Risk & Assurance. Tailored to your needs. Internal audit solutions

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Risk & Assurance. Tailored to your needs. Internal audit solutions"

Transcription

1 Risk & Assurance Tailored to your needs Internal audit solutions

2 Internal audit solutions The need for internal audit has never been as urgent as it is today. Unmanaged risks can literally cause the demise of a business. Dealing with such problems diverts managers from developing the business and driving it forward. Boards and audit committees need to ensure that their internal audit is up to the challenge. A complete range of internal audit services, advice and software for business. A successful audit service will give management an objective assessment of the risks facing the organisation and how well they are being managed. It will receive recognition for the value it adds by constructive, timely advice to management as well as positive assurances on control. Horwath Clark Whitehill, the UK member of Horwath International, offers a complete range of risk and audit solutions for all organisations, tailored to their size, business sector, geographical spread and regulatory requirements. Our audit service focuses on delivering the assurances you need in a way that fits in with your organisational culture and finding ways in which your business can become more efficient. Whether you have an established internal audit department or are looking for a bought-in solution, the experience of our Risk & Assurance specialists in risk management, audit strategy, audit delivery and the provision of software can help you enhance the effectiveness of your control systems, allowing you to concentrate on the main objectives of your business.

3 Audit Experienced auditors to provide the assurances that you need about the effectiveness of your controls Advice In-depth knowledge of methodologies, tools and audit standards based on best practice in a wide range of sectors Automation The market-leading integrated system of risk and audit management tools, combined with computer assisted audit techniques

4 Value adding Process Our audit methodology brings together the streams of Risk Based Internal Audit, Key Controls testing and Thematic Reviews. These three approaches to audit testing ensure that the review programme is always relevant to management concerns. With quality assurance built in to every stage of the process you can be confident in the reliability of the audit. Knowledge The effectiveness and efficiency of individuals is enhanced by access to the knowledge base contained in our extensive Audit Resource Management System. This contains sample audit procedures for a wide range of environments and enables our staff to focus quickly on the procedures that need to be present in a well controlled business.

5 elements of audit People The Horwath service is built upon the quality of the individuals involved in its delivery. We recruit audit staff with an impressive blend of technical and personal skills and invest in their continuing training and development. Our risk management consultants are specialists in their fields, dedicated to excellence in the advice they provide. Technology Our market-leading risk and audit management software is used by major commercial, government and financial institutions both within the UK and across the world. We will use the Galileo audit system to manage and document all of our audit work. We can also design an integrated service that gives you access to the Magique system for recording and managing your risks.

6 Risk Based Internal Auditing For organisations that believe taking calculated risks is an essential part of success in business, a risk-based approach to internal control makes good sense. This involves embedding risk management at the heart of every activity. Such organisations need to establish a record of how business units deal with their most important risks and establish a method of confirming that the related controls are operating as intended. Risk assessment Our Risk & Assurance group can analyse your requirements and provide a tailored version of the Magique software to manage your risks. The system is available to authorised users over the internet, using conventional browser software. The principal features of the risk management system include: organisation of risks following corporate structure identification and assessment of risks according to an agreed methodology tracking of required actions where risks are not acceptable full accountability through allocation of ownership of risks and controls review intervals to allow regular updating of risks at manageable volumes comprehensive reporting facilities, including key item reports, heat-maps and trend monitoring. Assessments are made of the risks facing the business before and after taking account of the controls that are in place. Actions are agreed for unacceptable residual risks, responsibilities are allocated for those actions and a monitoring process is put in place to ensure that the actions are followed through. Gaining assurance about controls The effectiveness of internal controls is regularly reviewed, in part by reports submitted through the risk management system and in part by internal audits. Audit reviews are scheduled to achieve the most efficient coverage of key risks and the related controls. This may be by business unit, department or any other convenient category. Audits focus on: controls that contribute most towards risk reduction controls that have been identified as essential for every business unit specific areas of interest to management where risk indicators show that more controls may be required or that expected controls may not be working effectively. After each audit reports are produced highlighting recommendations for improvement in control and summarising those controls that appear to working effectively.

7 At the end of the year, the Head of Internal Audit or our internal audit partner will give an opinion on the robustness of the risk management process and summarise the results of audits carried out during the year. This report supports the Audit Committee s report to the Board on Internal Control, which in turn informs the statement made in the annual report. Benefits of Risk Based Internal Auditing When a risk management system and an internal audit programme is established as part of the management processes within an organisation: information about risks and controls is immediately available to managers throughout the group actions required to improve controls are linked to individuals and target dates, enabling them to be tracked through to implementation representations by control owners about their effectiveness introduces a new level of accountability relevance of internal audits is improved as they are planned in advance, based on the criticality of controls, suspected problems or organisation-wide themes information about the structure of controls is available to external auditors, giving greater efficiency in planning, auditing and reporting.

