Thursday, July 30, 2009

PSU marks 30th year; confers doctorate degree to COA chief

By Danny O Sagun

Dagupan City - The Pangasinan State University marked today its 15th Biennial Celebration with the theme "PSU at 30: Sustaining a Culture of Responsibility, Integrity and Excelence."

Several activities were held including the conferment of Doctor of Humanities (honoris causa) to Commission on Audit chair Reynaldo A. Villar who delivered the keynote address as guest of honor and speaker during a program at the PSU Convention Hall at the university’s main campus in Lingayen town.

Dr. Victoriano C. Estira, PSU president, assisted by Dr. Lauro B Tacbas, who is president of PASUC and UNP, and Dr. Caridad O. Abuan, OIC-Director of the Commission on Higher Education, conferred the honorary degree to the proud son of Sto. Tomas town. Villar is the elder brother of Undersecretary Antonio "Bebot" Villar, who is chair of the Presidential Anti-Smuggling Group (PASG).

Another highlight of the celebration was the turn-over of funding check for the operationalization of the Pangasinan Institute of Environmental Governance by engineer Federico E. Puno, president and chief executive officer of Team Energy Foundation Inc., which operates the Sual Coal-Fired Power Plant.

The 30th founding anniversary celebration started Tuesday with campus level activities in Bayambang, San Carlos City, Asingan, Infanta, Urdaneta City, Sta. Maria, Binmaley, Lingayen and Alaminos City.

Other events for the four-day celebration include exhibit and trade fair, street dancing and cultural presentation, search for Mr. and Miss PSU Biennial 2009, sportsfest, medical mission, talent showdown and grand fellowship and awards night on the fourth day.

Estira, who last week guested at the weekly KBP Forum at the Philippine Information Agency office, proudly announced that the state university is number one in Region 1 and number seven on passing percentage in the nursing board, while its engineering department based in Urdaneta is number one in the region and number six in the country among state colleges and universities.

The university also saw increase in the number of enrollees from 9,000 to 12,000 when it adopted the open admission system, he bared. He quickly clarified that the government-run educational facility maintains its level of excellence in spite of the open system.

On the proliferation of local government-operated universities which is being protested by private schools, Estira explained that the law allows the establishment of such institutions if the city or the first class town can support them. "Kung kaya ng kanilang budget, puede silang mag-operate ng university," he said. But the Commission on Higher Education, he stressed, should see to it that said learning institutions conform to standards.

The Urdaneta City University and the Eastern Pangasinan University in Binalonan are two examples of LGU-run universities.

Private school owners have complained that their schools undergo several years of efficient operation for them to attain college or university status. Yet LGUs, they pointed out, can just put up their colleges or universities without going thru tedious processes.

Estira noted however that government-run institutions charge "pang-masa" tuition fees like PSU.


Congrats Chairman Villar!

Ombudsman ‘special ops’ net guv’s vehicles, 11 others for unofficial use

By Florence F. Hibionada

It may have been a ‘Thank-God-It’s -Friday (TGIF)’ for private citizens at the end of last week’s workweek. Yet for all those under government employ on board 13 government-issued vehicles spotted and apprehended by the Ombudsman, it was certainly one rotten late Friday evening.

More so for those on board the two Capitol-issued vehicles of Governor Niel Tupas.

Barely had the media and public uproar been over on the issue of illegal siren use, it is back in the limelight anew for the governor’s government-issued Nissan Patrol vehicles.

And from the now controversial one Nissan Patrol with “red plate” SGF 898, it became two “GOVERNOR” vehicles. This, following late Friday evening’s special operations of the Ombudsman task force out on a mission to stop improper use of said government vehicles.

The News Today (TNT) in a report gathered that a total of 13 government vehicles were spotted and/or apprehended.

The Ombudsman team was aided by task force members comprised by an official from the Commission on Audit (COA), the Land Transportation Office (LTO) and the Philippine National Police (PNP).

Media presence was also allowed with an earlier briefing that laid down the parameters of the press coverage.

Dubbed “Task Force Operation Plan Red Plate,” it was to be the second “special ops” of the anti-graft body in Iloilo City. The team had surprise checkpoints in strategic entry and exit points to and from the city. Such as another mobile team went around to check on the city’s nightspots for parked government-cars.

The law is crystal clear, the Ombudsman here stressed, on the prohibition of unofficial use of “red plate” or government-issued vehicles. Any use beyond office hours particularly in nightspots and elsewhere must be accompanied by duly accomplished trip tickets.

Some four hours into the operation, TNT got confirmation of a “chase” with subjects – two black vehicles with “GOVERNOR” plates of Governor Tupas. No specifics were however revealed on the exact location of the initial sighting or up to where the chase ended. No details released too on the identities of those on board.

By Saturday morning though, TNT got word that the “GOVERNOR” vehicles were indeed recorded by the Ombudsman Task Force as “apprehended.” Another report also came in on one vehicle spotted and believed to have been issued for the city mayor’s official use. However belated developments stated that only the two “GOVERNOR” vehicles were in said “apprehended” report.

“They never thought that we will pursue them. Everything would be okay if only they cooperated with us by stopping at our checkpoint but they chose to be pursued,” TNT was told.

The Ombudsman-led team had “spotters” in place in various areas of the city and alerted the task force of an incoming red-plate vehicle.

With uniformed police officers in tow, team members then flagged down the subject vehicle and proceeded to seek authority to be out in such late Friday evening.

A check was then made on trip tickets present, proper marking of “For Official Use Only” on the vehicle, the driver’s license, vehicle documents and license plates.

The Task Force Red Plate will pursue charges on the violators – those on board the vehicle established to have been on unofficial use and to the official or head of office that the vehicle was issued.


Operation red plate should go on and on so that violators will be apprehended and gasoline consumption can be minimized, and utilize only for official use.

Wednesday, July 29, 2009

The Essential Guide to Security Audits

Security audits are typically conducted for the purposes of business-information security, risk management and regulatory compliance. If performed correctly, a security audit can reveal weaknesses in technologies, practices, employees and other key areas. The process can also help companies save money by finding more efficient ways to protect IT hardware and software, as well as by enabling businesses to get a better handle on the application and use of security technologies and processes. As bothersome as security audits are, business owners, executives and IT managers who truly understand them realize that periodic examinations can actually help ensure that security strategies are in sync with overall business activities and goals.

Audit Practices and Activities

There is no standard security-audit process, but auditors typically accomplish their job though personal interviews, vulnerability scans, examination of OS and security-application settings, and network analyses, as well as by studying historical data such as event logs. Auditors also focus on the business's security policies to determine what they cover, how they are used and whether they are effective at meeting ongoing and future threats.

CAATs (Computer-Assisted Audit Techniques) are often employed to help auditors gain insight into a business's IT infrastructure in order to spot potential security weaknesses. CAATs use system-generated audit reports, as well as monitoring technology, to detect and report changes to a system's files and settings. CAATs can be used with desktop computers, servers, mainframe computers, network routers and switches, and an array of other systems and devices.

While CAATs can provide definitive data on business systems, auditors must also keep an eye on activities and practices that are not easily quantifiable. Some of the key questions that an auditor must ask include:

Who is in charge of security, and who does this person report to?
Have ACLs (Access Control Lists) been placed on network devices to control who has access to shared data?
How are passwords created and managed?
Are there audit logs to record who accesses data?
Who reviews the audit logs, and how often are they examined?
Are the security settings for OSes and applications in accordance with accepted industry security practices?
Have unnecessary applications and services been purged from systems? How often does this task take place?
Are all OSes and applications updated to current levels?
How is backup media stored? Who has access to it? Is it up-to-date?
How is email security addressed?
How is Web security addressed?
How is wireless security addressed?
Are remote workers covered by security policies?
Is a disaster-recovery plan in place? Has the plan ever been rehearsed?
Have custom applications been tested for security flaws?
How are configuration and code changes documented? How often are these records reviewed?
Many other questions pertaining to the exact nature of the business's operations also must be addressed.


An auditor's skills and affiliations depend on the nature of the audit and the audited company's business focus. An internal audit will usually draw auditors from within the business's own IT and accounting departments. Alternatively, a company may hire a security consultant to handle the job. A financial institution or other business working in a regulated industry will often find itself dealing with federal and state regulators. Auditors may also be sent to a business by private standards-setting bodies and other industry organizations.

Aftermath and Follow-Up

Shortly after the audit concludes, the auditors will usually brief a company's owners, executives and managers on what they've discovered and if any immediate remedial action is necessary. A few days or weeks later, the auditors usually issue a formal report. Stakeholders can use both the meeting and the report as opportunities to gain insight into their security practices and make improvements.

While a security audit is usually a specific event, IT security is an ongoing process. As a business designs, deploys and maintains its security policies, technologies and practices, it should strive to maintain a constant state of preparedness that will allow it to pass a security audit at any given moment.


Security audits are important nowadays because many accounting systems are now computerized and organizations have to protect the interests of their companies.

