INTERNAL AUDIT POLICY

Similar documents
august09 tpp Internal Audit and Risk Management Policy for the NSW Public Sector OFFICE OF FINANCIAL MANAGEMENT Policy & Guidelines Paper

INTERNAL AUDIT CHARTER AND TERMS OF REFERENCE

The Institute of Internal Auditors 247 Maitland Avenue Altamonte Springs, FL USA

APES 325 Risk Management for Firms

Internal Audit Terms of Reference

INTERNAL AUDITING S ROLE IN SECTIONS 302 AND 404

Guidance for audit committees. The internal audit function

Internal Auditing Guidelines

INTERNAL AUDIT FRAMEWORK

Effective Internal Audit in the Financial Services Sector

Compliance Review Report Internal Audit and Risk Management Policy for the New South Wales Public Sector

APES 205 CONFORMITY WITH ACCOUNTING STANDARDS

Texas Workforce Commission

Internal Audit Charters

Positioning the internal audit function within the Solvency II framework Key challenges. Ludovic Bardon Senior Manager Audit Deloitte Luxembourg

Guide to Internal Audit

Internal Audit Standards

The Framework for Quality Assurance

Policy. VBA Enterprise Risk Management. Governance Unit

Internal Audit Charter. Version 1 (7 November 2013)

B o a r d of Governors of the Federal Reserve System. Supplemental Policy Statement on the. Internal Audit Function and Its Outsourcing

Quality Assurance Checklist

The Compliance Universe

Compliance Management Framework. Managing Compliance at the University

FMCF certification checklist (incorporating the detailed procedures) certification period. Updated May 2015

Establishing a Quality Assurance and Improvement Program

Quality Assurance. Policy P7

Internal Audit Framework

Corporate Governance Attestation Statement Health Support Services

APES 310 Dealing with Client Monies

Chief Finance Officer: Role and responsibilities GOOD PRACTICE GUIDE 2004 : 1

OAC Presentation to UNESCO Member States

Internal Audit Quality Assessment. Presented To: World Intellectual Property Organization

Standards for the Professional Practice of Internal Auditing

APES GN 30 Outsourced Services

APES 310 Dealing with Client Monies

Business continuity management policy

SAI GLOBAL LIMITED Risk Management Policy

Better Practice Guide

IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING

Agenda Item: 7.6 Prepared by: Mark Majek, Kathy Thomas, Deborah Bell, Tamara Cowen and Jaye Stepp Meeting Date: October 2014

How quality assurance reviews can strengthen the strategic value of internal auditing*

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

Hunter Hall International Limited

AHIA HCCA Auditing & Monitoring Focus Group Defining the Key Roles and Responsibilities Corporate Compliance and Internal Audit.

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

AUDIT AND RISK ASSESSMENT COMMITTEE TERMS OF REFERENCE

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE

Title 4 - Codification of Board Policy Statements. Chapter 9 NEVADA SYSTEM OF HIGHER EDUCATION INTERNAL AUDIT, FINANCE AND ADMINISTRATION POLICIES

IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT

DERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY

Internal Audit Manual

Accredited Body Report CPA Australia. For the period ended 30 June 2013

Victorian Training Guarantee Compliance Framework

PRACTICE ADVISORIES FOR INTERNAL AUDIT

Integrated Risk Management Policy

Fraud Control in Australian Government Entities

CAMBRIDGE CITY COUNCIL

Reporting on Control Procedures at Outsourcing Entities

CHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT

the role of the head of internal audit in public service organisations 2010

Coordination and Cooperation between SAIs and Internal Auditors in the Public Sector

King III Chapter 3 Example Report of the Audit Committee. June 2010

APES GN 30 Outsourced Services

BOARD OF EDUCATION OF BALTIMORE COUNTY OFFICE OF INTERNAL AUDIT - OPERATIONS MANUAL INTERNAL AUDIT OPERATIONS MANUAL

Mission Statement. Vision. Values. Introduction

APES 320 Quality Control for Firms

Principles for the audit committee s role in performance management

Management of Business Support Service Contracts

OFFICE OF THE CONTROLLER AND AUDITOR-GENERAL Te Mana Arotake THE RELATIONSHIP BETWEEN INTERNAL AND EXTERNAL AUDIT IN THE PUBLIC SECTOR

CHARTER FOR THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS SIGMA DESIGNS, INC. (As adopted by the Board of Directors effective as of May 2010)

The Auditor-General Audit Report No Assurance and Control Assessment Audit. Payroll Management. Australian National Audit Office


Practice guide. quality assurance and IMProVeMeNt PrograM

Data Governance in-brief

European Investment Bank. Charter for Internal Audit

Department of Infrastructure and Planning: Governance Framework for Infrastructure Delivery Special Purpose Vehicles

Exposure Draft of Proposed Standard: APES 330 Insolvency Services

HIGHFIELD RESOURCES LIMITED AUDIT, BUSINESS RISK & COMPLIANCE COMMITTEE CHARTER

Audit, Risk Management and Compliance Committee Charter

Internal Audit Manual

Victorian Government Risk Management Framework. March 2015

Public Sector Internal Audit Standards. Applying the IIA International Standards to the UK Public Sector

CHARTER FOR THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS PERVASIVE SOFTWARE INC.

