Good afternoon, everybody. I am John Wood, CEO at the Chartered IIA UK and Ireland, at the Institute.
The topic for today is ‘CIPFA’s Report Internal Audit: Untapped Potential’. The report was published on the CIPFA website Monday 23 May 2022, here is a link to the report and you hopefully received the link when we reached out to you regarding this Forum. A launch event was held on 17 May and this can be watched here.
CIPFA conducted UK-wide research, sending an open survey to those in the public services, including those in the internal audit profession, management clients and audit committee members. The survey received a strong response with 831 submissions. The outcome of the research concludes that where internal audit is operating effectively, it is already providing this support, but there are pockets where internal audit is unable to do this. This report will examine how internal audit is currently making an impact, identify where it can do more and what is holding it back. Better internal audit means better public services.
The Chartered IIA and CIPFA see the outcome from the report as an opportunity to collaborate more closely for the benefit of the internal audit profession.
Opportunities for collaboration include –
Before we commence the session, I would like to provide the normal introductory comments:
I am joined today by:
Chair's opening comments
Good afternoon everyone. I received the CIPFA report yesterday and I must admit I haven’t had chance to review this in detail yet, which is one reason I’m really looking forward to this afternoon’s session.
The CIPFA report examines the role and the perception of internal audit and about preparing the profession for the future. This is great, as it follows on from the messages from Anthony Pugliese, CEO and President of IIA Global, who was hosted by LACAN last week, where he mentioned these being amongst his priorities and those of IIA Global, so it was good to see some dovetailing here. It is as welcome as it is important because the role and perception of internal audit can vary greatly between different organisations. There is a need for greater consistency, greater quality and indeed adherence to professional practices to ensure that we as a profession and those that we audit have a clear understanding of what we do and indeed what we can do. Another element that affects us all I’m sure is the need to develop the capacity and ability to be a sustainable service. This report includes sections on recruitment, retention and training.
It is good to see CIPFA represented at this meeting. Both CIPFA and the Chartered Institute of Internal Auditors (CIIA) are keen to collaborate and support high-quality internal audit within the public sector and how they can continue the work set out in this report. Working together and alongside the Internal Audit Standards Advisory Board (IASAB), CIPFA and the Chartered IIA will continue to support internal auditors to meet the Public Sector Internal Audit Standards (PSIAS). They will also collaborate to improve internal audit’s status and profile in the public sector as well as cultivate a greater understanding between those we audit and the audit committees.
CIPFA and the Chartered IIA will also examine issues raised in the report around professional standards, such as the head of internal audit’s annual opinion and the quality assurance and improvement programme, to identify where guidance or support could improve practice.
Our speaker this afternoon is Diana Melville from CIPFA and I’d like to invite her to talk about the CIPFA Report.
Slides from the session are attached here. Notes below are supplementary.
Diana Melville, Governance Advisor, CIPFA
Thank you very much for your kind introduction and to Liz for her help over the last few months in working with us on the report and for working to share the survey when this was published. This allowed us to reflect as many views as possible and therefore make the report more meaningful.
Chair's closing comments
A very good report. I feel our profession is at a juncture, and never have we been more needed by our partners, and never have our challenges been so varied nor the pace at which they come.
There are some positives in the report – it’s not all doom and gloom – it’s just a case of talking and promoting our services with senior management.
Institute's closing comments
Thank you all.
As usual, notes, chat comments and the slides shared today will be placed on our web pages in the next day or two.
We are currently finalising our programme of sessions and topics for the second half of 2022. If there are any topics you would like to see please send me an e-mail at email@example.com.
Our topic for the June session, 22 June 2022 at 3.30 is Cashflow management - staving off a S114 notice.
Fraud: Strengthening your approach – 15 June 2022 - Managing fraud is crucial for any organisation to prevent loss. The event will focus on the latest goings on in fraud and aims to give attendees practical techniques and ways that their organisation can strengthen how fraud is managed and prevented.
The event is free to members
Thank you everyone, see you in June.
Thank you for attending. As always, if you have any ideas or suggestions for what we might include in future agendas, please contact Liz Sandwith.
Q: You stated that increasing resources as a success factor was higher requirement in the public sector is there a comparative figure for the private sector?
A: (Diana) Not that I know of. It’s difficult to compare resources – what would you use as your benchmark? Similar size, turnover size of the organisation and what about the complexity of risk and internal audit delivery model? All of those things make a difference when you compare the size of the audit team and how big the audit plan should be. Over the years, we have had various benchmarking tools but they were all within the public sector rather than private comparators.
(Liz) I don’t have any comparative figures, but we’re busy finalising a benchmarking report which we hope will be ready in mid-June so perhaps that will begin to give some idea of size of team, size of organisation, budgets etc.
Q: Is there a reference group for the questions selected for the survey, and who did this represent please?
A: On the survey we asked people if they wanted to be involved in further discussions, and if they selected yes, we got in contact with them. We had one group which was HIAs, one which was other internal auditors, one which was audit committee members, one which was clients and one which was a blend of auditors, clients and audit committee members.
Q: You mentioned sharing the report with our clients and audit committees. Is CIPFA planning on sharing this with its members more widely and/or incorporating the findings and learning from the report within its training suite or at its conferences?
A: Yes. It will be at the CIPFA conference in July (Public Finance Live), we’ve a workshop for delegates there, which will be primarily attended be Chief Finance Officers from across the public services so that will be a good venue for that.
Q: The report sets out a number a good areas of advice but several improvements rely on the organisation and senior management action/views. How is the report being promoted and taken forward with those who can affect those things as Chief Auditors can only do so much without buy-in from others such as Chief Execs, s151 Officers, Monitoring Officers, Members, etc is it being promoted by SOLACE, LGA etc?
A: We haven’t got anything in the pipeline directly yet with SOLACE or LGA. We are talking to the LGA on the regional audit committee forums to discuss the support that CIPFA can provide to them on various forums. It is a good topic to be talking about in those forums. We also do audit committee training and it is featuring on those we’re doing directly ourselves. There will be articles going out in a number of publications as well, such as Public Finance magazine. It will feature in the IIA’s Audit and Risk magazine as well but obviously this is for internal auditors.
Q: Do you think there would be benefit in getting the Chief Auditor role on a similar footing as the Statutory Officers? Good practice sets CIA reporting to Chief Exec etc but often in the Public Sector the role is seen as a subordinate to the Head of Finance/s151 Officer.
A: The question was put to Diana post the meeting as it had received 10 votes
Diana – If the HIA was to be deemed a statutory officer there would have to be clarity around exactly what their role and responsibility was providing internal audit services wouldn’t be sufficient. It is certainly a question that has come up in the past and is certainly one to think about. It wouldn’t be for CIPFA to determine though and would be a matter for legislation and given the current amount of new legislation proposed at the moment, I’m not sure if this would be considered.
Liz – There are examples in the Financial Services sector where the Head of internal audit function (SMF5) The head of internal audit function is the function of having responsibility for management of the internal audit function of the firm, including reporting directly to the governing body of the firm on the internal audit function. According to the FCA, the purpose of the SM&CR legislation is to ‘reduce harm to consumers and strengthen market integrity by creating a system that enables firms and regulators to hold individuals to account.’ In other words, it’s designed to ensure those in senior roles have the skills, knowledge and integrity to act in the customers’ best interests, while setting a new standard of personal conduct for everyone working in financial services.