Audit Process in Security Audit

Audit planning & preparation

The auditor should be adequately educated about the company and its critical business activities before conducting a data center review. The objective of the data center is to align data center activities with the goals of the business while maintaining the security and integrity of critical information and processes. To adequately determine if whether or not the client’s goal is being achieved, the auditor should perform the following before conducting the review:

Meet with IT management to determine possible areas of concern
Review the current IT organization chart
Review job descriptions of data center employees
Research all operating systems, software applications and data center equipment operating within the data center
Review the company’s IT policies and procedures
Evaluate the company’s IT budget and systems planning documentation
Review the data center’s disaster recovery plan

Establishing audit objectives

The next step in conducting a review of a corporate data center takes place when the auditor outlines the data center audit objectives. Auditors consider multiple factors that relate to data center procedures and activities that potentially identify audit risks in the operating environment and assess the controls in place that mitigate those risks. After thorough testing and analysis, the auditor is able to adequately determine if the data center maintains proper controls and is operating efficiently and effectively.

Following is a list of objectives the auditor should review:

Personnel procedures and responsibilities including systems and cross-functional training
Change management processes are in place and followed by IT and management personnel
Appropriate back up procedures are in place to minimize downtime and prevent loss of important data
The data center has adequate physical security controls to prevent unauthorized access to the data center
Adequate environmental controls are in place to ensure equipment is protected from fire and flooding

Performing the review

The next step is collecting evidence to satisfy data center audit objectives. This involves traveling to the data center location and observing processes and procedures performed within the data center. The following review procedures should be conducted to satisfy the pre-determined audit objectives:

Data center personnel – All data center personnel should be authorized to access the data center (key cards, login ID’s, secure passwords, etc.). Data center employees are adequately educated about data center equipment and properly perform their jobs. Vendor service personnel are supervised when doing work on data center equipment. The auditor should observe and interview data center employees to satisfy their objectives.

Equipment – The auditor should verify that all data center equipment is working properly and effectively. Equipment utilization reports, equipment inspection for damage and functionality, system downtime records and equipment performance measurements all help the auditor determine the state of data center equipment. Additionally, the auditor should interview employees to determine if preventative maintenance policies are in place and performed.

Policies and Procedures – All data center policies and procedures should be documented and located at the data center. Important documented procedures include: data center personnel job responsibilities, back up policies, security policies, employee termination policies, system operating procedures and an overview of operating systems.

Physical security / environmental controls – The auditor should assess the security of the client’s data center. Physical security includes bodyguards, locked cages, man traps, single entrances, bolted down equipment, and computer monitoring systems. Additionally, environmental controls should be in place to ensure the security of data center equipment. These include: Air conditioning units, raised floors, humidifiers and uninterruptible power supply.

Backup procedures – The auditor should verify that the client has backup procedures in place in the case of system failure. Clients may maintain a backup data center at a separate location that allows them to instantaneously continue operations in the instance of system failure.


The auditor should have a lot of preparation when performing security audit. To be prepared is the best tool an auditor can carry along with him when performing audit.

What is a Security Audit?

You may see the phrase "penetration test" used interchangeably with the phrase "computer security audit". They are not the same thing. A penetration test (also known as a pen-test) is a very narrowly focused attempt to look for security holes in a critical resource, such as a firewall or Web server. Penetration testers may only be looking at one service on a network resource. They usually operate from outside the firewall with minimal inside information in order to more realistically simulate the means by which a hacker would attack the site.

On the other hand, a computer security audit is a systematic, measurable technical assessment of how the organization's security policy is employed at a specific site. Computer security auditors work with the full knowledge of the organization, at times with considerable inside information, in order to understand the resources to be audited.

Security audits do not take place in a vacuum; they are part of the on-going process of defining and maintaining effective security policies. This is not just a conference room activity. It involves everyone who uses any computer resources throughout the organization. Given the dynamic nature of computer configurations and information storage, some managers may wonder if there is truly any way to check the security ledgers, so to speak. Security audits provide such a tool, a fair and measurable way to examine how secure a site really is.

Computer security auditors perform their work though personal interviews, vulnerability scans, examination of operating system settings, analyses of network shares, and historical data. They are concerned primarily with how security policies - the foundation of any effective organizational security strategy - are actually used. There are a number of key questions that security audits should attempt to answer:

Are passwords difficult to crack?
Are there access control lists (ACLs) in place on network devices to control who has access to shared data?
Are there audit logs to record who accesses data?
Are the audit logs reviewed?
Are the security settings for operating systems in accordance with accepted industry security practices?
Have all unnecessary applications and computer services been eliminated for each system?
Are these operating systems and commercial applications patched to current levels?
How is backup media stored? Who has access to it? Is it up-to-date?
Is there a disaster recovery plan? Have the participants and stakeholders ever rehearsed the disaster recovery plan?
Are there adequate cryptographic tools in place to govern data encryption, and have these tools been properly configured?
Have custom-built applications been written with security in mind?
How have these custom applications been tested for security flaws?
How are configuration and code changes documented at every level? How are these records reviewed and who conducts the review?
These are just a few of the kind of questions that can and should be assessed in a security audit. In answering these questions honestly and rigorously, an organization can realistically assess how secure its vital information is.

Security Policy Defined

As stated, a security audit is essentially an assessment of how effectively the organization's security policy is being implemented. Of course, this assumes that the organization has a security policiy in place which, unfortunately, is not always the case. Even today, it is possible to find a number of organizations where a written security policy does not exist. Security policies are a means of standardizing security practices by having them codified (in writing) and agreed to by employees who read them and sign off on them. When security practices are unwritten or informal, they may not be generally understood and practiced by all employees in the organization. Furthermore, until all employees have read and signed off on the security policy, compliance of the policy cannot be enforced. Written security policies are not about questioning the integrity and competency of employees; rather, they ensure that everyone at every level understands how to protect company data and agrees to fulfill their obligations in order to do so.

Natural tensions frequently exist between workplace culture and security policy. Even with the best of intentions, employees often choose convenience over security. For example, users may know that they should choose difficult-to-guess passwords, but they may also want those passwords to be close at hand. So every fledgling auditor knows to check for sticky notes on the monitor and to pick up the keyboard and look under it for passwords. IT staff may know that every local administrator account should have a password; yet, in the haste to build a system, they may just bypass that step, intending to set the password later, and therefore place an insecure system on the network.

The security audit should seek to measure security policy compliance and recommend solutions to deficiencies in compliance. The policy should also be subject to scrutiny. Is it a living document, accurately reflecting how the organization protects IT assets on a daily basis? Does the policy reflect industry standards for the type of IT resources in use throughout the organization?


Performing security audit means that one should be good at computers.

Arrest of COA, BIR, Customs chiefs sought

By Tina Santos, Edson C. Tandoc Jr.
Philippine Daily Inquirer

MANILA, Philippines—A lawyers’ group Wednesday asked a Manila court to order the arrest of the heads of the Commission on Audit (COA) and the customs and internal revenue bureaus for their continued disobedience of the court’s order to examine the account books of the Big 3 oil companies.

The Social Justice Society (SJS) asked Judge Silvino Pampilo Jr. to issue arrest warrants against the officials “for their deliberate, obstinate and contumacious refusal to obey the lawful order” of the court and to detain them until they comply with the order.

Pampilo earlier directed the heads of the agencies to explain within 72 hours why they should not be cited for contempt for failure to comply with his April 2009 order to open and examine the books of accounts of Chevron Philippines Inc., Petron Corp. and Pilipinas Shell Petroleum Corp..

Gov’t counsel

The judge’s July 24 order was reportedly served and received on the same day by the Office of the Solicitor General (OSG), which is acting as the counsel for the government agencies.

The SJS said the 72-hour period expired last Tuesday.

Pampilo last April directed the COA, the Bureau of Customs (BOC) and the Bureau of Internal Revenue (BIR) to form a panel that would conduct the examination of cash receipts, cash disbursement books, purchase orders on petroleum products, delivery receipts, sales invoices and other related documents on the purchases of petroleum products of the three firms from January 2003 to December 2003.

The judge’s order stemmed from a complaint filed by the SJS, which accused the oil companies of using pricing schemes grossly disadvantageous to the public.

Last July 7, the judge denied for lack of merit separate motions for reconsideration seeking to stop his order filed by the OSG and the oil firms.

The judge ruled that there was no law or jurisprudence that prohibits government entities from performing acts that would best serve the public.

At a hearing of the energy committee at the House of Representatives Wednesday, Pampanga Rep. Juan Miguel Arroyo said the committee would summon the COA, the BIR and the BOC to update the committee on the progress of their audit of the oil companies as ordered by Pampilo.

“Auditing the oil firms is the only way we will find out if prices are really overpriced or not,” said Arroyo, the committee chair.

Saying they are willing to open their books for auditing, oil companies defended their prices as being fair and reasonable before the committee.

“We have always been transparent with our financial situation. We are open to public audits as long as it is by the right agency,” said Chevron spokesperson Mark Quebral.

Some of the oil companies claimed that they actually incurred millions of pesos in losses last year.

Shell spokesperson Robert Kanapi said that compared to other industries, oil companies have been generating smaller profits. While media companies, for instance, made 12.2 percent in profits last year, oil companies only made some 2.3 percent, he said.

Industry losers

Malou Espina, corporate affairs manager of Total Phil., said the company lost P570 million last year.

Zenaida Monsada, oil industry management bureau director for the Department of Energy, told the committee that four out of nine oil companies incurred net losses last year: Total, Caltex, Petron and Pryce.

