Internal Audit Charter
5 Pages
English
Downloading requires you to have access to the YouScribe library
Learn all about the services we offer

Internal Audit Charter

-

Downloading requires you to have access to the YouScribe library
Learn all about the services we offer
5 Pages
English

Description

INTERNAL AUDIT CHARTER 1. INTRODUCTION The Western Australian Treasury Corporation (“the Corporation”) is required under section 53 (1) (d) of the Financial Management Act 2006 to develop and maintain an effective internal audit function. The Treasurer has issued Treasurer’s Instructions 1201 to 1203 to govern the internal audit functions of government departments and statutory authorities. The Corporation’s Internal Audit Charter therefore incorporates these Instructions, along with other relevant principles applicable to an internal audit function. This Charter is established under the Authority of the Corporation. 2. PURPOSE OF AND DEFINITION OF INTERNAL AUDIT Internal audit provides an independent and objective review and advisory service to: • provide assurance to the Chief Executive Officer and Board that the Corporation’s financial and operational controls designed to manage the organisation’s risks and achieve the entity’s objectives are operating in an efficient, effective and ethical manner, and • assist management in improving the entity’s business performance. Internal Audit is defined in the Treasurer’s Instructions as: “An independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance ...

Subjects

Informations

Published by
Reads 15
Language English

Exrait

INTERNAL AUDIT CHARTER
1.
INTRODUCTION
The Western Australian Treasury Corporation (“the Corporation”) is required under section 53 (1) (d)
of the Financial Management Act 2006 to develop and maintain an effective internal audit function.
The Treasurer has issued Treasurer’s Instructions 1201 to 1203 to govern the internal audit functions
of government departments and statutory authorities. The Corporation’s Internal Audit Charter
therefore incorporates these Instructions, along with other relevant principles applicable to an internal
audit function.
This Charter is established under the Authority of the Corporation.
2.
PURPOSE OF AND DEFINITION OF INTERNAL AUDIT
Internal audit provides an independent and objective review and advisory service to:
provide assurance to the Chief Executive Officer and Board that the Corporation’s financial
and operational controls designed to manage the organisation’s risks and achieve the entity’s
objectives are operating in an efficient, effective and ethical manner, and
assist management in improving the entity’s business performance.
Internal Audit is defined in the Treasurer’s Instructions as:
“An independent, objective assurance and consulting activity designed to add value and
improve an organisation’s operations. It helps an organisation accomplish its objectives by
bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk
management, control and governance processes.”
3.
INDEPENDENCE
The Corporation’s Internal Auditor shall have an independent status and:
shall be responsible to the Corporation’s Audit Committee appointed by the Board;
shall have no executive or managerial powers, authorities, functions or duties except those
relating to the management of the internal audit function;
shall not be involved in the day to day operation of the accounting and risk management,
information and control systems nor in the internal checking system;
shall not be responsible for the detailed development or implementation of new or changed
systems, but should furnish advice on the incorporation of adequate systems controls and
provide assurance to management that completed systems will contribute to the achievement
of intended corporate objectives.
4.
AUTHORITY AND CONFIDENTIALITY
Internal Audit shall have full and free access at all reasonable times to all accounts, information,
documents, records and property of the Corporation.
Every officer and employee of the Corporation shall on a timely basis, furnish Internal Audit with
information, advice or explanation on such matters as may be requested and shall render any
assistance necessary for audit purposes.
All records, documentation and information accessed in the course of undertaking internal audit
activities are to be used solely for the conduct of these activities. Internal audit staff are responsible
and accountable for maintaining the confidentiality of the information they receive during the course of
their work.
Page | 1
5.
ROLES AND RESPONSIBILITIES
In the conduct of its activities, internal audit will play an active role in:
developing and maintaining a culture of accountability and integrity
facilitating the integration of risk management into day-to-day business activities and processes,
and
promoting a culture of cost-consciousness, self-assessment and adherence to high
ethical standards.
Internal audit activities will encompass the following areas:
Audit activities
including audits with the following orientation:
Compliance
compliance with all legislative requirements and Corporation policies and procedures
the adequacy and effectiveness of internal financial and operational controls including IT
system controls
the recording, control and use of entity assets and
such other of the operational and management information and control systems and activities
as stipulated by the Corporation in order to provide:
o
regular advice as to whether or not key controls are in place and are being observed and
