Audit process and execution of compliance audit in cuba

CHAPTER I: THEORETICAL FOUNDATIONS OF THE AUDIT PROCESS AND THE EXECUTION OF COMPLIANCE AUDITS.

The study of the consulted sources was supported on the basis of the examination of specialized writings and other bibliographic foundations, allowing the analysis of the subject of study, which enables the elaboration of procedures for the execution of the Compliance Audit.

1.1. Audit as a control tool

Audit Background

According to Martínez Calderín, that “formerly the great gentlemen were accompanied by trusted men when they dealt with important commercial operations, loans and financing. Hence, due to their function of hearing, the name of Auditors was born ”.

The audit as an element of analysis and financial and operational control arises as a consequence of the development produced by the Industrial Revolution of the 19th century. Indeed, the first association of auditors was created in Venice in 1851 and later in that same century there were events that led to the development of the profession, thus in 1862 auditing was recognized in England as an independent profession, in 1867 it was approved in France the Companies Law that recognized the Statutory Auditor or Auditor.

The development process of this activity in the world was slow in the early stages, and it can be said that it reached its maturity in the 20th century, specifically from 1916 on when the preparation of a minimum program of procedures to be followed in audits appeared. thus being established the first rules that governed public accounting.

The Audit in Cuba, had its beginning in the republican era, in the first years of the constitution of the Republic, the auditing function fell to the Ministry of Finance, created by the Organic Law of the Executive Power of 1909.

In 1950, the Court of Accounts was created, with the functions of supervising the assets, income and expenses of the State and autonomous bodies, and the execution of State Budgets, as well as ensuring compliance with the laws and other provisions relating to taxes, duties and contributions. After the triumph of the Revolution, in January 1959, a change began in the socioeconomic structure of the country; this process caused an accelerated transformation of the organization of the state apparatus. Due to the above, it was not considered necessary to maintain the Court of Accounts, which ceased its functions in 1960.

In 1961, Law 943 on the Verification of State Expenditures was enacted and the Verification Directorate was created in the Ministry of Finance, in charge of fulfilling the control functions.

In 1976, through Law 1323 on the Organization of the Central State Administration, the State Finance Committee was created, which includes a Verification Directorate, and performs the governing function in matters of state auditing.

In 1994, as part of the process of improvement of the state administration, the State Finance and Prices Committees were extinguished, whose functions were merged into the Ministry of Finance and Prices.

In 1995, the National Audit Office was created to carry out the functions that, in relation to this matter, were assigned to the Ministry of Finance and Prices through Agreement No. 2914 of the Executive Committee of the Council of Ministers.

On April 25, 2001, by Decree Law 219, the Ministry of Audit and Control was founded as an Organism of the Central Administration of the State, in charge of directing, executing and controlling the application of the State and Government Policy on Auditing. Government, Government Control and Inspection; as well as to regulate, organize, direct and control, methodologically, the National Audit System. Cuba

This Ministry works until August 1, 2009, when the National Assembly of People's Power establishes the Comptroller General of the Republic of Cuba through Law No. 107 with the fundamental objective and mission of assisting the National Assembly of the Popular Power and the Council of State, in the execution of the highest control over the organs of the State and Government; For this reason, it proposes the integral policy of the State regarding the preservation of public finances and economic - administrative control, once approved, direct, execute and verify its compliance, as well as methodologically direct and supervise the National Audit System; execute the actions it deems necessary in order to ensure the correct and transparent administration of public assets;prevent and fight corruption.

Definition and classification of the audit

The word audit comes from the Latin Auditorius, and from this comes auditor, who has the virtue of hearing, and the dictionary considers him a collegiate auditor, but it is assumed that this virtue of hearing and reviewing accounts is aimed at evaluating the economy, the efficiency and effectiveness in the use of resources, as well as their control.

Professor Coulter defines auditing as “the examination of the books and accounts of a business, which allows the auditor to formulate and present the financial statements in such a way that the balance sheet reflects the true financial position of the business and the profit and loss statement that correctly express the results of operations as of the closing date of the year under review. "

“The audit is the scientific and systematic verification of the account books, vouchers and other financial and legal records of an individual, firm or corporation, with the purpose of determining the accuracy and integrity of the accounting; show the true financial situation and operations, and certify the statements and reports that are rendered. "

“The American Acconunting Association has prepared the following general definition of auditing: Auditing is a systematic process for obtaining and objectively evaluating evidence related to reports on economic activities and other related events. The purpose of the process is to determine the degree of correspondence of the informative content with the evidence that gave rise to it, as well as to determine if said reports have been prepared observing established principles for the case ”.

In Decree Law No. 159 On Auditing, it is defined as “a systematic process, which consists of objectively obtaining and evaluating evidence on the statements regarding acts or events of an economic-administrative nature, in order to determine the degree of correspondence between these statements and the established criteria, and then communicate the results to the interested persons ”. Cuba

It is considered that this definition is appropriate to some extent because, taking into account the degree of evolution of the audit, in that definition the term of an economic-administrative nature, of the acts or events subject to analysis, should be deleted, so that the definition is more comprehensive in attention to the transformations that have occurred in the object of the audit.