Monsada said oil price increases in Metro Manila are lower than the increases in international market prices. She said the Philippines, an oil importer, has among the lowest oil prices in Southeast Asia, its rates just slightly higher than those of Indonesia and Malaysia which both produce and subsidize oil.

But George San Mateo, secretary general of the transport group Pagkakaisa ng mga Samahan ng Tsuper at Operaytor Nationwide (Piston), said he doubted the claims that oil prices in the country are lower than international rates. He urged the committee to review the Oil Deregulation Law.


I believe there is no reason why COA and BIR heads should be arrested. They have not done anything wrong.

8 drug-sniffing dogs declared AWOL


The Commission on Audit has issued a ‘writ of habeas corpus’ for eight drug-sniffing dogs that have remained unaccounted for by the Philippine Drug Enforcement Agency.

The 2008 CoA audit report for PDEA indicated that of the 13 members of the PDEA K-9 force, eight have been reported to have gone on “absence without official leave,” prompting state auditors to demand an explanation from the agency’s officials.

Supervising Auditor Divina Cabrera, head of the audit team, said three other dogs trained and donated to the agency are likewise missing.

Cabrera said the PDEA could not present any records as to the whereabouts of the high-priced dogs which have been trained to detect narcotics and other illegal substance.

She said government spent P9.9 million for the 13 dogs which have been helpful in the country’s anti-drug campaign.

Of the eight missing canines, seven, namely, Magic, Caster, Quint, Brando, Jackson, Sear, and Buddy, were Belgian Mallinois. Also missing was a Dutch Shepherd named Carlo.

“Conduct an investigation on the facts and circumstances surrounding the disappearance of the eight K-9 dogs and submit a report to the Commission on the results of the investigation,” CoA told the PDEA.

State auditors said administrative sanctions should be imposed against those liable for the disappearance of the dogs.

“Otherwise, request for relief from accountability for the dropping of the cost in the books of accounts,” they added.

The audit examiners refused to believe the claim of the new caretaker that some of the dogs have already died. Auditors want a solid proof to back up this claim.

The audit report revealed that the dogs were purchased by the now defunct National Drug Law Enforcement and Coordinating Center of the Philippine National Police.

They were later transferred to PDEA when the new Dangerous Drugs Code took effect.

“There are no records of persons directly accountable for the work animals since Logistics Management Service did not maintain records such as memorandum of receipt to pinpoint person accountable,”
the report said.

Meanwhile, CoA also sought an explanation on the whereabouts of three bomb sniffers donated by retired Gen. Edgar Galvante, former executive director of the Dangerous Drugs Board, and Supt. Benjamin Magalong.

“Neither the special enforcement service which received the donation nor the LMS as the custodian of records has record of donation such as deed of donation duly signed by parties,” auditors noted.


Philippine Drug Enforcement Agency should properly explain this and produce the sniffing dogs.

COA raps OMB for accounting failures


A Commission on Audit report scolding the Optical Media Board (OMB) for failing to properly account for billions of pesos worth of seized optical discs and other video equipment appeared to support accusations of corruption leveled by an anti-smuggling agency against certain OMB operatives and officials.

In its audit report of the 2008 financial standing of OMB, COA chided the OMB for repeatedly failing to fully account for the number of supplies, optical discs and equipment seized from suspected film pirates.

The report was submitted by Director Bato Ali of COA’s national government sector audit service in the wake of the corruption scandal triggered by the disappearance of two replicating machines seized by joint operatives of the OMB and the Presidential Anti-Smuggling Group (PASG) in a raid conducted in San Jose del Monte, Quezon City last month. PASG chief Undersecretary

Antonio Villar Jr. earlier sought a congressional inquiry into the incident, saying that certain OMB men were behind the missing replicating machines valued at P100 million. OMB Chairman Edu Manzano, on the other hand, denied the accusations, saying the PASG did not turn over the machines to his men.

The COA report appeared to have sided with Villar with state auditors pointing out that the OMB ignored last year’s audit recommendation that a monthly report of seized pirated discs and other equipment be submitted to the constitutional agency.

“During the year (2008), management failed to submit the required documents to support the receipt and disposal of the confiscated seized inventories and equipment,” auditors said. “This is a reiteration of prior year’s audit observation.”

When informed about the audit observation, Manzano, in a letter to COA last February, explained that a consolidated report of seized discs starting the first quarter of 2008 was made. It revealed that a total 6,007 sacks and 1,305 boxes of pirated optical discs had been seized.

The OMB also reported that a Summary of Enforcement operations from January to December, 2008 showed that the total estimated value of all confiscated machines and discs was estimated at P1,727,253,325.

COA rejected the OMB explanation, saying that the “comparison of the two reports is not possible because of the different ways of reporting the confiscated goods.”


Proper accounting procedures should be set up by the OMB to properly account confiscated items.

SC upholds Ombudsman, COA ruling on dismissal of ex-school principal

By Florence F. Hibionada

After nearly seven years of legal battle, the Commission on Audit (COA) and the Office of the Ombudsman got its final favorable judgment on a graft case filed against a former public school principal.

Then found guilty of grave misconduct thus dismissed from government service, Corazon Balbastro was stripped of her post as principal of the Iloilo City National High School (ICNHS) in Molo district, Iloilo City.

Said decision was reached back in April 2002 and questioned by Balbastro up to the Supreme Court (SC).

The Office of the Ombudsman in the Visayas made public yesterday the SC final Judgment following a 15-page Order. SC Associate Justice Conchita Carpio Morales penned said Order and concurred by the SC En Banc led by Chief Justice Reynato S. Puno.

To recall, Balbastro’s legal woes stemmed from a 1999 letter-complaint of parents and teachers of the ICNHS. The complainants called for a COA probe on perceived irregularities of Balbastro’s fiscal management using the school funds.

The complaint further named another supposed erring school official who was later exonerated.

Balbastro was accused of mishandling over P184,000 in donated funds from the Iloilo City government and the unauthorized spending of over P161,000 in purported repair of school projects. She was also questioned for disbursements of nearly P500,000 in supposed costumes of the school’s Dinagyang participants in 1999.

The COA came out with its audit report confirming said irregularities and later used by the Ombudsman in establishing the administrative and criminal cases against Balbastro.

The Ombudsman held Balbastro guilty of the irregularities stated by COA with the SC saying that the audit report “was enough basis to sustain the Ombudsman’s findings of guilt...”

Balbastro as a matter of recourse petitioned the SC citing the alleged denial of due process “and that the proceedings before the Ombudsman were attended by serious irregularities.”

SC Associate Justice Morales was curt with her reply – “The petition fails.”

“AT ALL EVENTS, petitioner cannot protest that she was deprived of due process for not having been apprised of the charges against her since the charges did not go beyond the findings of the audit report, a copy of which she received and to which she responded via her Supplemental Answer,” the SC Judgment went. “Petitioner has no one to blame but herself….”

As such, Balbastro’s dismissal from government employ with forfeiture of benefits stay even as prosecution of the criminal case continues.

To note, the Ombudsman since the establishment of its Iloilo Field Office has been instrumental in conducting motu proprio investigation using COA Audit Reports. From the highest elected official of any given local government unit to the regular government employees, the Ombudsman takes corresponding action.

COA Audit Reports are done yearly to ascertain the propriety, regularity and legality of all government dealings using public funds.


Nothing can escape the long arm of the law.

5 ways to avoid an audit

By Jeff Schnepper

Whether you're facing an audit or simply want to avoid one, here are steps to take to deflect attention or get you prepared.

Rule 1: Check your arithmetic

Few audits are generated by mathematical mistakes alone. The Internal Revenue Service computers automatically correct both mathematical errors and mistakes on the amount you can take as a deduction. One common -- and expensive -- error is to claim 100% of your medical expenses as a deduction. (You may deduct only the excess over 7.5% of your adjusted gross income.) However, too many math errors can indicate a sloppy return, and that could lead to a full audit.
While the advice may seem obvious, don't give the IRS any additional reasons to look at your return.

But how do you get picked?

An IRS computer program compares your deductions to others in your income bracket and weighs the differences. This secret IRS formula, called the DIF Score, is used to select returns with the highest probability of generating additional audit revenue.

For example, a taxpayer with a $50,000 salary would rarely have $10,000 in charitable contributions. This doesn't mean that, if you have only $50,000 in income and actually have $10,000 in charitable contributions, you shouldn't claim those deductions. It means only that if that is the case, be prepared to prove those deductions.

The DIF formula considers not only your income and deductions, but also where you live, the size of your family and your profession. Rarely will a family of five living in the Hamptons have an income of $30,000 or less. It may happen, but if it does, the IRS will want to know how. This leads to . . .

Rule 2: Arrange your finances so they don't stand out

If you think you may be audited, see if your situation is likely to attract the tax man's attention. Here are groups that often do invite inquiries:

The self-employed. If you are self-employed, you have more opportunity either to "hide" your income or "create" deductions by converting personal expenses into business expenses. If so, be prepared to substantiate your expenditures as deductible expenses. The IRS is aware of the myriad "business vehicles" that go away to college every September, and the probability of your being audited is enhanced.
And, by the way, the IRS says it audited 1.38 million taxpayers in 2007, up 7% from 1.29 million taxpayers in 2006. That's the highest number since 1998.
The 2007 figure represents an audit for one of every 97 returns filed. But only one of every 561 returns resulted in a face-to-face audit. The rest were correspondence examinations.

