1. Home
  2. Council and Democracy
  3. Contact your Parish Council

Contact your Parish Council

Public Sector Internal Audit Standards

 

MAIDSTONE BOROUGH COUNCIL

 

AUDIT COMMITTEE

 

25 MARCH 2013

 

REPORT OF THE HEAD OF AUDIT PARTNERSHIP

 

Report prepared by Brian Parsons 

 

 

1.           Public Sector Internal Audit Standards

 

1.1        Issue for Decision

 

1.1.1   The report provides a summary of the new standards for the provision of internal audit within public sector organisations in the United Kingdom. The standards are effective from 1 April 2013. The Audit Committee is asked to note the new standards and the action that is being taken to implement them.

 

 

1.2        Recommendation of Head of Audit Partnership

 

1.2.1   That the Audit Committee note the new Public Sector Internal Audit Standards and the action that is being taken to implement them

 

 

1.3        Reasons for Recommendation

 

1.3.1   After more than a year of development, the Public Sector Internal Audit Standards were launched in December. They will come into effect on April 1, providing a consistent framework for internal audit services across the UK public sector.

 

1.3.2    The PSIAS were issued by the ‘Relevant Internal Audit Standard Setters’ in the sector – CIPFA, the Treasury, the Department of Health and the Scottish, Welsh and Northern Ireland governments.

 

1.3.3   A consistent framework has obvious benefits for partnership working, and for internal auditors who work across the different parts of the public sector. The standards are also designed to drive improvement, leading to better public financial management.

 

1.3.4   This ground-breaking development is based on the Institute of Internal Auditors’ International Standards, Definition of Internal Auditing and Code of Ethics, which form the core of the PSIAS. The new standards will replace the existing ones in local government, central government and the NHS, including the CIPFA Code of Practice for Internal Audit in Local Government.

 

1.3.5   The first noticeable difference compared with the previous CIPFA standards (The Code of Practice for Internal Audit in the UK) is the distinctive look and feel of the PSIAS: individual standards are numbered with subsections and the additional public sector requirements and interpretations are displayed in separate, additional boxes. This allows for amendments without disturbing the flow of the standards.

 

1.3.6   Another difference, especially for local government, is the terminology. For example, the PSIAS use the term ‘chief audit executive’, the description used internationally, rather than ‘head of internal audit’ or ‘chief internal auditor’, which are more common in the UK. The PSIAS also makes regular reference to ‘the board’; for the Council this is the Audit Committee.

 

1.3.7   Another change/amendment is the requirement for an internal audit ‘charter’, which must formally define the purpose, authority and responsibility of the internal audit activity, as well as the nature of consulting services and the terms ‘board’ and ‘senior management’. It will also cover arrangements for avoiding conflicts of interest if internal audit carries out any non-audit activities.

 

1.3.8   There is no longer a requirement to produce an audit strategy. Instead, a risk-based plan must incorporate or be linked to a strategic or high-level statement. This should set out how the internal audit service will be provided and developed in accordance with the charter and how it will link to the organisation’s objectives and priorities.

 

1.3.9    The quality of the service will also need to be rigorously checked under the Quality Assurance and Improvement Programme. The QA&IP requires ongoing internal assessments of all aspects of internal audit activity, as well as an external assessment at least once every five years. The QA&IP is designed to assess the efficiency and effectiveness of internal audit as well as identify opportunities for improvement.

 

1.3.10                 The chief audit executive will have to include a statement on the results of the QA&IP in an annual report.

 

1.3.11                 The internal assessments can be divided into two parts. The first will be monitoring the department’s activity, in much the same way as under current quality review procedures. The other will comprise ‘periodic’ self-assessments or assessments carried out by other officers in the organisation, who will have to have sufficient knowledge of internal audit practices.

 

1.3.12                 External assessments will need to be carried out by qualified and independent assessors or assessment teams from outside the organisation. They can be undertaken as a full external evaluation or a self-assessment with independent external validation and cannot be carried out on a rolling basis.

 

1.3.13                 CIPFA’s Local Government Application Note for the PSIAS, due out in March, will include a full PSIAS checklist to assist local authorities with both internal and external assessments.

 

Definition of ‘internal auditing’

 

1.3.14                 The PSIAS contain a revised definition of internal auditing:

 

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.

 

1.3.15                 This replaces the previous CIPFA definition (which is now redundant):

 

Internal Audit is an assurance function that provides an independent and objective opinion to the organisation on the control environment by evaluating its effectiveness in achieving the organisation’s objectives. It objectively examines, evaluates and reports on the adequacy of the control environment as a contribution to the proper, economic, efficient and effective use of resources.

 

1.3.16                 The most obvious differences are the inclusion within the new standards of the words:

·         ‘consulting activity’,

·         ‘adding value and improving an organisation’s operations’

·         ‘bringing a systematic disciplined approach’, and

·          ‘to evaluate the effectiveness of risk management, control and governance processes.

