Audit operations: Information Governance

The Information Governance area covers issues related to the common information flows in the management of central government finances, the reliability of central government data, the development of the cost-effectiveness of production, the improvement of State Group information, the management of central government risks, internal control, and compliance with the budget.

The audit work of the National Audit Office ensures, in material respects, that the state budget is complied with and that central government financial management has effective internal control. During the planning period, the NAOF will thoroughly revamp the audit – particularly financial audit – of the lawfulness and compliance with the budget of the management of central government finances.

In its financial audits, the National Audit Office verifies the reliability and usability of information on central government finances and the realization of good governance. Reliable information on central government finances and the state’s financial position contribute to sustainable central government finances. The core of the NAOF’s expertise and insight is formed in connection with and on the basis of audit operations. We support reforms and changes in public administration with our expertise both during audits and in development projects, and through our opinions, articles and other interaction. Through its wide-reaching and regular contacts related to financial audits, the National Audit Office promotes the implementation of the principles of good governance and the sharing of good practices in the management of central government finances, strengthens Parliament’s budgetary and legislative powers, and supports the administration operating under the Government in the management of central government finances.

Development of financial audit

In the planning period, we will centralize the audit of compliance with the budget in the case of shared issues to be audited. We will define criteria for the centralized audit of compliance with the budget for all accounting offices. We will utilize data analytics in the audit, and we will not make any limitations specific for certain accounting offices. In addition to the centralized audit of compliance with the budget, we will take into account the special characteristics of each government agency in the implementation of and compliance with the budget.

In a financial audit, a customer-specific report on the following centralised subject matters is given: an audit of compliance with the budget, an audit of internal control in shared processes, an audit of performance data and a cross-cutting audit of shared processes. The audit of compliance with the budget, the internal control of customer-specific processes and the audit of performance data consider the agency’s special characteristics. The cross-cutting audit of shared processes covers financial statements and their appendices. It also includes customer experience and management sparring.
Figure: Audit of compliance with the budget and lawfulness of the financial management

The audit of shared information flows in the management of central government finances will be centralized in material respects. The aim of the development is to conduct the audit of these information flows in a centralized manner in material respects until the transaction audit required. The controls related to shared processes will be tested both in the audit of service centres and in government agencies. We will not make any limitations specific for certain accounting offices in the audit.

Government agencies will be audited according to teamwork principles in such a manner that the teams will be responsible for the audit of several agencies. The aim is to take the special characteristics of each agency into account already in the organization of the audit. This will make it easier to target the audit work in the planning period at the most essential transactions and operating processes from the agencies’ perspective.

Financial audit reports will be prepared in the planning period on the final central government accounts and on the financial audits of ministries, accounting offices, and certain funds. The audits conducted by the National Audit Office will continue to cover ministries and accounting offices, which are obligated by law to prepare final accounts, certain off-budget funds, and the final central government accounts.

We will promote the digitalization of audits and software robotics during the planning period in all sectors of audit work so that new procedures can be introduced quickly and efficiently. The goal is to further automate data transfer and develop analytical audits utilizing data from several sources. Manual work can be reduced and centralized by utilizing data analytics and targeting audit by means of analytical assessment and automation, using a risk-based approach. The goal is to verify a significant part of the data given in final accounts and notes to them by means of automated and centralized audits.

Data analytics will be developed to meet the needs of audit work in close cooperation with the development of audit methods and the organization of audits.

Common information flows in the management of central government finances

Common information flows in the management of central government finances cover specified shared processes of the state’s financial management. These processes are purchase-to-payment, order-to-collection, entry-to-final-accounts, payroll administration, and travel. The processes are mainly shared by all government agencies, and they operate in shared information systems. A key actor in the shared processes is the Finnish Government Shared Services Centre for Finance and HR. Audit work related to these processes will be centralized in material respects until the necessary transaction audit.

