Presentation is loading. Please wait.

Presentation is loading. Please wait.

Development of internal control: methodology and responsibility

Similar presentations

Presentation on theme: "Development of internal control: methodology and responsibility"— Presentation transcript:

1 Development of internal control: methodology and responsibility
Janet Thomas HM Treasury/ National Audit Office United Kingdom Presentation 8 July 2008 Workshop on audit/evaluation of PIFC systems, Ankara, Turkey

2 Content of presentation
What is internal control? COSO, Intosai, EU view, UK view UK “methodology” Governance, role of audit committee, management of risk, role of internal and external audit, statement on internal control How it all fits together Assessment against COSO/ INTOSAI Key concepts Accountability Delegation Proportionality

3 What is internal control?
COSO (1992) Internal control is broadly defined as a process effected by an entity’s board of directors, management and other personnel designed to provide reasonable assurance regarding achievement of objectives in the following categories: Effectiveness and efficiency of operations Reliability of financial reporting Compliance with applicable laws and regulations

4 What is internal control?
INTOSAI (2004) Internal control is an integral process that is effected by an entity’s management and personnel and is designed to address risks and to provide reasonable assurance that in pursuit of the entity’s mission, the following general objectives are being achieved: Executing orderly, economical, efficient and effective operations Fulfilling accountability operations Complying with applicable laws and regulations Safeguarding resources against loss, misuse and damage 4

5 What is internal control?
COSO/ INTOSAI components Control environment Risk assessment Control activities Information and communication Monitoring 5

6 What is internal control?
European Commission Reforms from 2000 onwards – “wise men’s report” Treaty obligations “legality and regularity” Financial regulation definition Art 28a Acquis requirements for accession Chapter 32 Financial control Criteria for opening and provisionally closing Ch 32 based on development of PIFC strategy and legislation 6

7 The three pillars of PIFC
Managerial accountability Financial management and control systems developed and monitored by a central harmonisation unit Supported by functionally independent internal audit Building up a strong and open communication with MoF and Internal Audit and of course with the CHU. Introduction of PIFC in the whole of the public sector is not easy and it can take a number of years to start to see the change. In Turkey we understand that there are 14 Ministries, 60 Government Agencies and 367 Local Government Bodies. Twinning is working together and designing the programme to meet the needs of Turkey. The methodology and principles that apply to PIFC in other countries can be used as a guide but these will need to be tailored to the Turkey situation We will work closely with the MoF, CHUs, Internal Audit but also with SAI, PAC and Ministries The Polish Ministry of Finance as one CHU which is responsible for both FMC and IA. This work started in 2002 Working with partnership with the Polish MoF will bring an extra bonus to the project as they have implemented PIFC in their country – there is still more refinements that are required but in the main their experience will be useful in especially the delivery of component 1 – FMC.

8 What is internal control?
United Kingdom government view Formerly implicit rather than explicit, but long tradition of internal audit Acted on Turnbull (1999) and Sharman (2001) recommendations Focuses on provision of annual “statement on internal control” Introduction of resource accounting and budgeting, 2001 Treasury guidance from “CHU” on corporate governance, audit committee handbook, government internal audit standards and guidance, “managing public money”, management of risk guidance 8

9 The UK “methodology” Governance is the key
Defined accountability – role of Minister and Accounting Officer, both responsible and answerable to Parliament Corporate Governance Code: Responsibilities of departmental Board To ensure that effective arrangements exist to provide assurance on risk management, governance and internal control Role of Audit Committee Internal Audit function

10 The UK “methodology” Role of audit committee: 5 principles
Supports the Board and the Accounting Officer by reviewing the comprehensiveness, reliability and integrity of assurances that risk management, governance and internal control are functioning effectively Independent and objective with a good understanding of the priorities of the organisation Provides an appropriate mix of skills Terms of reference to define scope of work Effective communication with Board, Head of Internal Audit, external audit and other stakeholders

11 The UK “methodology” Role of internal audit:
To provide an independent and objective opinion to the Accounting Officer on risk management, control and governance*, by measuring and evaluating their effectiveness in achieving the organisation’s agreed objectives. * The policies, procedures and operations established to ensure the achievement of objectives, the appropriate assessment of risk, the reliability of internal and external reporting and accountability processes, compliance with applicable laws and regulations and compliance with behavioural and ethical standards.

12 The UK “methodology” Management of risk
All government organisations must have basic risk management processes in place Guidance provided in “The Orange Book” Risk should managed to a level which is tolerable Effectiveness of risk management audited internally and externally Accounting Officer must comment on risk management in his annual “Statement on Internal Control”

13 The UK “methodology” The Statement on Internal Control
Every Accounting Officer must sign an annual Statement on Internal Control Prescribed format given in Financial Reporting Manual Scope of responsibility Purpose of the system of internal control Capacity to handle risk Risk and control framework Review of effectiveness (significant internal control issues must be mentioned)

14 The UK “methodology” The Statement on Internal Control: examples of significant internal control issues Failure to achieve a Public Service Agreement target Organisation had to seek additional funding from Treasury Adverse opinion from external auditor – material impact on the accounts Head of Internal Audit and/or Audit Committee agree that an issue is significant Public interest and/or damage to the organisation’s reputation

15 The UK “methodology” Role of external audit (National Audit Office)
To review the Statement on Internal Control for each government organisation Compliance with Treasury requirements Consistency with external auditor’s work on financial statements To provide an assurance to Parliament that the resource accounts have been properly prepared, are free from material misstatement, and that transactions have appropriate Parliamentary authority To provide value-for-money reports assessing the economy, efficiency and effectiveness with which public money has been used

16 How it all fits together
Accounting Officer Board Objectives Business plan PSAs and Performance Measures Risk register Budget Risk monitoring Internal audit Accounts Annual report Audit committee Statement on internal control NAO Parliament/ PAC

17 How do we match up against COSO/ INTOSAI?
Control environment: Accountability to Parliament, Board and Audit Committee Risk assessment: Risk management systems widespread, audited internally and externally, reported on in annual Statement on Internal Control Control activities: Delegated to the organisation, described in the Statement on Internal Control Information and Communication: Annual reports, regular reporting to Board and Audit Committee Monitoring: Internal audit reports, regular monitoring by Board and Audit Committee, results of monitoring summarised in Annual Statement on Internal Control

18 How do we match up against the Commission guidance?
Managerial accountability Clearly defined and expressed in statement on internal control Financial management and control systems developed and monitored by a central harmonisation unit Guidance produced centrally eg on governance; risk management But development of systems delegated to Government Departments Supported by functionally independent internal audit Internal audit units in each Government Department

19 Key concepts Statement on Internal Control – informs on all aspects of internal control, published on internet Accountability – of Minister and Accounting Officer Delegation – control and management of spending delegated to departments, monitored by Treasury Proportionality – no sledgehammer to crack a nut Guidance – not always prescription

20 All UK guidance is available at and on departmental websites
and on departmental websites Thank you! Good luck!

Download ppt "Development of internal control: methodology and responsibility"

Similar presentations

Ads by Google