Home >> council >> departments >> supportservices04/12/2008 01:30:24

What are the Audit Roles & Responsibilities

The Internal Audit roles and responsibilities are laid out in Financial Regulation 11 and Internal Audit Charter . We also work to an Internal Audit Manual which lays down the procedures we follow

The Internal Audit Charter

  1. Definition of Internal Audit
  2. Contribution to Corporate Aims
  3. Scope, Purpose and Objectives
  4. Responsibility of the Audit Manager
  5. Responsibility of Auditors
  6. Summary of Audit Reporting Arrangements
  7. Financial Regulation 11
  8. External Audit
  9. Internal Audit
  10. Powers of Auditors
  11. Responsibility of Auditors

 

1. Definition Adopted

Internal Audit is an independent function established by management to provide objective evaluation, assurance and consultation on the internal control systems governing the operations of the Council.

It assists the council to achieve its objectives by evaluating and recommending improvements on the adequacy of governance, risk management, controls and use of resources.

2. Contribution to Corporate Aims

Although the Internal Audit Service contributes to the operations of all services it can be seen to assist directly the following Corporate Aims and Objectives:

Aim:

To develop best practice and achieve best value in order to support the achievement of the Council's public service aims and the efficient delivery of its services.

Objectives:
  • To improve service access and secure efficiencies through the development of e-council and e-government.
  • To secure and maximise the return on the resources and assets necessary for the achievement of service aims.
  • To ensure the lawful management and delivery of the Council's services.

3. Scope, Purpose and Objectives

The scope of activity for the FBC Internal Service consists of the following;

  • Fareham Borough Council governance and services.
  • Portchester Crematorium governance and operations.
  • FBC financial systems supporting the Citizens Advice Bureau.

The purpose of the Internal Audit Service is to 'add value by improving the governance and operations of the Council and to assist the management of risk.

This involves examining and evaluating the whole system of internal controls established by management, throughout the Council's operations, with the following objectives:

Assisting managers and the Council to achieve their objectives by:
  • Evaluating and assessing corporate governance processes.
  • Assisting the corporate risk management processes.
  • Assisting the Best Value process and drive for continuous improvement.
  • Providing independent 'reasonable' assurance to managers on the adequacy of internal control at service, department and organisational levels.
  • Providing early warnings of any potential problem areas.
  • Passing on examples of best practice.
  • Facilitating management commitment to implement recommendations.
  • Providing on-going advice on the incorporation of internal controls within systems.
  • Co-ordinating with Internal Audit and other external agencies.
Assessing and advising on the adequacy of internal controls in planned systems based reviews, in relation to:
  • Risks associated with activities.
  • Compliance with policies and other corporate governance requirements (including Financial Regulations and Contract Standing Orders).
  • Integrity of data.
  • Value for money in terms of economy, efficiency and effectiveness.
  • Compliance with relevant legislation.
  • Safeguarding of assets.
  • Levels of undetected errors or irregularities.
Adding to the Anti-Fraud and Corruption environment:
  • Maintain a presence within the organisation.
  • To assist management in preventing and identifying fraud, abuse and irregularities.
  • Evaluating the adequacy and effectiveness of internal controls to prevent fraud and abuse.
  • To assist in the investigation of irregularities.
The Internal Audit Service does not:
  • Control the risks of the authority.
  • Establish and maintain systems of internal control.
  • Determine operational policies or procedures.
  • Ensure the detection of fraud and irregularity.

4. Responsibility of the Audit Manager

In order to fulfil these responsibilities the Audit Manager is responsible for the following:

Delivering cyclical plans of audit coverage in relation to organisational risk
  • Carry out on-going audit needs assessment of all organisational activity (including activity risk and audit time assessment) for approval by the Statutory Chief Finance Officer and Overview Panel for Policy, Strategy and Finance.
  • Develop and deliver an annual audit plan, as agreed with the Statutory Chief Finance Officer and Overview Panel for Policy, Strategy and Finance.
  • Agree any significant interim changes to the annual plan with the Statutory Chief Finance Officer.
  • Produce an annual internal audit report on the plan coverage and findings of the internal audit service for the Statutory Chief Finance Officer, and the other Statutory Officers, and the Overview Panel for Policy, Strategy and Finance.
Reporting to Senior Management on issues of risk and internal control
  • Providing regular information for the Statutory Chief Finance Officer on the work carried out by the section and any significant risks or irregularities identified.
  • Providing regular information to Directors and Chief Officers on the implementation of internal and external audit recommendations.
  • Compiling an annual assurance report for the Chief Executive's Management Team and subsequently the Executive, the Overview Panel for Policy, Strategy and Finance and Full Council on the findings and impact of the control processes in the organisation.
Maintaining an effective and adequate audit service
  • Continuously reviewing the effectiveness of the Internal Audit Service and the quality of the products provided.
  • Preparing an annual business plan to secure the continuous improvement of the service.
  • Providing regular information for the Director of Finance and Resources on the performance of the section including an annual report on the completion of the Business Plan.
  • Periodically assess the adequacy of the Internal Audit Charter.
  • Maintaining a professional audit team with sufficient knowledge, skills and experience to carry out the audit plan.
  • Establishing and monitoring standards and codes for conduct for the audit team.
  • Fostering constructive working relationships with management, external auditors and other review agencies.
  • Maximising the use of ICT techniques and electronic methods of service delivery.

