Below you will find links to “good practice” resources developed by other legislative audit offices and professional bodies across Canada and worldwide. Public sector organizations in Manitoba may find this information useful in assessing and continually improving their own operations.
In these links, you will find:
- Best practice guides
- Backgrounders
- Discussion papers
- Checklists
- Self-assessment tools
Our office’s reports frequently refer to good practices, and many of our recommendations are based on best practices. We have compiled this resource to help public sector entities find best practices they may wish to pursue. These resources were developed by different jurisdictions for varying purposes. It is important for public sector organizations in Manitoba to evaluate their own unique context when considering the usefulness of any of this information. Any inquiries regarding these resources should be made directly to the publisher.
We used the Canadian Audit and Accountability Foundation’s Performance Audit Guidance Inventory when developing this resource. If you are interested in the work of CAAF, visit their website at www.caaf-fcar.ca.
Free Resources
The following are free resources from Legislative Audit Offices and Professional Organizations.
Asset Management
Asset Management for Local Governments
Auditor General for Local Government, BC
Fleet Management – Tools, Policy and Guidance
Wales Audit Office
Best Value Toolkit: Asset Management
Audit Scotland
Change Management
Managing Machinery of Government Changes
Queensland Audit Office
Reorganising Arm’s Length Bodies
UK National Audit Office
Disaster & Emergency Management
Improving Local Government Emergency Management
Auditor General for Local Government, BC
Efficiency
Improving Public Sector Efficiency – Good Practice Checklist for Public Bodies
Northern Ireland Audit Office, Audit Scotland, Wales Audit Office
Best Value Toolkit: Efficiency
Audit Scotland
Lean and Systems Thinking in the Public Sector in Wales
Wales Audit Office (Lean Enterprise Research Centre)
Environmental Management
Considerations for Local Government Administrators-Integrated Drinking Water Management
Auditor General for Local Government, BC
Primer on Drinking Water Management in British Columbia
Auditor General for Local Government, BC
Best Value Toolkit: Sustainability
Audit Scotland
Equality
Best Value Toolkit: Equalities
Audit Scotland
Ethics and Conflicts of Interest
Conflicts of Interest: A Good Practice Guide
Northern Ireland Audit Office,
Conflicts of Interest
UK National Audit Office
Whistleblowing in the Public Sector: A Good Practice Guide for Workers and Employers
Northern Ireland Audit Office
Assessment Criteria for Whistleblowing Policies
UK National Audit Office
Good Practice – Conflicts of Interest
OAG New Zealand
Financial Management and Reporting
Safeguarding Public Money: Are You Getting it Right?
Audit Scotland
Financial Management Maturity Model: A Good Practice Guide
Comptroller and Auditor General, Ireland
Long-term Financial Planning
Queensland Audit Office
Framework to Review Models
UK National Audit Office
Forecasting in government to achieve value for money
UK National Audit Office
Best Value Toolkit: Financial Management
Audit Scotland
Fraud & Corruption
Fraud Risk Assessment and Planning Tool
Queensland Audit Office
Managing the Risk of Bribery and Corruption
Northern Ireland Audit Office
Fraud Prevention Checkup
Association of Certified Fraud Examiners
Managing Fraud Risk in a Changing Environment – A Good Practice Guide
Northern Ireland Audit Office
Fraud Control Improvement Kit – Meeting Your Fraud Control Obligations
Audit Office New South Wales
Fraud and Corruption Control Self-Assessment Tool for Public Sector Entities
Queensland Audit Office
Good Practice – Discouraging Fraud
OAG New Zealand
Governance and Oversight
Discussion Paper: Six Themes to Help Make Scrutiny ‘Fit for the Future’
Wales Audit Office
Transformation Guidance for Audit Committees
UK National Audit Office
Board Effectiveness – A Good Practice Guide
Northern Ireland Audit Office
Governance Lighthouse – Strategic Early Warning System
Audit Office New South Wales
Independent Audit Committees in Public Sector Organizations
Institute of Internal Auditors
Internal Audit in the Public Sector – Guidance and Good Practices for Saskatchewan
Provincial Auditor Saskatchewan
The Audit Committee Self-Assessment Checklist
UK National Audit Office
Best Value Toolkit: Governance and Accountability
Audit Scotland
Best Value Toolkit: Vision and Strategic Direction
Audit Scotland
Good Practice – Audit Committees
OAG New Zealand
Good Practice – Good Governance
OAG New Zealand
Grants Management
Grants Management Mini-Guides
Wales Audit Office
Human Resource Management
Severance Payments – A Guide for the Public Sector
OAG New Zealand
Managing Absence – Tools, Policy and Guidance
Wales Audit Office
Occupational Health – Tools, Policy and Guidance
Wales Audit Office
Smarter Ways of Working – Tools, Policy and Guidance
Wales Audit Office
Best Value Toolkit: People Management
Audit Scotland
Innovation & Continuous Improvement
Business Improvement Guide – Tools, Policy and Guidance
Wales Audit Office
Innovation – Tools, Policy and Guidance
Wales Audit Office
Best Value Toolkit – Challenge and Improvement
Audit Scotland
Information Technology
Guidance for Audit Committees on Cloud Services
UK National Audit Office
Cyber Security and Information Risk Guidance for Audit Committees
UK National Audit Office
Information and Communications Technology Controls Guide
Victorian Auditor-General’s Office
