This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
You are required to write a report to senior colleagues in your organisation which
(a) outlines the roles, responsibilities and functions of external audit, internal audit and the audit committee and
Bearing in mind the increasing concerns and awareness of good governance over the past number of years it is vital that public bodies fully utilise the audit function to ensure the management team is satisfied that proper controls are in place to protect public funds.
A priority objective in your new role as Accounting Officer of the Office of the Ombudsman is to ensure that an appropriate control framework is in place. The audit function forms part of this framework. The purpose of this report is to elaborate further on that function specifically in relation to external audit, internal audit and the audit committee. It will explain the roles and responsibilities of the three distinct but related areas, suggest criteria for their assessment and potential improvements to the process.
In 2002 the Mullarkey Report  set down rules of good governance for Secretaries General and other accounting officers. The recommendations from the group, specifically in relation to the area of audit, were as follows:
Accounting Officers should evaluate their system of internal financial control. The inclusion of an Accounting Officer Statement on Internal Financial Control in the appropriation account;
Departments/Officesshould have a fully functioning, adequately resourced internal audit function whose staff are appropriately trained;
The Internal Audit Unit should have sufficient status and access within the organisation to promote the unit's independence and to ensure follow-up on its recommendations;
Information on internal audit should be included in the Statement on Internal Financial Control;
There should be a formally constituted Audit Committee in each Department/Office. The recommendation is elaborated on in the area of this report dealing with the Audit Committee and
An explanatory document should be drawn up within twelve months of the most serious common failures identified in the reports of the Comptroller and Auditor General (C&AG) and the PAC (where available) in recent years and the categories within which they fall.
The report emphasised the importance now being placed on an appropriate and effective audit function within public bodies.
The C&AG carries out a key role, from a financial management perspective, in its audit of the Office's financial records. The main role of the C&AG is to conduct financial audits to produce an annual opinion on all accounts of bodies within its audit remit, which this Office falls within as part of the Department of Finance group of votes. The C&AG is charged with ensuring its clients' accounts accurately reflect the transactions recorded and that those transactions are appropriate and in accordance with rules governing them  . Section 3 of the Comptroller and Auditor General (Amendment) Act, 1993 requires the C&AG to report annually to Dáil Éireann on his audit of the appropriation accounts of Departments and Offices and the account of the receipt of revenue of the State.
The report is laid before the Dáil and considered by the PAC on behalf of the Dáil. The report addresses accounting issues as well as weaknesses in internal control, efficiency and relevant effectiveness issues in relation to particular schemes and/or programmes where applicable. The reports may also contain informational material for the PAC on matters of public interest.
While the C&AG is also entitled to carry out Value for Money audits at his discretion this has been managed by staff of the Office either the Internal Auditor or members of the Finance Unit. Staff have been supported in carrying out such review by the 'Value for Money and Policy reviewers' network' which was launched by the Department of Finance in 2002.
The Mullarkey Report recommends that the C&AG's office should meet with the audit committee at least once a year so that relevant issues, such as management letters, issues on which the Committee requires assurances etc. can be discussed. Ideally such meetings should take place in the last quarter when the audit of the accounts has been completed so that any relevant issues may be discussed.
The role of Internal Audit is defined by the Chartered Institute of Internal Auditors as providing:
'independent assurance that an organisation's risk management, governance and internal control processes are operating effectively. Internal auditors deal with issues that are fundamentally important to the survival and prosperity of any organisation. Unlike external auditors, they look beyond financial risks and statements to consider wider issues such as the organisation's reputation, growth, its impact on the environment and the way it treats its employees.' 
Internal Audit is an independent appraisal function which operates as a service to management by measuring and evaluating the effectiveness of internal control systems. Internal Audit is not a substitute for management control. Responsibility for internal control rests fully with the Accounting Officer who must ensure that appropriate and adequate arrangements for internal control are in place without regard to audit activity. It is a matter for management to decide whether or not to accept audit findings and recommendations.
The objectives of Internal Audit in the Office of the Ombudsman are as follows:
to secure the installation of soundly based systems of control in each area of responsibility within the Office,
to review and, where necessary, make recommendations for the improvement of systems, controls and procedures in order to ensure that they are both efficient and effective, that they remain adequate in the light of changing circumstances and that they are adhered to in practice,
to assist in protecting the assets and interests of the Office by carrying out a continuous examination of activities in order to detect fraud, misappropriation, irregular expenditure and losses due to waste, extravagance and maladministration and
to monitor the use of resources in pursuit of the defined objectives of the Office.