public and other property, moneys and resources are safeguarded;
o
advice as to the reliability of management information;
o
management orientated appraisals of operations and activities;
o
advice on remedial action to improve operational effectiveness, efficiency and economy;
and
o
periodical reports on remedial action taken on shortcomings previously reported.
Performance improvement
the efficiency, effectiveness, and ethical conduct of the entity’s business systems and
processes.
Advisory services
Internal audit can advise management on a range of matters including:
New programmes, systems and processes
providing advice on the development of new programmes and processes and/or significant
changes to existing programmes and processes including the design of appropriate controls.
Risk management
assisting management in ensuring that the organisations risk management framework
address’s the five key objectives in the overall adequacy of the risk management process.
The five key objectives are:
o
Risks arising from business strategies and activities are identified and prioritised.
o
Management and the board have determined the level of risks acceptable to the
organisation, including the acceptance of risks designed to accomplish the
organisation’s strategic plans.
o
Risk mitigation activities are designed and implemented to reduce, or otherwise
manage, risk at levels that were determined to be acceptable to management and the
board.
o
Ongoing monitoring activities are conducted to periodically reassess risk and the
effectiveness of controls to manage risk.
o
The board and management receive periodic reports of the results of the risk
management processes. The corporate governance processes of the organisation
should provide periodic communication of risks, risk strategies and control to
stakeholders.
assisting the annual Corporation Risk Management Plan
Fraud control
assisting management to identify the risks of fraud and develop fraud prevention and
monitoring strategies
assisting the Corporation’s Fraud Control Plan
Audit support activities
Internal audit is also responsible for:
Page | 2
assisting the Audit Committee to discharge its responsibilities
providing secretarial support to the Audit Committee
monitoring the implementation of agreed recommendations
disseminating across the entity better practice and lessons learnt arising from
its audit activities, and
managing the audit function.
6.
SCOPE OF INTERNAL AUDIT ACTIVITY
Internal audit reviews cover all programmes and activities of the Corporation together with entities
associated with any outsourcing function. Internal audit activity encompasses the review of all
financial and non-financial policies and operations.
Without limiting the performance of its function, Internal Audit shall:
undertake regular periodic compliance testing of key controls over accounting and risk
management, information and control systems;
determine whether the systems of internal checks and controls are adequate and are
functioning effectively and economically;
ascertain the extent to which public and other property, money and resources under the
control of the Corporation are accounted for, utilised and safeguarded from losses of all kinds;
assess the relevance, reliability and adequacy of management data;
promote effective control at reasonable cost;
assess the value obtained for moneys expended;
recommend changes in procedures and systems to improve efficiency and prevent waste and
extravagance;
ascertain the extent of compliance with established policies, plans and procedures, and
determine whether they are effective in securing their intended purpose;
carry out any special investigations, appraisals, inspections and examinations in areas having
financial, operational or management impact;
review management, accounting and risk management systems and operations to assess the
extent to which corporate objectives are achieved, and the adequacy of controls over
activities leading to such achievement; and
draw attention to any failure to take prompt remedial action in regard to identified
shortcomings.
7.
PROFESSIONAL STANDARDS
Internal Audit shall be conducted in a manner consistent with the concepts expressed in the
“Standards for the Professional Practice of Internal Auditing” issued by The Institute of Internal
Auditors Inc., from time to time, except:
to the extent that the standards are inconsistent with Treasurer’s Instructions 1201 to 1203.
to the extent that the Standards are inconsistent with relevant legislation.
Where applicable, regard shall be had for auditing standards and practice statements issued by CPA
Australia, the Institute of Chartered Accountants in Australia,
Standards for the Professional Practice
of Internal Auditing as issued by the Institute of Internal Auditors, the Statement on Information
Systems Auditing Standards issued by the Information Systems and Control Association (ISACA),
Standards issued by Standards Australia and the International Standards Organisation or any other
relevant Australian and International auditing standards authority.
In the conduct of internal audit work, internal audit staff will:
comply with relevant professional standards of conduct
possess the knowledge, skills and technical proficiency relevant to the performance of their
duties
be skilled in dealing with people and communicating audit, risk management and related
issues effectively
their technical competence through a programme of professional development, and
exercise due professional care in performing their duties.
Page | 3
