AUDIT REGULATIONS FOR PUBLIC BODIES

EPWPINCENTIVEGRANT

ApprovalandVersionControl
TheAuditRegulationswereapprovedby:
Designation

1|P a g e

Signature

Date

Version

TableofContents
1. Generaldefinitions..............................................................................................................................3
2. Introduction........................................................................................................................................4
2.1 Application...........................................................................................................................................4
2.2 Dateofcommencement......................................................................................................................4
3. ManagementArrangements................................................................................................................4
3.1 KeyPrinciples.......................................................................................................................................4
3.1.1Independenceandobjectivity.....................................................................................................4
3.1.2ProficiencyandDueProfessionalCare.......................................................................................4
3.1.3QualityAssurance.......................................................................................................................4
3.1.4Capacity.......................................................................................................................................5
3.2 Internalauditpurpose,responsibilityandaccountability...................................................................5
3.2.1Purpose.......................................................................................................................................5
3.2.2Objective.....................................................................................................................................5
3.2.3RolesandResponsibilitiesofrelevantParties............................................................................5
3.2.4AccountabilityArrangements.....................................................................................................6
4. ScopeofWork.....................................................................................................................................7
4.1 Planning...............................................................................................................................................7
4.2 RiskManagement................................................................................................................................7
4.2.1DPWInternalAudit.....................................................................................................................7
4.2.2PublicBodiesInternalAudit........................................................................................................7
4.3 Control.................................................................................................................................................7
4.4 Detailedauditprocedures...................................................................................................................8
4.4.1Complianceprocedures..............................................................................................................8
4.4.2Documentationandinformationretention................................................................................8
4.4.3Controlsandverificationofinformation....................................................................................8
4.4.4Sampling....................................................................................................................................11
4.5 Communicatingresults......................................................................................................................12
4.5.1Monthlyauditreporting...........................................................................................................12
4.5.2Quarterlyauditreporting..........................................................................................................12
4.5.3AnnualReporting......................................................................................................................13
4.6 Followupprocedures........................................................................................................................14
4.7 Internalauditrepresentations..........................................................................................................14
4.8 Adherencetotimelines.....................................................................................................................14
5. StandardsofInternalAuditPractice...................................................................................................14
6. NoncompliancetoAuditRegulations................................................................................................14

2|P a g e

1.

Generaldefinitions

IntheseAuditRegulations:
Term

Definition

AuditSampling

This involves the application of audit procedures to less than 100% of the items
within a class of transactions to enable the auditor to obtain and evaluate audit
evidenceaboutsomecharacteristicsoftheitemsselected,inordertoformorassistin
forming a conclusion concerning the population. Audit sampling can use either a
statisticalornonstatisticalapproach.

Charter

Meansaformaldocumentthatdefinestheinternalauditactivityspurpose,authority
and responsibility. The internal audit charter establish the internal audit activitys
positionwithintheorganisation;authorisesaccesstorecords,personnelandphysical
properties relevant to the performance of engagements; and define the scope of
internalauditactivities.

Compliance

Meansadherencetopolicies,plans,procedures,laws,regulations,contracts,orother
requirements.

Control

Refers to any action taken by management and other parties to manage risk and
increasethelikelihoodthatestablishedobjectivesandgoalswillbeachieved.

EligiblePublicBody

Refers to any organisation that is defined by legislation as a government body; and

for purposes of this document, refers to a province, municipality or public entity
within these spheres of government that complies with the criteria of eligibility in
termsoftheDivisionofRevenueAct2009.

Fraud

Refers to any illegal act characterised by deceit, concealment, or violation of trust.

Theseactsarenotdependentuponthethreatofviolenceorphysicalforce.Fraudsare
perpetrated by parties and organisations to obtain money, property, or services; to
avoidpaymentorlossofservices;ortosecurepersonalorbusinessadvantage.

Governance

Isthecombinationofprocessesandstructuresimplementedbythegoverningbodies
to inform, direct, manage and monitor the activities of the organisation toward the
achievementofitsobjectives.

Independence

Is the freedom from conditions that threaten objectivity or the appearance of

objectivity. Such threats to objectivity must be managed at the individual auditor,
engagement,functional,andorganisationallevels.

InternalAudit

Means an independent, objective assurance and consulting activity designed to add

valueandimproveanorganisationsoperations.Ithelpsanorganisationaccomplish
itsobjectivesbybringingasystematic,disciplinedapproachtoevaluateandimprove
theeffectivenessofgovernance,riskmanagementandcontrol.

PublicBody

Refers to any organisation that is defined by legislation as a government body; and

for purposes of this document, refers to a province, municipality or public entity
withinthesespheresofgovernment.

Risk

Risk is the possibility of an event occurring that will have an impact on the
achievementofobjectives.Riskismeasuredintermsofimpactandlikelihood.