The Internal Auditor works under the direction of and reports to the Accounting Officer to whom he will have direct access. The Internal Auditor is authorised to carry out a comprehensive programme of internal audit in all operational areas of the Office. In the implementation of the audit programme, the Internal Auditor is authorised to have full, free and unrestricted access to the Office's records, assets and personnel. The Internal Auditor is entitled to request and receive all the information and explanations he requires for the proper discharge of the function.
The Internal Auditor will follow up on his reports to establish if the recommended corrective action has been taken, if it is achieving the desired results and to ensure that the Accounting Officer is aware of the position. The Internal Auditor will liaise with the Office of the Comptroller and Auditor General on matters of mutual interest.
The Internal Auditor will be responsible for reviewing and appraising the following:
the design and operation of all systems and procedures which are intended to control the activities carried out by the Office including those used by management to measure the extent to which the objectives of the Office are achieved,
the adequacy, reliability, integrity and timeliness of information which is made available for decision-making and accountability and the extent to which this information is used,
the degree of compliance with legislative and other requirements laid down centrally,
the acquisition and disposal of assets and the safeguarding of assets and interests from losses including those arising from fraud, malpractice and irregularity,
arrangements for the economic and efficient use of resources and for avoiding waste.
The scope of internal audit work is determined by the audit committee, management and the internal audit function itself. The standards internal auditors should follow in planning, executing and communicating the results of their work are the IIA standards.
The Audit Committee is responsible for reviewing risk management and the internal controls in place in an organisation. The Committee also supports and appraises the work of the internal audit function. In the case of this Office the Committee reports to the Accounting Officer. This is a vital support role for providing assurance that there are no areas for significant concern or if there are they will be addressed.
An audit plan is agreed by the Committee at the beginning of the year outlining the areas where it is proposed to concentrate audit activity. The plan may be altered at a later date if it becomes necessary to divert attention to other areas. The Committee aims to meet five times a year with a report being produced by the secretary to the Committee at year end.
The Office's Audit Committee is made up of external members from other civil service offices, one of whom acts as Chair to the Committee, the finance officer, secretary, internal auditor and the appointed external auditor. In addition to the role of the C&AG the Office also engages a company to act as a permanent External Audit member to the Committee. They are expected to:
be a fully participative member of the Audit Committee;
assist the Committee in formulating annual audit plans;
act as director of audit and work with the Office's internal auditor;
review internal audit reports and make process/content recommendations before that are submitted to the Audit Committee and
carry out independent audits as necessary.
The Mullarkey report recommended that each Audit Committee should:
Operate under a written charter.
Have significant external representation, including if possible the Chairperson.
Prepare an annual report to the Accounting Officer.
Invite the Comptroller and Auditor General to meet the Committee at least once a year.
While in the main the primary role of an audit committee is to ensure the integrity of financial reporting and the independence of the external audit process, it holds an expanded role to include ensuring that the Office has a sound system of internal financial control as well as systems for the control of non-financial risks. The committee should also report any matters in respect of which it considers that action or improvement is needed to management and make recommendations as to the steps to be taken.
The Committee needs to actively manage its relationships given the nature of its work may place the members in an adversarial position with management and/or staff.
(b) suggests criteria by which the performance of each should be assessed (25%)
The primary criteria for assessment in all cases is that the audit roles are carried out in accordance with the relevant auditing standards operable in Ireland. The Code of Ethics is a statement of principles and expectations governing behaviour of individuals and organisations in the conduct of internal auditing. It provides a description of minimum requirements for conduct and describes behavioural expectations rather than specific activities.
The C&AG specifies values  which it will embed in every aspect of its work with clients as follows:
Objectivity and independence by select issues for examination which are important in the context of the management of public funds, auditing in accordance with applicable standards and ensuring reports are fair and balanced.
Constructive and helpful in dealings with bodies by communicating their requirements and expectations, recognise the legitimate needs of audited bodies to discharge their accountability in a timely manner, issuing post-audit correspondence to assist offices in improving their control and management and attend key meetings of the audit committees of audited bodies.
