An Roinn Caiteachais Phoibhagus Fhhch6i ritheDepartment of RrblicEpenditure and ffirm

An Roinn AirgeadaisDepaftment of Finance

!nternal Audit UnitDepartment of Public Expenditure and Reform

Service Level Agreement

with

Department of Finance

for the Provision of lnternal Audit Services

2017

lnternal Audit Unit - Department of Public Expendituro and Reform

Service Level Agreement - lnternal Audit

Department of Public Expenditure and Reform

&

Department of Finance

Table of Contents

1. lntroduction 3

2. Services to be provided

3. Agreed Work Programme

4. Assessment of Service Provision

5. Conflict Resolution

6. Service Level Agreement Review

7 . Duration of the Service Level Agreement

8. Amendments to this Agreement

9. Approvals

APPENDIX: Planned lnternal Audit Programme 2016 - Department of Finance

3

6

6

7

7

7

7

8

Service Level Agreement with the Department of Finance - 20'17 Page 2

lnternal Audit Unit - Department of Public Expenditure and R6form

Service Level Agreement - lnternal Audit

Department of Public Expenditure and Reform&

Department of Finance

1. lntroduction

This Service Level Agreement (SLA) between the Department of Public Expenditure and Reform and

the Department of Finance will regulate the business relationship between the two parties in relation

to the provision of internal audit (lA) services to the Department of Finance by the lnternal Audit Unit

of the Department of Public Expenditure and Reform. This agreement defines the levels of lnternal

Audit services and support to be provided to the Department of Finance in 2017.

Mission of internal audit:

The Mission of lnternal Audit is to enhance and protect organisational value by providing risk-

based and objective assurance, advice and input.

Definition of internal audit:

lnternal auditing is an independent, objective, assura/rce and consulting activity designed to addvalue and improve the organisation's operations. lt helps an organisation accomplish its objectives

by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk

management, control and govemance processes.

2. Services to be provided

2.1 lA Roles and Responsibilities

Consistent with the definition of internal audit, the role of lA shall be to evaluate compliance with and

adequacy ofthe internal control systems, risk management and governance procedures operated by

management in the Department of Finance.

lA shall be responsible for the review of the effectiveness of internal control and risk management

anangements in respect of the areas of responsibility of the Accounting Officer (Secretary General)

of the Department of Finance. The work of lA does not relieve line management of its responsibility

for effective control of the activities for which it is responsible.

The Head of lntemal Audit, in consultation with the Audit Committee and the Accounting Officer of the

Department of Finance shall be responsible for drawing up an annual programme of audits having

regard to that Department's Statement of Strategy and Risk Management Process. lA shalldemonstrate ob.iectivity, comprehensiveness and relevance in the selection of areas for inclusion in

the audit programme.

lA shall function professionally, adhering to the lnternal Audit Standards (2012)of the Department ofPublic Expenditure and Reform and taking account of the Core Principles for the Prcfessional Practice

of lnternal Auditing, the Code of Ethics and lhe lntemational Standards of the lnstitute of lnternal

Auditors.

lA shall also endeavour to:

a. Demonstrate value-added in audit findings and recommendations;

b. Provide a quality, efficient and professional audit service;

c. Be objective, independent and constructive in its work;

d. Effectively monitor follow-up action taken to remedy weaknesses identified by internal

audits;

e. Co-operate with others by way ofjoint audits/examinations where appropriate.

Service Level Agreement with the Department of Finance - 2017 Page 3

lnternal Audit Unit - Department of Public Expenditure and Reform

2.2 Reporting

lA shall be independent of the activities it audits. This is to ensure an environment in which lA can

make unbiased judgements and provide impartial advice to management.

The DFIN reporting lines for lA shall be

Primary: To the Accounting Officer of the Department of Finance who has overall

responsibility for the efficient and effective functioning of the Department;

a.

b.

c.

d.

Secondary: To the Audit Committee of the Department of Finance

The role of the Audit Committee is:

To consider the adequacy and effectiveness of the Depadment's internal control systems,

control environment and control procedures, to oversee the wo* of the lA function and toprovide advice and professional guidance in relation to the sysfems ofnsk management andinternal control within the organisation.

Papers relating to Audit Committee meetings shall be circulated by lA not less than five working days

in advance of each meeting. The Head of lnternal Audit shall have direct access to the Chairman ofthe Audit Committee.

2.3 Steps in Approving an Audit Report

2.4 Obligations of lnternal Audit

With regards to managing the relationship with Oivisions in the Department of Finance, lA has thefollowing general obligations:

To conduct regular reviews of the risk register to asce(ain the high risk areas within the audituniverse and to consult with senior management of the Department to ascertain and prioritise

audits to be included in the annual audit plan.

To propose an annual audit plan to the Secretary General and the Audit Committee forconsideration and approval.

To ensure that the annual audit programme is completed while also allowing for contingency

reviews or other urgent work to be undertaken when requested by the Accounting Otficerand/or Audit Commitlee.