Riskmanagement

Risk management is the process to identify, assess, manage and control potential
events or situations to provide reasonable assurance regarding the achievement of
theorganisationsobjectives.

Definitions,whererelevantareinalignmentwiththedefinitionsoftheInstituteofInternalAuditors.

3|P a g e

2.

Introduction

Thisdocumentprovidesthebasicregulatoryframeworkformaintaininganeffectiveinternalauditfunctiontobeable
toreceivetheEPWPIncentiveGrant.
Theseregulationsweredevelopedinresponsetotherequirementsofthe2009DivisionofRevenueAct.
It is expected that public bodies will compare their current practices and approaches to the management of project
informationwiththeseregulationsandtakenecessaryactiontocomplywiththestatedrequirements.
These regulations have been formulated as a set of principles for all public bodies to assist their understanding in
meetingtheserequirements.

2.1

Application

TheAuditRegulationsapplytotheinternalauditorsofeligiblepublicbodiesintermsofthe2009DORAFrameworkfor
the EPWP Incentive Grant to provinces and municipalities. The 2009 DORA Framework refers to the need for public
bodiestocomplywithauditregulations.
TheAuditRegulationsshouldbereadinthecontextoftheIncentiveGrantManual.

2.2

Dateofcommencement

TheseAuditRegulationstakeeffectfrom1April2009,unlessotherwiseindicatedinthetext.

3.

ManagementArrangements
3.1

KeyPrinciples

3.1.1Independenceandobjectivity
Organisationalindependence:Theinternalauditfunctionmustbefreetoperformworkandcommunicateresults.
TheInternalAuditDepartmentmustremainindependentofalllineandfunctionalmanagementandwillbeanswerable
solelytothepublicbodysManagementandAuditCommittee.
TheindependenceoftheInternalAuditunitwillbeensuredby:
(a) aclearinprincipleagreementthatinternalauditwillhavefullaccessatalltimestoanyrecords,propertiesand
resourcesrelevanttotheprojectsunderreview
(b) accesstotheChairpersonoftheAuditCommittee.
(c) notassuminganylinemanagementcontrol
(d) theInternalAuditfunctionbeingfreeofanyundueinfluencesorinterferenceswhichcouldrestrict,overrule
or otherwise affect the judgement as to the content of a report or in any way require the unit to function
underduressorwhichcouldaffecttheconductofaninvestigation.
Individualobjectivity:Internalauditorsmusthaveanimpartial,unbiasedattitudeandavoidanyconflictofinterest.
3.1.2ProficiencyandDueProfessionalCare
Internalauditorsmustpossesstheknowledge,skills,andothercompetenciesneededtoperformtheirresponsibilities
intermsoftheseregulations.
Internalauditorsmustapplythecareandskillexpectedofareasonablyprudentandcompetentinternalauditor.
3.1.3QualityAssurance
InternalAuditorsshallatalltimesconducttheworkassignedtotheminaccordancewiththeAuditMethodologyand
the Standards for the Professional Practice of Internal Auditing. Internal Audit shall further comply with the Code of
EthicsofInternalAuditors,aspublishedbytheInstituteofInternalAuditors.

4|P a g e

Regular reviews will be performed by DPW Internal Audit function to assess compliance with the Audit Regulations
including,butnotlimitedto,thescopeofworkconductedandthemonthly,quarterlyandannualreportssubmittedby
PublicBodiesInternalAudit.
3.1.4Capacity
The internal audit function must establish sufficient capacityto conduct the scope of auditwork required toreceive
theIncentiveGrant.InternalAuditsatPublicbodiesneedtobeproperlysupervisedtoensureobjectivesareachieved,
andqualityisassured.Ifaneligiblepublicbodydoesnothaveanestablishedinternalauditfunction,thepublicbodyis
advised to make the necessary arrangements to outsource or cosource the function to ensure compliance with the
AuditRegulations.

3.2

Internalauditpurpose,responsibilityandaccountability

3.2.1Purpose
ThepurposeoftheinternalauditfunctionatpublicbodiesfortheEPWPIncentiveGrantistomaintainanindependent
objective assurance activity designed to improve the public bodys infrastructure project management operations. It
will assist the public body accomplish its objectives by bringing a systematic, disciplined approach to evaluate and
improvetheeffectivenessofriskmanagement,control,andgovernanceprocesses.InternalAuditwillthereforeprovide
the management of the public body, the Audit Committee and DPWs Internal Audit Management with analysis,
appraisals,recommendationsandinformationconcerningtheprojectactivitiesandinformationreviewed.
3.2.2Objective
TheobjectiveoftheinternalauditfunctionatpublicbodiesfortheEPWPIncentiveGrantistoidentifyandevaluate
significantexposurestoriskandcontributetotheimprovementofriskmanagement,controlandgovernancesystems.
Thisshouldinclude:
(a) Overseeingtheriskmanagementframeworkandmonitoringrisk
(b) Reviewing the established systems to ensure compliance with those procedures, laws and regulations that
could have a significant impact on operations and report and determine whether the public body is in
compliance
(c) Ensuringthataneffectivesystemofinternalcontrolsexistandisoperatingasrequired
(d) Evaluatingthereliabilityandintegrityoffinancial,projectmanagementandotheroperationalinformation.
3.2.3RolesandResponsibilitiesofrelevantParties