In Law No. 107, the audit is defined as “a systematic process, carried out in accordance with established technical standards and procedures, consisting of objectively obtaining and evaluating the evidence on the statements contained in legal acts of a technical, economic, administrative or others, in order to determine the degree of correspondence between these statements, the current legal provisions and the established criteria ”. Cuba

The author of the research defines auditing as “a continuous process, through which sufficient and appropriate evidence is obtained and evaluated; and at the same time the detected irregularities are identified, elaborated and communicated ”.

The classification and types of audits that are carried out in the country, at present, were established through the Regulation of Law No. 107 of the General Comptroller of the Republic, approved by agreement of the Council of State in 2010, these being the following:

The audits are classified, as:

1. External audit: is the one carried out by the Comptroller General of the Republic, and the Central State Administration Bodies authorized in the aforementioned Regulation, as well as the independent audit carried out by civil service companies and other organizations expressly authorized by the Comptroller General of the Republic to those who hire the audit service. It is performed by authorized professionals who are not employees of the organization being audited, and exceptionally the Comptroller General of the Republic, authorizes in writing the exercise of this audit for specific purposes to the Central Internal Audit Units of the organs, agencies and national entities. internal audit: performed by qualified professionals who are employees of the organization itself,for the independent assessment of its activities, in order to evaluate the achievement of the internal control objectives and contribute to the prevention and detection of indiscipline, illegalities and manifestations of administrative corruption, which may affect the control of human, material and financial resources available. It works as an activity designed to add value and improve the operations of an organization.It works as an activity designed to add value and improve the operations of an organization.It works as an activity designed to add value and improve the operations of an organization.

The types of audits defined in the aforementioned document are:

1. management or performance audit: it is the examination of the management of a body, body, entity, program, project, process or activity, to establish the degree of economy, efficiency, effectiveness, quality and impact of its performance on planning, control and use of resources and in conversation and preservation of the environment, as well as to verify the observance of the provisions that are applicable. financial audit or financial statements: examination and evaluation of the documents, operations, records and financial statements of the entity, to determine if they reasonably reflect its financial situation and the results of its operations, as well as compliance with the economic-financial provisions, with the objective to improve the procedures related to its management and to evaluate the Internal Control System. forensic audit: consists of the investigation and verification of information, operations, activities and others, to gather and present the technical support that supports alleged criminal acts and administrative corruption. environmental audit: it is the process to verify the use, administration, protection, preservation of the environment and natural resources, with the aim of evaluating compliance with the standards and principles that govern their control and, where appropriate, quantifying the impact of the deterioration caused or that may occur. special audit: it is the verification and analysis of specific topics in entities, activities of national or territorial interest, programs, projects and other matters. When required, it is applied with a process approach and one or more subjects participate. tax audit: consists of examining the operations to which legal or natural persons are obliged with the treasury, tax and non-tax, with the aim of determining whether they are carried out in the corresponding amount, within the established terms and forms and proceed in accordance with the law. information and communications technology audit: it is the examination of the policies, procedures and use of computing resources, as well as the reliability and validity of the information, the effectiveness of controls, applications, network systems and others related to computing activity. Compliance audit: It is the verification, evaluation and examination that is carried out in order to verify compliance with the legal, regulatory, statutory and procedural provisions inherent to the activity subject to review, linking the effectiveness of the standard in relation to the objectives and goals of the entity.

An important element in the Cuban Auditing Standards are the risks associated with this activity, they are identified as inherent, control and detection:

Inherent risk: It is the risk of errors occurring in the accounting system generated by the characteristics of the subject to be audited, either due to the nature of the activities, functions or programs that it develops, or the account or accounts of the financial statements. to check. To evaluate it, auditors must achieve a broad knowledge of the sector or branch of the subject to be audited and the nature of their operations.

Control risk: It is the risk of errors that are not detected or corrected by the Internal Control System. In order to evaluate it, the auditors study the implemented Internal Control System and carry out the necessary compliance tests.

Inherent risk and control risk are risks of the entity and exist independently of any type of audit that is being performed.

Detection risk: It is the risk that the auditor will not be able to detect existing errors with the designed work programs and the application of adequate professional judgment; as well as not discovering important errors that have not been detected by the Internal Control System of the subject to be audited. It is the most controllable for the auditor, it can be managed through proper planning and also with the supervision of the audit work.

Internal Control and Audit Activity

At the beginning of the 20th century, a degree of significance began to be given to Internal Control within organizations, which culminated in the early 1940s. The development of internal control allowed the objective of the audit to discover fraud, to pass to a secondary plane, if the internal accounting control system is adequate, the possibility that fraud or other errors exist, in any magnitude, is remote. Therefore, it corresponds to internal control, by definition, to prevent the occurrence of fraud and error, a responsibility that consequently falls on the entity's management, reserving to the audit the mission of evaluating its effectiveness and making the pertinent recommendations to improve it.

When there was no Internal Control, as a fundamental element of the organizations, the auditor to detect possible fraud, resorted to exhaustive examinations of all the operations carried out in the audited period, giving rise to the so-called detailed audit, which was highly costly and its results inadequate.

As Internal Control evolved, the auditor found a technical way to reduce the delay in his work, which is to evaluate the degree of effectiveness of the Internal Control, in force in the audited entity, performing the audit on the basis of selective tests or by samplings.

