Audit, Governance & Standards

21 March 2016

Is the final decision on the recommendations in this report to be made at this meeting?



Internal Audit Charter 2016/17


Final Decision-Maker

Audit, Governance & Standards Committee

Lead Head of Service

Rich Clarke – Head of Audit Partnership

Lead Officer and Report Author

Russell Heppleston – Deputy Head of Audit Partnership



Wards affected




This report makes the following recommendations to this Committee:


1.   That the Committee approves the Internal Audit Charter 2016/17.

2.   That the Committee notes the Audit Partnership’s view that the Partnership is operating with sufficient independence and freedom from managerial interference to fulfil its responsibilities in line with Public Sector Internal Audit Standards, and will continue to do so.




This report relates to the following corporate priorities:

·         Keeping Maidstone Borough an attractive place for all

·         Securing a successful economy for Maidstone Borough


This report is concerned with the internal control and governance of the Council.  Successful controls and effective governance are a crucial underpinning for all corporate priorities.






Audit, Governance & Standards Committee

21 March 2016

Internal Audit Charter 2016/17





1.1    The report is provided in order to allow the Committee to consider and approve the revised Internal Audit Charter 2016/17.





2.1     An Audit Charter is a requirement of Public Sector Internal Audit Standards (Standard 1000) and is a foundational document setting out the purpose, authority and responsibility of the service. A partial extract, giving an introduction to the position of the Charter within the Standards is below:


Screen Shot 2015-02-16 at 11


2.2   In March 2015 the then Audit Committee approved the 2015/16 Charter which was scheduled to be revised and, if necessary, updated each year. This report includes proposed updates to the Charter.    





3.1     Audit, Governance and Standards Committee as part of its terms of reference must maintain oversight of the internal audit function and its activities.  The Charter proposed sets out the basis on which the function operates. We recommend no alternative course of action. 





4.1    Some of the updates for 2016/17 are merely taking the opportunity of a revision to tidy up the document.  This includes correcting one or two typographical errors and standardising the terminology (for example, using “Audit Partnership” to refer specifically to this service and leaving “internal audit” to denote the practice of internal audit more generally).


4.2     The more substantial part of the update seeks to build on Supplemental Guidance issued recently by the Institute of Internal Auditors (IIA) on how and whether internal audit can take up broader roles within an organisation.  These broader roles are often referred to as ‘second line of defence’ roles.


4.3     The ‘three lines of defence’ model is commonly used to describe controls existing within an organisation and is summarised in the diagram below (extracted from the IIA Guidance).



4.4     Traditionally, Internal Audit operates solely within the third line and that is the norm in many sectors (even most non-Local Government parts of the public sector).  Indeed, the Audit Standards are written in the expectation that internal audit will not have any role outside the third line which may impede (or appear to impede) its independence.


4.5     However, the global IIA has been under pressure recently from, among others, the UK Internal Audit Standards Advisory Board (which includes the Head of Audit Partnership) to recognise that in many organisations a good audit function could successfully play a number of roles, and that Standards could usefully acknowledge and inform those roles.  In particular, the IASAB sought to avoid a situation where existing guidance could be read to forbid auditors from undertaking those roles even where there are clear benefits to them doing so.


4.6     In response, the IIA has now issued a Supplemental Guidance report entitled “Internal Audit and the Second Line of Defence”.  That Guidance acknowledges that audit services may often possess the skills, knowledge and expertise to successfully fulfil certain second line of defence roles and doing so could be beneficial especially in smaller organisations.  Fundamentally, it acknowledges that organisations can – provided they do so knowingly and having weighed up the benefits – accept certain risks to the independence and objectivity of audit.


4.7     A key component of accepting those risks is being aware of the safeguards to independence that would operate, and having those safeguards acknowledged and approved by the Audit, Governance and Standards Committee.  The more substantive amendments proposed to our Internal Audit Charter set out those safeguards.


4.8     At present, audit does not occupy any roles that comprise second line of defence functions.  The Charter sets out the safeguards that would operate in the event of the Audit Partnership being asked to undertake those roles by Management.  In particular, the Charter considers the safeguards that would operate if the Audit Partnership were to play a more prominent role in Risk Management and Counter Fraud, including ownership of relevant corporate policies.


4.9     To be clear, the Head of Audit Partnership is satisfied that the Partnership currently operates with required independence and freedom from interference and that it would continue to do so, subject to the described safeguards, in the event of being asked to take on further responsibilities.  Consistent with the Public Sector Internal Audit Standards, the Head of Audit Partnership will contact Members immediately in the event of significant threat to independence or interference from Management.


4.10 We propose that the Audit, Governance and Standards Committee approve the Internal Audit Charter for 2016/17.





5.1     The Charter was shared in draft with the Council’s Corporate Governance Group (which includes the Monitoring Officer, the Head of Finance & Resources (s151 Officer) and Head of Policy & Communications.  The Charter was subsequently considered by the Council’s Corporate Leadership Team, before being shared with the Audit Partnership Shared Service Board.  The document set out in the appendices reflects outcome of those discussions.





6.1     The revised Charter will be circulated with the Internal Audit Plan (a report also on tonight’s agenda) to all Heads of Service and Senior Officers and included within the Audit Partnership’s Audit Manual to guide the work of the audit team when completing work at Maidstone BC.








Impact on Corporate Priorities

The report supports the good governance, internal control and risk management of Maidstone Borough Council and so contributes broadly to achievement of its corporate priorities.

Rich Clarke

Head of Audit Partnership

10 March 2016

Risk Management

The report introduces no risks that require separate description in the Council’s risk registers, nor materially impacts any currently described.


There are no additional costs or savings associated with this proposal.


There are no staffing implications associated with this proposal.


Internal Audit is a required function in accordance with the Accounts & Audit Regulations 2015.


An Internal Audit Charter is a requirement of the Public Sector Internal Audit Standards.

Equality Impact Needs Assessment

This report does not describe circumstances which require an Equality Impact Needs Assessment.

Environmental/ Sustainable Development

There are no environmental or sustainable development implications for this report.

Community Safety

There are no community safety implications for this report.

Human Rights Act

There are no implications for the Council’s responsibilities under the Human Rights Act in this report.


There are no procurement implications for this report.

Asset Management

There are no asset management implications for this report.




The following documents are to be published with this report and form part of the report:

·         Appendix I: Maidstone Internal Audit Charter 2016/17 (tracked changes version to highlight updates proposed from 2015/16)

·         Appendix II: Maidstone Internal Audit Charter 2016/17 (without tracked changes for final approval)