!nternal Audit Unit - finance.gov.ie · lntroduction 3 2. Services to be ... value and improve the...
Transcript of !nternal Audit Unit - finance.gov.ie · lntroduction 3 2. Services to be ... value and improve the...
An Roinn Caiteachais Phoibhagus Fhhch6i ritheDepartment of RrblicEpenditure and ffirm
An Roinn AirgeadaisDepaftment of Finance
!nternal Audit UnitDepartment of Public Expenditure and Reform
Service Level Agreement
with
Department of Finance
for the Provision of lnternal Audit Services
2017
lnternal Audit Unit - Department of Public Expendituro and Reform
Service Level Agreement - lnternal Audit
Department of Public Expenditure and Reform
&
Department of Finance
Table of Contents
1. lntroduction 3
2. Services to be provided
3. Agreed Work Programme
4. Assessment of Service Provision
5. Conflict Resolution
6. Service Level Agreement Review
7 . Duration of the Service Level Agreement
8. Amendments to this Agreement
9. Approvals
APPENDIX: Planned lnternal Audit Programme 2016 - Department of Finance
3
6
6
7
7
7
7
8
Service Level Agreement with the Department of Finance - 20'17 Page 2
lnternal Audit Unit - Department of Public Expenditure and R6form
Service Level Agreement - lnternal Audit
Department of Public Expenditure and Reform&
Department of Finance
1. lntroduction
This Service Level Agreement (SLA) between the Department of Public Expenditure and Reform and
the Department of Finance will regulate the business relationship between the two parties in relation
to the provision of internal audit (lA) services to the Department of Finance by the lnternal Audit Unit
of the Department of Public Expenditure and Reform. This agreement defines the levels of lnternal
Audit services and support to be provided to the Department of Finance in 2017.
Mission of internal audit:
The Mission of lnternal Audit is to enhance and protect organisational value by providing risk-
based and objective assurance, advice and input.
Definition of internal audit:
lnternal auditing is an independent, objective, assura/rce and consulting activity designed to addvalue and improve the organisation's operations. lt helps an organisation accomplish its objectives
by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk
management, control and govemance processes.
2. Services to be provided
2.1 lA Roles and Responsibilities
Consistent with the definition of internal audit, the role of lA shall be to evaluate compliance with and
adequacy ofthe internal control systems, risk management and governance procedures operated by
management in the Department of Finance.
lA shall be responsible for the review of the effectiveness of internal control and risk management
anangements in respect of the areas of responsibility of the Accounting Officer (Secretary General)
of the Department of Finance. The work of lA does not relieve line management of its responsibility
for effective control of the activities for which it is responsible.
The Head of lntemal Audit, in consultation with the Audit Committee and the Accounting Officer of the
Department of Finance shall be responsible for drawing up an annual programme of audits having
regard to that Department's Statement of Strategy and Risk Management Process. lA shalldemonstrate ob.iectivity, comprehensiveness and relevance in the selection of areas for inclusion in
the audit programme.
lA shall function professionally, adhering to the lnternal Audit Standards (2012)of the Department ofPublic Expenditure and Reform and taking account of the Core Principles for the Prcfessional Practice
of lnternal Auditing, the Code of Ethics and lhe lntemational Standards of the lnstitute of lnternal
Auditors.
lA shall also endeavour to:
a. Demonstrate value-added in audit findings and recommendations;
b. Provide a quality, efficient and professional audit service;
c. Be objective, independent and constructive in its work;
d. Effectively monitor follow-up action taken to remedy weaknesses identified by internal
audits;
e. Co-operate with others by way ofjoint audits/examinations where appropriate.
Service Level Agreement with the Department of Finance - 2017 Page 3
lnternal Audit Unit - Department of Public Expenditure and Reform
2.2 Reporting
lA shall be independent of the activities it audits. This is to ensure an environment in which lA can
make unbiased judgements and provide impartial advice to management.
The DFIN reporting lines for lA shall be
Primary: To the Accounting Officer of the Department of Finance who has overall
responsibility for the efficient and effective functioning of the Department;
a.
b.
c.
d.
Secondary: To the Audit Committee of the Department of Finance
The role of the Audit Committee is:
To consider the adequacy and effectiveness of the Depadment's internal control systems,
control environment and control procedures, to oversee the wo* of the lA function and toprovide advice and professional guidance in relation to the sysfems ofnsk management andinternal control within the organisation.
Papers relating to Audit Committee meetings shall be circulated by lA not less than five working days
in advance of each meeting. The Head of lnternal Audit shall have direct access to the Chairman ofthe Audit Committee.
2.3 Steps in Approving an Audit Report
2.4 Obligations of lnternal Audit
With regards to managing the relationship with Oivisions in the Department of Finance, lA has thefollowing general obligations:
To conduct regular reviews of the risk register to asce(ain the high risk areas within the audituniverse and to consult with senior management of the Department to ascertain and prioritise
audits to be included in the annual audit plan.
To propose an annual audit plan to the Secretary General and the Audit Committee forconsideration and approval.