8 Effective Internal Audit Process Audit Committee approved Outcome oriented Risk aligned Geared to positive reporting Aligned with recognised standards Knowledge Audit Resources Management System Sector knowledge bases Updating procedures Audit Committee briefings Knowledge transfer

9 People Specialist internal auditors Motivated professionals Client focused Ongoing training Sector specialisms Technology Market leading software Integrated risk and audit Planning flexibility Real-time review Online access to key issues

10 Specialist services In addition to the core internal audit services, we provide a range of specialist services which are relevant to internal audit departments and to organisations without an established internal audit function. Our services are supported by the market-leading Magique and Galileo software. Governance reviews Risk management, internal control and internal audit are integral elements of a sound system of corporate governance. A review of corporate governance is useful as a precursor to making decisions about the detailed arrangements for risk management and audit. We are familiar with the governance requirements of the major regulators in the UK and overseas. Internal Audit establishment Our experience in helping many organisations develop and update their audit methodologies, combined with our own practical experience of internal audit, makes us an ideal choice to assist in setting up internal audit departments, or to advise on restructuring. We undertake audit needs assessments, initial staff interviews, preparation of audit documentation standards, methodology guides and interim audit management.

11 Outsourced service reviews Organisations that provide an outsourced service, such as payment systems, accounting services or pensions administration often need to satisfy their customers and their auditors that effective controls are in place. We undertake reviews of such services to satisfy the requirements of ISA 402, SAS 70 and AAF 1/06. IT Audit IT specialists are available to carry out IT audit procedures as part of a fully outsourced internal audit programme or as a resource to in-house internal audit departments that do not have their own IT audit resource. Typical areas for review include IT strategic planning, complex application control frameworks, information security, data management, IT project management, operational integrity, disaster recovery and IT governance. Business data analysis Auditors frequently find instances of transactions that are invalid, but may not have the necessary resources to be able to determine how many similar instances are present in the audit population. Our specialists use advanced data interrogation tools to review total audit populations for potentially invalid transactions, such as duplicate payments or invalid salary payments. External Quality Assessments To comply with s 1312 of the IIA standards each internal audit function is required to have an external quality assessment performed by an independent assessor at least once every five years. Horwath Clark Whitehill have experienced assessors with the objectivity to appraise the function and provide value adding suggestions relating to effectiveness and efficiency. Sarbanes Oxley reviews Horwath International member firms have frequently assisted US listed companies to meet the compliance requirements of the Sarbanes-Oxley Act as they relate to financial accounting. Similar requirements apply in other jurisdictions. Business Continuity Planning Business continuity is high on many of our clients priority lists. As such, it is a frequent audit topic. Additionally, we offer specific consulting assistance to develop and implement Business Continuity Plans, with the emphasis on controlled continuing operations during the recovery period.

12 Risk Management Software Magique is a flexible, integrated web-based system to assist organisations to record, quantify, assess and control risks. It has an extensive range of functionality to grow and evolve with your users and requirements. In addition to the register, the software includes a questionnaire system for Control Self Assessment, a Loss Events and Incident Management system and an Action Tracking system for recording and tracking additional remedial actions. The system supports a wide range of standard and custom reporting options to ensure your exact reporting requirements are met. Heat-maps by Business Unit, Category, Objective, Process and other key areas help manage risks within your appetite and provide drill-down functionality to investigate areas of concern. Exports to MS Word and MS Excel are available throughout the system. The powerful and easy-to-use Magique/Galileo Flex-Reporting tool is also available for end-user reporting. The system helps create a framework within which to achieve business objectives, ensures compliance with laws and regulations and reduces the overall cost of risk in the organisation. When integrated with the Galileo Audit Management System, it provides a full risk-based auditing methodology. Audit Management System Galileo is a fully integrated audit management, documentation and reporting system which can be tailored to suit the precise needs of an internal audit, investigations, compliance or other project oriented department. It covers: strategic and annual planning which ensures targeting of high risk areas whilst maintaining coverage activity monitoring and tracking ensuring problems and delays are identified and attended at the earliest time resource management, scheduling and time recording to ensure effective use of resources a working papers system with an extensive range of working paper types, review processes and automatic report production an issues tracking system which is optionally shared by the business users post audit surveys to gain feedback on the audit process. The OffLine Galileo module supports mobile auditors where connectivity is not available. The system provides a wide range of standard and custom multi-dimensional reporting options to ensure your exact needs are met.

13 Internal audit solutions Risk & Assurance Horwath Clark Whitehill LLP St Bride s House 10 Salisbury Square London EC4Y 8EH

14 Contact details For more information about Internal audit solutions, please contact: Risk & Assurance Horwath Clark Whitehill LLP Tel +44 (0)

MAGENTA KEYLINE IS A CUTTER GUIDE, DO NOT PRINT. PLEASE SET TRAPPING THROUGHOUT

MAGENTA KEYLINE IS A CUTTER GUIDE, DO NOT PRINT. PLEASE SET TRAPPING THROUGHOUT Risk & Assurance Integrated software solution Managing risks and providing assurance that the process is working is a key requirement for any organisation, as is having an effective and efficient software

