1 / 8

Internal Audit and Risk Management Policy for the NSW Public Sector

Internal Audit and Risk Management Policy for the NSW Public Sector. Mark Pellowe Senior Director, Financial Management and Reporting NSW Treasury. The new policy. Key policy documents. Treasury Circular TC 09/08 Internal Audit and Risk Management Policy (24 August 2009)

margo
Download Presentation

Internal Audit and Risk Management Policy for the NSW Public Sector

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internal Audit and Risk Management Policy for the NSW Public Sector Mark Pellowe Senior Director, Financial Management and Reporting NSW Treasury

  2. The new policy Key policy documents • Treasury Circular TC 09/08 Internal Audit and Risk Management Policy (24 August 2009) • Treasury Policy & Guidelines Paper TPP 09-5 Internal Audit and Risk Management Policy for the NSW Public Sector (August 2009) • Department of Premier and Cabinet Circular C2009-13 Prequalification Scheme: Audit and Risk Committees (4 May 2009)

  3. What the new policy will achieve Desired Outcomes • Strengthened assurance and accountability • Consistent use of internal audit to mitigate business risk • Greater focus on risk management • More effective use of internal audit resources • Stronger external incentives to ‘comply and explain’

  4. Core Requirements Internal Audit Function • Internal Audit function must be established • Chief Audit Executive (CAE) must be designated Independent Audit and Risk Committee • An Audit and Risk Committee must be established • ‘Independent’ Chairs and Members Model Charter for Audit and Risk Committee • Better practice requirements for operations • New mandated requirements

  5. Core Requirements (cont.) Enterprise Risk Management • Risk management process ‘appropriate to the entity’ • Role of ARC – ‘oversight’ of risk management framework Internal Audit Standards Adopted • Operation of Internal Audit function consistent with IIA International Standards • Additional reporting and monitoring requirements

  6. Compliance and reporting Who? The policy DOES apply to: • for departments: Department Heads • for statutory bodies with governing boards: the Governing Board • for other statutory bodies: the Chief Executive Officer The policy does NOT apply to: • statutory State Owned Corporations (SOCs) (covered by Treasury’s Commercial Policy guidelines) • the Universities

  7. Compliance and Reporting By When? First Year WHAT IS REQUIRED? 2009/10 TIMETABLE FOR A 30 JUNE 2010 FYE

  8. Compliance and reporting Monitoring • Treasury will: • monitor submission of attestation statements • monitor conformance • periodically review the efficiency and effectiveness of the policy • The Auditor-General will: • undertake an assurance role in monitoring the sector’s compliance • review entity compliance with the policy through the compliance audit and reporting program

More Related