To ensure that the annual audit programme is completed while also allowing for contingency
reviews or other urgent work to be undertaken when requested by the Accounting Otficerand/or Audit Commitlee.
To determine the scope and objectives of audit assignments in conjunction with themanagement of the Department of Finance.
a
b
c
d
Service Level Agreement with the Department of Finance - 2017 Page 4
lA shall send the dratt audit reports for comment to the Division/Section being audited.
lA shall then incorporate comments received and replies to recommendalions as appropriate,
and the agreed action plan into the report. This is the final audit report.
lA shall send the final audit report back to Divisions/Sections for information and for formal
noting by the Assistant Secretary with responsibility for that area.
The report shall then be submitted to the Audit Committee for consultation and review asappropriate. On completion of the Audit Committee's examination of the report, lA shall submitit to the Accounting Officer of the Department of Finance.
The flnal audit report shall then be re-circulated to the relevant Assistant Secrelary and linemanagement and the Office of the Comptroller and Auditor General.
lnternal Audit Unit - Department of Public Expenditure and Reform
e To notify relevant Line Management and the lnternal Audit Relationship Manager (IARM) ofthe commencement of an audit.
To provide Line Management in the Department with the opportunity to formally respond to
draft audit reports.
To issue a draft audit report detailing the adequacy of internal controls within two weeks aftercompletion of the audit work regarding individual audited activities. lssuing the report isdependent on obtaining all relevant information and access to records from line management
in the Department.
To agree recommendations by way of a formal action plan with Line Management.
Management comments and target dates for the implementation of the agreed action plans
will also be included in the final report.
To issue a final audit report within two weeks after receiving final management comments
from all relevant parties.
To maintain a register of outstanding audit recommendations and to update the AuditCommittee and the Secretary General quarterly on the current status of recommendations.
To perform a follow up audit where deemed appropriate. The purpose of this audit is to ensure
that recommendations and actions plans agreed with management have been implemented.
To report progress on the audit work programme at least quarterly to the Department ofFinance Audit Committee and explain significant variances in relation to performance targets.
To identify, track and report operational problems which may occur.
To adhere to the professional standards for audit including confidentiality, independence and
objectivity.
I
h
k
m
n.
a
b
c
2.5 D6partment of Finance Roles and Responsibilities
The Department of Finance is responsible for the implementation and maintenance of an effective
system of internal control and risk management.
lA shall derive its authority from, and will work under the general direction of, the Accounting Officerand the Audit Committee of the Department of Finance. The Head of lnternal Audit will have the right
of direct access to the Accounting Officer on all matters relating to internal audit.
2.6 Obligations of the Dspartment of Finance
The Department of Finance has the following general obligations
To use lA services as defined in this SLA.
To consult lA in all projects or programmes which impact on the demand for lA services.
To make available all information relating to the Department, specific systems and processes,procedure manuals, regulations, laws, acts, risk analysis, etc. ln this regard, the Department
of Finance shall grant lA unrestricted access to allfunctional areas, records (both manual and
electronic), property, and personnel in the performance of its audits.
To inform lA of any significant concerns regarding risk management and/or control matters.
To meet appointments, requests for information and deadlines for responses and
recommendations.
To ensure draft audit and flnal audit reports are responded to within two weeks.
To implement recommendations and action plans within agreed timeframes.
To accurately and fully complete any lnternal Audit Questionnaire(s) issued in a timely
manner.
d
e
f.
s
h
Service Level Agreement with the Department of Finance - 2017 Page 5
lnternal Audit Unit - Department of Public Expenditure and Reform
2.7 Protected Disclosures
ln the eventof the receipt of a Protected Disclosure bythe Head of lnternalAudit (HlA), HlAwillcontactthe Department of Finance Audit Committee Chairto schedule a meeting of the Audit Committee.
The Audit Committee will discuss the Protected Disclosure and determine the most appropriate
manner of review / investigation.
3. Agreed Work Programme
Resources Available
The lnternal Audit Unit of the Department of Public Expenditure and Reform (DPER) shall provide an
internal audit resource of 360 audit days to the Department of Finance. An annual internal audit workprogramme for 2017 has been prepared for the Department of Finance having regard to its risk
management strategy and other documentalion completed by management. This was agreed by the
Audit Committee (See Appendix).
4. Assessment of Service Provision
4.1 lnternal Audit Standards, Core Principles and Code of Ethics
lA shallfunction professionally, adhering to the Department of Public Expenditure and Refotm lnternalAudit Standards (2012) and taklng account of the Core Pinciples for the Professional Practice oflnternal Auditing, the Code of Ethics and lhe lnternational Standards of the lnstitute of lnternal
Auditors. lA is committed to delivering quality internal audit services to the Department of Finance
thereby assisting the Department to meet its business ob.iectives. The service levels and theirmeasurements are intended to assess whether or not the lA function is meeting performance levelsnecessary to satisfy the Department of Finance's business requirements.