Reliability of central-government-level information and improvement of State Group information

The final accounts of accounting offices have been audited annually in financial audits. During the planning period, the audit work will continue to be performed without any limitations per accounting office, but the organization and implementation of the audits will be developed. The audits will be conducted to a greater extent from the perspective of the central government final accounts.

The National Audit Office has audited and will continue to audit the central government final accounts annually. The information contents of central government final accounts will continue to consist of the final accounts of the accounting offices, the reliability of which will thus determine whether the central government final accounts give a true and fair picture. Material balance sheet items are still missing from the balance sheet of the accounting offices and central government. The most significant item is defence materiel. The balance sheet also lacks part of the national heritage. The reliability and information content of central-government-level information will continue to be developed in this respect.

No consolidated accounts are prepared for the State Group. Material transactions include the internal transactions of different central government actors, such as transactions between government agencies or between central government and enterprises controlled by it. During the planning period, the National Audit Office will, in a manner appropriate to its role, support projects related to the improvement of State Group information and also prepare to audit this information. Uniform financial information on the State Group would contribute to the improvement of the overall operational management as well.

We will audit the impacts of the Act amending the Competition Act (721/2019) on the operations of government agencies in 2020–2021. The audit will focus particularly on the requirements set by the Competition Act for separate bookkeeping for operations in a competitive situation on the market.

Compliance with the state budget

Compliance with the state budget means that the budget has been prepared in accordance with relevant provisions and regulations and that public administration uses appropriations, revenue estimates, and budget expenditure and revenue in compliance with the budget, and the related provisions and regulations.

When the budget is applied, it is necessary to be aware of the budget valid at any given time and the relevant provisions related to it. During the year, it is important to monitor changes made to the budget, such as supplementary budgets approved by Parliament, permissions to exceed variable appropriations, changes to the account scheme, any letters granting unallocated appropriations for specific uses, and any changes to the most relevant provisions governing the state budget. The audit work aims at promoting knowledge of the budget as a key steering document in central government.

When auditing compliance with the budget, the National Audit Office will pay special attention to

  • compliance with the key budget principles

  • compliance with the legislation governing gross and net budgeting

  • the use of items

  • types of appropriations, and overrun and carry-over of appropriations

  • categorization of expenditure

  • justifications for the budget and their wording

  • budgeting of authorizations

  • allocation of expenditure, revenue, and authorizations to the budget year.

In 2020, the National Audit Office will conduct a separate audit of the budget procedures. The aim of the audit is to promote the uniformity of the state budget and to clarify the budget practices.

Central government risk management and internal control

The introduction and utilization of new digital technology, and the rapid changes in the ICT technology of the operating environment call for rapid solutions, clear operating models and allocation of responsibilities, as well as foresight. The challenge in public administration is to respond in a sufficiently quick and timely manner to emerging opportunities and risks, which will become more probable and material as a result of new methods and technologies. New technologies and methods will also cause new kinds of significant risks and threats to information and cyber security and data protection, for example. Their management will become even more important in the future.

The increasingly limited resources of central government will also cause many kinds of risks to digital capability. In view of the utilization of ICT technology, public administration suffers from uneven distribution of competence. Public administration has limited possibilities of competence development. If resourcing problems or any defects in present competence are fixed by outsourcing, there is the risk that outsourcing is used in wrong functions or in a wrong way.

Central government is increasingly dependent on ICT technology, and digital procedures and technologies are used in almost all central government functions. It was found in the audit that systems are rolled out into production while their development is still in progress, which results in incomplete controls, for example. Another risk is posed by central government’s competence and ability to order large information system projects and supervise their implementation. This may result, for example, in a substantial delay in the introduction of an information system, in a significant overrun of the cost estimate, and in partial obsolescence of the system upon introduction.

When auditing government agencies, the National Audit Office always goes through the information systems that are important to the management of central government finances and directs its audits annually to the most essential information systems.

The significance of the operations to central government finances is also impacted by the fact that the improvement of the productivity of central government is largely based on the use of new information systems and on the new ways of working they enable. Information systems have thereby become critical for the achievement of sustainable general government finances.