IN-HOUSE WORKSHOPS PROGRAM. Public Sector Qualifications

Guide to the National Safety and Quality Health Service Standards for health service organisation boards

PROVISION OF AUDIT AND OTHER SERVICES BY THE EXTERNAL AUDITOR

NSW Government Digital Information Security Policy

MANAGEMENT REVIEW FOR LABORATORIES AND INSPECTION BODIES

1.1 Terms of Reference Y P N Comments/Areas for Improvement

SECTION B DEFINITION, PURPOSE, INDEPENDENCE AND NATURE OF WORK OF INTERNAL AUDIT

Fraud Control in Australian Government Agencies

Internal Audit Charter

Professionalism does not occur overnight. Rather, it is a process that evolves out of focused commitment and dedication, ongoing study and

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide

Action Plan Developed by. Association of Accounting Technicians of Sri Lanka (AAT Sri Lanka) BACKGROUND NOTE ON ACTION PLANS

Macquarie Group Limited Board Charter

Independent Trustee (Corporate)

Internal Audit and Advisory Services DRAFT

Corporate Governance in the ATP Group

Transcription:

INTERNAL AUDIT POLICY Version control information Document Name: INTERNAL AUDIT POLICY Prepared by: D Davis Version: V 1.0 Date 08/06/2016 health.wa.gov.au

MP 0008-16 Effective: 1/7/2016 Title: INTERNAL AUDIT POLICY 1. Background The Financial Management Act 2006 (FMA) 1 regulates the financial administration, audit and reporting of statutory authorities and applies to Health Service Providers and their operations. Health Service Providers must comply with this policy to ensure the internal audit function, the position of Chief Audit Executive (CAE) and the Audit and Risk Management Committee are established and maintained in a manner to ensure their independence from operational management and to further facilitate an ongoing objective review of the entity s activities. 2. Scope This policy applies to Health Service Providers under the Health Services Act 2016 2 Including: North Metropolitan Health Service and its Board South Metropolitan Health Service and its Board East Metropolitan Health Service and its Board Child & Adolescent Health Service and its Board WA Country Health Service and its Board Health Support Services Quadriplegic Centre and its Board 3. Policy statement WA Health is committed to maintaining efficient and effective internal audit functions as required by the FMA through the provision of independent and objective assurance and consulting activities. This will assist WA Health accomplish its objectives by bringing a systematic and disciplined approach to evaluate and contribute to the improvement of risk management, control and governance processes. Principles of the Policy ensure the internal audit function provides independent, objective, timely and useful information to management in regard to: the adequacy of, and compliance with, the system of internal control the consistency of organisational results with established objectives wether operations or programs are being carried out as planned, and ensuring the accountable authority receives relevant and timely advice on the entities governance, risk and control frameworks and its external accountability obligations from an independent Audit and Risk Committee with appropriate expertise. The Principles are supported by Core Policy Requirements such as: the internal audit function has been established and maintained the internal audit function is independent and internal auditors are objective in performing their work. 1

4. Definitions MP 0008-16 the operation of the internal audit function is consistent with the Institute of Internal Auditors (IIA) International Standards for the Professional Practice of Internal Auditing 3 there is an Internal Audit Charter consistent with the content of the Model Internal Audit Charter an independent Audit and Risk Committee with appropriate expertise has been established the Audit and Risk Committee is an advisory committee providing advice, independent assurance and assistance to the accountable authority on the agency s governance processes, risk management and control frameworks and its external accountability obligations, and the Audit and Risk Committee has approved Audit and Risk Committee Terms of Reference. Internal Audit function Charter Chief Audit Executive (CAE) Means either an in-house internal audit service delivery model, co-sourced or an out-sourced internal audit service delivery model. The service delivery model selected will provide assurance, independent from operational management, risk management, control and governance processes. Is a formal document that defines purpose, authority and responsibility. In this instance the Internal Audit Charter Refers to the head of the audit function (International Standards for the Professional Practice of Internal Auditing (IIA)). 5. Roles and responsibilities The Accountable Authority: is required to develop and maintain an effective, internal audit function (FMA s53(1)). Part XII of the FMA provides the basic requirements for an effective internal audit function as prescribed by the IIA International Professional Practices Framework must determine the appropriate service delivery model for the internal audit function based on the Accountable Authority s needs and ensure the service delivery model selected will provide assurance, independent from operational management, risk management, control and governance processes. In order to promote organisational independence, the internal audit function is to be directly answerable to the Accountable Authority through the head of internal audit/chief Audit Executive (CAE) will submit to the Department CEO an annual attestation statement of compliance with the Core Policy Requirements by 30 June each year stating the health entity complies with WA Health s internal audit policy. The Audit and Risk Committee: is responsible to the accountable authority for the review and oversight of the internal audit function by reviewing and endorsing the internal audit plan and reports. This will include oversight of internal controls, risk management, corruption and fraud prevention, applicable laws and regulations, government 2