To determine the scope and objectives of audit assignments in conjunction with themanagement of the Department of Finance.

a

b

c

d

Service Level Agreement with the Department of Finance - 2017 Page 4

lA shall send the dratt audit reports for comment to the Division/Section being audited.

lA shall then incorporate comments received and replies to recommendalions as appropriate,

and the agreed action plan into the report. This is the final audit report.

lA shall send the final audit report back to Divisions/Sections for information and for formal

noting by the Assistant Secretary with responsibility for that area.

The report shall then be submitted to the Audit Committee for consultation and review asappropriate. On completion of the Audit Committee's examination of the report, lA shall submitit to the Accounting Officer of the Department of Finance.

The flnal audit report shall then be re-circulated to the relevant Assistant Secrelary and linemanagement and the Office of the Comptroller and Auditor General.

lnternal Audit Unit - Department of Public Expenditure and Reform

e To notify relevant Line Management and the lnternal Audit Relationship Manager (IARM) ofthe commencement of an audit.

To provide Line Management in the Department with the opportunity to formally respond to

draft audit reports.

To issue a draft audit report detailing the adequacy of internal controls within two weeks aftercompletion of the audit work regarding individual audited activities. lssuing the report isdependent on obtaining all relevant information and access to records from line management

in the Department.

To agree recommendations by way of a formal action plan with Line Management.

Management comments and target dates for the implementation of the agreed action plans

will also be included in the final report.

To issue a final audit report within two weeks after receiving final management comments

from all relevant parties.

To maintain a register of outstanding audit recommendations and to update the AuditCommittee and the Secretary General quarterly on the current status of recommendations.

To perform a follow up audit where deemed appropriate. The purpose of this audit is to ensure

that recommendations and actions plans agreed with management have been implemented.

To report progress on the audit work programme at least quarterly to the Department ofFinance Audit Committee and explain significant variances in relation to performance targets.

To identify, track and report operational problems which may occur.

To adhere to the professional standards for audit including confidentiality, independence and

objectivity.

I

h

k

m

n.

a

b

c

2.5 D6partment of Finance Roles and Responsibilities

The Department of Finance is responsible for the implementation and maintenance of an effective

system of internal control and risk management.

lA shall derive its authority from, and will work under the general direction of, the Accounting Officerand the Audit Committee of the Department of Finance. The Head of lnternal Audit will have the right

of direct access to the Accounting Officer on all matters relating to internal audit.

2.6 Obligations of the Dspartment of Finance

The Department of Finance has the following general obligations

To use lA services as defined in this SLA.

To consult lA in all projects or programmes which impact on the demand for lA services.

To make available all information relating to the Department, specific systems and processes,procedure manuals, regulations, laws, acts, risk analysis, etc. ln this regard, the Department

of Finance shall grant lA unrestricted access to allfunctional areas, records (both manual and

electronic), property, and personnel in the performance of its audits.

To inform lA of any significant concerns regarding risk management and/or control matters.

To meet appointments, requests for information and deadlines for responses and

recommendations.

To ensure draft audit and flnal audit reports are responded to within two weeks.

To implement recommendations and action plans within agreed timeframes.

To accurately and fully complete any lnternal Audit Questionnaire(s) issued in a timely

manner.

d

e

f.

s

h

Service Level Agreement with the Department of Finance - 2017 Page 5

lnternal Audit Unit - Department of Public Expenditure and Reform

2.7 Protected Disclosures

ln the eventof the receipt of a Protected Disclosure bythe Head of lnternalAudit (HlA), HlAwillcontactthe Department of Finance Audit Committee Chairto schedule a meeting of the Audit Committee.

The Audit Committee will discuss the Protected Disclosure and determine the most appropriate

manner of review / investigation.

3. Agreed Work Programme

Resources Available

The lnternal Audit Unit of the Department of Public Expenditure and Reform (DPER) shall provide an

internal audit resource of 360 audit days to the Department of Finance. An annual internal audit workprogramme for 2017 has been prepared for the Department of Finance having regard to its risk

management strategy and other documentalion completed by management. This was agreed by the

Audit Committee (See Appendix).

4. Assessment of Service Provision

4.1 lnternal Audit Standards, Core Principles and Code of Ethics

lA shallfunction professionally, adhering to the Department of Public Expenditure and Refotm lnternalAudit Standards (2012) and taklng account of the Core Pinciples for the Professional Practice oflnternal Auditing, the Code of Ethics and lhe lnternational Standards of the lnstitute of lnternal

Auditors. lA is committed to delivering quality internal audit services to the Department of Finance

thereby assisting the Department to meet its business ob.iectives. The service levels and theirmeasurements are intended to assess whether or not the lA function is meeting performance levelsnecessary to satisfy the Department of Finance's business requirements.