With the creation of the State Finance Committee after the First Congress of the Communist Party of Cuba, Internal Control was conceived as: "the set of organizational measures that the administrations of the entities should apply in order to safeguard their resources."

Currently in the country, Internal Control is governed by Resolution No. 60 of 2011 of the Comptroller General of the Republic of Cuba, where it is defined as: “the process integrated into operations with a focus on continuous improvement, extended to all activities inherent to management, carried out by management and the rest of the staff; it is implemented through an integrated system of rules and procedures, which help to anticipate and limit internal and external risks, provide reasonable security for the achievement of institutional objectives and adequate accountability ”. Cuba

In each economic organization, an internal verification system must be used that is sufficient in the prevention of fraud and in its discovery. A good internal control system is an integral part of any well-organized entity, the larger the company, the greater the need for an effective internal control system, through which it can achieve control of all its assets and prevent it from errors and crimes are committed or, at least, discovered in a timely manner, as well as promoting a more efficient operation and increasing the effectiveness of administrative management.

The process characteristic, awarded in the concept of Internal Control, shown in Resolution No. 60/2011 of the Comptroller General of the Republic of Cuba, refers that its elements are integrated among themselves and that they are implemented in an interrelated way, influenced by the management style, within the framework of the basic principles and general characteristics; The components of internal control are: Control Environment, Risk Management and Prevention, Control Activities, Information and Communication and Supervision or Monitoring, which are structured in standards.

Internal control for auditing is important as it facilitates gathering sufficient evidence to analyze whether the subject to be audited is functioning effectively and if it is achieving its objectives.

In turn, said control constitutes an effective tool to achieve efficiency and effectiveness in the work of both accounting and administrative entities, introducing new questions that provide generalizing elements for the development of Internal Control Systems in each entity, resulting in reliability of information on operations, as well as compliance with established legal standards, constituting an effective instrument for its measurement the Compliance Audit.

The control activities and procedures, which are nothing more than the policies and procedures that help the management, direction or administration to guarantee the correct use of the legal provisions, laws, norms and statutes; they constitute one of the most important elements of internal control. Consequently, this objective in compliance auditing is aimed at determining whether the reference framework drawn up by the institution encompasses all the fundamental elements to carry out adequate internal control, taking into account the normative basis applicable to operations and the type of company. to be audited.

1.2. Execution of Compliance Audits

The Compliance Audit has received different names, some of them and their respective definitions are:

The International Organization of Supreme Audit Institutions (INTOSAI) defines compliance auditing as one that "seeks to determine to what extent the audited entity has observed the laws, regulations, policies, established codes and contractual stipulations, and may include great variety of controlled matters ”.

According to the International Standards of Supreme Audit Institutions (ISSAI) it is known as the Audit of Compliance with Legality. These standards do not differentiate compliance auditing as a specific type of audit, but rather include the verification of compliance with regulations as one of the objectives of the (financial) regularity audit, highlighting the impact that non-compliance may have on the accounts. of the audited entity.

In ISSAI No. 300 "Rules of Procedure for Public Inspection", section 0.3 subsection d) determines "In the execution of the financial audit, it is advisable to verify compliance with the laws and regulations in force". ISSAI 300

Likewise, this ISSAI establishes in paragraph 4.2: “The examination of compliance with the laws and regulations in force is of particular importance in the control of public programs, since those responsible for making decisions must know if they have been respected. laws and regulations, if their results are in accordance with the proposed objectives and, failing that, what modifications are considered necessary. Additionally, organizations, programs, services, activities and public functions emanate from the laws and are subject to more specific rules and provisions ”.

The International Standard ISSAI No. 4000 issued by INTOSAI, states that “the Compliance Audit refers to the function attributed to the Supreme Audit Institutions of controlling that the activities of public entities comply with the laws, regulations and standards. that regulate them. This function requires reporting the degree to which the audited entity is accountable for its actions, these audits may include the analysis of the level of compliance, by the audited entity, of laws and regulations, budget resolutions, policies, established codes or agreed stipulations (for example, in a contract or financing agreement) ”. ISSAI 4000

In Spain, article 164 of General Budgetary Law 47/2003, of November 26, defines one of the modalities of public auditing as: “The compliance audit, the purpose of which is to verify that the acts, operations and economic-financial management procedures have been developed in accordance with the rules that apply to them ”. It is classified, therefore, as a differentiated audit modality from the financial audit.

In addition, ISSAI No. 4100 “Guidelines for Compliance Audits performed separately from the audit of financial statements”, it is established that in these actions it is analyzed to what extent the audited entity observes the rules, laws and regulations, policies, established codes or agreed stipulations, for example: in a contract or financing agreement. ISSAI 4100

This type of control action is also defined as: “the verification or examination of the financial, administrative, economic and other operations of an entity to establish that they have been carried out in accordance with the legal, regulatory, statutory and procedural norms that are applicable ”. Blanco According to the version authorized by the Professional Standards Steering Committee of ISSAI 100: Fundamental Principles of Auditing, they define this type of control action as “one that focuses on determining whether a particular matter complies with legal and regulatory regulations identified as criteria ”. ISSAI 100 This audit is performed by reviewing the documents that support legal, technical,financial and accounting operations to determine if the procedures used and the internal control measures are in accordance with the standards that are applicable to it and if said procedures are operating effectively and are adequate to achieve the objectives of the audited entity.

