We need your support to keep TheyWorkForYou running and make sure people across the UK can continue to hold their elected representatives to account.Donate to our crowdfunder
To ask the Attorney-General what criteria (a) the Law Officers' Departments and (b) its public bodies use when deciding whether and when to hold an internal audit; and if he will make a statement.
The TSol Internal Audit Service complies fully with Government Internal Audit Standards. Each year an annual internal audit plan, identifying individual internal audits and their proposed timing, is prepared and approved by the Audit Committee. This annual plan is designed to meet the assurance needs of the Accounting Officer, Board and Audit Committee. During the year the internal audit plan may be updated, with the approval of the Accounting Officer and Audit Committee, to reflect changes to TSol’s operations, risk profile or assurance needs.
The Director of the Serious Fraud Office (SFO) and the chair of the Audit Committee agree an annual plan of reviews with the SFO's internal auditors to provide independent assurance that the SFO's risk management and internal control processes are operating effectively. When deciding on the topics and timing of internal audits within that plan the SFO considers planned business initiatives for the coming year, financial reporting requirements and previous NAO/Internal Audit report findings.
The Crown Prosecution Service (CPS) is the largest of the Law Officers' Departments. The CPS Head of Internal Audit (HIA) is responsible for determining which internal audits are undertaken based on CPS' management's assessment of the risks to the achievement of organisational objectives. The criteria used by the HIA when deciding whether and when to hold an internal audit are:
The significance of the activity/system to the achievement of organisational goals, and the maintenance of the CPS's reputation.
The degree to which an activity mitigates risks identified on the Corporate Risk Register.
The findings of recent audit or HMCPSI activity.
Cumulative audit knowledge of the robustness of controls and compliance in place in a system.
The level of change in a system—to people, process, technology, inputs, and its operating environment.
The difficulty of the objective, the complexity of the system and the level of IT/automation.
The novelty of the activity and risk assessment.
The financial materiality of the system.
The stated needs for assurance of the accounting officers.
The known plans of the HMCPSI and National Audit Office in relation to the activity/system in question.