Internal Audit Charter

Mission Statement

Internal Audit aims to provide a high quality and effective audit service that is responsive to the needs of departments.

Internal Audit aims to add value to the Council systems by identifying areas for improvement and offering advice and assistance to clients, in order to ensure effective systems of internal control.

Internal Audit aims to assist the Council discharge its corporate governance requirements.

Internal Audit aims to operate to the auditing standards defined in the Code of Practice for Internal Audit in Local Authorities in the United Kingdom and other guidance offered by relevant accounting bodies.

Terms of Reference

Internal Audit is an independent appraisal function established within the Authority to examine and evaluate activities with a view to achieving the following main objectives:

• assist officers and members of the authority in the effective discharge of their responsibilities,
• examine, evaluate and report on the adequacy of internal controls as a contribution to the efficient, effective and economic use of resources,
• ensure that the authority's assets and interests are accounted for and safeguarded from losses,
• maintain a level of independence and integrity to permit the proper performance of the audit function.

Internal Audit assists the Executive Head of Finance & Asset Management in the discharge of statutory responsibilities as "proper officer" for ensuring the proper administration of the Authority's financial affairs.

Authority

The Chief Auditor or his authorised representatives shall have authority, on production of identification, to:

• obtain entry at all reasonable times to any Council premises or land,
• have access to all systems, records, documents and correspondence relating to any financial and other transactions of the Council,
• have access to all IT hardware running systems on behalf of East Ayrshire Council including hardware owned by third party service providers,
• require and receive such explanations as are necessary concerning any matter under examination,
• require any employee of the Council to produce cash, stores or any other Council property under his/her control.

Independence

Internal Audit will be sufficiently independent of the activities that it audits to enable auditors to perform their duties in a manner which facilitates impartial and effective professional judgements and recommendations. Internal Auditors will have no operational responsibilities.

The Chief Auditor shall report directly to the Chief Executive who carries the responsibility for the proper management of the Council and for ensuring that the principles of good governance are reflected in sound management arrangements.

The Chief Auditor shall have unrestricted access to the Executive Head of Finance & Asset Management and shall assist the Executive Head of Finance & Asset Management, as the Proper Finance Officer, discharge responsibility for ensuring an effective system of internal control.

The Chief Auditor shall have direct access to the Council's Monitoring Officer where matters arise relating to the conduct of the Chief Executive in areas of Chief Executive responsibility.

Due Professional Care

Internal Audit staff will ensure that they conduct work with due professional care.

Due professional care is the care and skill that prudent and competent internal auditors will apply in performing their duties:

• working with competence and diligence,
• use of audit skills, knowledge and judgement based on appropriate experience, training, ability, integrity and objectivity.

Due professional care will be appropriate to the objectives, complexity, nature and materiality of the audit being performed.

Internal auditors must treat as confidential the information they receive in carrying out their duties. There must not be any unauthorised disclosure of information unless there is a legal or professional requirement to do so. Confidential information gained in the course of the audit will not be used to effect personal gain.

Scope

To enable Internal Audit to meet its objectives, it will undertake the following activities:

• review of controls within existing systems and systems under development,
• compliance with Council financial regulations, standing orders, etc.,
• transactions testing to ensure accuracy of processing,
• computer audit,
• contract audit,
• investigation of suspected frauds and irregularities,
• value for money studies,
• performance indicators;
• provision of advice to departments and establishments.

Back to top

Strategy

Internal Audit will prepare a risk-based audit plan designed to implement the audit strategy, taking account of the organisation's risk management process. Any difference between the plan and resources available will be identified and reported to the organisation.

The risk-based plan will outline the assignments to be carried out and the broad resources and skills required to deliver the plan. It will provide sufficient information for the organisation to understand the areas to be covered and for it to be satisfied that sufficient resources and skills are available to deliver the plan.

The audit plan will be kept under review to identify any amendment needed to reflect changing priorities and emerging risks. It will be flexible, containing an element of contingency to accommodate assignments which could not have been reasonably foreseen.

Back to top

Reporting Procedures

Internal Audit Assignment reports will be distributed as follows:

• client departments will receive a copy of the Internal Audit report at the conclusion of the audit assignment,
• the Chief Executive, the Executive Head of Finance & Asset Management and the Council's External Auditor will receive copies of all Internal Audit reports,
• the Council's Monitoring Officer shall receive copies of Internal Audit reports where these contain issues which could potentially adversely affect the proper management of the Council.

The Annual Audit Plan will be submitted to the Corporate Governance Committee at the beginning of the financial year. The purpose is to advise members of the programme of audit work for the forthcoming financial year. The plan will be compiled following consultation with the Chief Executive, the Executive Head of Finance & Asset Management and all Service Executive Directors.

The Annual Audit Report and the Mid-year Audit Report showing the activity of the Internal Audit section, progress achieved against plan and a summary of the significant audit findings for the previous financial year will be submitted to members, including an opinion on the overall adequacy and effectiveness of the organisation's internal control environment.

Fraud and Corruption

Managing the risk of fraud and corruption is the responsibility of management; Internal Audit will assist management in effective discharge of this responsibility.

Audit procedures alone, even when performed with due professional care, cannot guarantee that fraud or corruption will be detected. Internal Audit does not have responsibility for the prevention or detection of fraud and corruption. Internal auditors will, however, be alert in all their work to risks and exposures that could allow fraud or corruption.

Any evidence or reasonable suspicion of an irregularity relating to funds, stores, property or records of the Council shall be reported immediately by the Executive Director or Executive Head of Service to the Chief Auditor or his authorised representatives. Such irregularity shall be dealt with in accordance with the Council's Defalcation/Corrupt Practices Procedures. It is the responsibility of each Executive Director and Executive Head of Service to promote awareness of and adherence to the Council's Defalcation/Corrupt Practices Procedures.