CPSP – Procurement Audit and Risk Management

PROCUREMENT AUDIT AND RISK MANAGEMENT

 Introduction

This module is intended to equip the trainee with knowledge, skills and attitudes that will enable him/her undertake procurement audit and risk management effectively in an organisation.

General objectives

1. Demonstrate an understanding of terms used in procurement audit and risk management
2. Appreciate the legal and professional framework in procurement audit and risk management
3. Conduct procurement audit and prepare audit reports
4. Conduct performance audit and risk management review
5. perform an audit in a computerized environment
6. Apply segmentation tools and risk assessment techniques
7. manage risk register and apply risk management strategies in supply chain management in an organizations
8. Understand the stakeholders in procurement audit and risk management
9. Apply best practices in procurement audit and risk management
10. Appreciate the legal issues in procurement audit and risk management
11. Appropriately respond to emerging issues and trends in procurement audit and risk management

Click here to Download CPSP-K notes for Procurement Audit and Risk Management

PL2.4.01 Overview of procurement audit and risk management

 Competence

The trainee should be able to demonstrate understanding of the concept of procurement audit and risk management

Content

Theory

1. Definition of key terms used in procurement audit and risk management
2. Audit as an assurance/Compliance engagement
3. Auditing and accounting
4. Users of audited procurement reports and risk management reports
5. Advantages and disadvantages of a procurement audit and risk management reports
6. Types and timing of procurement audits and reviews
7. Process of risk identification
8. Types of risks

1. Strategic
2. Operational

• Project

1. Sources of risks

Practice

1. Formulation of procurement Audit and risk management strategies

PL2.4.02 Legal and professional framework in procurement audit and risk management

competence

the trainee should be able to discuss legal and professional framework in procurementaudt and risk management

Content

Theory

1. Provision of procurement audit in the legal framework for example the procurement law, regulations and circulars
2. Role of international and local standards in procurement audits
3. Background information about the client
4. Client acceptance of audit exercise and retention of reports
5. Professional etiquette and constitutionalism
6. Audit engagement letter

 Practice

1. Discussion of legal and professional framework in procurement audits and risk management

PL2.4.03 Procurement audit, evidence and report

competence

the trainee should be able to participate in a procurement audit, extract procurement audit evidence and produce a procurement audit report

Content

Theory

1. Purpose of procurement audit, Evidence and report
2. Reviewing the procurement systems and internal control system
3. Procurement audit plan and programme
4. Procurement audit documents and other financial statements
5. Sources of procurement audit evidence
6. Techniques of gathering procurement audit evidence
7. Types of procurement audit tests and sampling procedures
8. Contents and elements of procurement auditor’s report
9. Qualities of a good procurement audit report
10. Consequences of various audit reports

Practice

1. Development of a procurement audit plan
2. Extraction of procurement audit evidence
3. Production on a procurement audit report

PL2.4.04 Performance audit and risk management review

 Competence

The trainee should have the ability to carry out a performance audit and risk review.

Content

Theory

1. Going concern concept on procurement
2. Management representations
3. Performance Audit review process
4. Performance Audit review Report
5. Risk management Report

Practice

1. Preparation and presentations of a performance Audit Review Review

PL2.4.05 Assurance services and non-assurance services

 Competence

The trainee should have the ability to apply the concepts of assurance and non-assurance services

Content

Theory

1. Concepts of assurance and non-assurance services
2. Procurement audit  engagement
3. Compilation engagement
4. Agreed-upon procedures in carrying out the audit
5. Preview of past audit and other compliance reports
6. Audit assurance reports
7. Auditor’s reports

Practice

1. Discussion of the concepts of assurance and non-assurance services

PL2.4.06 ICT tools in procurement audits

Competence

The trainee should have the ability to use ICT tools to carry out procurement audits

Content

Theory

1. Benefits and drawbacks of computerized procurement systems
2. Ways in which the procurement auditors can use ICT
3. Internal controls in ICT integrated auditing procedures
4. Auditors approach, auditing around and using ICT.

Practice

1. Application of ICT tools in procurement audit

Click here to Download CPSP-K notes for Procurement Audit and Risk Management

PL2.4.07 Risk assessment techniques and segmentation tools

 Competence

The trainee should be able to apply risk assessment techniques and segmentation tools.