Commit to excellence in the conduct of audits by performing their work to the highest standards of public service, adopting the most cost-effective audit methodologies and computer-assisted approaches and developing their staff to ensure the optimum contribution is made to the delivery of public audit services.
IIA Standards request that an External Quality Assessment of an Internal Audit Function is undertaken every 5 years. The objectives of the assessment are to evaluate conformance with the International Standards for the Professional Practice of Internal Auditing (Standards), the efficiency and effectiveness of the Internal Auditing activity and the use of successful practices. It will also provide management with a degree of assurance that the internal auditor is the right 'candidate' for the job and is performing the role successfully.
An assessment will consider the auditors adherence to both IIA Attribute Standards and Professional Standards.
Examples of attribute standards are independence and objectivity, proficiency and due professional care. Professional Standards measure engagement planning, communicating Results and audit follow-up.
The external quality assessment is carried out by the external audit member of the audit committee. In carrying out the appraisal they will refer to previous audit reports, the outcome of same and whether or not the identified issues were resolved
It is the view of the External Quality Assessor that the Office's Internal Auditor possesses the knowledge, skills and general competencies to effectively fulfil the function as Internal Auditor.
The review found that through his considerable time within the Office that he has a strong understanding of its function, structure, processes and the relevant legislation.
Through file review ( which is covered in more detail in the Professional Attributes section below) - the review found strong evidence of the ability, proficiency and application of due professional care applied by the Office's Internal Auditor from the planning to communication of results to fulfil the role as Internal Auditor.
The EQA is of the view that the Internal Auditors background as an investigator lends itself to the disciplines expected in Internal Audit, as does his previous background in the Finance Section of the Department of Environment.
(c) considers what improvements could be implemented to enhance the value of the audit and assurance process. (25%)
The Committee should collaborate with l auditors should collaborate to minimize duplication of effort. external and internal auditors work in tandem to help management and the audit committee ensures that a company's financial reports and other information are accurate and that its system of internal control is effective
How you can help us
Our ability to provide a high level of service depends on clients helping us. As an audit client you can help the Office meet its standards by
Providing audit documentation that is clear, concise and accurate
Dealing with audit enquiries and draft reports in a considered and timely manner
Supplying sufficient and accurate information to enable auditors to understand the accounts, accounting systems and operations of each client
Having a well developed risk management system
Having an internal audit function (whether contracted in or inhouse) which carries out a programme of reviews based on the risk to public funds, and the materiality of transactions and balances
Recognising that while we will endeavour to complete as much work as possible on an interim basis during the course of the financial period being reviewed, our resource allocation is set at a level that only permits us to complete our overall workload over a twelve month period
Providing adequate accommodation for our staff during the course of audits
Providing views and comments on the service we provide.
The Assessment sought to form a view on conformance with the applicable Standards in terms of the size of the Internal Audit function and Organisation and the complexity of the activities undertaken.
While recognising the time pressures on the Internal Auditor in his Office responsibilities it would be desirable that further Internal Audit courses are sourced with a view to ensuring refresh and up date on latest methods and trends.
To ensure the audit function is carried out in the most effective and efficient manner the team should be experienced in public sector audit and adequately training to ensure it is up to date on latest methods. The internal audit unit in the Department of Public Expenditure and Reform could be of assistance, particularly for the internal auditor in identify current or topical concerns and advising on approaches based on its own experience. This would also be cost effective.
The audit committee should consider whether the auditor's overall work
plan, including planned levels of materiality, and proposed resources to
execute the audit plan appears consistent with the scope of the audit
engagement, having regard also to the seniority, expertise and experience
of the audit team.
The Finance Officer should be in a position to flag potential duplication at committee meetings if its remit starts to overlap with the external audit function carried out on an annual basis by the Comptroller and Auditor general. This will require the officer to be au fait with the work of the C&AG.
The committee should plan audit topics in advance and liaise with the unit / team, which will be the subject of the audit to ensure it can provide adequate resources and priorities audit requirements.
The Committee should ensure that due consideration is given to internal auditor should ensure they are clear about the purpose of audit and risks to be identified to ensure efficient and effective audit is carried out i.e. not a fishing exercise - up to auditor not unit to identify concerns.
Management and the Committee should ensure that audit reports are addressd in a timely manner and that required actions, if applicable, are addressed to mitigate potential risks. Findings should be kept in perspective and given appropriate priority