Licensing & Compliance
Performance Measurement & Reporting
Good Practice Note on Improving the Quality of Central Government Annual Report and Accounts
Audit Scotland
Performance Management for Outcomes – A Good Practice Guide for Public Bodies
Northern Ireland Audit Office
Performance Measurement by Regulators
UK National Audit Office
Best Value Toolkit: Performance Management
Audit Scotland
Best Value Toolkit: Public Performance Reporting
Audit Scotland
Good Practice – Performance Reporting
OAG New Zealand
Policy Development & Implementation
Framework to Review Programmes
UK National Audit Office
Making Partnerships Work: A Good Practice Guide for Public Bodies
Northern Ireland Audit Office
Service Logic Model
Queensland Audit Office
Public Participation in Government Decision- Making – Better Practice Guide
Victorian Auditor-General’s Office
Best Value Toolkit: Community Engagement
Audit Scotland
Best Value Toolkit: Customer Focus
Audit Scotland
Best Value Toolkit: Planning and Resource Alignment
Audit Scotland
Procurement & Project Management
Survival Guide to Challenging Costs in Major Projects
UK National Audit Office
Improving Local Government Procurement Processes
Auditor General for Local Government, BC
Commercial and Contract Management: Insight and Emerging Best Practice
UK National Audit Office
Good Practice Contract Management Framework
UK National Audit Office
Principles Paper: Managing Provider Failure
UK National Audit Office
Oversight of Capital Projects Planning and Procurement
Auditor General for Local Government, BC
Over-Optimism in Government Projects
UK National Audit Office
The DECA: Understanding Challenges in Delivering Project Objectives
UK National Audit Office
Initiating Successful Projects
UK National Audit Office
Best Value Toolkit: Procurement
Audit Scotland
Contracting for Construction Services
National Association of State Auditors, Comptrollers and Treasurers
Contracting for Services
National Association of State Auditors, Comptrollers and Treasurers
Good Practice – Procurement
OAG New Zealand
Good Practice – Sensitive Expenditure
OAG New Zealand
Public-Private Partnerships
Managing Risks of Public-Private Partnerships
Provincial Auditor Saskatchewan
Knowledge and Records Management
Records Management Checklist – A Tool to Improve Records Management
Victorian Auditor-General’s Office
Best Value Toolkit: Information Management
Audit Scotland
Risk Management
QAO Risk Management Maturity Model
Queensland Audit Office
The Three lines of Defense in Effective Risk Management and Control
Institute of Internal Auditors
Good Practice in Risk Management
Northern Ireland Audit Office
Managing Risks in Government
UK National Audit Office
Best Value Toolkit: Risk Management
Audit Scotland
Other Resources (require registration and/or fee)
Professional Organizations
Association of Certified Fraud Examiners (ACFE)
The ACFE is the “world’s largest anti-fraud organization.” Its ACFE Fraud Resources Library offers anti-fraud publications, articles and reports, sample documents, tools, videos and podcasts.
Institute of Internal Auditors, North America (IIA)
The IIA is “the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator.” Its Topics and Resources site includes guidance, knowledge sharing, and publications.
Project Management Institute (PMI)
Project Management Institute (PMI) is the “world’s leading association for those who consider project, program or portfolio management their profession.” Its Learning site includes articles, publications, tools and templates, and academic research.
Information Security Resources
Center for Internet Security (CIS)
The CIS is a not-for-profit organization that works with the global IT community to safeguard private and public organizations against cyber threats. It publishes globally recognized standards and best practices regarding cyber threat prevention, protection, response, and recovery. Its Cybersecurity Best Practices site contains the CIS Controls (top 20 controls to mitigate attacks), and CIS Benchmarks (guidelines for safeguarding systems against threats such as operating systems, databases, software, networks).
Information Systems Audit and Control Association (ISACA)
ISACA a not-for-profit organization that “engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems”. Its Knowledge & Insights site includes research, guidance and articles on standards, best practices and emerging trends.
National Institute of Standards and Technology (NIST)
NIST is part of the U.S. Department of Commerce. NIST researches and collaborates with industry and government to develop globally recognized standards for information technology and applications. Links to some of NIST’s resources are:
- Computer Security Resource Center
- Cybersecurity Framework
- Risk Management Framework
- Publications
Open Web Application Security Project (OWASP)
OWASP is a not-for-profit charitable organization “focused on improving the security of software.” Its Projects site includes best practices documents.
Software Assurance Forum for Excellence in Code (SAFECode)
SAFECode is a not-for-profit organization whose activities include an “effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services.” Its Publications site includes best practices for safe software development.
SysAdmin, Audit, Network, and Security Institute (SANS)
SANS is a not-for-profit organization that engages in “cooperative research and education.” Its Reading Room site includes research documents across many IT topics, notably Application and Database Security, Artificial Intelligence, and Auditing and Assessment.