Acquiring Knowledge of Business and Assessing Risks
Audit procedures typically require auditors to acquire knowledge of the organization and subject matter being audited and to prepare a risk-based audit plan.
In practice, this means that, once the decision has been made to audit financial assurances for site remediation, the audit team should start conducting research and interviewing officials to acquire or further develop a sound knowledge of business and an understanding of the risks facing the audited organizations. The information collected will be used to determine what the main risk areas are and where audit efforts should be directed.
In addition to information about the mandates and roles and responsibilities of the public sector organizations involved in collecting and managing financial assurances for the remediation of mines, auditors can obtain information on three key subject areas:
- the fiscal and regulatory environment for the extraction of minerals in the jurisdiction under review, particularly with regard to decommissioning and site remediation;
- the structure of the industry in the jurisdiction; and
- public sector policies and processes that pertain to assessing and collecting financial assurances for site remediation, as well as the resources available to implement relevant policies and programs.
Much of the information on the first category will be found in legislation, regulations, government websites, and so on. However, obtaining information on the other categories will likely require auditors to conduct a number of preliminary interviews. At this stage, auditors should be asking questions that do not require extensive research and file reviews to answer. For example, to gather information on the industry structure, auditors can ask how many operating companies there are, how big they are, and how many mines they operate. (Smaller companies have fewer resources and are more likely to go out of business, increasing the risk of new decommissioning liabilities for governments.) Auditors typically address more in-depth questions in the audit’s examination phase, once the audit objective and focus have been clearly defined. However, an audit team may decide that it would benefit from using an independent expert early on in the audit if it feels that it does not have all the expertise it needs to assess key risks.
For each financial assurance program selected for audit, a number of areas can be examined, including:
- the design of the financial assurance program,
- the collection of financial assurances, and
- the internal controls in place to ensure the accuracy and completeness of payments.
Each of these areas is described in more detail in the following pages and some of the controls that could be audited under each area are highlighted.