 

1.3.17   The new standards represent a change of emphasis for public sector internal audit which will now more closely align public sector audit with the audit practices used in the private sector, but with additional requirements for the public sector where necessary and appropriate. The PSIAS are very much based on the international standards of the Chartered Institute of Internal Auditors.

 

1.3.18   A complete copy of the Standards is attached as an Appendix.

 

 

Action being taken to implement the Public Sector Internal Audit Standards

 

1.3.19   A copy of the new standards has been provided to each auditor in the Internal Audit Partnership. A short presentation, providing a summary of the changes was made to the meeting of the Audit Partnership team on 17 January 2013. The auditors will be asked to sign a statement to confirm that they have read and understand the PSIAS.

 

1.3.20   A revised internal audit charter will be prepared by the Head of Internal Audit Partnership, consistent with the Definition of Internal Auditing, the Code of Ethics and the Standards. The revised internal audit charter will be discussed with senior management and provided to the Audit Committee for final approval.

 

1.3.21   The Head of Audit Partnership will confirm, on an annual basis, the organisational independence of the internal audit activity. This will occur as part of the Annual Internal Audit report to the Audit Committee.

 

1.3.22   The internal audit quality control process will be amended to reflect the new arrangements for ‘due professional care’ and the requirement for a ‘quality assurance and improvement programme’.

 

1.3.23   Arrangements will be put in place for an external assessment of the service every five years by a qualified, independent assessor or assessment team from outside the organisation.

 

1.3.24   Progress against any improvement plans, agreed following external assessment, will be reported in the annual report to the Audit Committee.

 

1.3.25   Instances of non-conformance to the standards will be reported to the Audit Committee. More significant deviations will be considered for inclusion in the annual governance statement.

 

1.3.26   Where the Head of Internal Audit Partnership believes that the level of agreed resources will impact adversely on the provision of the annual internal audit opinion, the consequences will be brought to the attention of the Audit Committee.

 

1.3.27   Other than the specific matters referred to above, it is considered that the Mid-Kent Internal Audit Partnership fundamentally already operates to the PSIAS. This is not too surprising as the partnership has always set good professional standards for its work and for a number of years has jointly embraced the CIPFA standards and the standards of the Chartered Institute of Internal Auditors.

 

 

1.4        Alternative Action and why not Recommended

 

1.4.1   The Accounts and Audit Regulations 2011 place a statutory duty on the Council to ‘undertake an adequate and effective internal audit of its accounting records and its system of internal control in accordance with the proper practices in relation to internal control’. The ‘proper practices’ are those contained in the Public Sector Internal Audit Standards. There is no option for the Council other than to adopt the PSIAS.

 

 

1.5        Impact on Corporate Objectives

 

1.5.1   Internal Audit will operate a risk-based plan linked to a strategic or high-level statement. This will set out how the internal audit service will be provided and developed in accordance with the Audit Charter and how it will link to the organisation’s objectives and priorities.

 

1.6        Risk Management

 

1.6.1 The failure to adopt/implement the PSIAS would create the risk that internal audit is not being provided to the statutory standard and would be failing to provide the necessary assurances to management, Audit Committee and the external auditors.

 

1.7        Other Implications

 

1.7.1    

1.      Financial

 

X

 

2.           Staffing

 

 

 

3.           Legal

 

X

 

4.           Equality Impact Needs Assessment

 

 

 

5.           Environmental/Sustainable Development

 

 

6.           Community Safety

 

 

7.           Human Rights Act

 

 

8.           Procurement

 

 

9.           Asset Management

 

 

 

 

1.7.2    Financial: The only direct financial implication associated with adopting the Public Sector Internal Audit Standards is the need to obtain external validation that the standards are being adhered to. It is intended to make use of peer review by another local authority Internal Audit service provider, on a reciprocal basis; however a one day external validation will still be required. The cost of this will be spread over the four audit partnership Councils.

 

1.7.3   Legal: The Accounts and Audit Regulations 2011 place a statutory duty on the Council for an internal audit in accordance with the ‘proper practices’. These practices are the Public Sector Internal Audit Standards. 

 

 

1.8        Relevant Documents

 

1.8.1   Appendices:  Public Sector Internal Audit Standards

 

1.8.2   Background Documents:  None

 

 

IS THIS A KEY DECISION REPORT?

X
 
 


Yes                                               No

 

 

If yes, when did it first appear in the Forward Plan?

 

…………………………………………………………………………………………………………………………..

 

 

This is a Key Decision because: ………………………………………………………………………..

 

…………………………………………………………………………………………………………………………….

 

 

 

Wards/Parishes affected: …………………………………………………………………………………..

 

……………………………………………………………………………………………………………………………..