4.2 Performance MonitoringCriteria
lA performance will be evaluated in line with set criteria and any disputes over standards ofperformance will be evaluated on the performance indicalors set out below:
a Repofting on recommendations accepted, turned into action plans and implemented. This willindicate the effectiveness of the service rendered by lA.
Percentage (%o) of actual audit assignments completed against the annual auditplan. This willindicate the ability of lA to meet the Department's service expectations as well as theappropriate level of assurance to the Audit Commiftee.
b
4.3 Reporting by lA to the Audit Committee
lA will report quarterly to the Audit Commiftee on the above performance monitoring criteria togetherwith significant findings of audits carried out in the Departmenl of Finance.
The audit work programme will be implemented having regard to the advice and guidance of the AuditCommittee.
ln line with protocols agreed between lA and the IARM of the Department, lA will report quarterly tothe Audit Committee on the status of all significant outstanding audit recommendations.
lA will provide an annual report of its activities to the Audit Committee and to the Accounting Otficer.
Service Level Agreement with the Deparlment of Finance - 2017 Page 6
lnternal Audit Unit - Department of Public Expenditure and Reform
5. Conflict Resolution
Any conflict arising in relation to the audit work and the services to be provided under lhis agreementshall be resolved between the Accounting Officers of both Departments, in consultation with the
respective Chairpersons of the two Audit Committees, where necessary.
6. Service Level Agreement Review
The provisions of this agreement will be monitored by the Audit Committee of the Oepartment ofFinance throughout 2017 and will be reviewed annually by the Secretary General in the Department
of Finance, the Secretary General in the Department of Public Expenditure and Reform and the Head
of lnlernal Audit. The Audit Committee of the Deparlmenl of Finance will also input into the review
mechanism. A review of the SLA and appended annual programme of audits will be undertaken
annually in December.
7. Duration of the Service Level Agreement
This SLA including the internal audit services listed above will be etfective upon the date of signature
by all parties and will continue until 31 December 2017. Service scope and performance targets will
be reviewed annually prior to the commencement of the new audit year.
8. Amendments to this Agreement
This agreement can be amended to add or delete lA services provided by the IAU of the Department
of Public Expenditure and Reform. Any such amendments shall be agreed by the Head of lnternal
Audit in consultation with the Audit Committee of the Department of Finance and the Secretaries
General in Department of Finance and the Department of Public Expenditure and Reform.
Service Level Agreement with the Department of Finance - 2017 Page 7
lnternal Audit Unit - Department of Public Expenditure and Reform
9. Approvals
This Service Level Agreement has been reviewed and approved by:
Robert WatlSecretary GeneralDepa(ment of Public Expenditure and Reform
Date
L
ep-tz'tQ'
7 zd/ (
Derek MoranSecretary General
Department of Finance
DermotHead of lnternal AuditDepartment of Public Expenditure and Reform
Date
u ft/zoteDate
Service Level Agreement with the Department of Finance - 2017 Page I
lb.*oW"---
Z^='
APPENDIX: Planned lnternal Audit Programme 2017 - Department of Finance
7Compliance with Bodies Under
the Aegis Policy
Accountability;
Governance;
Reputational
Audit of governance of Bodies Under the
Aegis and adherence to the policy for a
sample of bodies under the aegis of the
Department
ICT Security, Service
Continuity and Resilience
Accountability;
Governance; Financial;
Reputational
To be contracted out to professional
firmAudit of the lT Security & Eusiness
Continuity Management for the OGCIO-
provided systems of the Department
including disaster recovery processes
20
Accountability;
Governance;
Reputational
Audit of internal control framework for
business continuity - specifically in
relation to facilities and security areas
303Non-lCT Business Continuity
Management
4 Consu lta ncies
Accountability;
Governance; Financial;
Reputational
Audit of consultancies to ensure
adequate and appropriate reporting30
5lmplementation of
Compliance Framework
Accountability;
Governance;
Reputational
Audit of the implementation of the
Compliance Framework to ensure
adequate and appropriate for the needs
of the Department
30
6Performance Management
Development System
Accountability;
Governance;
Reputational
Audit ofthe governance and
management of the Performance
Management Development System
within the Department
30
1 lT Fixed Asset Management
Accountability;
Governance; Financial;
Reputational
Audit ofthe governance and
management of lT Fixed Assets for the
Department
30
8 Central Funds Controls
Accountability;
Governance; Financial;
Reputational
Audit of the processes and procedures
in place within the Department for the
management of Central Funds
25
9
A
G rants-in-Aid
Audit Committee Meetings 50
Annual Planning & Reporting
c Tracking of Audit Recommendations 20
D Administration (including FOI Requests) 15
Audits
Risks related to Review Scope
Total days 360
Service Level Agreement with the Department ol Finance - 2017 Page 9
lnternal Audit Unit - Department of Public Expenditure and Reform
No Audit ActivityEstimated
Audit days
40
Accountability;
Governance; Financial;
Reputational
Audit of the processes and procedures in
place within the Department for the
management of Grants-in-Aid
Other Activities
B 15