4.2 Performance MonitoringCriteria

lA performance will be evaluated in line with set criteria and any disputes over standards ofperformance will be evaluated on the performance indicalors set out below:

a Repofting on recommendations accepted, turned into action plans and implemented. This willindicate the effectiveness of the service rendered by lA.

Percentage (%o) of actual audit assignments completed against the annual auditplan. This willindicate the ability of lA to meet the Department's service expectations as well as theappropriate level of assurance to the Audit Commiftee.

b

4.3 Reporting by lA to the Audit Committee

lA will report quarterly to the Audit Commiftee on the above performance monitoring criteria togetherwith significant findings of audits carried out in the Departmenl of Finance.

The audit work programme will be implemented having regard to the advice and guidance of the AuditCommittee.

ln line with protocols agreed between lA and the IARM of the Department, lA will report quarterly tothe Audit Committee on the status of all significant outstanding audit recommendations.

lA will provide an annual report of its activities to the Audit Committee and to the Accounting Otficer.

Service Level Agreement with the Deparlment of Finance - 2017 Page 6

lnternal Audit Unit - Department of Public Expenditure and Reform

5. Conflict Resolution

Any conflict arising in relation to the audit work and the services to be provided under lhis agreementshall be resolved between the Accounting Officers of both Departments, in consultation with the

respective Chairpersons of the two Audit Committees, where necessary.

6. Service Level Agreement Review

The provisions of this agreement will be monitored by the Audit Committee of the Oepartment ofFinance throughout 2017 and will be reviewed annually by the Secretary General in the Department

of Finance, the Secretary General in the Department of Public Expenditure and Reform and the Head

of lnlernal Audit. The Audit Committee of the Deparlmenl of Finance will also input into the review

mechanism. A review of the SLA and appended annual programme of audits will be undertaken

annually in December.

7. Duration of the Service Level Agreement

This SLA including the internal audit services listed above will be etfective upon the date of signature

by all parties and will continue until 31 December 2017. Service scope and performance targets will

be reviewed annually prior to the commencement of the new audit year.

8. Amendments to this Agreement

This agreement can be amended to add or delete lA services provided by the IAU of the Department

of Public Expenditure and Reform. Any such amendments shall be agreed by the Head of lnternal

Audit in consultation with the Audit Committee of the Department of Finance and the Secretaries

General in Department of Finance and the Department of Public Expenditure and Reform.

Service Level Agreement with the Department of Finance - 2017 Page 7

lnternal Audit Unit - Department of Public Expenditure and Reform

9. Approvals

This Service Level Agreement has been reviewed and approved by:

Robert WatlSecretary GeneralDepa(ment of Public Expenditure and Reform

Date

L

ep-tz'tQ'

7 zd/ (

Derek MoranSecretary General

Department of Finance

DermotHead of lnternal AuditDepartment of Public Expenditure and Reform

Date

u ft/zoteDate

Service Level Agreement with the Department of Finance - 2017 Page I

lb.*oW"---

Z^='

APPENDIX: Planned lnternal Audit Programme 2017 - Department of Finance

7Compliance with Bodies Under

the Aegis Policy

Accountability;

Governance;

Reputational

Audit of governance of Bodies Under the

Aegis and adherence to the policy for a

sample of bodies under the aegis of the

Department

ICT Security, Service

Continuity and Resilience

Accountability;

Governance; Financial;

Reputational

To be contracted out to professional

firmAudit of the lT Security & Eusiness

Continuity Management for the OGCIO-

provided systems of the Department

including disaster recovery processes

20

Accountability;

Governance;

Reputational

Audit of internal control framework for

business continuity - specifically in

relation to facilities and security areas

303Non-lCT Business Continuity

Management

4 Consu lta ncies

Accountability;

Governance; Financial;

Reputational

Audit of consultancies to ensure

adequate and appropriate reporting30

5lmplementation of

Compliance Framework

Accountability;

Governance;

Reputational

Audit of the implementation of the

Compliance Framework to ensure

adequate and appropriate for the needs

of the Department

30

6Performance Management

Development System

Accountability;

Governance;

Reputational

Audit ofthe governance and

management of the Performance

Management Development System

within the Department

30

1 lT Fixed Asset Management

Accountability;

Governance; Financial;

Reputational

Audit ofthe governance and

management of lT Fixed Assets for the

Department

30

8 Central Funds Controls

Accountability;

Governance; Financial;

Reputational

Audit of the processes and procedures

in place within the Department for the

management of Central Funds

25

9

A

G rants-in-Aid

Audit Committee Meetings 50

Annual Planning & Reporting

c Tracking of Audit Recommendations 20

D Administration (including FOI Requests) 15

Audits

Risks related to Review Scope

Total days 360

Service Level Agreement with the Department ol Finance - 2017 Page 9

lnternal Audit Unit - Department of Public Expenditure and Reform

No Audit ActivityEstimated

Audit days

40

Accountability;

Governance; Financial;

Reputational

Audit of the processes and procedures in

place within the Department for the

management of Grants-in-Aid

Other Activities

B 15