MP 0008-16 directives and Department CEO Policy Directives, external accountability and external audit, and operates under an Audit and Risk Committee Terms of Reference. The Chief Audit Executive (CAE) must: develop the internal audit charter consistent with this policy directive and Model Internal Audit Charter and ensure it is approved by the accountable authority on the advice of the Audit and Risk Committee establish and maintain a risk-based internal audit plan to determine the priorities of the internal audit resource and ensure they are consistent with the organisation s goals ensure the internal audit function adheres to the IIA s mandatory guidance including the Definition of Internal Auditing, Core Principles, Code of Ethics, and the International Standards for the Professional Practice of Internal Auditing ensure audit findings are categorised and prioritised according to the risk represented to the organisation using a risk based audit methodology consistent with the current WA Health risk methodology recommend a course of action for every audit finding and ensure these are referred to operational management for formal response report internal audit findings and related recommendations and management responses to the Audit and Risk Committee monitor progress in implementing agreed action plans, by maintaining a register of audit findings and progress and undertaking follow-up audits based on the risks posed to the organisation and report on progress to the Audit and Risk Committee develop key performance indicators by which the internal audit function s performance may be measured and report on progress and performance relative to internal audit plan, authority, responsibility and other key operational and strategic matters affecting the function and its purpose, and communicate to the accountable authority and the Audit and Risk Committee on the internal audit activity s quality assurance and improvement program, including results of ongoing internal assessments and external assessments conducted at least every five years. All staff members within the health entity must: on a timely basis, furnish internal audit with information, advice or explanation on such matters as may be requested, and shall render any assistance necessary for audit purposes. 6. Compliance Failure to comply with this policy may result in disciplinary action and, in serious cases, termination of employment or engagement. 7. Evaluation The Department CEO will, on a periodic basis, review the operation of the Policy to assess the efficiency and effectiveness of the arrangements, as well as to assess the sector s compliance with the requirements outlined in the Policy. The Auditor-General may undertake an assurance role in monitoring the sector s compliance with the core requirements outlined in the Policy. The Auditor-General may conduct a review of department and statutory body compliance with the Policy by 3

conducting a compliance engagement on a sample of departments and statutory bodies. 8. References 1 Financial Management Act 2006 (FMA) 2 Health Services Act 2016 3 Institute of Internal Auditors (IIA) International Standards for the Professional Practice of Internal Auditing WA Health Risk Management Guidelines Australian Standards AS/NZS 31000:2009 Risk Management Principles and Guidelines and PD2009_039 9. Relevant legislation Health Services Act 2016 Financial Management Act 2006 10. Related documents Audit and Risk Committee Terms of Reference Internal Audit Tool Box Internal Audit Charter MP 0008-16 11. Authority The Department CEO may issue policy frameworks to ensure consistent approaches - Health Services Act 2016, Division 2, Policy frameworks (section 26). Internal Audit s authority is derived from Part XII of the FMA Internal Audit, which defines: The structure of the internal audit function (Treasurer s Instruction (TI) 1201) The conduct of audits and consultancy (TI 1202) and The management of the internal audit function (TI 1203). Title: Contact: Internal Audit Policy Steve Jensen Tel: 9222 4281 Email: Steve.Jensen@health.wa.gov.au Dale Davis Tel: 9222 6868 Email: Dale.A.Davis@health.wa.gov.au Directorate: Corporate Governance Version: V1.0 Date Published: 01/7/2016 Date of Last Review: 08/06/2016 Date Next Review: 01/07/2019 4

This document can be made available in alternative formats on request for a person with a disability. Department of Health 2016 Copyright to this material is vested in the State of Western Australia unless otherwise indicated. Apart from any fair dealing for the purposes of private study, research, criticism or review, as permitted under the provisions of the Copyright Act 1968, no part may be reproduced or re-used for any purposes whatsoever without written permission of the State of Western Australia.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information