HM Treasury (1278 bytes)

home | news | site index

                                                           

INFORMATION FOR USE BY EU CANDIDATE COUNTRIES ON THE UK SYSTEM OF PUBLIC EXPENDITURE CONTROL

back

Internal Audit is an independent appraisal within an organisation, which operates as a service to management by measuring and evaluating the effectiveness of the internal control system.

 

In providing this service Internal Audit:

  • analyses the internal control system and establishes a review programme

  • identifies and evaluates the controls which are established in systems to achieve objectives in the most economical and efficient manner

  • reports findings and conclusions and, where appropriate, makes recommendations for improvement

  • provides an opinion on the reliability of the controls in the system under review

  • provides an assurance based on the evaluation of the internal control system within the organisation as a whole

back to top

 

The Government Internal Audit Manual contains the standards, which are used by internal audit throughout central government. The standards support important concepts such as the constitutional position of the Accounting Officer, accountability to Parliament, propriety and value for money as set out in Government Accounting. They set out the role and framework of internal audit’s responsibilities and contain guidance on the Scope of Work; Independence; Planning; Audit Approach; Controlling; Reporting; Due Professional Care; Relationships & Staffing and Training.  Copies of the Government Internal Audit Manual can be obtained from The Stationery Office

Scope – internal audit embraces the whole internal control system of an organisation including all its operations, resources, services and responsibilities for other bodies

Independence – internal audit must be sufficiently independent to enable auditors to perform their duties in a manner, which will allow professional judgement and recommendations to be effective and impartial. Internal auditors should be independent of the activities they audit.

Planning – internal audit work should be planned at all levels of operation in order to establish priorities, achieve objectives and ensure the efficient and effective use of audit resources.

Audit Approach – internal auditors should ensure that audit objectives and methods enable them to discharge their responsibility to evaluate the internal control system. Internal auditors should obtain and record relevant reliable and sufficient audit evidence to support audit findings and recommendations.

Controlling – internal audit work must be controlled at all levels of operation to achieve objectives and ensure the economic and efficient use of resources.

Reporting – the findings and recommendations arising from each audit must be promptly reported to management and followed up to ascertain action arising therefrom. A summary of audit activities must be submitted to the Accounting Officer.

Due Professional Care – in carrying out their duties internal auditors must exercise due professional care.

Relationships – relationships with management, staff, external auditors and other review agencies must be centred on the need for mutual confidence, understanding of role and co-operation

Staffing and Training – internal audit should be appropriately staffed in terms of numbers, grades and experience, having regard to its objectives and standards. Internal auditors must be properly trained to the Government Internal Audit Standard in order to fulfil their responsibilities.

back to top

 

Government Internal Audit Standard - sets out the body of knowledge and techniques which internal auditors need to acquire and the minimum level of expertise and proficiency required. Arrangements for achieving the Standard and for certification of achievement are set out in the Internal Audit Training and Development Handbook copies of which can be obtained free of charge from the Public Enquiry Unit, HM Treasury 00 44 207 270 4558.

The Audit Policy & Advice Team has responsibility for setting internal audit standards and promoting best practice in internal audit. They provide assurance to the Treasury’s Permanent Secretary that the standards remain in line with accepted UK and international auditing standards and are generally accepted by government internal auditors.

The Assurance provided by internal audit is the comfort, which the Accounting Officer can derive from the Head of Internal Audit’s professional opinion on the adequacy and effectiveness of the internal control systems, and the extent to which it can be relied upon.

Internal Control

Responsibility for maintaining a sound system of internal control rests with line management within a department.

back to top

 

The Internal Control System comprises the whole network of systems established in an organisation to provide reasonable assurance that organisational objectives will be achieved, with particular reference to:

  • the effectiveness of operations

  • the economical and efficient use of resources

  • compliance with applicable policies, procedures, laws and regulations

  • the safeguarding of assets and interests from losses of all kinds, including those arising from fraud, irregularity or corruption

  • the integrity and reliability of information, accounts and data.