ISSAI 400 states that "a compliance audit is a systematic process to obtain and objectively evaluate the evidence and determine whether the matter in question complies with the applicable authorities identified as criteria." ISSAI 400

According to Aguilar, M. “the Compliance Audit originates as a result of the planning process developed in accordance with the provisions established by the supervisory entity, which indicates the entities and matters to be examined based on: analysis of risks and derived priorities, Complaints made, requests from entities, control services carried out, follow-up of corrective measures, evaluation of the Internal Control System, as well as indications from the country's senior management or the highest supervisory entity, within the framework of its powers. "In the Regulation of Law No. 107," the compliance audit is defined as the verification, evaluation and examination that is carried out with the objective of verifying compliance with the legal, regulatory,statutory and procedural inherent to the activity subject to review, linking the effectiveness of the standard in relation to the objectives and goals of the entity ”. Cuba

The Fundamental Auditing Principles (ISSAI No. 300, 3.4.1) state in relation to compliance that the audit should be designed in such a way as to provide reasonable guarantees of detection of errors, irregularities and illegal acts that may significantly affect the objectives of the audit. the auditory. ISSAI 300 In addition, the aforementioned principles also mention those of an ethical nature that must be taken into consideration before proceeding with the audit (ISSAI No. 200, 2.2.1), these being:

1. Independence, including political neutrality of auditors Avoidance of conflicts of interest of auditors with the audited entity Auditors must possess the required professional competence.

Likewise, the auditor must design auditing actions and procedures that offer a reasonable guarantee to detect errors, irregularities and illegal acts that could directly and substantially affect the results of the audit. Furthermore, any indication of the existence of irregularities, fraud or some error that could have negative effects on the ongoing audit should motivate the auditor to prolong the procedures in order to verify or dispel such suspicions.

If, for whatever reason, an auditor has a conflict of interest, the necessary measures will be taken to eliminate the factors that could compromise said compliance before starting the audit. These measures will consist, for example, of the reassignment of the personnel assigned to the audit, additional training or the participation of experts.

On the other hand, in the Cuban Auditing Standards it is stated that in order to carry out an action of this type it is important to take into consideration that:

1. The auditor must identify the legal provisions under review, which does not prevent evaluating other aspects not defined in the objectives set, which may be of significance due to their effects and are based on compliance with a legal provision or a legal document. The auditor must identify, in the internal procedures of the audited entity, those aspects that were not considered and that play an important role in the fulfillment of its objectives and goals, in the control of the assigned resources and in the continuous improvement of its management In addition, the causes and consequences that generate non-compliance with the legal provisions for the entity, in relation to the objectives and goals set, must be defined.

Therefore, given the great significance that compliance with the standards that regulate economic-financial management has in the public sphere, a management that affects a significant percentage of a country's economy, it could be said that compliance auditing has its own substantivity, although it can also be carried out jointly with other types of audits, but it is convenient that the results are reported separately, determining to what extent the negligence detected affects compliance with the law by the audited entity. In addition, in this type of control action it is possible to cover a wide range of controlled matters and they can vary widely on an international scale.

It is the responsibility of management to ensure that the entity's operations are conducted in accordance with laws and regulations. Therefore, the auditor must draw up review actions that provide a reasonable guarantee for the detection of non-compliances or illegal acts that could directly affect the results of the audit.

The responsibility of keeping the due reserve and discretion of the documentation and the results corresponds to all the personnel involved in the audit, during the performance of the control and even after having ceased their functions, in accordance with the provisions of Law No. 107 of 2009 of the Comptroller General of the Republic of Cuba and the Cuban Auditing Standards.

Phases or Stages of the Audit

Most of the authors state that in the development phases of an audit the criteria or guidelines necessary for its performance are determined and these must be taken into account by the auditors to ensure that their actions are objective, constant and balanced. Therefore, the phases of an audit, regardless of the type, are as follows:

1. Planning

It is what determines the achievement of optimal management levels (economy, efficiency and effectiveness) in the audit process; If proper planning is carried out, the rest of the phases can reach the required quality.

In this phase, the following activities are carried out, among others:

1. Collection of information on the audited entity and its organization, in order to determine the most important risks and areas or processes Preliminary assessment of the Internal Control System Definition of the objectives and scope of the audit Selection of the sample to be be evaluated Determination of human and material resources Preparation of the general audit work plan, the individual work plan and audit programs ^1. Make known to the audited entity the scope and general objectives of the audit (includes the matter to be examined - see annex No. 4 -), which may change depending on the findings detected, provided that the result of an investigation requested by the competent levels is not compromised.

Planning is divided into four phases, these being:

Preliminary study: It is carried out before starting the audit in the field, according to the Control Action Plan of the audit organizational unit. This phase allows obtaining general information about the subject to be audited.

Knowledge of the subject to be audited: From the information obtained in a previous study, the on-site audit begins and those aspects that may have changed are updated. The purpose of this phase is to evaluate a priori the Internal Control System of the subject to be audited, determining the existence or not of limitations and risks in the processes, activities and operations that lead to non-compliance with laws, regulations and procedures.

Planning: Its purpose is to guarantee the performance of a quality audit, as well as to determine and plan its nature, opportunity, scope and design the methodology and programs that allow the achievement of the proposed objectives. Improvement: During the execution process until its conclusion, the auditor makes adjustments in the general audit work plan, as appropriate, in case of detecting findings not contemplated in the previous phases exposed.