Preliminary 2008 numbers show 1.39 million individual taxpayer audits, but only 310,429 of those were field audits. The rest were again correspondence examinations.
Those who get their income in cash. The IRS has specific audit programs aimed at specific professions and occupations. Because they receive much of their income in cash, people who work in the gaming industry, waiters and even doctors are prime audit targets. The more cash you receive and the higher your income potential, the more likely the IRS is to find additional tax dollars by reviewing your return.
There are a number of areas of potential abuse that attract the IRS. In recent years, the IRS has been targeting these areas for audit:

• Offshore credit card users.
• High-risk, high-income taxpayers.
• Investors in abusive schemes and promotions.
• High-income non-filers.
• Unreported income.

Rule 3: Substantiate, substantiate, substantiate

In the audit itself, the IRS will focus on those items for which taxpayers have historically failed to keep the required substantiation. Traditionally, auto, travel, meals and entertainment have been the areas most audited. To deduct auto expenses, you must establish the percentage of business use as well as the actual expenses incurred. I ask my clients to keep a mini-cassette recorder in their cars to record the business mileage and purpose. Kept contemporaneously, it is acceptable as sufficient substantiation of business use. Alternatively, a written diary of miles used for business would also be accepted.

You must have a receipt for all expenditures of $75 or more for meals and entertainment. The rule is simple: no receipt, no deduction. If the expense is less than $75, a diary notation is sufficient. However, both the receipt and the diary notation must have all of the following information:

• The amount paid
• The name and location of the restaurant or entertainment facility
• The person you entertained
• That person's business relationship with you
• The business discussion related to the entertainment

Unless you talk business, before, during or after the meal, your deduction won't be allowed. Remember, with the IRS, paper rules! With any and all expenses, deductions will be allowed more easily if you have a piece of paper to back them up.
Here's another piece of advice: Don't come in with a carton of miscellaneous receipts. The more organized your receipts and the more paper you produce, the easier it is for an IRS agent to conclude that you are organized, have full substantiation and owe no additional taxes.

One more point about how you're selected for an audit. The IRS computer pulls out many returns for audit on a random basis. Your income, deductions or where you live are irrelevant. Your number just came up -- you won the audit lottery. A student making $3,000 a year is just as likely to be selected as an accountant making $300,000. You just got "lucky."

The IRS can audit you for three years after you file your return. In reality, however, most returns are audited within 18 months of filing. This gives the IRS time to do the review and request the appropriate substantiation before the statute of limitations (usually a three-year period) ends. Once the statute has run out, the IRS normally cannot audit your return, and your expenses are insulated from examination. It has been claimed that the later you file, the less likely it is the IRS will pick your return to be examined. The IRS still insists that agents are not graded or evaluated on the amount of money they collect until -- surprise! -- congressional testimony reveals that policy is not the same as practice.

Rule 4: Know when to file

I recommend that you have your return prepared early. If you have a big refund and are unconcerned with audit issues, file early and get your money back. If you have taxes due, and no penalty for underpayment, don't file until April 15. Don't ever pay a federal tax bill before it is due. It's an interest-free loan to the IRS.
On the other hand, if you are concerned about a potential audit, never file until the last minute. It won't hurt and can only decrease your chances of being selected.

Rule 5: Plan your taxes to pre-empt an audit

I highly recommend the use of pre-audit strategies. If, say, you have a huge medical deduction for a year that you feel would increase your chances of being audited, attach copies of your medical bills to your return.

Alternatively, if you made an unusually large charitable contribution, attach a copy of the check or receipts to your return. The IRS computer will still kick out your return, but when a real person looks at it, the reviewer will recognize that you know the rules. It may actually reduce your odds of a full audit.


The most important is preparation. That means you have to update your books of accounts regularly so that whenever any tax audit comes, you are ready!

Thursday, July 23, 2009

COA uncovers multi-million Sta. Barbara fiscal mess

By Ezee Ann C. Grecia

STA. BARBARA, Iloilo – Government auditors uncovered a multi-million fiscal mess here following the customary audit made on the municipal government’s operations.

With an increased income of some 16.14% on the over P70 million generated the previous fiscal year, the Commission on Audit (COA) likewise established though a 6.90% increase in expenditures pegged at over P4 million.

Further still, COA wants town officials and employees to make a full immediate refund of over P2.5 million in extra cash gifts. This, the Commission ruled, after said extra cash gifts were found to have been irregularly disbursed. COA ruled against the extra cash gift for exceeding the allowable Personnel Services limitation “thus resulting in the imbalance allocation of funds as majority was allocated for personal services.”

“We recommend that the Local Chief Executive adhere strictly to the maximum allowable PS cost and that the LGU may incur annually. We also recommend that he require the officials and employees concerned to refund the benefits claimed, ” excerpts of the COA report as obtained by The News Today (TNT) went. The order for refund has been addressed to Mayor Isabelo Maquino.

More fiscal worries here with the town’s Cash in Bank discovered to have over P1.3 million in unbooked and erroneous disbursements. Worse still, when State Auditors came to conduct the audit, no cashbook can be found.

As such COA recommended that Mayor Maquino and the Municipal Treasurer correct immediately the disbursements erroneously charged.

“We further recommend that the Municipal Treasurer locate her cashbook so she and the Municipal Accountant could reconcile their records… Although the Municipal Treasurer claimed that she maintains a cashbook for the Fund, this has not been presented. The NALGU Fund was not booked up by the Accounting Section thus cash and equity accounts were understated,” the COA report continued. NALGU is the National Assistance for Local Government Unit.

COA also uncovered P6,449,025.60 and P8,555,010.33 worth of accounts that remained unsettled “thus depriving the Funds of available cash for their operations.” These Intra-agency receivables/payables were found in the General Fund Books, Special Education Fund Books and Trust Fund Books.

The town also had problems with its government-mandated contributions particularly with the LGU share on PAG-IBIG contributions. COA discovered the erroneous government share with the LGU’s wrong deduction based on 2% monthly salary instead of 2% maximum fund salary.

Further still, town’s assets were not properly inventoried thus hindering COA to check and monitor accountability of end-users. A total of “233 with serviceable life” assets were recorded by the COA.

Also included in the latest COA audit were unremitted collections “thus cashbooks of the Municipal Treasurer are unreflective of these collections.”

COA also wants Mayor Maquino to rescind the town’s scholarship program with questions raised on some P96,000 in scholarship fund of 12 town scholars.

“We recommend that the Municipal Mayor rescind the scholarship program in the SEF. On the other hand, we recommend that he propose to the SB instead, the establishment of a Scholarship Fund in the GF to make education accessible to its poor but bright and deserving students.

COA in concluding its report also revealed uncollected rental market fees of P316,276.60.


Local officials concerned should be made answerable for these anomalies.

Computer-assisted Audit Techniques

The auditor may use three broad categories of computer-assisted techniques to test controls:

Auditing around the computer
Auditing with the computer
Auditing through the computer

Auditing Around the Computer

With this technique, auditors test the reliability of computer-generated information by first calculating expected results from the transactions entered into the system. Then, the auditors compare these calculations to the processing or output results. If they prove to be accurate and valid, it is assumed that the system of controls is effective and that the system is operating properly.

The auditing around the computer approach is adequate when automated systems applications are relatively simple and straightforward. SAS No. 94 does not eliminate the use of this technique. This approach may be suitable for firms using a variety of accounting software that process applications periodically and, when the audit trail generated is extensive, allow outputs to be traced back to inputs.

The major weakness of the auditing around the computer approach is that it does not determine whether the program logic is correct. In addition, this approach does not reveal how the automated controls respond to a wide variety of transactions containing errors. Therefore, in complex IT environments, this approach may overlook potentially significant errors and may be ineffective in restricting detection risk to an acceptable level.

Auditing With the Computer

The auditing with the computer approach embraces a variety of techniques and often is referred to as computer-assisted audit techniques (CAATs). CAATs involve using computers, often a microcomputer, to aid auditors. Although the utilization of CAATs has radically improved the capabilities and effectiveness of auditors, they are primarily used to perform substantive tests. One widely used CAAT, known as general audit software (GAS), is frequently employed to perform substantive tests and may be used for limited testing of controls. For example, GAS can be used to test the functioning of complex algorithms in computer programs, but it requires extensive experience in using the software. In contrast, the auditing through the computer techniques are designed specifically to test automated controls, and some techniques do not require extensive IT experience.

Auditing Through the Computer

These techniques focus on testing automated processing steps, programming logic, edit routines and programmed controls. The approach assumes that, if the processing programs are soundly developed and incorporate adequate edit routines and programmed checks, then errors and irregularities are not likely to slip by undetected. If these programs are functioning as designed, the outputs can reasonably be accepted as reliable.