More information

Effective Internal Audit in the Financial Services Sector

Effective Internal Audit in the Financial Services Sector Effective Internal Audit in the Financial Services Sector Recommendations from the Committee on Internal Audit Guidance for Financial Services: How They Relate to the Global Institute of Internal Auditors

More information

Internal Audit Quality Assessment Framework

Internal Audit Quality Assessment Framework Internal Audit Quality Assessment Framework May 2013 Internal Audit Quality Assessment Framework May 2013 Crown copyright 2013 You may re-use this information (excluding logos) free of charge in any format

More information

Effective Internal Audit in the Financial. Services Sector. Non Executive Directors (NEDs) and the Management of Risk

Effective Internal Audit in the Financial. Services Sector. Non Executive Directors (NEDs) and the Management of Risk Consultation document Effective Internal Audit in the Financial A survey of heads of internal audit Services Sector Non Executive Directors (NEDs) and the Management of Risk Draft recommendations to the

More information

Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit

Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit 2014 Welcome to our third annual review of the IT hot topics facing Internal Audit functions within

More information

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13 Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...

More information

Audit Quality Thematic Review

Audit Quality Thematic Review Thematic Review Professional discipline Financial Reporting Council 201 Audit Quality Thematic Review Firms audit quality monitoring The FRC is responsible for promoting high quality corporate governance

More information

Weighing in on the Benefits of a SAS 70 Audit for Third Party Data Centers

Weighing in on the Benefits of a SAS 70 Audit for Third Party Data Centers Weighing in on the Benefits of a SAS 70 Audit for Third Party Data Centers With increasing oversight and growing demands for industry regulations, third party assurance has never been under a keener eye

More information

IT Charter and IT Governance Framework

IT Charter and IT Governance Framework IT Charter and IT Governance Framework Status: Custodian: Approved Director: Information Technology Date approved: 2013-12-04 Implementation date: 2013-12-05 Decision number: SAQA 02102/13 Due for review:

More information

Following up recommendations/management actions

Following up recommendations/management actions 09 May 2016 Following up recommendations/management actions Chartered Institute of Internal Auditors At the conclusion of an audit, findings and proposed recommendations are discussed with management and

More information

Internal Audit - progress report 2015-16 and 2016-17 plan

Internal Audit - progress report 2015-16 and 2016-17 plan Audit Committee, 16 March 2016 Internal Audit - progress report 2015-16 and 2016-17 plan Executive summary and recommendations Introduction Grant Thornton have prepared the attached report which sets out

More information

Adding value to your ship management business. Shipping & Transport PRECISE. PROVEN. PERFORMANCE.

Adding value to your ship management business. Shipping & Transport PRECISE. PROVEN. PERFORMANCE. Adding value to your ship management business Shipping & Transport PRECISE. PROVEN. PERFORMANCE. 2 Shipping & Transport Adding value to your ship management business The management of risk and implementation

More information

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14

More information

HR/Employment Law Consultancy Services. Your Service, Your Way

HR/Employment Law Consultancy Services. Your Service, Your Way HR/Employment Law Consultancy Services Your Service, Your Way About Abbey Abbey HR Consultancy Services is a trading division of LHS Solicitors LLP. LHS Solicitors LLP is regulated by the Solicitors Regulation

More information

OUTSOURCING AND SERVICE AUDITOR S REPORTS

OUTSOURCING AND SERVICE AUDITOR S REPORTS OUTSOURCING AND SERVICE AUDITOR S REPORTS FREEDOM TO DO BUSINESS Outsourcing and service Auditor s Reports 3 OUTSOURCING AND SERVICE AUDITOR S REPORTS SERVICE AUDITOR S REPORTS ARE GROWING IN IMPORTANCE,

More information

MOBIUS LIFE. Providing solutions for institutional pension schemes and asset managers

MOBIUS LIFE. Providing solutions for institutional pension schemes and asset managers MOBIUS LIFE Providing solutions for institutional pension schemes and asset managers We empower our clients and their advisers to implement their investment strategies efficiently Mobius Life 1 The Mobius

More information

UK Stewardship Code. Response by Generation Investment Management LLP. London / 31 March, 2015. Generation Investment Management Page 1

UK Stewardship Code. Response by Generation Investment Management LLP. London / 31 March, 2015. Generation Investment Management Page 1 UK Stewardship Code Response by LLP London / 31 March, 2015 Page 1 This document, available on our website, outlines our response to the UK Stewardship Code and the ways in which we discharge our stewardship

More information

INTERNAL AUDIT FRAMEWORK

INTERNAL AUDIT FRAMEWORK INTERNAL AUDIT FRAMEWORK April 2007 Contents 1. Introduction... 3 2. Internal Audit Definition... 4 3. Structure... 5 3.1. Roles, Responsibilities and Accountabilities... 5 3.2. Authority... 11 3.3. Composition...