2. Execution

It consists of the application of the compliance audit program in order to achieve the proposed objectives, which allows obtaining sufficient and appropriate evidence (see Annex No. 4). In the aforementioned phase, activities such as:

1. Application of substantive and compliance tests and collection of evidence Determination of compliance deviations (see annex No. 4) and other audit findings.

¹ It is a document that provides a list of controls and procedures to be followed to perform the audit and prepare the report. A written program should be developed for each area into which the work to be carried out is divided.

1. c) Notification of the partial results of the audit.

It is the stage in which the work is developed in accordance with the scope and planned objectives; which allows obtaining findings that support the results obtained. In addition, the information collected is verified.

The aforementioned information, as well as the findings that are detected, are recorded in working papers, the latter constituting the documentary support of the auditor, in which the facts of the relevant situations found during the audit and reflected in the report are noted. Carrión, I

3. Report

It consists of preparing the report of the results of the Compliance Audit. In this phase, the following activities are carried out:

1. Preparation of the audit report Notification of the final result of the audit to the audited subject Issuance of the audit report.

ISSAI 1450 Financial Audit Guideline - Assessment of Misstatements Identified During Audit states in paragraph 12: “… public sector auditors may report instances of non-compliance with mandates and control deficiencies to those charged with governance. Public sector auditors can also communicate mistakes, cases of non-compliance with mandates and control deficiencies to third parties; for example, to civil servants of the public Administration ”. ISSAI 1450

4. Monitoring

It is the follow-up to the presentation, by the audited subject, of the plan of measures, as well as the disciplinary measures proposed and adopted with the direct and collateral responsible. In the aforementioned phase, activities such as:

1. Evaluate and issue criteria after receiving the consultation of the proposal of the disciplinary measures to be adopted by the audited subject, within ten days

(10) following the presentation of these.

1. Review the plan of disciplinary measures adopted by the audited subject, as well as the disciplinary measures adopted with the direct and collateral responsible, send the considerations within ten days (10) following their presentation to the referred subject.

Although the limits between the audit phases are not defined: planning, execution, reporting and follow-up, it is important that the auditor recognize their existence and carry out their tasks according to each one of them, which allows an adequate review and supervision from the start to the approval of the audit report.

Techniques and procedures in the Audit

To evaluate the Internal Control System and determine the scope of the audit, the auditor must obtain sufficient, competent and relevant evidence in order to promote a reasonable basis for his opinions, criteria, conclusions and recommendations.

Auditing or information gathering techniques, according to Cuban Auditing Standard No. 590, are various special procedures that the auditor uses to obtain the necessary evidence, which allows them to form a professional and objective judgment on the verified matter. Cuba

On the other hand, the Audit Standards and Procedures Committee of the Mexican Institute of Public Accountants defines them as the practical methods of investigation and testing used by the auditor to obtain the necessary evidence to support their opinions and conclusions, their use is based on your judgment or judgment, depending on the circumstances. It is a method or procedural detail, essential in the successful practice of any science or art. In auditing, techniques are accessible methods of obtaining evidence material.

According to the author of this research "audit techniques are the different instruments or methods to be used by the auditor to obtain and evaluate the evidence that supports the validity of the findings detected in the performance of a control action".

It is important in any type of audit to select the most appropriate technique to examine any operation, activity, area, program, project or transaction of the entity examined. They are classified into:

Verbal: They consist of obtaining oral information, through inquiries or inquiries inside or outside the entity, about possible weaknesses in the application of procedures, internal control practices or other situations that the auditor considers relevant to his work.

The evidence obtained through said technique must be adequately documented, where the parties involved and the aspects dealt with are described. For this, the “Declaration Act” model, established in Cuban Audit Standard No. 590-1, can be used.

Interviews can also be conducted to find out directly with the staff of the audited entity or with third parties about activities related to its operations, or by applying surveys or questionnaires, which can be anonymous or identifiable, always leaving documentary evidence of the actions carried out..

Ocular: They consist of verifying, directly and in parallel, the way in which those responsible develop and document the processes or procedures through which the subject to be audited executes the activities subject to control. This technique allows to have a vision of the organization from the angle that the auditor needs, that is, the processes, the buildings, the daily movements, the relationship with the environment, among others. They are:

• Observation: It consists of the contemplation with the naked eye, which the auditor performs during the execution of an activity or process. Comparison or confrontation: It is when the operations carried out by the subject to be audited are compared with the regulations, procedures and other documents to determine their relationships and identify their differences and similarities. Selective review: It is based on the examination of important aspects that an activity, reports or documents must fulfill, selecting part of the operations, which will be evaluated or verified in the execution of the audit. Tracking: It is the monitoring that is done to the process of an operation, with the aim of knowing and evaluating its execution.

Documentaries: Consists of obtaining written information to support the statements, analysis or studies made by the auditors, they are the following:

• Analytical review: It consists of the analysis of indices, indicators, trends and the investigation of fluctuations, variations and relationships that are inconsistent or deviate from the forecasted operations. Verification: Consists of verifying the evidence that supports or sustains an operation or transaction, in order to corroborate its authority, legality, integrity, ownership and veracity by examining the documents that justify them. Computing: It is the analysis of documents, data or facts assisted by computer and specialized software. General survey:This technique is applied at the beginning of the auditor's work, based on his experience and professional judgment and generally requires the application of other techniques. It consists of the general evaluation of the information of the subject to be audited, on its legal nature, corporate purpose, accounting statements, information systems and Internal Control System.