The auditing through the computer approach is particularly appropriate for testing controls in the complex IT systems emphasized in SAS No. 94. This approach embraces a family of techniques (see table 1), including test data, parallel simulation, integrated test facility and embedded audit module. In a survey conducted by the authors, only 26 of 91 responding Fortune 500 firms, or 28.6 percent, indicated that auditing through the computer techniques were used in an audit of the purchase function, usually a highly automated and complex IT application. This survey, conducted before SAS No. 94, confirms that a majority of auditors continue to set control risk at the maximum level and rely solely on substantive testing to obtain evidence about the accuracy and completeness of the relevant information. When SAS No. 94 becomes widely adopted, the number of all firms, regardless of size, using auditing through the computer techniques should increase.


In today's fast changing, we need to use the computer to help us in our daily work.


In today's fast changing world, computer audit is very important. Hereunder are the benefits of computer audit:

Business efficiency – companies are required by company law to safeguard assets by instituting effective internal controls. Computer audit would not only meet this requirement but would give you the facts you need to make important decisions.

Security – computer audit would reinforce your company’s attitude to risk. Thousand of pounds are invested in computers (PCs, workstations, laptops, scanners, etc) it pays to be prudent by mitigating loss, whether by theft, fire or otherwise.

The fact that your company has a computer audit policy and that it is taken seriously acts as a deterrent. This is further reinforced when security measures, such as “electronic tagging”, bar coding, permanent fixing or similar measures are employed.

Having documented records of your computer assets aid your claim for loss under your company’s insurance policy. The existence of reliable records aids the process.

Standardisation – a computer audit promotes a standardised purchasing policy. What could be more practical than applying a purchasing policy that not only saves money but also reinforces values, such as brand, efficiency and time?

Don’t assume that all computer equipment comes with quality parts and that they are subject to the same quality control standards. Likewise, not all retailers give the same guarantee! This is where a computer audit could provide valuable information.

Asset tracking – at the point where computer equipment arrives in the company they should be tagged to aid tracking, accounting and ultimately, control against loss. If these assets are not tracked or traceable, they could easily disappear from the company. A computer audit would capture all computing equipment, whether they are included on the asset register or not.

Asset replacement policy – computer audit assists your replacement policy by identifying ageing assets that present potential operational risk to your business. Your accounting policy may provide for non-capitalisation or write off over two to four years, however computers will be used until they are incapable of being sustained.

Such a policy does not help your company in maximising efficiency and productivity. This plays into your competitor’s hands, surrendering to them your competitive advantage. If your business relies on latest technology, it’s imperative that obsolete computers are systematically identified and replaced.

Accounting – computer audit will ensure the completeness of your fixed asset register and the accounting transactions that are processed in your ledgers.

Cost control – computer audit aids the budgeting and timely replacement of computer equipment. It reduces substantially the guesswork in constructing the relevant capital expenditure budget.

Competitive advantage – whether being the quickest to market, having the latest technology or efficient processes is what sets you apart from your competitors it is essential that you make computer audit an essential company tool. Factors that contribute to maintaining competitive advantage cannot be ignored and a Finance Director or IT Manager would be grossly negligent in failing to have answers on this important matter.


Monday, July 20, 2009

Commission on Audit to Muntinlupa: Reconcile P101-million overdraft

MANILA, Philippines - The Commission on Audit (COA) has asked Muntinlupa City government to reconcile its expenditures after it found about P101 million overdraft in its spendings last year.

The COA gave the city government one month to explain and settle its expenditures.

In an audit certificate signed by supervising auditor Julia Ella-Moreno, the commission noted that items purchased by the city have “remained unadjusted in the books and were not supported by documents.”

“The inclusion of furniture of P17.7 million under construction in progress agency asset account resulted in overstatement and errors in classifying various expenses of P116.6 million and other maintenance and operating expense account,” Moreno said.

The COA findings stated the year-end balance of the cash in bank in the amount of P62.6 million was “unreliable.”

Muntinlupa City Mayor Aldrin San Pedro and his accounting and treasury department were told to produce the documents necessary to substantiate and reconcile the items in cash in bank-local currency and current account of the city.

In a separate document dated May 2009, COA National Capital Region Director Roland Rey requested the city government that the “recommended remedial measures be immediately implemented.”

The document was furnished to the Department of Interior and Local Government, Department of Budget and Management, Offices of the President and Vice President, Senate President Juan Ponce Enrile, and Speaker Prospero Nograles.

State auditors said the local government unit’s actual infrastructure projects of P582.7 million were “not based on a duly approved Annual Investment Program nor Annual Procurement Plan.”

COA also found that “various infrastructure projects totaling P399.6 million were paid despite incomplete documentation,” and had a ‘total overtime payroll of P74.5 million’ that exceeded the five percent allowable limit by P54.5 million.”

Cash advances also amounted to P71.4 million, and supplies purchases “did not pass thru bidding granted to members of the (Muntinlupa) City Council.”

There were also fund transfers ranging from P5 million to as much as P25 million from the Special Education Fund to the General fund and purchase of 40,000 pieces of trolley bags amounting to P22 million which is deemed “unnecessary” as it was funded through a loan, the COA reported.

In the executive summary, the commission found that the P67.2 million general fund cash balance was not enough to pay the Trust Liabilities totaling P73.3 million and cover items worth P55.2 million.

This resulted in an “overdraft of P61.2 million which is contrary to sound fiscal administration.”

The COA findings also noted the inclusion of furniture amounting to P17.6 million in the city hall’s rehabilitation contract cost of P240 million which was recorded as construction in progress agency assets which was deemed violative of government procurement policies.

Muntinlupa City officials said they are preparing pertinent documents to clarify what the COA alleged as questionable expenditures.

Omar Acosta, head of the city’s public information office, expressed confidence that the city would be able to explain the COA report.

“We will be able to explain things. We will be able to present documents that will clear the city government of what they say as inappropriate purchases,” Acosta said.

By Delon Porcalla, Rhodina Villanueva

Muntinlupa officials concerned should be made to answer for this P101 million overdraft in its spendings.

Sunday, July 19, 2009

COA tells Mayor Cortes: Pay back P190,000 trip fund

THE Commission on Audit (COA) disallowed Mandaue City Mayor Jonas Cortes’s trip to the Netherlands last October 2008 because he reportedly lacked authorization, a councilor said in a resolution.

COA may ask the mayor to pay back the P191,000 spent during the trip.

Cortes said the trip benefited the city, which acquired 60 computers as a result and expects a fire truck to arrive soon. His trip also resulted in the arrival of foreign volunteers.

The disallowance was one of COA’s recent findings and mentioned in a resolution drafted by Councilor Emil Rosal.

In that resolution, Rosal also urged all City Hall department heads to reply to COA’s findings and heed its recommendations.

Rosal’s resolution quotes COA as saying the mayor’s trip to the Netherlands “has no authority from the secretary of DILG (Department of Interior and Local Government), resulting to the possible disallowance of his travel expenses in the amount of P191,307.60.”

But Cortes told reporters he did not see any disadvantage in his trip. He said he already submitted his justification to COA.

Of the 60 computers donated by the Haarlemermeer government, 40 sets were assigned to the Mandaue City College, while the remaining 20 went to the public library.

The city will soon acquire a fire truck, coursed through the Emergency Rescue Unit Foundation (Eruf), as a result of that trip, Cortes added.

“Hopefully, we can build an Eruf station with this fire truck,” mayor said.

The mayor said he is willing to pay with his personal funds in case COA issues a disallowance order.

Check and balance

Meanwhile, a local government lawyer said yesterday that a debate continues on whether local chief executives, like mayors and governors, are required to get authorization from the local council or provincial board when entering into contracts.

Section 22(c) of the Local Government Code states: “Unless otherwise provided in this Code, no contract may be entered into by the local chief executive on behalf of the local government unit without prior authorization by the sanggunian concerned.

A legible copy of such contract shall be posted at a conspicuous place in the provincial capitol or the city, municipal or barangay hall.”

The Commission on Audit (COA) 7 recently used this provision against Talisay City Mayor Socrates Fernandez, over 22 contracts worth P49.9 million, which did not get authorization from the city council. This was among COA’s findings in its audit of Talisay’s transactions in 2008.

But Atty. Danilo Almendras, legal officer of the Department of Interior and Local Government (DILG) 7, said that provision must be seen in the light of other laws like the Government Procurement Reform Act or Republic Act 9184.

In an opinion issued in February 2006, the DILG said that a local chief executive may sign contracts even without authorization from the local legislature “for as long as there is a law or ordinance that authorizes him or her to do so.”

Almendras said there have been times that some local chief executives would rely on the Government Procurement Reform Act, in defending contracts that didn’t go to the council or Provincial Board for prior authorization.

The 2006 legal opinion by the DILG also stated that as long as the project contracts were included in the annual or supplemental budget approved by local legislators, there was no need to secure further authorization.

“It could not have been the intent of our Congress to paralyze local government projects or contracts through circuitous or redundant procedures,” the DILG opinion said. (JKV)


Auditors find Makati fund irregularities

July 19, 2009

A Commission on Audit report on Makati City’s finances has indicated serious fund irregularities committed by city officials, including the grant of P200 million in cash advances as a means of evading regular public biddings for various city projects.

The CoA report assailed the administration of Mayor Jejomar Binay for failing to justify the cash advances as it pointed out irregularities committed in the disbursement of the funds.

