TURKEY: Latest IT audit and IT developments at the TCA
Information systems are powerful tools contributing to the successful fulfilment of an entity’s duties. Lately there have been many IT and IT audit developments at the Turkish Court of Accounts (TCA).
IT Audit Developments
The Turkish Court of Accounts (TCA) has a dedicated IT Audit Department with 13 IT auditors including 2 CISAs, which is equipped with roles and responsibilities to execute IT audits, develop methodology and provide IT audit support to regularity audit teams in special cases.
Beside information system audits, this department has also developed a specific methodology for auditing e-Gov projects. Pilot audits in various public institutions such as Turkish Immigration Institution, Ministry of Health, Ministry of Trade, and Social Security Institution carried out for testing the newly developed audit methodology.
In the TCA, four main computer assisted systems are being used for planning, executing and managing the audits.
1. Data Analysis System - VERA
TCA has a data analysis program, called VERA. With the help of this system, risky areas are determined by evaluating financial records and also the previous year audit results and those areas are prioritized in the overall annual audit programs.
2. Audit Management Program - SayCap
TCA has an audit management program, called SayCAP, which provides remote access for audit teams. This program guarantees that audit works are planned, executed, documented, and managed in line with the audit manuals and international audit standards.
Regularity Audits, Performance Audits, State Economic Enterprises Audits by TCA are performed by means of SayCap.
3. Data and Document Back-up and Sharing System (SAYDRIVE)
The TCA has a secure file-server system, which is used for document sharing and data back-up. This system is designed to enable users to connect from inside and outside the institution via their mobile devices/computers.
4. Electronic Data Collecting System
Accounting data and other financial and non-financial data of all auditees are collected periodically and electronically to our data warehouse using a secure database connection. The system integrates all digital data into a centralized structure. This system checks and controls the data before being uploaded.
- Within the scope of the measures to prevent the spread of the COVID-19 pandemic, distance work model implemented and remote access and use of the VPN remote access connection has been provided to the staff.
- As part of the reporting process, new ways of communicating with the auditee and gathering information and collecting documents were needed. In this sense, draft audit reports were sent to auditees in electronic environments and their responses again were received electronically.
- For the next period, TCA is working on a new model to execute all stages and processes of the audit work to be performed electronically.
- The trainings to the staff as well as the audit team meetings have generally been conducted online via virtual channels.
For more information, please visit: https://www.sayistay.gov.tr/en/