Physical: It is the real recognition of facts or situations given in a determined time and space and inspection is used as a technique, which consists of the recognition, through physical and ocular examination, of facts, situations, operations, tangible assets, transactions and activities, applying other techniques such as: inquiry, observation, comparison, tracking, analysis, tabulations and verification.

Written: They consist of reflecting on the work papers important information for the auditor's work. They are applied in the following ways:

• Analysis: It consists of the separation of the elements or parts that make up an operation, activity, transaction or process, with the purpose of establishing their properties and compliance with the normative and technical criteria. It allows to identify and classify, for subsequent analysis, all the most significant aspects that at any given moment may affect the operation of the audited entity. Reconciliation: It is the collation of the information produced by different sources on the same subject to establish its conformity and veracity. Confirmation:It consists of corroborating the truth, certainty or probability of facts, situations, events or operations, through data or information obtained directly and in writing from the officials or third parties who participate or carry out the operations subject to verification. Calculation: It is the verification of the arithmetic accuracy of the operations contained in the documents. Tabulation: It is the grouping of the important results, obtained in the areas and elements analyzed, to arrive or support the conclusions.

The group leader together with the rest of the auditors selects the techniques to apply based on the characteristics of the subject to be audited, the objectives and the type of audit to be performed.

Audit Procedures

According to the criteria of Cook and Winkle "Audit procedures are the set of techniques applied to perform an audit"

Quintero defines it as; "The set of investigation techniques applicable to an item or groups of facts and circumstances related to the financial statements subject to examination by means of which the public accountant obtains the bases to support his opinion"

Marcial, M., states that "the audit procedures are the combination of techniques applied in the analysis and investigation in the control actions" attending to the evolution of the audit in Cuba, where in addition to audits, Special Verifications are carried out, with which the author agrees.

Pérez, M., states that “audit procedures can be classified into two large groups: those of general application that are recommended for any type of audit and entity in which it is performed; and those of specific application that will have to be specifically designed for each type of audit and, in turn, adapt them according to the characteristics of the entity subject to intervention ”.

The author of the investigation believes that "audit procedures are nothing more than the application of an audit technique or the union of several of them in order to obtain the appropriate evidence in a control action".

The techniques and procedures explained above allow the auditor to obtain the evidence that justifies the evaluation of the control action carried out. Evidence is the information obtained by the auditor to reach the conclusions that support his opinion on the results of the review of accounting documents and records that support the Financial Statements and other operations subject to verification, as well as confirmed information from other sources; It is obtained by applying an appropriate combination of tests of control and substantive procedures. To validate the evidence tests that constitute the various information obtained in the course of the control action and that help the acting auditor to reach conclusions about the economic-financial situation and the use of material resources,monetary and human rights in the entity object of the Audit, as well as the degree of compliance with the laws, regulations and policies in force in the country on the activity that is verified. The basic requirements that the evidence must meet are:

• Sufficient: When you have the required amount of tests and verifications, and the auditor can obtain reasonable assurance that the disclosed facts are satisfactorily verified, to convince third parties that the results, conclusions and recommendations of the audit are founded and guaranteed. Competent: It is important, valid and reliable information and the best that can be obtained with the proper use of auditing techniques. If not possible, declare this situation as a limitation on the scope of the control action. Relevant:It is the one that has a clear and logical relationship with the objectives and scope of the audit. It is relevant if it has a direct, logical and clear relationship with the event. This characteristic forces the auditor to collect evidence exclusively related to the facts examined.

The evidences are classified into:

• Physical: Obtained by inspection and direct observation of activities, goods or events; This evidence can be presented in the form of documents, photographs and graphics. Documentary: It can be physical or electronic, as well as external or internal to the subject to be audited. External evidence includes, but is not limited to, supplier invoices and third party confirmations. The internal ones have their origin in the subject to be audited, it includes, accounting records and internal procedures. Testimonial: Other people are obtained through statements made in the course of the control action or interviews. Analytics:It arises from the examination and verification of the data, it can be carried out on calculations, indicators and trend analysis from the subject to be audited or other sources that can be used. Comparisons can also be made with established standards or levels of the sector to which the subject to be audited belongs. Computing: It can be found in data, application systems, facilities and computer supports, among others used in the procedures of the subject to be audited.

The evidence obtained allows to corroborate the criteria determined to carry out a type of audit. The criteria will refer to matters that may have a significant impact on the objective of an audit. Accordingly, when conducting a compliance audit, the auditors will determine that the criteria are adequate and relevant to the subject matter and the audit objectives. Once the appropriate criteria have been established, it will be necessary to “adapt them in practice” to the particular circumstances of each audit in order to reach valid conclusions. In compliance audits, identifying these criteria against which to compare controlled matter is an essential phase of the planning process.The sources that serve as the basis for the audit criteria can also be part of the compliance audit.

