The Guardians of Public Trust

October 2011

IIA President and CEO Richard Chambers, CIA, CGAP, CCSA, reflects on government-sector auditors, a segment of practitioners he describes as the “unsung heroes of our profession.”

Almost four years have passed since the onset of the historic Great Recession, and the U.S. economy is still lurching in and out of recovery. Consequently leaders at all levels of government continue to face daunting fiscal challenges. For example, to help safeguard their jurisdiction’s credit rating and address budgetary concerns, many officials must identify and eliminate every dollar of unnecessary spending and shore up a revenue base sagging under the heavy weight of high unemployment, depressed property values, and sluggish business and consumer spending. Perhaps most imposing of all, they must restore public trust in government, which many Americans angrily perceive ill-served them during the run up to, and in the aftermath of, the financial crisis of 2008.

Lately, I have reflected often about an enduring lesson learned during my quarter-century in audit leadership positions at some of the largest public-sector organizations in the United States, including the Tennessee Valley Authority, the U.S. Postal Service, and the U.S. Army. The ironic and bittersweet lesson is simply this: Government audit professionals can lend a powerful helping hand to the elected and the electorate alike during deeply troubled times such as these, yet in these very circumstances the political “thank you” to auditors for the public service all too often comprises disdain or, worse still, budget and head count reductions.

Just as disturbingly, I also learned during those years that even in the best of times, government auditors are commonly relegated to laboring in anonymity, with their work generating attention only when it is highly critical of government operations. Their compensation is usually a fraction of that awarded to their private-sector counterparts, yet they persevere in overcoming the high political and practical obstacles standing between them and their ultimate goal of effective public service. And that’s why, whenever the occasion arises, I hold up government auditors as the unsung heroes of our profession.

BIG CONTRIBUTIONS, LITTLE FANFARE

An adequately staffed audit activity with a reporting relationship that affords the chief audit executive (CAE) enough independence to make tough calls can assist stressed financial decision-makers in government in many impactful ways. For example, operational auditing is the “bread and butter” of almost every public-sector audit organization. Career government auditors overwhelmingly possess the knowledge and well-practiced skills needed to surface unseen risks and to identify and recommend steps officials can take to make their operations more efficient and effective while lowering their costs. These steps often include painful and potentially divisive actions politicians are reluctant to initiate without “cover,” such as downsizing, consolidating, or eliminating marginal public service programs, functions, and even entire agencies. Moreover, the deterrent nature of having an effective audit function in place often means that government will work better, smarter, faster, and cheaper on the public’s behalf, of its own volition.

Life and Death Lessons for Government Auditors

The professionals who audit federal, state, and local governments or other public entities must cope daily with career-threatening political risks from which private-sector internal auditors are largely immune. During my more than 25 years in public-sector audit management, I learned five enduring lessons about mitigating these risks while still performing high-value audits:

Never forget that you’re auditing in the theater of politics. Keep in mind that the principal actors in this theater believe passionately in the right-mindedness of their policies and programs and generally are convinced that they are always, or almost always, right. Moreover, government career longevity is periodically decided by a fickle electorate.
Be sure your glass house is shatterproof before you throw stones. Government auditors who fail to keep their own house in order and unfailingly adopt our profession’s leading practices are highly vulnerable to political retaliation.
You can be correct 1,000 times, but you can’t afford to be wrong once about an audit finding without permanently jeopardizing your credibility. I have observed or read accounts of too many excellent government auditors losing their jobs or being relegated to menial assignments in the aftermath of one erroneous audit conclusion subsequently reported in the media. Credibility is essential to any internal auditor. Once lost, it can be difficult to regain.
Just because you’re paranoid doesn’t mean they won’t come after you. Government auditors will inevitably make at least some political enemies even if their work is unfailingly correct and in the public interest. News reports surface virtually every day of government auditors who endure the wrath of elected or appointed officials who object to a critical audit report.
Little stones cause the biggest waves. Politicians and the public alike will be able to better identify in many instances with small-dollar audit findings than with big ones. As inspector general of the Tennessee Valley Authority I found, for example, that a few thousand dollars spent on the furnishings of an executive’s office would make the front page of every newspaper in the region. But a finding that the authority could save millions of dollars through more efficient contracting practices would go largely unreported because reporters knew the public could not relate to that much complex waste.

Credible financial statements are critical to private and public organizations alike that must rely on lenders or the capital markets to fund current operating deficits and accumulated debt. In industry, the board of directors customarily engages an external audit firm to review and provide broad assurance on the accuracy and completeness of management’s financial reporting. In the public sector, it often is left to the CAE to assure stakeholders — ranging from the audit committee or other oversight body to elected and appointed oversight officials and the public at large — that management’s financial statements are prepared accurately and presented in accordance with established criteria. Government CAEs also are often asked to assure that the entity has adhered to relevant financial compliance requirements and that internal controls over financial reporting and related processes are designed and implemented appropriately. The independent, nonpartisan U.S. Government Accountability Office (GAO), which reports to Congress, is a stalwart in this regard and, in fact, the GAO annually audits the consolidated financial statements of the federal government and its component executive branch entities.

