Audit Committee, 1 March 2004, Report 10
7 Pages
English
Downloading requires you to have access to the YouScribe library
Learn all about the services we offer

Audit Committee, 1 March 2004, Report 10

-

Downloading requires you to have access to the YouScribe library
Learn all about the services we offer
7 Pages
English

Description

Agenda Item No: Report No:Report Title: Strategic Audit PlanReport to: Audit Committee Date: 1 March 2004Ward(s) Affected: AllReport By: Director of Finance and Community Services Contact Officer(s): David Heath, Chief Internal Auditor Purpose of Report:To agree the Strategic Audit Plan for the period 2004/2005 to 2006/2007 andthe Annual Audit Plan for the year 2004/2005.Officers’ Recommendations:1 To agree the three year Strategic Audit Plan.2 To agree the Annual Audit Plan for 2004/2005.1 Background1.1 Lewes District Council Internal Audit operates in accordance with theauditing guidelines published as a Code of Practice for Internal Audit bythe Chartered Institute of Public Finance and Accountancy (CIPFA). 1.2 The purpose, authority and responsibilities of Internal Audit are definedin the Charter for Internal Audit that was approved by the AuditCommittee in May 2002, with updates approved by the Committee inDecember 2003 to ensure compliance with the latest version of theCIPFA Code (2003). 1.3 The 2003 CIPFA Code refers to the need for a high level strategy thatoutlines how the Internal Audit service will be delivered and developed,and for there to be a risk based periodic plan that sets out how thestrategy is to implemented.1.4 The Strategic Audit Plan sets out the scope, conduct and timing ofinternal audit work for the three year period from 2004/2005 to2006/2007. The Strategic Audit Plan is reviewed each year so that itcan be amended ...

