In recent years, one of the biggest shifts to take place in public sector compliance has been the evolution of the internal audit remit; transforming it from a commoditised service into an increasingly dynamic operative function.
Historically, the primary purpose of internal audit was to manage financial risk in the ‘here and now’. It operated as a silo and worked independently from day to day operations, only liaising with the finance and governance areas with limited interaction within operational areas on a ‘need to know’ basis.
Fast forward to the present day and we are seeing a very different internal audit function emerge. The introduction of The Public Governance, Performance and Accountability Act (PGPA Act) in 2013, along with the accompanying PGPA Rule, introduced a number of changes. Most significantly, it expanded the remit of government entity audit committees from the traditional financial reporting responsibilities, to include and provide assurance to the accountable authority on performance reporting.
The addition of performance reporting responsibilities mean that internal audit programmes must now include assurance activities to ensure audit committees are able to fulfil their obligations in relation to performance reports. This presents an opportunity for the internal audit function to move on from merely examining the status quo to being an integral part of the forward looking operational function. As a result, the skills required by members of both internal audit teams and committee members have evolved. Whilst exceptional financial acumen remains crucial, the expertise required to review the framework of key performance indicators and related performance operations, means that incorporating a new set of professional skills within the internal audit function is necessary.
In the new world, experience in delivering government initiatives is imperative so that relevant, practical and value adding recommendations can be provided. If the internal audit team don’t have people who actually understand the business it can be a serious inhibiter to dynamic governance. Teams also require leading edge IT understanding . The financial and performance implications of making the wrong technical and vendor decision are significant, so it’s vital to include IT bench strength to any internal audit function.
For government entities that have embraced this change, the rewards are tangible. I’ve worked on engagements where the strategic direction has been positively impacted by actionable insights from subject matter experts within internal audit teams.
However, I’ve also seen too many examples where internal audit remains a commodity; a static bolt on that is out of sync with the day to day operations of the business and that has little or no operational or performance focus. Not only does this limit the assurance that the audit committee is able to provide in relation to performance reporting, it crucially misses out on the opportunity to layer-in value creating insight.
The work of the internal audit function must keep pace with operational developments and work across departmental operations to become truly valuable. Programmes should include more contemporary operational and performance focused reviews that include management-initiated reviews to provide assurance over new initiatives that are underway; as well as ensuring they are on-track to deliver against their objectives.
In summary, public sector strategic planning framework in order to not only mitigate risk but gain operational rewards. This can often mean looking to external providers like Callida Consulting, to provide the expertise and experience to drive forward transformation and modernisation of the function.
If your internal audit function is looking for support to supplement their team and deliver against these evolving requirements, please talk to us at Callida Consulting. We can help you implement a value-creating function that achieves results, as well as mitigates risks, for your operation.
The real risk when it comes to automation of upstream process is not doing it.Read more
Callida © 2021 all rights reserved