The Audit criteria consist of a set of policies, procedures or requirements used as a reference in the verification and on which compliance is evaluated. For these to be suitable, they must meet, among others, the following characteristics:

Relevant: when they respond in a meaningful way to the information and decision requirements of the recipients of the audit report.

Reliable: they lead to conclusions that are reasonably consistent with those that another auditor would obtain using the same criteria in the same circumstances.

Objectives: they are neutral criteria and do not respond to biases of the auditor or the management of the audited entity, which means that they cannot be so informal that the evaluation of the information about the controlled matter is very subjective and leads to other auditors the public sector to reach a very disparate conclusion. Understandable: they are clear criteria that allow reaching conclusions that are precise and easy to understand by the audience and that do not give rise to widely divergent interpretations.

BIBLIOGRAPHY

1.______ Aguilar Serrano, M. (2015). Compliance Audit Course.

2.______ Audit of

3.______ Compliance audits and internal control evaluation.

4.Almaguer López, RA (2012). Dictionary of Accounting and Auditing. Havana: Social Sciences. p. 72

5.Borrero Rivero, R. Research Methodology Course. University of Las Tunas. Digital support.

6.Blanco Luna, Y. (2006). Comprehensive Audit Standards and Procedures, ECOE Ediciones, Santa Fe de Bogotá-Colombia. 324 p

7. Carrión, I. Work Papers for the Audit.

8.Cook and Winkle. (2006). Audit. Havana: Félix Varela. t.1 and t.2.

9. Audit concepts. Available at: http://www.ecured.cu Consulted: 11/2/2015

10. Internal control.

11.Cuba. National Assembly of People's Power. Law No. 107/2009: Of the Comptroller General of the Republic of Cuba. Havana. 27 p.

12.Cuba. Executive Committee of the Council of Ministers. Agreement No. 4374/2002: Regulation of the Decree Law of the Ministry of Audit and Control. Havana.

13 Cuba. Council of State. Decree Law 219/2001: Creation of the Ministry of Audit and Control, Havana.

14 Cuba. Council of State. Decree Law No. 159/1995 of the Audit. Havana. p.2.

15 Cuba. Comptroller General of the Republic of Cuba. Regulation of Law No. 107/2009 of the Office of the Comptroller General of the Republic approved by Agreement of the Council of State. Havana, 2010. 40.p.

16. Cuba. Comptroller General of the Republic of Cuba. Resolution No. 60/2011: Rules of the Internal Control System. Havana.

17 Cuba. Comptroller General of the Republic of Cuba. Resolution No. 36/2012: Methodology for the evaluation and qualification of audits. Havana.

18 Cuba. Comptroller General of the Republic of Cuba. Resolution No. 340/2012: Cuban Auditing Standards. Havana.

19 Cuba. Ministry of Audit and Control. Resolution No. 467/2006: Approve the Methodological Guide for the Compliance Audit. Havana. 2 P.

20 Cuba. Ministry of Audit and Control (2007). Methodological Guide for Compliance Audit. Auditor's Manual. Havana. t.2.

21 Cuba. Ministry of Finance and Prices. Resolution 235/2005: Cuban Financial Information Standards.. Finances to the Day. Cuba.

22 Cuba. Ministry of Finance and Prices. Resolution 294/2005. Modifications of the Cuban Information Standards. Financial. Finances a Day,.

23.Chile. Council of General Internal Audit of Government and Ministry General Secretariat of the Presidency (2015). Planning of the Internal Audit work..

24. Chacón Ramírez, B. and Torrente Sera, T. (2002). Internal Control an effective instrument for administration. Havana. Audit and Control Magazine. Vol. 1, No. 7. p. 13-21.

25. Díaz González, MM (2009). Procedure to carry out a Management Audit with a Marketing approach to the Commercial Directorate of the Cárnica de Las Tunas Company. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 79 p.

26.DISAIC. Electronic consultant to the accountant and auditor.

27 Ferrales Acosta, O. (2011). Procedure to carry out Management Audits to the Las Tunas Municipal Health Directorate. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 87 p.

28. Finance, CE (1987). General Accounting Standards. Business Activity. Finance to Day. Cuba.

29 Finance, CE (1992). General Accounting Standards. Business Activity. Finance to Day. Cuba.

30 Fonteboa Vizcaíno, A. (2006). Preliminary examination: a must. Havana. Audit and Control Magazine. No. 15. p. 46-52.

31. González León, GJ (2010). Proposal of methodological procedures in substantive tests for the execution of the audit activity. Thesis in option to the title of Bachelor of Accounting and Finance. Las Tunas: Vladimir Ilich Lenin University, 81 p.

32. Guevara Nuñez, L. (2009). Procedures for conducting an Internal Management Audit of the performance evaluation subsystem in the CULT. Optional thesis for the Master's Degree in Managerial Accounting. Las Tunas: Las Tunas Vladimir Ilich Lenin University Center, 88 p.

33 Hernández Sampieri, R. Fernández Collado, C and Baptista Lucio, P. (1997). Investigation methodology. Panamericana Formas e Impresos SA Colombia. Digital support.

34.Huamán Monzón, FM (2014). Design of the Audit Procedure for Compliance with the NTP-ISO / IEC 17799: 2007 Standard as part of the implementation process of the NTP-ISO / IEC 27001: 2008 technical standard in institutions of the Peruvian State. Optional thesis for the Degree in Computer Engineering. Peru: Pontifical Catholic University. 54 p.