The system of internal control is based on an ongoing process that identifies the risks to the achievement of departmental policies, aims and objectives, evaluates the nature and extent of those risks and manages them efficiently, effectively and economically. Managers must ensure that appropriate and adequate control arrangements exist in order to manage the identified risks, without regard to audit activity.

An annual statement on the adequacy of the system of internal financial control is prepared, by the relevant Departmental Accounting Officer, in respect of all accounts that are laid before Parliament. It is anticipated that for the Financial Year ending 31 March 2002, in line with developments in Corporate Governance and its application to the UK government, this statement will be extended to include the whole system of internal control.

It is generally recognised in the UK that, although the responsibility for risk management rests with management, a skilled and properly resourced internal audit team can, through the provision of an independent and objective assurance, assist management in their responsibilities to comply with the Turnbull guidance. A document produced by the Institute of Chartered Accountants in England & Wales [ICAEW] to which Treasury contributed provides some useful background and can be found at: www.icaew.co.uk/internalaudit

back to top

 

Risk management is about identifying and assessing key risks, and then by designing and implementing processes by which those risks can be managed to, and be maintained at, a level acceptable to management. A guide for Accounting Officers in executing their responsibilities for risk management Management of Risk – A Strategic Overview, has been produced by the Treasury and is available free of charge from the Public Enquiry Unit, HM Treasury 00 44 207 270 4558

Corporate Governance – The London Stock Exchange Combined Code on Corporate Governance contains the results of a number of studies in corporate governance. A working party chaired by Nigel Turnbull was established at the request of the London Stock Exchange to address the internal control requirements of the Combined Code for listed companies. Their report, Internal Control: Guidance for Directors on the Combined Code, was published in September 1999 and is available on the Institute of Chartered Accountants in England & Wales’s (ICAEW) web-site at the following address: www.icaew.co.uk/internalcontrol

Corporate Governance & application to UK central government – the general thrust of Turnbull’s recommendations are relevant to central government, although the environment in which central government operates is significantly different in some respects from that of listed companies to which the recommendations were addressed. In order to address those constitutional issues, and to ensure that the importance of identifying how advances in corporate governance add value and address some of the issues departments regard as high priority, the Treasury is working with government departments in cohort studies aimed at identifying and disseminating best practice.

back to top

 

 

Audit Committees

In the UK we consider that the existence of a properly constituted Audit Committee with clear terms of reference helps to foster good internal control, enhances the status of internal audit and thus its independence. Terms of Reference for internal audit are formally agreed between the Accounting Officer, the Audit Committee and the Head of Internal Audit. The purpose of an Audit Committee is to give advice to the Accounting Officer on the adequacy of audit arrangements (internal and external) and on the implications of the assurance provided in respect of risk and control in the organisation. The Head of Internal Audit and the senior member of the external audit team should have the right of access to the Audit Committee and are normally present at meetings. An Audit Committee should meet regularly and at least three times a year.

back to top

 

Policy Principles for Audit Committees in Central Government

The purpose of an Audit Committee is to give advice to the Accounting Officer on the adequacy of audit arrangements (internal and external) and on the implications of assurances provided in respect of risk and control in the organisation. There are a number of principles, which in the UK we advise should be followed in order to facilitate the establishment of well-equipped Audit Committees. These are as follows:

1.      Audit Committees are strongly encouraged as best practice in all central government bodies (Departments, Executive Agencies and Non-Departmental Public Bodies).  If it is decided not to have an Audit Committee, there should be clearly identified circumstances for the decision.

2.      In bodies which have a Board structure to management, the Audit Committee should be a committee, or a sub-committee, of the Board.  In some bodies which have numerically small Boards, the Board may sit separately as the Audit Committee.

3.      In bodies which have non executive or independent members on the Management Board, these non executive or independent members should form at least part of the membership of the Audit Committee (subject to appropriateness of numbers)

4.      In bodies which have no non executive or independent Management Board members, appropriate individuals should be sought for appointment as external members of the Audit Committee.  Ideally two or three independent members should be sought.