5. Responsibility of Auditors

In order to fulfil the purpose of the audit service, individual auditors are responsible for the following:

Carrying out planned audits in conjunction with service officers and employees in order to encourage appropriate risk management
  • Give adequate notification of the start of a planned audit.
  • Identify risks, breaches and assurances and report back to appropriate officers.
  • Provide practical and timely recommendations.
  • Agree a plan of action to remedy weaknesses.
  • Monitor progress on the implementation of recommendations.
  • Monitor agreed risks accepted by individual services.
Being pro-active in the prevention of errors and irregularities
  • Maintain specialist knowledge.
  • Maintain access to required resources.
  • Communicate identified risks.
  • Provide training on internal control when required.
  • Assist in policy formation
  • Monitor the adequacy of corporate governance elements such as Financial Regulations and make recommendations for improvement.
  • Provide advice on matters of internal control.
Complying with professional auditing and FBC internal audit standards
  • Maintain compliance with FBC Internal Audit Manual
  • Maintain professional independence, objectivity, integrity and confidentiality.
  • Inform the Audit Manager or Statutory Chief Finance Officer of any conflicts of interest.
  • Maintain proper documented files supporting conclusions.
  • Hold in safe custody any documents or property or other material obtained for audit use or investigation procedures.
  • Act with due care to provide 'reasonable' assurance with respect to the outcome of a review.
  • Foster good relationships with auditors and other review agencies.

Financial Regulation 11

External Audit

Right of access:

The external auditor has rights of access to all premises, personnel, documents and information they consider necessary for the purpose of their audit.

Liaison:

The Statutory Chief Finance Officer will work with the external auditors and advise the Full Council, Executive and Directors and Chief Officers on their responsibilities in relation to external audit.

Relationship with Internal Audit:

The Audit Manager must ensure that there is effective liaison between internal and external audit.

Management Letter:

The external audit management letter must be considered by the Executive and any appropriate action reported to the Overview Committee for Policy, Strategy and Finance, before approval by Full Council.

Internal Audit

Responsibility:

The Statutory Chief Finance Officer is responsible for maintaining an adequate and effective internal audit service in accordance with the CIPFA Code of Practice for Internal Audit (2000).

An annual report shall be prepared for the Chief Executive's Management Team and subsequently the Overview Committee for Policy, Strategy and Finance on the discharge of this responsibility.

Scope of Audit Service:

Up to date terms of reference for the audit service must be maintained laying out the scope of audit work and the responsibilities of the Audit team. (Defined in Internal Audit Charter)

Audit Plans:

The Statutory Chief Finance Officer shall consider the strategic and annual audit plans prepared by the Audit Manager for approval by the Overview Committee for Policy, Strategy and Finance.

These will take account of the characteristics and relative risks of the activities involved within the Council.

Monitoring of Audit Plans:

The Statutory Chief Finance Officer shall consider quarterly reports on achievement of audit plans prepared by the Audit Manager.

Independence and Status:

The audit service should be independent of the activities it audits, to ensure that assessments and advice are impartial, unbiased and are not impeded. This is to be achieved by the following:

Organisational Status
  1. The Audit Manager must maintain open communication with the Statutory Chief Finance Officer.
  2. The Audit Manager has the freedom to determine the priorities of the Internal Audit Service in consultation with the Statutory Chief Finance Officer and the Overview Committee for Policy, Strategy and Finance.
  3. The Audit Manager has direct access and freedom to report to all other Senior Management, including the Chief Executive Officer and Monitoring Officer.
  4. The Audit Manager has the freedom to report through the Statutory Chief Finance Officer and Monitoring Officer to the committees they support, when appropriate.
Objectivity and Integrity

  1. The Audit Manager must be a member of a professional Accountancy or Auditing body.

  2. The Audit Manager must establish appropriate professional standards for the rest of the audit team.

  3. The audit team should not have any operational responsibilities or be responsible for the drafting of procedures.

  4. An auditor should not audit an activity that they have previously had responsibility for until at least 12 months have elapsed.

  5. All auditors must inform the Audit Manager or Statutory Chief Finance Officer of any relationships or financial interests in any organisation or activity subject to audit.

  6. An individual auditor should not be solely responsible for an audit area for more than 2 consecutive audits (except for audit specialists)

Powers of Auditors

The Statutory Chief Finance Officer and members of the Internal Audit Service, whilst carrying out their duties, have the authority to:

  1. Premises: Enter, at any reasonable time, any premises or land owned, leased or controlled by the Council.

  2. Documents: Examine all documents, correspondence or information held by employees, members of the council or other third parties, pertinent to their audit work.

  3. Explanations: Obtain such information and explanations from any employee or member as necessary concerning any matter under examination.

  4. Property: Require any Council employee, agent or member to produce cash, stores, or other council property under their control.

Where a significant irregularity is suspected they also have the authority to:

  1. Access systems: Require any Council employee or member to surrender any keys, cards or passwords allowing access to Council's premises, assets or data.

  2. Remove documents: Remove any documents or other material which may be required as evidence.

  3. Exclusion: Require an employee to leave the Council's premises immediately.

Execution of these latter powers shall be in accordance with the Financial Irregularity Investigation Policy, Internal Audit Manual and Personnel Procedures.

Responsibility of Auditors:

In order to be effective in the achievement of the Councils objectives in maintaining its Internal Audit Service auditors must seek to ensure the following:

  1. Maintenance of a constructive approach to the audit process.

  2. Adherence to agreed timescales.

  3. Timely availability of employees, documents, computerised systems and information, in respect to the progress of an audit.

  4. Accuracy of information provided to the best of their knowledge.

  5. Prompt responses to audit reports including availability for the draft report meeting and the production of a timed action plan.

  6. Monitor progress and confirm the timely implementation of agreed recommendations or provide appropriate explanations.

Back to Internal Audit Home Page