Frequently Asked Questions

Q.)  What is Internal Audit?
A.)  Internal Audit is an independent and objective assurance function that assists the organisation to accomplish its objectives by evaluating the effectiveness of the internal control, risk management and governance processes.

Q.)  What are Internal Audit’s responsibilities?
A.)   To advise on the balance between risk and control and to assess the effectiveness of policies, systems and procedures and to report whether they are being applied effectively across all functions of the organisation.

Q.)  Why do we need Internal Audit?
A.)   An effective Internal Audit function can assist management to ensure that:

a) Risks are being appropriately managed,
b) Records are reliable in order that management decisions can be based on accurate information,
c) The policies, procedures and instructions of the Authority are being followed.
d) Inefficient or uneconomic operations or activities are identified, and improvements made.
e) Assets are safeguarded.

Q.) What line management responsibility does Internal Audit have?
A.)  None.  Internal Audit is independent of all line management and therefore all activities that it audits.

Q.)  Why is it important for Internal Audit to be independent?
A.)  This ensures that the function is totally impartial in the work it carries out.  It has no vested interests.

Q.) Are Internal Auditors Professionals?
A.) Yes- the Institute of Internal Auditors was established in 1941 and all members have to adhere to professional standards.

Q.)  What right of access does Internal Audit have?
A.)  The Internal Audit Section may communicate directly with any Director or employee of the Council and with any supplier or customer of the Council. Staff of the Section have the right of entry to all sites, works and offices and other property if they consider it necessary during the conduct of an audit. The Section has unrestricted access to all books, records and documents (including computer files).   However, a holder of highly confidential and sensitive information is entitled to insist that only senior audit management staff shall have access to it.

Q.) Where do ideas for audits come from?
A.)  There are many sources.  The Internal Auditor, taking into account the risks identified by management, prepares a plan of key activities and the risks and opportunities associated with them annually.
In addition ideas for audits come from:
1. The County Manager
2. Members of the Council
3. The Senior Management Team
4. Line Management
5. External Auditors
6. Staff Members

Q.)  Will I receive advance notice of an audit?
A.)  Yes, Internal Audit will give at least two weeks notice to the relevant Director of Services and appropriate employees prior to the commencement of the audit.

Q.)  What can I do to facilitate the audit?
A.)  Understand the scope and objectives of the audit.
Extract or have available the information required.
Ensure the most knowledgeable personnel in the area to be audited are available.
Provide information when requested.

Q.) How does Internal Audit decide what work to do?
A.)  By prioritising work in accordance with the risk profile of each activity, and in accordance with the requests of Senior Management and Council members.   An annual Audit plan is prepared on this basis.

Q.)  How does Internal Audit review controls?
A.)  By tracing documents through the system, also by speaking to staff, by observing how things are done, and reviewing operating instructions and procedures.

Q.) What if controls are not applied?
A.)  The Auditor will consider the impact of the situation and determine a practical solution in conjunction with the line manager responsible for the function or location.

Q.)  Are audit observations a question of judgement?
A.)  No.   Internal Audit deals in facts. The methodical approach followed will also ensure that any Internal Auditor should be able to repeat the work of another auditor and arrive at similar conclusions.

Q.)  How are the results of the audit reported?
A.)  By discussion with the management of the function and more formally through the audit report which is distributed to the County Manager, Senior Management and Line Managers, as appropriate.

Q.) Will Internal Audit offer solutions to problems?
A.) Yes.  Each Audit report, when finalised, will contain constructive recommendations designed to help management correct or minimise the effects of the problems identified. Management comment will also be recorded in the report.

Q.) Who is responsible for deciding what action is taken on audit reports?
A.)  Normally, the manager responsible for the function, system or location in conjunction with the auditor.   However, if agreement cannot be reached on a major issue, Internal Audit will refer same to Senior Management for consideration.

Q.) What is the role of external audit?
A.)  External or Statutory audit is carried out by the Local Government Audit service.
It provides independent credibility to the financial stewardship function of local authorities and other bodies.  Its purpose is to undertake independent appraisal of the discharge by management of that function and to inform the public of the results of that appraisal  by means of an audit opinion on the authority’s annual financial statements and the issue of a public audit report.

Q.) Does External Audit work together with Internal Audit?
A.) Generally no, as their responsibilities are different.    However, the External Auditors  may look at Internal Audit reports that have been carried out regarding particular functions or areas,  if they are assessing or carrying out their own audit on those areas.  

Q.)  Can you summarise all this?
A.)  Yes. Internal Audit is a service to Management. It is independent and unbiased. It has wide powers but no line responsibilities. It is professional and thorough and above all constructive and practical. It is a management control which functions by evaluating all other controls in the organisation.