Contact your Parish Council


Cabinet, Council or Committee Report for Internal Audit - Six Monthly Interim Report enc. 5

Appendix E

Definitions of Assurance Levels

Our opinion on the adequacy and effectiveness of controls for an audited activity is shown as an assurance level within four categories. The use of an assurance level is more consistent with the requirement for managers (and Members) to consider the degree to which controls and processes can be relied upon to achieve the objectives of the reviewed activity.  The assessment is largely based on the adequacy of the controls over risks but also includes consideration of the adequacy of controls that promote efficiency and value for money. The definitions of assurance levels are provided below:


Controls Assurance Level

Summary description

Detailed definition

 

Minimal

 

 

Urgent improvements in controls or in the application of controls are required

 

 

The authority and/or service is exposed to a significant risk that could lead to failure to achieve key authority/service objectives, major loss/error, fraud/impropriety or damage to reputation.

This is because key controls do not exist with the absence of at least one critical control or there is evidence that there is significant non-compliance with key controls.

The control arrangements are of a poor standard.

 

Limited

 

 

Improvements in controls or in the application of controls are required

 

 

The area/system is exposed to risks that could lead to failure to achieve the objectives of the area/system under review.

This is because, key controls exist but they are not applied, or there is significant evidence that they are not applied consistently and effectively.

 The control arrangements are below an acceptable standard.

 

 

 

 

Substantial

 

Controls are in place but improvements would be beneficial

 

 

There is some limited exposure to risk which can be mitigated by achievable measures. Key or compensating controls exist but there may be some inconsistency in application.

The control arrangements are of an acceptable standard.

 

High

 

Strong controls are in place and are complied with

 

The systems/area under review is not exposed to foreseeable risk, as key controls exist and are applied consistently and effectively.

 

 The control arrangements are of a high standard.