5.      In medium and large organisations the Audit Committee should ideally have no fewer than five and no more than ten members.  For smaller bodies a minimum membership of three may be more practicable.

back to top

 

6.      The Audit Committee is appointed to give advice to the Accounting Officer.  Although the Accounting Officer may chair the Audit Committee, the objectivity of the advice given can be enhanced if another member (particularly a non-executive) is the Chair of the Committee.

7.      Members of the Audit Committee who have executive responsibility in the body (in those organisations which have a sufficiently large number of senior executive staff) should be rotated on an appropriate cycle (three years will generally be appropriate) to provide for objectivity in the long term and to avoid over or under representation of particular aspects of the body’s business and administrative interests.

8.      Audit Committees should have a documented terms of reference from the Accounting Officer / Board, which should include a remit to consider the adequacy of risk management and internal control through reviewing (inter alia) :   

  • the mechanisms for the assessment and management of risk

  • the planned activity of internal audit

  • the results of internal audit activity

  • the planned activity of external audit

  • the results of external audit activity

  • adequacy of management response to issues identified by audit activity

  • assurances relating to the corporate governance requirements for the organisation
back to top

 

9.       The Head of Internal Audit and the senior member of the external audit team should have the right of access to the Audit Committee and should normally be present at meetings (as attendees rather than members)

10.     The Audit Committee should meet regularly and at least three times a year.

 

The Terms of Reference for internal audit should:

  • establish the responsibilities and objectives of internal audit

  • establish the position of internal audit in the organisation

  • define the scope of internal audit activity

  • establish internal audit’s rights of access to all records, assets, personnel and premises and its authority to obtain such information.
back to top

 

External Audit

In the UK external audit of government departments is generally provided by the National Audit Office (NAO); some smaller public bodies may have private sector external auditors with a reporting line direct to the Secretary of State rather than through the NAO to Parliament. The National Audit Office Comptroller & Auditor General (C&AG) is appointed by the Crown and is responsible to Parliament rather than to the Government. As external auditor his statutory duties are to certify the accounts of all government departments and a wide range of other public bodies; to examine revenue and store accounts; and to report the results of his examinations to Parliament. These duties are set out in the Exchequer & Audit Departments Acts 1866 and 1921. Under the National Audit Act 1983 he has wide powers to carry out examinations of the economy, efficiency and effectiveness of the use of resources by those bodies he audits or to which he has access – value-for-money (VFM) examinations. In these examinations the C&AG may not question policy objectives, but such examinations may lead to a report to the Public Accounts Committee of Parliament. The Committee, when alerted by the NAO of a critical VFM report or a qualified audit report, cross-examines the relevant accounting officer. The hearings are published, and sometimes televised.  Each year the NAO audit some 500 accounts and publishes around 50 value for money reports. NAO reports can be found on: www.nao.gov.uk

Heads of Internal Audit in the UK promote mutual co-operation between internal audit staff and external auditors. Maximisation of the effectiveness of the organisations audit services is helped by:

  • a good dialogue and understanding between the two audit functions; and

back to top

 

 

Internal and External Audit – differing responsibilities

Internal Audit

  • normally reports to the audit committee and to the Accounting Officer

  • is an internal service to the organisation focussing on the effectiveness of  the on-going risk and control framework and processes

  • can offer value through providing an assurance on the internal control system and by recommending improvements to business risk process

  • scope of work and terms of reference agreed by Accounting Officer and Audit Committee

  • takes a wider view of risk and control than the external auditors

  • adheres to government internal audit standards
back to top

 

External Audit

  • reports to Parliament

  • provides an independent opinion on the organisations Resource Accounts and financial statements

  • reports to the Accounting Officer those material weaknesses in financial and related control systems that come to their attention during their work

  • has to consider standards for the financial reporting and related requirements; and

  • complies with auditing standards issued by the Auditing Practices Board
back to top

 

line.gif (378 bytes)

HM Treasury, Parliament Street, London SW1P 3AG UK
© Crown Copyright | home