Subjects

Informations

Published by
Reads 86
Language English

Exrait

Agenda Item No:
Report No:
Report Title:
Strategic Audit Plan
Report to:
Audit Committee
Date: 1 March 2004
Ward(s) Affected:
All
Report By:
Director of Finance and Community Services
Contact Officer(s):
David Heath, Chief Internal Auditor
Purpose of Report:
To agree the Strategic Audit Plan for the period 2004/2005 to 2006/2007 and
the Annual Audit Plan for the year 2004/2005.
Officers’ Recommendations:
1
To agree the three year Strategic Audit Plan.
2
To agree the Annual Audit Plan for 2004/2005.
1
Background
1.1
Lewes District Council Internal Audit operates in accordance with the
auditing guidelines published as a Code of Practice for Internal Audit by
the Chartered Institute of Public Finance and Accountancy (CIPFA).
1.2
The purpose, authority and responsibilities of Internal Audit are defined
in the Charter for Internal Audit that was approved by the Audit
Committee in May 2002, with updates approved by the Committee in
December 2003 to ensure compliance with the latest version of the
CIPFA Code (2003).
1.3
The 2003 CIPFA Code refers to the need for a high level strategy that
outlines how the Internal Audit service will be delivered and developed,
and for there to be a risk based periodic plan that sets out how the
strategy is to implemented.
1.4
The Strategic Audit Plan sets out the scope, conduct and timing of
internal audit work for the three year period from 2004/2005 to
2006/2007.
The Strategic Audit Plan is reviewed each year so that it
can be amended to reflect changing priorities and meet the emerging
needs of the Council.
2
Purpose and Objectives
2.1
The purpose of the Strategic Audit Plan is to:
identify all the areas of Council activity that require auditing over the
three year period;
state how the Council’s key internal control systems, corporate
governance arrangements and risk management processes will be
reviewed;
state how the service will be provided, and establish the resources
and skills required to meet audit objectives;
set out the relative allocation of resources between the work to
obtain assurance on the internal control systems and any work to
provide advice; and
assist the overall control and direction of the work.
2.2
The Strategic Audit Plan has been drawn up with the following
objectives:
to undertake audits of key financial systems on a cyclical basis;
to examine the main departmental systems at least once within the
three year cycle;
to show how the assurance for the annual control statement will be
demonstrated;
to audit high risk areas every year,
to undertake Value for Money (VFM) studies;
to undertake EMAS audits;
to provide advice on corporate management activities such as Best
Value, Risk Management, Corporate Governance and Performance
Management; and to scrutinise their development within the Council;
to carry out a programme of specialist contract and computer audits;
to meet management requirements for special investigations;
to provide advice to managers on financial and control issues; and
to include an element of contingency to cover assignments that could
not reasonably have been foreseen.
2.3
Since April 2001, the Audit Commission District Audit has not required a
programme of managed audits, but the Audit Commission places
reliance on Internal Audit coverage of a programme of audits of key
financial systems, and requires assurance that adequate testing of the
systems has been undertaken.
2.4
The Council’s statement of accounts for 2002/2003 included for the first
time a statement on the system of internal financial control as
recommended by CIPFA. The overall statement on internal control is
completed by the Director of Finance and Community Services but it
includes elements prepared by the Chief Internal Auditor, which outline
the role of Internal Audit and give an independent opinion on the
adequacy and effectiveness of the system of internal financial control.
That opinion is based upon Internal Audit’s reviews of key financial
systems, and is reported first to the Audit Committee as part of the Chief
Internal Auditor’s Annual Report that is submitted in June each year.
2.5
The Computer Audit coverage includes resource provision for the
Implementation of New Systems. This is to enable Internal Audit to
comment on the procedures and controls associated with new systems,
to provide input to the project teams or to comment on system
specifications.
The major system developments that are imminent
include a Personnel and Payroll system.
2.6
The entry for Environmental Audit is a summary of the three-year
programme of audits that has been separately agreed with the EMAS
Verifier.
The summary entry is included to obtain Audit Committee
approval for the resources assigned to this work.
2.7
With the Audit Commission acting as facilitator, the Council is
implementing a Risk Management Strategy that is enabling the
introduction of adequate risk management systems.
Internal Audit will
advise on the development of risk management processes across the
Council, and will review their adequacy. In addition, Internal Audit is
committed to ensuring that the audit planning process is consistent with
the new strategy, and the Strategic Plan includes provision for a mid
year review to introduce any changes that may be required.
The
planned work means that in 2004/2005 the resource allocation for the
audit is larger than normal.
2.8
Internal Audit will support the work of the Corporate Performance Officer
by reviewing the adequacy and effectiveness of performance
management procedures.
Internal Audit will also assist in the
development of Corporate Governance systems by providing advice
and reviewing progress as appropriate.
2.9
The Strategic Audit Plan reflects the Review Board structure of the
Council.
It is not expected that any further re-organisation of political
structures will affect the auditing of main services and systems.
Preparation of the Strategic Plan
3
Review of Key Council Activities