8.
RELATIONSHIP WITH EXTERNAL AUDIT
Periodic meetings and contact between internal and external audit shall be held to discuss matters of
mutual interest. External audit will have full and free access to all internal audit plans, working papers
and reports.
The external audit activities remain the prerogative of the Auditor-General, and Internal Audit’s activity
shall not extend to the coordination of external audit with internal audit, but internal auditors shall
consult with officers of the Office of the Auditor-General to reduce duplication of audit activity
and to
help ensure the adequacy of overall audit coverage.
9.
AUDIT PLANNING AND APPROVALS
Internal Audit shall undertake audit reviews in accordance with, but not limited to, audit plans
approved by the Audit Committee.
Internal Audit shall be responsible for the formulation of all audit plans for approval by the Audit
Committee. In formulating these audit plans, discussions are to be held with the Executive to ensure
that their concerns are taken into consideration.
Internal Audit in preparing the audit plans will, as far as practicable, coordinate proposed audit
activities with those of the external auditor to facilitate the economic and efficient performance of the
Corporation’s total audit.
Internal audit planning shall have two elements:
The Internal Audit Plan (IAP).
The IAP shall identify the audit coverage to be achieved over a three-year period. The IAP shall
be reviewed annually, and altered where necessary to reflect any changes in priorities. It will
also identify and rank all areas to be covered by internal audit.
The IAP will also show the audit program for the forthcoming year, and indicate the time
forecast for each review.
Field Plans.
These are the working plans for each proposed audit review.
The Audit Committee shall approve the following year’s IAP prior to the commencement of the
financial year. The Corporation’s management shall approve of the Field Plan prior to the
commencement of each audit review.
10.
SPECIAL AUDIT REVIEWS
Internal Audit may conduct any special or further audit reviews as may be required from time to time.
11.
FRAUD
Internal Audit must be informed of any suspected or actual fraud or dishonest act in order that he/she
may, where considered necessary, independently report on:
The method used;
The details of any disciplinary or police action taken;
The weakness in control which allowed the dishonest act to be perpetrated; and
The changes needed to prevent a similar occurrence within the Corporation.
Page | 4
Page | 5
12.
REPORTING REQUIREMENTS
On completion of each audit, Internal Audit will make every effort to ensure that all matters concerning
factual content are resolved with the appropriate line managers before the Internal Audit Reports are
published. These reports shall include recommendations of appropriate actions or issues for
consideration by management. Internal Audit Reports are expected to include agreed actions by
management together with specific target completion dates.
Copies of Audit Reports shall be distributed to the relevant management, and the Chairman of the
Audit Committee. All Audit Reports are to be tabled at Audit Committee meetings.
The Chief Executive Officer is expected to evaluate all audit findings and recommendations, and take
action as appropriate with particular attention to prompt corrective action regarding deficiencies in
internal control.
Internal Audit shall conduct follow up reviews to ensure that agreed critical recommendations have
been implemented properly.
Internal Audit is required to provide a Quarterly Status Report on the progress of implementation of
recommendations. The non-implementation of agreed recommendations is to be reported to the Audit
Committee and to the Board.
Internal Audit is required to provide a Quarterly Report of Audit Performance and Activities to the
Audit Committee and the Board. This report shall summarise results of audits conducted, highlight
significant issues and monitor performance against the Annual Review Plan.
13.
ADMINISTRATIVE ARRANGEMENTS
Any change to the position of the external service provider, will be approved by the Board. The Audit
Committee will be consulted as part of the process.
The external service provider will arrange for a periodic, independent review of the efficiency and
effectiveness of its operations in respect to the internal audit function of the Corporation at least every
five years.
14.
REVIEW OF THE CHARTER
This charter will be reviewed at least every two years by the Audit Committee. Any substantive
changes will be formally approved by the Board on the recommendation of the Audit Committee.
15.
KEY PERFORMANCE INDICATORS (“KPIs”)
KPIs for the internal audit process are:
following consultation with management, the annual IAP shall be submitted to the Audit
Committee by the internal auditor by the last scheduled audit committee meeting for the
financial year; and
drafts of internal audit reports shall be submitted to management by the internal auditor within
20 business days of their scheduled completion unless otherwise agreed with the CEO; and
management shall provide its comments to the internal auditor within 10 business days of
receiving the draft reports; and
100% of audit recommendations are to be cleared within the timeframe approved by the Audit
Committee.
Approved by the Board on 21 November 1997.
Amended by the Board on 13 March 1998.
Amended by the Board on 10 December 2004.
Amended by the Board on 18 April 2008.
Amended by the Board on 28 May 2010.