

Audit Focus
Standard 1100 — Independence and Objectivity
The internal audit activity must be independent, and internal auditors must be objective in performing their work.

Clients also can push back by stonewalling, a situation often faced by staff auditors. It can include not being fully cooperative with auditors, delaying retrieval of requested information, being reluctant to sit for interviews, or being reluctant to hand over physical or documentary evidence timely. The client also can delay responding after the audit is completed, or worse, simply ignore the findings. This is a troubling situation because federal inspectors general have few tools to enforce compliance, Rymer explains. 

In responding to these actions, auditors need to have clear legal arguments and support for what they want to do. However, they sometimes are hampered because they do not have a clear knowledge of their legal authority, and may not have access to in-house counsel. In some circumstances, auditors can use the "bully pulpit" of public pressure to push audit clients into action. However, trying to reach a compromise is important to preserve long-term relationships with audit clients, says Kip Memmott, audit director for the Oregon Secretary of State's Office. Even so, attempts to compromise have to stop when audit's authority is being questioned.

Knowing the Auditor's Role

Members of the public are public sector auditors' stakeholders, with the auditors monitoring government on their behalf. For auditors to carry out this mission, they need to have clear authority and stakeholders need to understand their role. Additionally, auditors need to know where they fit in the organization chart and have a complete understanding of their duties.

At the federal level in Canada, the chief audit executive's (CAE's) role as internal auditor is clearly defined. CAEs report to the deputy minister or head of their department or agency, says Dena Palamedes, who consults in internal audit and program evaluation for the Canadian federal government and has worked in numerous Canadian government departments and agencies.

Scandals involving public corruption and audit quality, starting in early 2000 with an internal audit of grants and contributions in Human Resources Development Canada, led to legislation in 2006 that required an internal audit function and external audit committees. The Treasury Board Secretariat's Policy on Internal Audit is anchored in The IIA's International Professional Practice Framework. Transparency and accountability are embedded directly in the policy that applies to all medium and large federal departments — including the requirement that all reports be made public — along with appropriate reporting relationships.

Importance of Standards, Relationships

Especially at the state and local level, audit clients may not understand which standards the auditors are working with because there are multiple standards, says Mara Ash, CEO and president of Business & Financial Management Solutions LLC. However, standards are the foundation of what auditors do and what makes internal auditing a profession, and while people outside the profession might not understand the specifics, they understand that a profession is defined by a set of standards.

Auditors need to communicate the importance of the standards to their clients because they show the auditors reached their conclusions objectively through a studied and measured process. Making sure stakeholders understand which standards are being used before the audit starts also will help reduce concerns about bias.

Ideally, internal audit standards should be formally established in a state constitution or in a county, city, or organization charter. Gwinnett County Public Schools has the standards in the school board charter, which helps district staff in providing direction, says Glenda Ostrander, director of internal audit for the district. "The overall message from the standards is that we have our marching orders, and we know what we need to do," she says.

The IIA’s International Standards for the Professional Practice of Internal Auditing as well as the Yellow Book are important resources for auditors in the public sector. They provide the framework that ensures work is done with integrity and objectivity, says Catherine Melvin, chief auditor for the Texas Department of Public Safety.

Senior audit executives (inspectors general, CAEs) also need to develop the understanding throughout the organization of what the audit function does and how it benefits the organization. They need to build a relationship with the head of their agency, and not isolate themselves from the leadership of the organization or from its oversight body.

In building relationships, internal auditors have a unique advantage over external auditors in that they live within their organization and are part of it on a daily basis. This presence helps build relationships that are important because internal auditors are truth-tellers, delivering both positive and negative news, Melvin says. Importantly, the building of relationships, of developing communication, and of understanding the culture of an organization all need to start well before the audit begins.

Relationships also are crucial in trying to determine whether obstruction is really occurring or whether the audit client has a legitimate concern, such as whether to disclose classified information, Ash adds. Sometimes, clients simply might not understand what they are required to do under the laws covering their organization.

COVID-19 Budget Cuts Pose a Challenge

Public sector organizations face an uncertain environment as they chart a course through the economic disruption caused by the pandemic. State and local governments are dealing with steep drops in tax revenue that will mean cutbacks in services. Internal audit departments often are among the first departments to face cuts.

Meanwhile, the disruption caused by the pandemic reduced the number of audits and other work that internal audit departments could perform. Departments will need to consider how to manage the backlog of work, especially considering they likely will have fewer resources.

Internal auditors, regardless of the environment, have a duty to be agile and responsive to the changes in the risk landscape, Melvin says. It is important not to stick with an audit plan that mandates a specific number of audits. Auditors should consider ways to measure the value they can bring to the organization and how they can leverage their expertise in ways that may not entail a formal audit, but that provides stakeholders with timely information.

For an expanded discussion, read the Public Sector Audit Center's Knowledge Brief on this topic.

Geoffrey Nordhoff
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to remove comments.

About the Author

 

 

Geoffrey NordhoffGeoffrey Nordhoff<p>Geoffrey Nordhoff is a content developer and writer, Standards and Professional Knowledge, at The IIA.​</p>https://iaonline.theiia.org/authors/Pages/Geoffrey-Nordhoff.aspx

 

Comment on this article

comments powered by Disqus
  • AuditBoard-February-2021-Premium-1
  • GAM-February-2021-Premium-2
  • ACGI-February-2021-Premium-3

 

 

Thanks, We Already Know Thathttps://iaonline.theiia.org/blogs/jacka/2020/Pages/Thanks-We-Already-Know-That.aspxThanks, We Already Know That
Six Data Privacy Predictions for 2020https://iaonline.theiia.org/blogs/Jim-Pelletier/2020/Pages/Six-Data-Privacy-Predictions-for-2020.aspxSix Data Privacy Predictions for 2020
Public Servants Are Vital to Defeating COVID-19https://iaonline.theiia.org/blogs/chambers/2020/Pages/Public-Servants-Are-Vital-to-Defeating-COVID-19.aspxPublic Servants Are Vital to Defeating COVID-19
Are We Ready to Move Beyond COVID-19 Risks?https://iaonline.theiia.org/blogs/chambers/2020/Pages/Are-We-Ready-to-Move-Beyond-COVID-19-Risks.aspxAre We Ready to Move Beyond COVID-19 Risks?