An outspoken critic of graft and corruption allegedly instigated by MalacaƱang, Binay was asked to stop the practice of granting cash advances for purchases that ordinarily should pass “public biddings or other modes of procurement” as provided under the law.

State auditors disclosed that advances granted by the city government ranged from P100 to P1 million.

They stressed that a total amount of P200,635,959 distributed to city personnel remained unliquidated, while disbursing officers who have been entrusted such huge amounts have track records of failing to justify their expenses in the past.

The amount of unjustified cash advance could be the biggest among Metro Manila localities, the CoA said.

In its 2008 audit of Makati City’s finances, CoA also criticized the granting of honoraria to officials and employees for doing tasks that can be performed by regular personnel of certain departments.

Director Roland A. Rey of the CoA National Capital Region-local government sector revealed that the city government granted a total P200,635,959.90 in cash advances to “officials and employees who were not duly appointed or designated as disbursing officers” as of December, 2008.

These city hall employees failed to liquidate the cash advances by submitting receipts and other acceptable evidences of expenditures.

Rey said the city government also violated an audit directive that prohibits the grant of cash advances for regular purchases.

“These were used for regular purchases thereby disregarding the requirement on public bidding and/or other modes of procurement as per Republic Act 9184,” the official said.

The CoA team noted that an analysis of the transactions have indicated that the cash advances were used to purchase materials for the repair and maintenance of buildings, equipment, and motor vehicles, maintenance and improvement of roads and other land improvement.

Such expenditures do not “warrant the granting of cash advances in material amounts because they are not time bound nor emergency in nature,” the government finance inspectors stressed.

“It was further noted that the personnel were granted additional cash advances although the previous advances were not yet liquidated in violation of CoA circular 97-0002,” the CoA report said.

Auditors warned that considering that large amounts of cash advances were distributed to city employees, there is a possibility that not all were spent for the purpose they were intended for. The unspent money should be returned immediately, they added.

“This practice could expose the advances still on hand to possible misuse or misappropriations,” the CoA stated.


Accountable officers concerned should be made answerable to the these irregularities!


Our Birth is our Opening Balance

Our Death is our Closing Balance

Our Prejudiced Views are our Liabilities

Our Creative Ideas are our Assets

Heart is our Current Asset

Soul is our Fixed Asset

Brain is our Fixed Deposit

Thinking is our Current Account

Achievements are our Capital

Character & Morals, our Stock-in-Trade

Friends are our General Reserves

Values & Behavior are our Goodwill

Patience is our Interest Earned

Love is our Dividend

Children are our Bonus Issues

Education is Brands / Patents

Knowledge is our Investment

Experience is our Premium Account

The Aim is to Tally the Balance Sheet Accurately.

The Goal is to get the Best Presented Accounts Award.

Some very Good and Very bad things...

The most destructive habit......................Worry

The greatest Joy...............................Giving

The greatest loss................Loss of self-respect

The most satisfying work...............Helping others

The ugliest personality trait.............Selfishness

The most endangered species.........Dedicated leaders

Our greatest natural resource...............Our youth

The greatest "shot in the arm"..........Encouragement

The greatest problem to overcome.................Fear

The most effective sleeping pill........Peace of mind

The most crippling failure disease............Excuses

The most powerful force in life..................Love

The most dangerous pariah..................A gossiper

The world's most incredible computer........The brain

The worst thing to be without................... Hope

The deadliest weapon.......................The tongue

The two most power-filled words..............."I Can"

The greatest asset..............................Faith

The most worthless emotion..................Self-pity

The most beautiful attire......................SMILE!

The most prized possession................Integrity

The most powerful channel of communication.....Prayer

The most contagious spirit.................Enthusiasm

The most important thing in life..................GOD

Chinese Proverb:
"When someone shares something of value with you and you benefit from it,
you have a moral obligation to share it with others"

Saturday, July 18, 2009

Philippine Commission on Audit (COA) Adopts COBIT

The Commission on Audit (COA) is the Philippines' Supreme State Audit Institution, responsible for auditing all government agencies. In addition, as a member of the Board of Auditors of the United Nations, the COA needs to train its auditors to conduct audits of United Nations organizations.

Working jointly with the local ISACA chapter, the COA combined the functionality of COBIT and the Risk Based Business Audit Methodology, developing its Structured Information Technology Audit Process (SITAP). An initial group of auditors were trained in SITAP and conducted audits in various Asian countries. Following a positive response to this initial exposure process, a second exposure was conducted with the Information Technology Center of the COA. Since this introduction of SITAP, over 100 auditors have been trained in its implementation.


Thursday, July 16, 2009

Commission on Audit to conduct pre-audit of big-ticket projects

By Reinir Padua

MANILA, Philippines – Instead of just exposing irregularities in expenditures already made by government agencies, the Commission on Audit (COA) will soon include in its functions the pre-audit of big-ticket projects to spot possible corruption before it is committed.

“We have just approved a resolution on (reinstating) the pre-audit (function of the COA),” chairperson Reynaldo Villar revealed at a recent symposium on government accountability marking the 110th anniversary of the commission.

Villar did not discuss the specifics of the resolution but said it would be published soon in the commission’s official gazette.

However, a source from the COA told The STAR that the commission intends to start implementing the pre-audit within the year.

The source said the commission was still setting up the guidelines but the pre-audit would initially be on big-ticket government projects.

The commission found an ally in Senate President Juan Ponce Enrile, who said “we should restore what COA used to do.”

“Before, the COA was consulted in every government project,” said Enrile, who was the keynote speaker during the symposium.

“At least it can be seen right in the beginning if the project will be overpriced or substandard. It’s difficult going after (the crooks) if the money is already spent,” Enrile added.

It was during the Marcos regime in 1985 when the gradual removal of the pre-audit functions of the commission started.

Enrile pointed out that among the reasons raised for the lifting of the pre-audit was the delay in important government projects then pre-screened by the COA.

“But I think the losses incurred in the delay of the projects because of the pre-audit are little compared to the money lost due to corruption,” the Senate president said.

In a related development, Enrile said he was in full support of the pending bill at the Senate “seeking to strengthen and upgrade the capabilities of the COA as a key anti-corruption institution.”

“For as long as I am the Senate President, I assure you that this will pass,” Enrile said.


Selective pre-audit of government transactions will start on August 1, 2009 per coa circular no. 2009-004.

Capitol land, 6 hospitals remain ‘unrecorded’ for lack of land titles

By Florence F. Hibionada

The Iloilo Provincial Government is sitting on a multi-million Capitol building with a supposedly Reconstituted Certificate of Title. Yet as far as official Capitol records submitted to the Commission on Audit (COA) are concerned, all 1,128.36 square meters of it are “unrecorded.”

Same is true with the 29,268.92 square meters of the Iloilo Sports Complex site in Barangay Magsaysay Village and the covered gym site. And similar situation too for six hospitals under the Iloilo Provincial Government.

“Unrecorded land,” the COA now revealed while officially calling the attention of Governor Niel Tupas Sr. on the matter.

The discovery formed part of the “significant findings” of government auditors tasked to come up with the latest Annual Audit Report (AAR) for the Capitol.

The Commission in last year’s reminder also called the attention of the Tupas administration yet “only one parcel of land located in Pototan, Iloilo valued at P6,109,516.47 was booked up. In compliance with our AOM No. 2008-016 dated September 10, 2008, the Provincial Accountant booked up eight parcels of land amounting to P12,007,630.00.”

The “unrecorded” properties supposedly owned by the province further include the Don Ricardo Y. Ladrido Memorial District Hospital in Barangay Poblacion, Lambunao, Iloilo. Covering 14,000 square meters of land area, COA notes how said Capitol property currently holds a “Conditional Deed of Donation.”

Officially “unrecorded” too in Capitol’s book of accounts the Ramon Tabiana Memorial District Hospital in Barangay Pungtod, Cabatuan, Iloilo, the Alimodian District Hospital in Barangay Bancal, Alimodian, Iloilo and Sara District Hospital in Barangay Anoring, Sara, Iloilo.

Officially “unrecorded” as well were the Don Valerio Palmares Memorial District Hospital in Barangay Asisig, Passi City and the Representative Pedro Trono Memorial District Hospital in Barangay Poblacion, Guimbal, Iloilo.

The Capitol as per explanation to the COA admitted as much to its failure to duly record the stated provincial government properties. Capitol also pointed out the lack of titles as one of the reasons.

“Some of the subject lands are still included in the mother titles thus not having subtitles of their own. Some lands are only documented in the form of deed of donations in favor of the Provincial Government while others come from the national government but are not supported by transfer certificate of titles in favor of the Iloilo Provincial Government,” official Capitol reply to the COA went. “The Provincial Government shall identify personnel to be in-charge of requesting and following up the transfer of certificates of title of the said parcels of land from the national government as well as those with the deeds of donation. The General Service Office has collated all the titles of the land owned by the province of Iloilo. The land assessment value of the Assessor’s Office was the basis of the cost of the land recorded in the Property Card. The reconciliation of land owned and donated or repatriated to the Province of Iloilo is ongoing.”


If these are unrecorded, the assets, depreciation expense and accumulated depreciation accounts of the Iloilo Provincial Capitol then are understated.