Content

Theory

1. Qualitative Risk Assessment Techniques
2. Brainstorming
3. Questionnaires

• Benchmarking

1. Scenario analysis
2. Risk assessment workshops
3. Incident investigation

• Hazard and operational study (HAZOP)

2. Quantitative Risk Assessment Techniques
3. Decision tree analysis
4. Fault tree analysis

• Dependency modeling

1. Value at risk
2. Risk adjusted return on capital
3. Ration analysis

• Gross profit %
• Return on Capital Employed %

1. Acid test
2. Debt ration
3. Gearing ratio

• Linear regression

3. Differentiation of Qualitative and Quantitative risk assessment techniques
4. Segmentation tools

• Supply chain vulnerability
• Supply chain risk management
• Boston consulting Group
• Pareto’s Theory
• Kraljic’s matrix
• Supply chain mapping

Practice

1. Discussion of qualitative and quantitative risk assessment techniques
2. Discussion of risk segmentation tools

PL2.4.08 Management of professional procurement audit and risk management agencies/firms (consultancies)

 Competence

The trainee should have the ability to manage professional procurement audit firms (consultancy)

Content

Theory

1. Structure of professional procurement audit firms (consultancy)
2. Multinational and local procurement firms
3. Professional ethics in management of professional procurement audit firms.
4. Definition of third parties in risk management
5. Third party risk management partners
6. Risk management Agencies
7. Credit reporting sources
8. Employment agencies
9. Security services

• Risk audits

1. Risk consultants
2. Research service providers
3. Disaster recovery services

Practice

1. Demonstration of use of third party services to mitigate risk in supply chain management
2. Demonstration of an understanding of how to manage professional procurement audit firms

 

PL2.4.09 Risk management strategies

 Competence

The trainee should have the ability to develop strategies to manage risks in an organization

Content

Theory

1. Risk management strategies
2. The four It’s
3. Tolerate
4. Transfer

• Terminate

1. Treat
2. Contractual remedies for managing risks
3. Various contractual methods for managing risks
4. Contract performance

• Insurance

1. Intellectual property protection
2. International sourcing
3. Use of model form contracts
4. Governance structure for risk management
5. Risk management culture
6. Benefits of effective risk management
7. Risk register for supply chain function
8. Fraud and fraud management

Practice

1. Application of the four It’s of risk management in procurement and supply chain management

PL2.4.10 Key stakeholders and their roles in procurement audit and risk management

 Competence

The trainee should have the ability to manage stakeholders in procurement audit.

Content

Theory

1. Key stakeholders in procurement audit and risk management
2. The role of procurement auditors
3. The role of procurement auditees
4. Presentation of procurement audit and risk management reports to stakeholders

Practice

1. Identification of various stakeholders and their role in procurement audit

PL2.4.11 Best practices in procurement audit and risk management

 Competence

The trainee should have the ability to demonstrate best practices in procurement audit and risk management

Content

 Theory

1. Best practices in procurement audit and risk management.
2. Contingency planning
3. Business continuity planning (BCP)

• Staff succession planning

1. Supplier transition planning
2. Disaster tradition planning
3. Insurance

• Data and information back-up
• Stakeholders involvement

Practice

1. Discuss the importance of contingency planning in procurement audit and risk management

PL2.4.12 Legal issues in procurement audit and risk management

 Competence

The trainee should have the ability to demonstrate an understanding of the legal issues in procurement audit and risk management

Content

Theory

1. Liability of auditor’s report to law of contracts and the legal framework
2. Auditors liability to other laws (Tort)
3. Civil and criminal liability
4. Current developments in conducting procurement audits/compliance
5. procurement audit risks
6. Business risks and procurement audit

Practice

1. Discussion of legal liability and risk assessment in procurement audit.

 PL2.4.13 Emerging issues in procurement audit and risk management

Competence

The trainee should have the ability to appropriately respond to emerging issues and trends in procurement audit and risk management

Content

Theory

1. Emerging issues and trends in procurement audit and risk management
2. Challenges and opportunities posed by the emerging issues and trends in procurement audit and risk management
3. Coping with and adopting to emerging issues and trends in procurement audit and risk management

Practice

1. Discussion of the challenges opportunities posed by the emerging issues and trends in procurement audit and risk management

Click here to Download CPSP-K notes for Procurement Audit and Risk Management