3.1
The first stage in the strategic planning process is the review of the
database of all the key areas of Council activity that require to be
audited.
The review of Council activities is based on previous Strategic
Audit Plans, the budget book, Annual Performance Plan, Strategies and
Service Plans, Audit Commission management letters, Cabinet and
Review Board reports and known developments.
4
Application of the Risk Assessment Model
4.1
The second stage in the planning process is to use the database to
assess the risks in each area of activity. A revised risk model has been
introduced for this Strategic Audit Plan, which assesses each activity
under six categories: financial materiality, system stability, sensitivity,
complexity, inherent risk and the adequacy of internal control.
Each
category is scored on a scale from 1 to 9, with the greater risks
receiving the higher scores.
The total score for each activity determines
the frequency of audit coverage.
Audits are assigned to one of three
frequency bandings: High (audited every year), Medium (every other
year) and Low (no more than once every three years).
4.2
One audit, Housing Benefits, has been classified as High risk because
the risk assessment model has taken account of recommendations by
the Benefit Fraud Inspectorate.
4.3
Some other areas of Council activity are scheduled for review every
year, although they are not subject to the same risk assessment
process.
These areas include the performance related activities that
form a significant part of the government’s modernisation agenda for
local authorities (see Paragraph 5.2) and ongoing activities such as the
support to the Audit Committee, Follow Up and Liaison with the Audit
Commission.
4.4
A further review has been carried out for those audits in the Low
banding.
Certain areas of activity are assessed as having minimal risk,
and have been excluded from the programme of audits in the Strategic
Audit Plan. These activities remain part of the database of potential
audits and will be reassessed as part of next year’s Strategic Audit Plan.
A list of the thirteen audits excluded from this plan is given at Appendix
2.
5
Review of Staff Resources
5.1
The third stage in the planning process is the review of available staff
resources. The Internal Audit function is provided internally, and the
staffing of Internal Audit is as approved by the Council on 23 February
2000. The Strategic Audit Plan assumes full staffing of the Internal Audit
team will be maintained for the three-year period of the plan.
Allowing
for these factors, the staffing is assessed at the level necessary to
ensure audit coverage of the key areas within the three-year cycle.
5.2
Internal Audit forms part of the Audit and Performance Division that is
responsible for a wide range of performance related activities. These
activities include:
Performance Management
Best Value Reviews
Corporate Governance
Risk Management
Procurement
Asset Management
5.3
The staffing of the Corporate Performance function reflects the addition
of the post of Corporate Performance Assistant following Cabinet
approval on 4 September 2002. The Audit and Performance Division
has been at its approved staffing complement since October 2002.
5.4
The structure of the Division is as follows:
5.5
The increase in the workload in corporate activities has required the
Chief Internal Auditor to allocate less of his time to audit matters. The
Strategic Audit Plan includes an 80/20 apportionment of the Chief
Internal Auditor’s time between Corporate Performance and Internal
Audit activities.
5.6
The Principal Audit Manager, Senior Auditors and Audit Assistant are
dedicated to audit work.
This separation of responsibilities preserves
the integrity and independence of Internal Audit, and also enables them
to audit and advise on the Corporate Performance activities. This work
is presented in the Strategic Audit Plan under the heading Performance
and Management Scrutiny, which also includes the provisions for the
VFM Reviews.
6
Summary of Resource Allocation for the Audit Plan
6.1
Table 1 summaries the resources allocated to main audit areas in the
three years 2004/2005 to 2006/2007.
This resource allocation is the
actual time available to perform audit work after making provision for
administration, training, leave and sickness.
AUDIT AND PERFORMANCE DIVISION
SENIOR AUDITORS
Two posts
AUDIT ASSISTANT
P/T (22hrs. per week)
PRINCIPAL AUDIT MANAGER
CORPORATE PERFORMANCE
ASSISTANT
P/T (15 hrs. per week)
CORPORATE PERFORMANCE OFFICER
CHIEF INTERNAL AUDITOR
Table 1: Summary of Strategic Audit Plan for 2004/2005, 2005/2006 and 2006/2007
Year
2004/2005
2005/2006
2006/2007
Audit Area
Audit Days
Audit Days
Audit Days
Main Systems
110
125
95
Central Systems
60
65
80
Departmental Systems
170
170
160
Performance and Management Scrutiny
105
100
100
Computer Audit
61
61
61
Contract Audit
25
40
25
Environmental Audit
35
30
35
Management Responsibilities and
Unplanned Audits
175
168
190
Total
741
759
746
6.2
Variations in the resource allocations across the three years reflect the
need to balance audit coverage across the key areas, taking account of
previous audits undertaken and the revised priorities identified by the
strategic planning process. The main reason for the reduced number of
audit days in 2004/2005 is there being two Easter Bank Holidays in the
year.
The corresponding reduction in public holidays in 2005/2006
accounts for the increased audit days compared to 2004/2005.
6.3
The proposed individual audits within the Strategic Audit Plan for the
years 2004/2005 to 2006/2007 are detailed at Appendix 1.
The Annual
Audit Plan for 2004/2005 will be as per the first column of Appendix 1.
7
Financial Implications
7.1
There are no additional financial implications arising from this report.
8
Environmental Implications
8.1
I have completed the Environmental Implications Questionnaire and
there are no significant effects as a result of these recommendations.
Appendix 2