More information

trust When you choose an accountant, you need someone you can trust. This trust does not come from a job title - it needs to be earned.

trust When you choose an accountant, you need someone you can trust. This trust does not come from a job title - it needs to be earned. about us trust When you choose an accountant, you need someone you can trust. This trust does not come from a job title - it needs to be earned. At Duncan & Toplis we understand this and our clients trust

More information

HR Enabling Strategy 2012-2017

HR Enabling Strategy 2012-2017 This document is yet to be put into corporate format but this interim version can be referred to for the time being. Should you have any queries, please refer to Sally Hartley, University Secretary, x

More information

FCA Thematic Review Delegated Authority: Outsourcing in the General Insurance Market

FCA Thematic Review Delegated Authority: Outsourcing in the General Insurance Market FCA Restricted IAC Forum FCA Thematic Review Delegated Authority: Outsourcing in the General Insurance Market Lloyd s Old Library 25 September 2015 FCA Restricted Delegated authority: Outsourcing in the

More information

Internal Audit at the University of Cambridge.

Internal Audit at the University of Cambridge. Internal Audit at the University of Cambridge. Contents Introduction to Deloitte 1 Our team 2 What is Internal Audit? 4 Our approach to Internal Audit 5 Authority and reporting lines 7 Planning 8 Ad Hoc

More information

How to gather and evaluate information

How to gather and evaluate information 09 May 2016 How to gather and evaluate information Chartered Institute of Internal Auditors Information is central to the role of an internal auditor. Gathering and evaluating information is the basic

More information

What Every Director. How to get the most from your internal audit. Endorsed by

What Every Director. How to get the most from your internal audit. Endorsed by What Every Director Should Know How to get the most from your internal audit Endorsed by Foreword This is the second edition of our flagship governance guide What every director should know. Since we published

More information

Third party assurance services

Third party assurance services TECHNOLOGY RISK SERVICES Third party assurance services Delivering assurance over your service providers The current third party service provider environment Corporate UK has been transformed in recent

More information

NHS Commissioning Board: Information governance policy

NHS Commissioning Board: Information governance policy NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION

More information

Report of the Audit and Risk Committee

Report of the Audit and Risk Committee 10 December 2014 Council 7 To consider Report of the Audit and Risk Committee Issue 1 Twice a year the Audit and Risk Committee prepares a report for Council which details the work it has undertaken since

More information

Considerations for firms thinking of using third-party technology (off-the-shelf) banking solutions

Considerations for firms thinking of using third-party technology (off-the-shelf) banking solutions Financial Conduct Authority Considerations for firms thinking of using third-party technology (off-the-shelf) banking solutions Introduction 1. A firm has many choices when designing its operating model

More information

Delivering Excellence in Insurance Claims Handling

Delivering Excellence in Insurance Claims Handling Delivering Excellence in Insurance Claims Handling Guide to Best Practice Delivering Excellence in Insurance Claims Handling Contents Page 1. Introduction 1 2. Executive Summary 2 3. Components of Best

More information

<workers> Online Claims and Injury Management

<workers> Online Claims and Injury Management Global Resources... Local Knowledge With over 30 years experience in workers compensation, our claims management systems have been adopted by Self-Insured Organisations, Third Party Administrators and

More information

Audit Quality Thematic Review

Audit Quality Thematic Review Thematic Review Professional discipline Financial Reporting Council January 2014 Audit Quality Thematic Review Fraud risks and laws and regulations The FRC is responsible for promoting high quality corporate

More information

Quality Assurance of Medical Appraisers

Quality Assurance of Medical Appraisers Quality Assurance of Medical Appraisers Recruitment, training, support and review of medical appraisers in England www.revalidationsupport.nhs.uk Contents 1. Introduction 3 2. Purpose and overview 4 3.

More information

Lessons learned from creating a change management framework

Lessons learned from creating a change management framework Lessons learned from creating a change management framework Author Melanie Franklin Director Agile Change Management Limited Contents Introduction 3 What is a Change Management Framework? 3 Why is it called

More information

Best Value toolkit: Performance management

Best Value toolkit: Performance management Best Value toolkit: Performance management Prepared by Audit Scotland July 2010 Contents Introduction The Audit of Best Value The Best Value toolkits Using the toolkits Auditors evaluations Best Value

More information

Medical Sales In-Vitro Diagnostics

Medical Sales In-Vitro Diagnostics In-Vitro Diagnostics Providing Qualified Professionals Be Exceptional About Us In-vitro Diagnostics Market Recruitment Process Client Support Testimonials About us Medical Device Industry Cordant is a

More information

TRANSPORT FOR LONDON AUDIT COMMITTEE STRATEGIC RISK MANAGEMENT PROGRESS REPORT

TRANSPORT FOR LONDON AUDIT COMMITTEE STRATEGIC RISK MANAGEMENT PROGRESS REPORT AGENDA ITEM 4 TRANSPORT FOR LONDON AUDIT COMMITTEE SUBJECT: STRATEGIC RISK MANAGEMENT PROGRESS REPORT DATE: 3 MARCH 2009 1 PURPOSE AND DECISION REQUIRED 1.1 The purpose of this paper is to update the Audit