COA bares unholy alliance, irregular deals of Capitol suppliers

By Florence F. Hibionada

Where can one find a company licensed to sell animal feeds yet able to supply the government a digital camera, various office supplies, an airconditioner and water tank?

Where can one find partial delivery of agricultural supplies despite full payment made?

While at it, be issued too, an Official Receipt (OR) and a Charge Invoice (CI) showing a different owner from the supposed owner?

And where can one find “middlemen” in government purchases that caused government to pay for a laptop valued P99,000 yet delivered with a lesser brand and lesser worth?

The answer – from suppliers of the Iloilo Provincial Capitol.

All subjects of the latest Annual Audit Report (AAR) of the Commission on Audit (COA), answers are now sought anew from Iloilo Governor Niel Tupas Sr. This, as State Auditors identified the involved suppliers – “Cleafar Enterprises” and “The Seven Seven Trading.”

The AAR as obtained by The News Today (TNT) disclosed specifics on what have been directly labeled as “irregular expenditures.” Government auditors justified such saying “the manner of procurement is considered irregular since it is in violation of a government policy to acquire the items directly from reputable manufacturers or their duly licensed distributors.”

First to go under COA’s scrutiny in a post audit was P138,960 worth of agricultural supplies said to be part of the landscaping in front of the Iloilo Rehabilitation Center (IRC).

As per COA report, the deal was laden with numerous irregularities and illegalities. For one, advance payment – contrary to law - to “Clearfar Enterprises” was established. Second, no less than the acting Provincial Agriculturist confirmed to the COA team that “there was indeed incomplete delivery” at the time other Capitol documents showed the purported complete delivery.

Third, closer look made by State Auditors on paperworks submitted by Cleafar Enterprises revealed glaring discrepancies. Department of Trade and Industry (DTI) business records showed a Ma. Cecilia Buenconsejo as owner with business address at Zarraga, Iloilo. CI and OR meantime showed a Jose Benjamin Pama as owner with business address at Jaro, Iloilo City.

Meantime, yet another irregular expenditure still with Cleafar Enterprises as Capitol’s partner supplier.

This, as COA noted how Capitol equipment and office supplies were purchased here when said company’s line of business is totally different from what is registered with the DTI.

The provincial government as per COA audit purchased at Cleafar Enterprises a digital camera valued P16,924.34, various office supplies worth P16,320, Air conditioner worth P9,309.50, refrigerator worth P12,900, industrial water tank worth P9,288 and various agri supplies worth P23,932.80.

Yet again, as COA pointed out, said supplier as per verification with DTI only handles “feeding stuff for animals.”

“The determination of eligibility of suppliers are based on the submission of legal documents such as DTI, business name registration, valid and current Mayor’s permit etc. to the Bids and Awards Committee (BAC),” the COA wrote.

On a related mis-development, another Capitol supplier is in hot water tagged by COA as Capitol “middleman.” The deal involved the purchase of one unit of laptop computer worth P99,000 yet when delivered, replaced with one worth only P59,900.

Seven Seven Trading was the lone bidder for said laptop. When the unit was delivered, it was not what was specified and paid for but the Capitol inspection team Turned out, that the specified Laptop was already phased out in the market. Seven Seven Trading as per COA verification also carries computer ink only yet debunked thereafter by the company assistant manager. COA however maintained its position.

“We disagree with their allegations since it is apparent that “The Seven Seven Trading” is merely a middleman due to the unavailability of the items being bidded upon until the PO was received on January 31, 2008. The certification issued by Electroworld Inc. to Mr. Ramie Salcedo proved that the item in the PO does not exist in the shelves of The Seven Seven Trading and dependent only in the stocks of Electroworld Inc. the source of the said laptop unit,” the COA report went.

BAC did try to defend “The Seven Seven Trading” though stating compliance on the eligibility criteria.” Yet COA had an answer – “On June 22, 2009, the Audit Team revisited “The Seven Seven Trading” and found no computers on display. Pictures were taken to revalidate and document the visit.”

Incidentally, TNT obtained a copy of the letter of Cristina U. Te who identified herself as the owner of “The Seven Seven Trading” and referred to Electroworld Inc. as their supplier.

As such, COA was specific of its recommendation – Capitol BAC should stop practice of accepting middlemen in the procurement of items for the provincial government. And for BAC to perform its function “especially in the pre-qualification process in order to ensure that suppliers are well-scrutinized, eligible, competitive and capable to deliver.”


Everyone should be vigilant on irregular, illegal, unnecessary, unlawful, excessive, extravagant and unconscionable expenditures!

COA uncovers multi-million mess left behind by ex-Calinog mayor

By Florence F. Hibionada

Over P1.5 million in cash shortage. Over P2.5 million in illegal cash gift. More than half a million in unliquidated cash advances. Over 3.3 million in irregular and illegal disbursements for payment of gasoline expenses.

Such highlighted the findings of the Commission on Audit (COA) on the latest annual audit made at the operations and dealings of the Calinog Municipal Government.

With former town Mayor Salvador Divinagracia serving as the then local chief executive, State Auditors summed up its discoveries that placed the town’s financial coffers in mis-use and abuse.

The over P1.5 million in cash shortage was primarily blamed on a trusted municipal official, Grace Casio with COA calling the attention of Divinagracia as head of agency.

Casio as per COA validation tampered numerous Official Receipts and understated the town’s collections. Documents established unremitted cash collections of over P95,000 while over P1.4 million was blamed on the tampered ORs. COA in concluding its audit cited how responsibility “rests directly with the head of agency.”

The Commission in backing up its findings further wrote that management and utilization of government resources alongside the safeguard against loss or wastage, illegal or improper disposition is the primary responsibility of said agency head.

Meantime full refund has been ordered on over P2.5 million illegal cash gift granted under Divinagracia’s stint. COA took note of several blatant violations while it stated that “municipal officials and employees who received the extra gift for CY 2008 should be required to immediately refund the same.”

Similar action on over half a million in unliquidated cash advances with a recommendation for current Mayor Alex Centena to “cause or order the suspension of payment of their salaries until they have complied with the requirements.”

Meantime, over P3.3 million in disbursements that went to the payment of supposed fuel consumption here posed major irregularities and illegalities.

As such, COA disclosed at least eight violations citing how the “lapses indicate the Municipality’s weak control over its fuel consumption and vehicle utilization.”

“Proper accounting for gasoline and lubricants purchased and used were not diligently observed. Thus, the reasonableness of the actual gasoline consumed by the Municipality in CY 2008 totaling P3,312,886.47 could not be established,” excerpts of the latest COA audit went.

To note, Divinagracia’s assumption into post was laden with controversies following the eventual order for him to vacate.

His victory was questioned in Court and the Commission on Elections that ruled against his favor. Mayor Alex Centena was declared the rightful winner and “inherited” the multi-million messy findings of the COA.


Crime does not pay with the long arm of the law.

COA identifies top execs with excessive claims charged to Capitol

By Florence F. Hibionada

Travel expenses of 13 top personalities of the Iloilo Provincial Government made it in this year’s shortlist of unconscionable and excessive claims.

All disallowed by the Commission On Audit (COA) with full refund of the taxpayer’s money ordered, the list included the governor’s daughter Nielette Tupas Balleza and Capitol lawyer Joenar Pueblo.

Two doctors also made it in the list, Dr. Roberto Castronuevo and Dr. Jeremiah ObaƱana with Castronuevo even discovered to have tampered the Official Receipts (ORs). Castronuevo and Balleza have both returned the Capitol’s money yet COA in its latest Annual Audit Report (AAR) still identified the duo as amongst the 13 with disallowed travel expenses. It was not clear if with the restitution made the two are now clear of any liabilities.

While expenses for official trips may be charged to the Iloilo Provincial Government, COA noted how limitations are set by law. And with cash advances granted to cover said trips, proper liquidations are likewise required.

Random audit made on the travel of the 13 showed violations ranging from excessive claims to tampering of ORs.

“There are instances when official receipts for hotel accommodation presented are tampered. Confirmation letters inquiring as to the authenticity and validity of the data in said official receipts were sent to the management of the hotel and confirmed official receipts differ from that submitted to support the Liquidation Report. Such act of a public officer is deemed unconscionable and should be properly dealt with by the head of agency,” the COA wrote. “Post-audit of selected vouchers and liquidation reports also reveal excessive claims. Receipts for meals and hotel accommodation presented exceeded the daily limit for such expenses… The travel law clearly states that limits are set for daily expenses (not weekly or monthly).”

As further pointed out by COA, regardless of rank and destination the amount allowed is P800 per day with claims in excess needing special authority. Any amount beyond P800 per day must have a certification from the head of office that the excess is “absolutely necessary in the performance of an assignment and presentation of bills and receipts.”

“We recommend that the Province exercise prudence in granting reimbursements for expenses for out of town travels,” while adding that any and all claims must duly be supported with receipts.

Those with unpaid disallowed travels included Provincial Librarian Noemi Viejon, Mila Layog of the Provincial Cooperative Office, acting Provincial Treasurer Corazon Estelita Beloria, Social Welfare and Development Officer Neneth Pador and Health Office’s Judy Dumayas among others.

