Transcript Mark Pellowe - NSW Public Sector Audit & Risk Practitioner Network
Internal Audit and Risk Management Policy for the NSW Public Sector
Mark Pellowe Senior Director, Financial Management and Reporting NSW Treasury
1
The new policy
Key policy documents
Treasury Circular TC 09/08
Internal Audit and Risk Management Policy
(24 August 2009) Treasury Policy & Guidelines Paper TPP 09-5
Internal Audit and Risk Management Policy for the NSW Public Sector
(August 2009) Department of Premier and Cabinet Circular C2009-13
Prequalification Scheme: Audit and Risk Committees
(4 May 2009) 2
What the new policy will achieve
Desired Outcomes
Strengthened assurance and accountability Consistent use of internal audit to mitigate business risk Greater focus on risk management More effective use of internal audit resources Stronger external incentives to ‘comply and explain’ 3
Core Requirements
Internal Audit Function
Internal Audit function must be established Chief Audit Executive (CAE) must be designated
Independent Audit and Risk Committee
An Audit and Risk Committee must be established ‘Independent’ Chairs and Members
Model Charter for Audit and Risk Committee
Better practice requirements for operations New mandated requirements 4
Core Requirements (cont.)
Enterprise Risk Management
Risk management process ‘appropriate to the entity’ Role of ARC – ‘oversight’ of risk management framework
Internal Audit Standards Adopted
Operation of Internal Audit function consistent with
IIA International Standards
Additional reporting and monitoring requirements 5
Compliance and reporting
Who?
The policy DOES apply to:
for departments: Department Heads for statutory bodies with governing boards: the Governing Board for other statutory bodies: the Chief Executive Officer
The policy does NOT apply to:
statutory State Owned Corporations (SOCs) (covered by Treasury’s Commercial Policy guidelines) the Universities 6
Compliance and Reporting
By When? First Year WHAT IS REQUIRED?
2009/10 TIMETABLE Exceptions sought and determinations made (if applicable) Core Requirements IN PLACE Attestation Statement to the Treasurer
End of third quarter Before the FYE Within 2 months after FYE
Annual Report Disclosure
Within 4 months after FYE
FOR A 30 JUNE 2010 FYE
31 March 2010 30 June 2010 31 August 2010 31 October 2010 (With submission of Annual Report to Minister) 7
Compliance and reporting
Monitoring
Treasury will: monitor submission of attestation statements monitor conformance periodically review the efficiency and effectiveness of the policy The Auditor-General will: undertake an assurance role in monitoring the sector’s compliance review entity compliance with the policy through the compliance audit and reporting program 8