More information

0845 345 3300 tellmemore@theaccessgroup.com www.theaccessgroup.com. HR, talent management and payroll

0845 345 3300 tellmemore@theaccessgroup.com www.theaccessgroup.com. HR, talent management and payroll 0845 345 3300 tellmemore@theaccessgroup.com www.theaccessgroup.com HR, talent management and payroll Welcome to Access We are here to give you the advice, tools and clarity you need to make effective HR

More information

Service Management Simplified

Service Management Simplified Service Management Simplified TOPdesk develops, markets, implements and supports software which helps organisations to efficiently manage the services they provide. Our vision is to create a user-friendly

More information

An Introduction to Continuous Controls Monitoring

An Introduction to Continuous Controls Monitoring An Introduction to Continuous Controls Monitoring Reduce compliance costs, strengthen the control environment and lessen the risk of unintentional errors and fraud Richard Hunt, Managing Director Marc

More information

Sarbanes-Oxley Section 404 Implementation Practices of Leading Companies

Sarbanes-Oxley Section 404 Implementation Practices of Leading Companies Sarbanes-Oxley Section 404 Implementation Practices of Leading Companies Sarbanes-Oxley Section 404 Implementation Practices of Leading Companies Dr. Robert A. Howell Distinguished Visiting Professor of

More information

QUALITY MANAGEMENT POLICY & PROCEDURES

QUALITY MANAGEMENT POLICY & PROCEDURES QUALITY MANAGEMENT POLICY & PROCEDURES Policy Statement Cotleigh Engineering Co. Limited specialises in the recruitment of engineering & technical personnel in the oil & energy, rail, civil engineering,

More information

Derbyshire Trading Standards Service Quality Manual

Derbyshire Trading Standards Service Quality Manual Derbyshire Trading Standards Service Quality Manual This Quality Manual has been developed to give a broad outline of how the Trading Standards Division s range of services comply with the requirements

More information

Integrated Stress Testing

Integrated Stress Testing Risk & Compliance the way we see it Integrated Stress Testing A Practical Approach Contents 1 Introduction 3 2 Stress Testing Framework 4 3 Data Management 6 3.1 Data Quality 6 4 Governance 7 4.1 Scenarios,

More information

REPORTS TO: National Vice President LOCATION: SVP House, Dublin 1

REPORTS TO: National Vice President LOCATION: SVP House, Dublin 1 SVP Job Description JOB TITLE: Internal Auditor JOB HOLDER: Vacant REPORTS TO: National Vice President LOCATION: SVP House, Dublin 1 REGION: Council of Ireland DATE OF JOB DESCRIPTION: July 2015 1. PURPOSE

More information

Setting Standards Achieving Success

Setting Standards Achieving Success Setting Standards Achieving Success Resolve F1 customer service problems Manage a project B5 Provide B10 leadership for your team Manage risk F5 team E14 Support E1 Manage a budget team and virtual working

More information

EXTERNAL AUDIT PLAN FOR 2013-14

EXTERNAL AUDIT PLAN FOR 2013-14 Report Audit and Risk Management Committee 20 February 2014 EXTERNAL AUDIT PLAN FOR 2013-14 1. Purpose of Report The Council s external auditors have published the plan of work they intend to undertake

More information

ICT Strategy 2010-2013

ICT Strategy 2010-2013 ICT Strategy 2010-2013 If you would like to receive this publication in an alternative format (large print, tape format or other languages) please contact us on 01832 742000. East Northamptonshire Council

More information

This report, which covers the financial year ended 5 April 2013, is Larking Gowen's third transparency report.

This report, which covers the financial year ended 5 April 2013, is Larking Gowen's third transparency report. LARKING GOWEN TRANSPARENCY REPORT 2013 BACKGROUND TO THE REPORT In accordance with the Statutory Auditors (Transparency) Instrument 2008, issued by the Professional Oversight Board, we submit our transparency

More information

Internal Audit Division

Internal Audit Division Internal Audit Division at the Financial Conduct Authority Information Pack April 2013 Contents of Information Pack A. Introduction B. Internal Audit Terms of Reference C. Organisation D. Skills and Competencies

More information

Procuring Penetration Testing Services

Procuring Penetration Testing Services Procuring Penetration Testing Services Introduction Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat

More information

Information Commissioner's Office

Information Commissioner's Office Phil Keown Engagement Lead T: 020 7728 2394 E: philip.r.keown@uk.gt.com Will Simpson Associate Director T: 0161 953 6486 E: will.g.simpson@uk.gt.com Information Commissioner's Office Internal Audit 2015-16:

More information

Cloud Security checklist Are you really ready for Cloud

Cloud Security checklist Are you really ready for Cloud checklist Are you really ready for Cloud Introduction Once you have assessed the benefits of migrating a business system or its function to the Cloud (See our White Book of Cloud Adoption), the next step

More information

Fundamentals Level Skills Module, F8 (IRL)

Fundamentals Level Skills Module, F8 (IRL) Answers Fundamentals Level Skills Module, F8 (IRL) Audit and Assurance (Irish) June 2008 Answers 1 (a) Prior year internal control questionnaires Obtain the audit file from last year s audit. Ensure that