As COA pointed out, “unconscionable expenditures” signifies without acknowledge or sense of what is right, reasonable and just and not guided or restrained by conscience. These are unreasonable and immoderate expenses incurred in violation of ethics and morality by one who does not have any feeling of guilt for the violation.”

TNT learned that the questioned Capitol executives were granted authority of P2,500 daily allowance for department heads, P2,000 for assistant department heads and P1,500 for hospital chiefs.

The disbursement vouchers checked though showed meals and incidental expenses as grossly excessive, exorbitant and too lavish.

Said matter was first reported in January this year with the earlier Audit Observation Memorandum (AOM) issued.

For instance, one receipt for one meal of one Capitol executive showed a bill of P2,000. COA was direct with its message then to the governor, “Such can be considered quite excessive for a meal of an individual.”

And there was more.

“Further, two (2) ORs show that personal effects and a laptop accessory are among the expenses reimbursed,” the COA noted.

And more reminders in the AOM to the governor calling his attention to government regulations aimed at preventing excessive and extravagant expenditures.

The ‘travel allowance AOM’ cited Section 164, Article 2 of the Government Accounting and Auditing Manual defining excessive expenditures as “unreasonable expense or expenses incurred at an immoderate quantity or exorbitant price. It also includes expenses which exceed what is usual or proper as well as expenses which are unreasonably high and beyond just measure or amount. They also include expenses in excess of reasonable limits.”

COA likewise reminded Tupas, “the term ‘extravagant expenditures’ signifies those incurred without restraint, judiciousness and economy. Extravagant expenditures exceed the bounds of propriety. These expenditures are immoderate, prodigal, lavish, luxurious, wasteful, grossly excessive and injudicious.”


Crime does not pays with the long arm of the law.

Wednesday, July 15, 2009

Audit Program for Collections and Remittances

Collections and Remittances are important in an organization. It must be properly safeguarded against losses, theft and malversation. Audit program for collections and remittances is shown below:

Audit Objectives:

1. To determine that collections and remittances are recorded properly.

2. To establish the existence and amount of unremitted collections in the
hands of collecting officers.

3. To establish the accuracy of the General Ledger account.

Audit Procedures
Analytical Review:

1. Compare reported collections of prior years with current year’s collection. Note material variances.
2. Compare targeted collections for this period with actual collections for the same period. Mark notable variances.

Test of details of balances and transactions:

3. Check entries in the Report of Collections against duplicate ORs. Verify footings and trace to subsidiary accounts. Check remittances reported against actual deposits made.

4. Get a representative sample of duplicate ORs. Confirm with the payees by sending out confirmation letters with focus on amounts paid and nature of imported cargo.

5. Examine ORs for:
-amounts and dates
-mode of payment, whether cash or check
-account distribution and fund classification
-numerical sequence
-erasures and alterations

6. Check numerical sequence of ORs issued against monthly report of accountable forms

7. Examine reported deposits for:
-fund classification
-erasures and alterations

8. Check reported deposits by confirming with the
depository bank thru the Resident Auditor
assigned thereat.
9. Trace entries in the General Ledger account to the entries in the appropriate journal. Verify footings and balance.
10. Check entries in the journals against those in the records/reports.
11. Conduct cash examination on the cash and
accounts of the collecting officers.

Audit Program for Expenses

The Audit program for examination of expenses are as follows:

Audit Objectives:

To determine whether the agency’s funds are utilized only for the purpose for which the funds were made available.

To determine whether the agency’s funds are utilized in accordance with pertinent laws, rules and regulations.

To ascertain whether the expenditures are duly accomplished and approved by the head of the agency or duly authorized representatives.

To ascertain whether the expenditures are properly supported by documents and other evidence to establish the validity, propriety and correctness of the claim.

To determine the correctness of the expense classification.

Audit Procedures

1. Collate and inventory all Disbursement Vouchers
-check timeliness of submission
2. Check completeness of submitted vouchers based
on checks issued for the month
3. Check DVs for adequacy of supporting documents.
4. Take note of lacking documents in WPs. Determine that documents are stamped “PAID” to preclude their subsequent use.
5. Take note of any deficiency in the disbursement, if
any. Verify that amounts are correctly computed.
6. Trace vouchers to entries in the cash disbursement records, noting propriety of account distribution
7. Check correctness of entries in JEV
8. Check propriety of disbursement
9. Check propriety of signatories
10. Check funds availability
11. Account for numerical sequence of check issued
12. Prove footings of disbursement records/books
13. Trace postings from appropriate books of
accounts to GL

Audit Program for Accounts Payable

Accounts Payable should also be properly taken care of to ensure that they actually exist. The audit program for payables are shown below:

Audit Objectives:

To determine that all existing liabilities are properly recorded and shown in the balance sheet
To determine that all the recorded liabilities are existing liabilities of the agency as of balance sheet date
To determine that payees are valid claimants
To ascertain that transactions are duly approved and complete with supporting documents

Test of details of transactions and balances:

1. Vouch recorded accounts payable transactions to supporting documentation.
2. Vouch credits to supporting vouchers, vendor invoices, receiving reports, and purchase orders and other supporting information.
3. Vouch debits to cash disbursements or purchase returns memoranda.

4. Perform purchases cut-off test.
Select sample of recorded purchase transactions from several days before and after year-end and examine supporting vouchers, invoices, etc. to determine that purchases were recorded in the proper period.

Observe the number of the last receiving report issued on the last business day of the audit period and trace sample of lower- and higher-numbered receiving reports to related purchase documents and determine that transactions were recorded in the proper period.

Perform cash disbursements cut-off.
Observe the number of last check issued and trace to the accounting records to verify accuracy of cut-off, or trace dates of paid checks returned with year-end cut-off bank statements to dates recorded.

Confirm accounts payable. On a sample basis, send confirmation requests to vendors with large balances. Investigate and reconcile differences.

Determine that payables are properly identified and classified.


PROPERTY, PLANT AND EQUIPMENT (PPE) are very important assets of an organization and hereunder is an audit program in the examination of such assets:

Audit Objectives:

To establish the existence and ownership by the client of property, plant and equipment.
To ascertain that the basis at which property accounts are stated is acceptable and consistent with that of the preceding year
To determine that additions during the audit period are recorded and valued properly
To make certain that all dispositions of property whether transferred without cost or disposed have been properly authorized and recorded in the books
To ascertain that all properties in the hands of end-users are properly identified and handled or managed and corresponding Memorandum Receipts (MRs) are on file and acknowledged by them
To ascertain that totals per inventory report tally with balances appearing in the Balance Sheet
To ascertain whether all PPE are stated at cost less accumulated depreciation, and to determine whether depreciation of these assets had been properly and accurately computed.

Test of details of transactions and balances:

1. Vouch PPE additions to supporting documentation.
2. Vouch PPE disposals to supporting documentation.
3. Review entries to repairs and maintenance expenses.
4. Inspect PPE and additions thereto. Be alert to evidence of additions and disposals not included on agency’s schedules and to conditions that bear on the proper valuation and classification of the PPE.
5. Examine title documents and pertinent papers.
6. Evaluate fair presentation of depreciation expense by evaluating the appropriateness of useful lives and estimated salvage values set by the Commission on Audit.
7. Determine that PPE and related expenses, gains, and losses are properly identified and classified in the financial statements.
8. Determine the appropriateness of disclosures related to the cost, book value, depreciation methods and useful lives.

Audit Program for Inventories

Here is an audit program for inventories which is very useful for auditors:

Audit Objectives:

To ascertain the physical existence of the items appearing in the balance sheet and to be satisfied of the reasonable accuracy of quantities
To ascertain whether all recorded procurements and utilization occurred during the current year.
To test whether the inventories are properly valued using the moving average method of costing.

Analytical Procedure:

Compare inventory balances to anticipated need as well as to last year’s inventory balances.
Test of details of transactions:

1. Vouch entries in inventory accounts to supporting documentation (e.g. invoices, requisition and issue slips, etc.)
2. Trace data from purchases, supply card, subsidiary ledgers to inventory accounts.
3. See if the asset method of accounting is applied.
4. Test cut-off of purchases and issuances.

Test of details of balances:

5. Observe agency’s physical count and verify inventory quantities:
review the client’s inventory instructions, if any, Determine whether the procedures outlined will result in reasonably accurate inventory.
- Observe the inventory-taking and make sufficient test counts to determine whether inventory instructions are carried out, counts are accurate and properly recorded, and quality and condition of goods are considered
- Obtain proper cut-off
- Note existence of obsolete, slow-moving or damaged goods
- Test check extension and footings of Inventory List
- Check against Memorandum Receipts
- Assist in the inventory-taking personally or by representative
- Conduct inquiry/personal observation to satisfy oneself as to
effectiveness of methods of inventory-taking and as to reliability of
client’s representations
- Prepare reports as to results of inventory-taking observed
Obtain copy of final inventory lists, trace test of inventory
- compare final inventory list with the inventory balances
appearing in the Supplies Ledger cards maintained by the
Accounting Division as well as the inventory balances indicated
in the stock cards of the Supply Office. Note down differences.

6. Verify inventory valuation-test check basis of prices from
purchase orders/delivery receipts. See whether ending balances were arrived at using the moving average method of valuation.
Reconcile inventory report balances with balances appearing in
the balance sheet