During the COVID-19 pandemic, outdated and ineffective crisis and management systems have exacerbated disruptions to the work of many Supreme Audit Institutions (SAIs), potentially undermining their ability to ensure accountability. Often, these systems do not take into account risks that have intensified during the pandemic, like limited human and financial resources, or emerging risks, like those that accompany digitization.
In response to these challenges, INTOSAI Development Initiative (IDI) is rolling out a new initiative—Crisis and Risk Management for SAI Performance (CRISP)—that helps strengthen SAI resilience by establishing, or improving upon, crisis and risk management systems. By having systems in place that reflect both direct risks to SAIs and broader risks to public financial management and accountability, SAIs are better able to fulfill their mandates even in difficult circumstances.
From 2022 onwards, the CRISP initiative will offer support for SAIs that want to improve in these areas through eLearning courses and direct implementation support. To present its initial approach, reflect on experiences from some SAIs, and gather feedback and suggestions, IDI offered sensitization webinars in English and French in October 2021.
The premise behind CRISP is that SAIs need to strengthen both risk and crisis management systems, and to link these systems with their strategic management. The INTOSAI community has extensive experience with risk management, which is a well-developed field with applicable international standards (ISO 31000). SAIs have less experience with crisis management, but INTOSAI organizations have published several resources to help remedy this: a business continuity planning guide developed jointly by the Caribbean Organization of SAIs (CAROSAI) and the Pacific Association of SAIs (PASAI), and guidance developed by the African Organization of English-speaking SAIs (AFROSAI-E) on disaster response and crisis communication.
CRISP aims to build on these efforts by focusing on the two-way link between SAIs’ crisis and risk management. On the one hand, crisis management can be viewed as an element of risk management, because a crisis is the realization of an unlikely yet impactful risk for which the SAI has no simple mitigation tools. Crisis management systems thus function as a risk mitigation measure. On the other hand, most SAIs are currently recovering from the COVID-19 crisis, a process that involves reviewing and updating risk management procedures.
IDI would very much appreciate SAIs’ contributions as it continues to develop this initiative. SAIs that would like to share their experiences with IDI or nominate resource persons can do so by emailing email@example.com and firstname.lastname@example.org.