More information

Digital Industries Apprenticeship: Assessment Plan. Cyber Security Technologist. April 2016

Digital Industries Apprenticeship: Assessment Plan. Cyber Security Technologist. April 2016 Digital Industries Apprenticeship: Assessment Plan Cyber Security Technologist April 2016 1 Digital Industries Apprenticeships: Assessment Plan 1. General Introduction and Overview The apprenticeship Standard

More information

A Guide to the Cyber Essentials Scheme

A Guide to the Cyber Essentials Scheme A Guide to the Cyber Essentials Scheme Published by: CREST Tel: 0845 686-5542 Email: admin@crest-approved.org Web: http://www.crest-approved.org/ Principal Author Jane Frankland, Managing Director, Jane

More information

Fraud Prevention and Deterrence

Fraud Prevention and Deterrence Fraud Prevention and Deterrence Fraud Risk Assessment 2016 Association of Certified Fraud Examiners, Inc. What Is Fraud Risk? The vulnerability that an organization faces from individuals capable of combining

More information

IT Governance Charter

IT Governance Charter Version : 1.01 Date : 16 September 2009 IT Governance Network South Africa USA UK Switzerland www.itgovernance.co.za info@itgovernance.co.za 0825588732 IT Governance Network, Copyright 2009 Page 1 1 Terms

More information

Application of Software Tools During Audits. Martin Lejsal September 2012

Application of Software Tools During Audits. Martin Lejsal September 2012 Application of Software Tools During Audits. Martin Lejsal September 2012 Content of the Presentation 1. Presentation of the important information is based on questionnaires results 2. Our AMS in summary

More information

NHS Dorset Clinical Commissioning Group. Internal Audit Annual Report 2014/15. May 2015

NHS Dorset Clinical Commissioning Group. Internal Audit Annual Report 2014/15. May 2015 Internal Audit Annual Report 2014/15 May 2015 Internal Audit Annual Report INTRODUCTION This is the 2014/15 Annual Report by TIAA on the internal control environment at Dorset Clinical Commissioning Group.

More information

Intelligent HR and payroll solutions. Making complex things simple

Intelligent HR and payroll solutions. Making complex things simple Intelligent HR and payroll solutions Making complex things simple The experience to meet today s HR and payroll challenges with tomorrow s technology. Equiniti is an HR and payroll solutions provider with

More information

Risk Management Strategy & Implementation Plan 2014 2016

Risk Management Strategy & Implementation Plan 2014 2016 St George s Healthcare NHS Trust: the next decade Risk Management Strategy & Implementation Plan 2014 2016 DRAFT VERSION 6.0 UPDATED 19.11.14 Executive summary We know, from external assurances received

More information

Strategy & Planning Manager Executive Office Location: London Closing date: 27 September 2015

Strategy & Planning Manager Executive Office Location: London Closing date: 27 September 2015 Job title: Strategy & Planning Manager Executive Office Location: London Closing date: 27 September 2015 Contract type: Permanent About Teach First How much you achieve in life should not be determined

More information

Avon & Somerset Police Authority

Avon & Somerset Police Authority Avon & Somerset Police Authority Internal Audit Report IT Service Desk FINAL REPORT Report Version: Date: Draft to Management: 19 February 2010 Management Response: 12 May 2010 Final: 13 May 2010 Distribution:

More information

Committees Date: Subject: Public Report of: For Information Summary

Committees Date: Subject: Public Report of: For Information Summary Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security

More information

Managing Risk Control Environment and Responsibilities

Managing Risk Control Environment and Responsibilities Managing Risk Page 1 of 8 Contents Introduction...3 Risk...3 Risk management - using the framework...3 Source of risk...3 Likelihood and impact...3 Inherent risk...4 Risk-reducing measures...4 Effectiveness...5

More information

Navigate the regulatory maze

Navigate the regulatory maze www.pwc.com.cy Navigate the regulatory maze Delivering Regulatory Compliance services to the Financial Services industry September 2014 As at July 2014 there were more than 40 licensed banking institutions

More information

Awarding body monitoring report for: English Speaking Board (International) Ltd (ESB) May 2009. Ofqual/09/4637

Awarding body monitoring report for: English Speaking Board (International) Ltd (ESB) May 2009. Ofqual/09/4637 Awarding body monitoring report for: English Speaking Board (International) Ltd (ESB) May 2009 Ofqual/09/4637 2009 Office of the Qualifications and Examinations Regulator 2 Contents Introduction...4 Regulating

More information

expense@work Overview Pricing & Features Summary

expense@work Overview Pricing & Features Summary expense@work Overview Pricing & Features Summary 1 st March 2012 Copyright Notice Produced By: Published: Contact Details: systems@work - Solution Delivery Division Mar-12 systems@work Limited http://www.systemsatwork.co.uk