35 López Núñez, A. (2002). Internal control. Risk analysis. Havana. Audit and Control Magazine. No. 5. p. 1-13.

36.Marcial García, M. (2009). Proposal of a system of methodological procedures for the execution of the Audit Activity. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 103 p.

37. Martínez Calderin, L. (nd). Internal control: An effective means for decision-making in management control. Hundred fires. 71 p.

38. Martínez Fuentes, Á.L. (2010). Compliance Audit of Legality: A model report. Conference on Audit and Control in Public Universities. Pomegranate. 13 p..

39. Martínez Pupo, O. (2011). Management Audit Procedures to the Accounting and Finance area at the Design and Engineering Company of Las Tunas. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 84 p.

40. Mendoza Laguna, Y. (2009). Procedure for the evaluation of the efficiency in the tax management of the municipality Las Tunas. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 77 p.

41. Mexico. General Directorate of Auditing to the Central Sector of the Treasury Accounting Office Legislative Assembly of the Federal District. (2008). Guide to

Preparation of Working Papers

42.Moncayo González, M. Compliance audit..

43. Nelson, D. How to implement an audit and compliance program?

44 ISO 14000 standards:

45.Notario de la Torre, A. (1999). Notes for a compendium on Scientific Research Methodology / Universidad de Oriente. Havana. Digital support.

46. ​​International Organization of Supreme Audit Institutions (INTOSAI), International Standards of Supreme Audit Institutions (ISSAI) 300: Rules of Procedure for Public Audit.

47. International Organization of Supreme Audit Institutions (INTOSAI), International Standards of Supreme Audit Institutions (ISSAI) 400: Fundamental Principles of Compliance Auditing.

48. International Organization of Supreme Audit Institutions (INTOSAI), International Standards for Supreme Audit Institutions (ISSAI) 1450: Financial Audit Guideline - Assessment of Errors Identified During Audit.

49. International Organization of Supreme Audit Institutions (INTOSAI), International Standards for Supreme Audit Institutions (ISSAI) 4000: Guidelines for Compliance Auditing General Introduction..

50. International Organization of Supreme Audit Institutions (INTOSAI), International Standards for Supreme Audit Institutions (ISSAI) 4100: Guidelines for Compliance Audit conducted separately from the audit of financial statements.

51. International Organization of Supreme Audit Institutions (INTOSAI), International Standards for Supreme Audit Institutions (ISSAI) 4200: Guidelines for Compliance Audits Associated with an Audit of Financial Statements.

52. Audit Work Papers.

53 Communist Party of Cuba. (2011). Guidelines of the Economic and Social Policy of the party and the Revolution.

54 Communist Party of Cuba. (2012). First National Conference. Work Objectives.

55 Perdomo Vieiro, AM (2009). Procedure for the design of the implementation of the new definitions of Internal Control in the Base Business Unit Vías Obras y Construcciones Las Tunas, UEB VOC Las Tunas. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 173 p.

56. Pérez Fonticoba, R. et al. (2006). Discipline and ethics of the auditor: its influence on society. Havana. Audit and Control Magazine. No. 15. p. 8-11.

57. Pérez Pantoja, MC (2011). Proposal of a System of Procedures for the performance of the Performance Audit. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 85 p.

58. Peru. Comptroller General of the Republic. Resolution No. 473-2014-CG. Directive No. 007-2014-CG / GCSII: "Compliance Audit" and "Compliance Audit Manual". Lima, 26 p.

59. Audit procedures.

60.Quiñonez Folgar, JR Audit procedures and techniques.

61.Rivero Rondón, MI (2011). Design of Procedures to execute a Management Audit of the services in the SEPSA company. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilyich Lenin University, 96 p.

62. Rodríguez Bermúdez, ZM (2011). Procedures for conducting Management Audits to the marketing activity of the Company Producciones Metálicas DURALMET, Las Tunas. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 86 p.

63 Rodríguez González, ES (2011). Procedure for conducting financial audits. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 86 p.

64.Silva García, G. (2009). Management Audit Program to Evaluate Commercial Management of the UEN III Engineering and Automated Systems in Copextel, SA, Las Tunas Division. Thesis as an option to the academic title of Master in Management Accounting. Las Tunas: Vladimir Ilyich Lenin University, 83 p.

65.Santiesteban Batista, M. (2009). Manual for the Control of the Financial Economic System of the Branch Schools of MINAZ. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilyich Lenin University, 111 p.

66.Sao Rodríguez, ME (2010). Economic-Financial Management Procedure in the Municipal Gastronomy, Accommodation and Recreation Company (EMGAR) Puerto Padre. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 87 p.

67 Sierra Lombardía, V. (1998). Cientific investigation methodology. Manuel F. Gran Higher Education Study Center. Eastern University. Digital support.

68. Types of Audit and their definition.

69 Torres Diéguez, N, et al, (2009). Proposal for an organization manual and internal control procedure for the financial and economic management of the branch.

70. Zaldívar Pozo, Y. (2008). Procedure for the planning of personnel expenses in the University Center of Las Tunas. Thesis as an option to the Academic Master's degree in Management Accounting. Las Tunas: Vladimir Ilich Lenin University, 93 p.

Download the original file