The conventional wisdom is that government cannot be effective in the absence of public trust. Government auditors play a central role in fostering such trust, and have even been referred to as the guardians of public trust. Without them, citizens would lack credible insight into the soundness of the many inner workings of government — not just of its financial reporting and internal control processes.

GROWING CHALLENGES, DECLINING RESOURCES

A recent IIA survey suggests that impressive numbers of federal, state, and local government audit leaders throughout North America have developed and are effectively implementing strategies for adding value to their stakeholders in today’s challenging and dynamic political environment. A substantial 38 percent of respondents, 90 percent of whom are CAEs or their direct reports, changed their internal audit focus and coverage more than usual during the recession to meet the emerging needs and expectations of their senior management, their oversight body, and the taxpaying public. They are placing even more emphasis now on high-value operational (62 percent), compliance (62 percent), and fraud (51 percent) auditing as well as on ferreting out crucial expense containment or reduction opportunities (49 percent). Large numbers of respondents also are maintaining or have recently assumed responsibility for some nontraditional government audit roles and responsibilities, most notably fraud investigations (63 percent), risk management (37 percent), managing the ethics hotline (32 percent), and conducting ethics investigations (20 percent).

As a result of these responsive changes, a substantial majority of respondents say their jurisdiction’s executive management (70 percent) and oversight entity (72 percent) would rate internal audit’s current performance as good or outstanding. Despite this highly positive perception, however, many decision-making officials apparently regard at least some degree of assurance as dispensable during this time of financial austerity. A substantial 30 percent of survey respondents, for example, are being forced to cut their budgets this year while 13 percent must cut head count. Similarly, more than half of respondents are being required to shoulder their changing and growing coverage load as best they can with the same level of funding (53 percent) and manpower (70 percent).

These figures frankly do not surprise me, because I was compelled to downsize my audit activities more than once. Still, such numbers are bitterly disappointing because downsizing mandates all too often are based on little more than a vague feeling that there are too many auditors looking over management’s shoulder during a time of painful and contentious decision-making. If you were a public official, wouldn’t it be tempting to resent and retaliate — when seemingly defensible — against those who might publicly question the efficacy of your decisions and their consequences?

In fact, the transparency mandated by the many U.S. “sunshine” and other open public records laws — the federal Freedom of Information Act, for example — present unique and daunting challenges to government auditors even in sound economic times. Imagine, for instance, that even a draft audit report could be the subject of tomorrow’s local, state, and national news headlines.

MORE SIMILARITIES THAN DIFFERENCES

After leaving government auditing and then serving in IIA leadership for several years, I assumed a challenging role at PricewaterhouseCoopers LLP that comprised, in large part, assessing the internal audit quality of many of the largest for-profit enterprises in the United States. People often asked at the time how I could be a credible assessor of, and adviser to, these large companies given my background in government and not-for-profit organization leadership. My answer was that there is not much difference in the fundamental approaches and processes employed by leading CAEs of all types of organizations.

For example, all leading CAEs audit the entity’s strategic, operational, financial, reputational, IT, and other significant risks surfaced by a comprehensive, dynamic assessment process. All embrace testing fraud controls as a routine engagement objective and, of course, all strive to achieve independence by establishing reporting relationships to the audit committee or other applicable governance oversight body and as high up in management as possible — ideally the CEO or top elected or appointed official. More generally, there is a high degree of alignment between The IIA’s International Standards for the Professional Practice of Internal Auditing (Standards), adhered to by CAEs of for-profit and not-for-profit organizations, and the GAO’s somewhat more comprehensive and interpretive Generally Accepted Government Auditing Standards (Yellow Book), used by federal-level and many other government audit professionals.

To be sure, there are some differences in the relative strengths of auditors in different types of organizations. For example, private-sector CAEs generally seem more adept at conducting continuous risk assessments and are more likely to adopt rotational staffing strategies, while the CAEs of government and not-for-profit organizations seem to have better instincts about reputational risks. There are, of course, also some significant differences in the responsibilities of auditors with organizations of varying types. For example, in addition to undertaking independent financial statement audits in the manner of public accounting firms, most government auditors must report externally as well as to the audit committee and to executive management. As an inspector general, for instance, I had to report semiannually to Congress and the U.S. public, and this external reporting relationship alone made my audit function different than internal audit activities in the private sector.

Based on these strengths and differences, I counsel my former government audit peers to maintain a risk-based focus, continuously monitor stakeholder expectations, emphasize speed and efficiency in the audit process, benchmark against leading private- and public-sector practices, and deploy rotational staffing strategies to gain more insight into the entities they are auditing while building client appreciation for the value of audit. And I urge them to showcase the attributes that will serve them and the reputation of our profession well during these continuing difficult financial times: fairness and objectivity, patience, empathy, common sense, a strong ethical compass, candor, and perhaps most of all, courage.

To view Richard Chambers' video discussion of government audit challenges, visit AuditChannel.tv.