More information

Asset4000. Real Asset. Transforming assets into business advantage. Management

Asset4000. Real Asset. Transforming assets into business advantage. Management Asset4000 Transforming assets into business advantage Real Asset Management Get Real When it Comes to Managing your Fixed Assets Real Asset Management (RAM) is the UK's leading provider of fixed asset

More information

Insurance Industry Expertise

Insurance Industry Expertise Insurance Industry Expertise Delivered With High-Level Attention and Service Audit Tax Advisory Risk Performance The Unique Alternative to the Big Four For more than 50 years, clients in all sectors of

More information

OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT

OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT ERM as the foundation for regulatory compliance and strategic business decision making CONTENTS Introduction... 3 Steps to developing an

More information

PRCA Communications Management Standard (CMS) for In-House Teams

PRCA Communications Management Standard (CMS) for In-House Teams PRCA Communications Management Standard (CMS) for In-House Teams PRCA Communications Management Standard (CMS) for In-House Teams Contents Introduction 4 The Communications Management Standard for In-House

More information

CRISP Technologies Inc.

CRISP Technologies Inc. Resumption Planning (BCRP ) Consulting with BCRP Methodology and Workflow CRISP Technologies Inc. Table of Contents TABLE OF CONTENTS... 2 1 CONSULTING WITH THE CRISP BCRP METHODOLOGY... 3 2 CRISP TECHNOLOGIES

More information

The Human Resources Department Work Plan for the period 1 April 2015 to 31 March 2016 is attached.

The Human Resources Department Work Plan for the period 1 April 2015 to 31 March 2016 is attached. Council, 25 March 2015 Human Resources Department Work Plan 2015-2016 Executive summary and recommendations Introduction The Human Resources Department Work Plan for the period 1 April 2015 to 31 March

More information

Information governance strategy 2014-16

Information governance strategy 2014-16 Information Commissioner s Office Information governance strategy 2014-16 Page 1 of 16 Contents 1.0 Executive summary 2.0 Introduction 3.0 ICO s corporate plan 2014-17 4.0 Regulatory environment 5.0 Scope

More information

Corporate Governance Report

Corporate Governance Report Corporate Governance Report Chairman s introduction From 1 January 2015 until 31 December 2015, the company applied the 2014 edition of the UK Corporate Governance Code (the Code ). 1. BOARD COMPOSITION

More information

Building a Strategic Internal Audit Function. A 10-Step Framework

Building a Strategic Internal Audit Function. A 10-Step Framework Building a Strategic Internal Audit Function A 10-Step Framework Ten steps to a strategically focused internal audit function With passage of the Sarbanes-Oxley Act and the push for exchange-listed companies

More information

Reduce risk. Reduce cost. Raise performance.

Reduce risk. Reduce cost. Raise performance. Reduce risk. Reduce cost. Raise performance. Services for professional procurement. Be better informed, make better decisions. Achilles procurement toolkit Support for sourcing and supplier management

More information

Credit where credit s due. UK theatre tax relief

Credit where credit s due. UK theatre tax relief Credit where credit s due UK theatre tax relief A large majority (76%) of the UK population has been to at least one theatre show (including plays, musicals, opera and dance performances) in the past three

More information

IT Governance. What is it and how to audit it. 21 April 2009

IT Governance. What is it and how to audit it. 21 April 2009 What is it and how to audit it 21 April 2009 Agenda Can you define What are the key objectives of How should be structured Roles and responsibilities Key challenges and barriers Auditing Scope Test procedures

More information

Bath & North East Somerset Council

Bath & North East Somerset Council Government and Public Sector September 2006 Bath & North East Somerset Council Contents Section Page Introduction... 3 Executive Summary... 5 Detailed Findings... 8 Observations and recommendations...

More information

Audit Committee. Directors Report. Gary Hughes Chairman, Audit Committee. Gary Hughes Chairman, Audit Committee

Audit Committee. Directors Report. Gary Hughes Chairman, Audit Committee. Gary Hughes Chairman, Audit Committee Audit Committee Dear Shareholder, We are satisfied that the business has maintained robust risk management and internal controls, supported by strong overall governance processes, and that management have

More information

This report outlines the business case for the purchase of an integrated HR & Payroll system.

This report outlines the business case for the purchase of an integrated HR & Payroll system. Agenda Item No. 10 HR & Payroll system HR&OD Manager This report outlines the business case for the purchase of an integrated HR & Payroll system. Cabinet member(s): Garry Wheatley Ward(s) affected: All

More information

Close Brothers Graduate Programme

Close Brothers Graduate Programme 1 02 Financial expertise About us was established in 1878 and since then has held true to the principles of merchant banking supporting small businesses and individuals through all conditions. today employs

More information

INTERNAL AUDIT SERVICE

INTERNAL AUDIT SERVICE Risk Management Policy INTERNAL AUDIT SERVICE Purpose of this document 1. This risk management policy forms part of the University s internal control and corporate governance arrangements. 2. The policy

More information

Report of Don McLure, Corporate Director of Resources

Report of Don McLure, Corporate Director of Resources AUDIT COMMITTEE 29 June 2015 Annual Review of the System of Internal Audit 2014 / 2015 Report of Don McLure, Corporate Director of Resources Purpose of the Report 1. The purpose of this report is for members

More information

Delivering peace of mind in outsourcing

Delivering peace of mind in outsourcing > Delivering peace of mind in outsourcing How to increase enterprise performance when outsourcing mission critical systems www.thalesgroup.com/security-services AND >> PERFORMANCE OUTSOURCING OF MISSION

More information

INTERNAL AUDIT REPORT TRANSFORMATION PROGRAMME DELIVERY 2013-14

INTERNAL AUDIT REPORT TRANSFORMATION PROGRAMME DELIVERY 2013-14 INTERNAL AUDIT REPORT TRANSFORMATION PROGRAMME DELIVERY 2013-14 Issue Date: 21 st May 2014 Issued to: Bev Jolly Corporate Author: Jonathan Nulty Simon Riley Head of Financial Services & Section 151 Officer

More information

Sector Led Improvement Peer Challenge. of the. London Borough of Haringey Direct Payments Support Services. May 2013

Sector Led Improvement Peer Challenge. of the. London Borough of Haringey Direct Payments Support Services. May 2013 Sector Led Improvement Peer Challenge of the London Borough of Haringey Direct Payments Support Services May 2013 Peer Challenge Authors Barry Holland Justin Walker December 2013 Document Control Version

More information

HKCAS Supplementary Criteria No. 8

HKCAS Supplementary Criteria No. 8 Page 1 of 12 HKCAS Supplementary Criteria No. 8 Accreditation Programme for Information Security Management System (ISMS) Certification 1 INTRODUCTION 1.1 HKAS accreditation for information security management

More information

Are CAATs keeping you awake at night?

Are CAATs keeping you awake at night? Are CAATs keeping you awake at night? SUMMARY: The importance of using Computer-Assisted Audit Techniques is discussed. A challenge is made regarding the audit profession s traditional methodology. The

More information

Project, Programme and Portfolio Management Delivery Plan 6

Project, Programme and Portfolio Management Delivery Plan 6 Report title Agenda item Project, Programme and Portfolio Management Delivery Plan 6 Meeting Performance Management and Community Safety Panel 27 April 2009 Date Report by Document number Head of Strategy

More information

Public Sector Internal Audit Standards. Applying the IIA International Standards to the UK Public Sector

Public Sector Internal Audit Standards. Applying the IIA International Standards to the UK Public Sector Public Sector Internal Audit Standards Applying the IIA International Standards to the UK Public Sector Issued by the Relevant Internal Audit Standard Setters: In collaboration with: Public Sector Internal

More information

NORTHERN IRELAND FIRE & RESCUE SERVICE JOB DESCRIPTION

NORTHERN IRELAND FIRE & RESCUE SERVICE JOB DESCRIPTION MAIN PURPOSE OF JOB NORTHERN IRELAND FIRE & RESCUE SERVICE JOB DESCRIPTION IT PROJECT AND SECURITY MANAGER (GRADE PO2) INFORMATION TECHNOLOGY DEPARTMENT JOB REF: N45/11/06 SALARY: 27,492.00 TO 29,859.00

More information

Programme Specification May 2012

Programme Specification May 2012 Faculty of Business Computing and Law Programme Specification May 2012 MSc Accounting and Finance Valid from September 2012 JACS code N400/N300 Programme code Valid for delivery at University of Derby

More information

1.1 Terms of Reference Y P N Comments/Areas for Improvement

1.1 Terms of Reference Y P N Comments/Areas for Improvement 1 Scope of Internal Audit 1.1 Terms of Reference Y P N Comments/Areas for Improvement 1.1.1 Do Terms of Reference: a) Establish the responsibilities and objectives of IA? b) Establish the organisational

More information

Mary Immaculate College. Human Resources Strategy 2014-2016

Mary Immaculate College. Human Resources Strategy 2014-2016 1.0 Introduction Mary Immaculate College Human Resources Strategy 2014-2016 1.1 Mary Immaculate College Strategic Plan 2012-2016 rests on 7 foundational pillars, each pillar representing a thematic imperative

More information

Property & Casualty. Flexible insurance for retail chain stores

Property & Casualty. Flexible insurance for retail chain stores Property & Casualty Flexible insurance for retail chain stores 1 2 ACE Retail, a comprehensive package insurance, can lift some of the pressure on retailers by addressing issues such as risk management,

More information

The Internal Audit fraud challenge Prevention, protection, detection

The Internal Audit fraud challenge Prevention, protection, detection The Internal Audit fraud challenge Prevention, protection, detection Contents Introduction to survey 1 Key findings 2 What are the views of senior management? 3 Adequately resourced? 6 Current trends and

More information

Human Resources Report 2014 and People Strategy

Human Resources Report 2014 and People Strategy 24 February 2015 Council 5 To consider Human Resources Report 2014 and People Strategy Issue 1 The annual report on Human Resources issues and a proposed People Strategy. Recommendations 2 Council is asked

More information