TheInternalAuditunitofpublicbodies
(a) The role of the Internal Audit unit is to assist the public body to meet their objectives by providing an
independentappraisaloftheadequacyandeffectivenessofthecontrolssetupbythepublicbodytomanage
infrastructureprojectimplementation,withparticularinteresttothoseprojectsclaimingtheEPWPIncentive
Grant.
(b) The Internal Audit unit of each public body is responsible to render the internal audit services required in
terms of these Audit Regulations, DORA requirements, the Incentive Grant Agreement, the Incentive Grant
ManualandanyotherrelevantdocumentationissuedbyDPWintermsoftheIncentiveGrant.
(c) TheresponsibilitiesoftheInternalAuditunitinclude:
developing an annual audit plan using an appropriate riskbased methodology, including any risk or
control concerns identified by the public bodys Management and submit that plan to the Audit
Committeeforreviewandapproval
implementingtheannualauditplan
maintaining a professional audit staff with sufficient knowledge, skills, experience and professional
certification
issuing periodic reports to the Audit Committee and the public bodys Management summarizing the
resultsoftheauditactivities
providing a list of significant results to the public bodys Management, the Audit Committee and DPW
InternalAudit.

5|P a g e

ThePublicbody

(a) Although the role of Internal Audit Section is to review internal controls, system procedures, risks etc,
ultimatelythepublicbodyretainsfullresponsibilityforensuringthattheyactuallyimplementandmaintain
anappropriateframeworkofcontrols.
(b) Thepublicbodyalsohastheresponsibilityandaccountabilityforaddressingnoncompliance,weaknessesand
inefficiencies that have been identified by both External Audit and Internal Audits (conducted by DPW and
PublicBodyInternalAudit),andfortakingthenecessarycorrectiveaction.
(c) Thepublicbodyisfurtherresponsiblefor:
ProvidinginputontheareasofinvestigationbytheInternalAudit
ensuring support for the Internal Audit function, including ensuring that the Internal Audit unit has
unrestricted access to all relevant functions, records and personnel pertaining to any project whose
activitiesareunderreview
maintaining internal control, including proper accounting records and other management information
requiredforproperandcompliantprojectgovernance
compellingprojectmanagerstorespondtointernalauditqueriessubmitted
reviewing Internal Audit reports and implementing recommendations as considered appropriate or as
requiredbyDPW
informingtheInternalAuditorsofanysignificantinternalcontrolproblems.
TheAuditCommittee
(a) The Audit Committee in conjunction with the Accounting Officer is responsible for reviewing the scope of
InternalAuditwork,andtheactiontobetakenontheoutcomeorfindingfromtheirwork.
(b) TheAuditCommitteewill:
Ratifytheapprovaloftheinternalauditcharterorannualauditplan
EnsurethattheInternalAuditorseffectivelyperformtheirresponsibilitiesandduties
EnsurethattheInternalAuditunitcomplieswiththerelevantauditrulesandregulations
EnsurethattheInternalAuditunitmaintainsitsindependence
Reviewtheresultsofanyauditworkperformed
ReviewtheinternalauditreportstothepublicbodysManagementandtheirresponsethereto
LiaisewithDPWInternalAuditwhennecessary.
3.2.4AccountabilityArrangements
Thefollowingdiagramdepictstheaccountabilityarrangements:

AuditCommittee

DPWIA

PBInternalAudit

PBManagement

TheInternalAuditunitofeachpublicbodyshallberesponsibletoreporttotheDPWInternalAuditon:

6|P a g e

compliancewiththeconditionsoftheIncentiveGrant
riskmanagementandrisks
the controls in place to collect and verify the performance information upon which the Incentive
Grantisdisbursed
andotherinformationrequiredaspartoftheAuditRegulations.

4.

ScopeofWork
4.1

Planning

DPWInternalAuditmustadequatelyplanfortheperformanceofauditprocedurestoensuretheobjectivesoftheaudit
isachieved.
(a) The primary purpose of planning the internal audit work for the grant is for each public body to determine
priorities in order to establish the most costeffective means of achieving audit objectives; to assist in the
directionandcontrolofauditworkcompletioninaccordancewithpredeterminedcriteria.
(b) Itisimportantthattheinternalauditplanninginclude:
defininginternalauditobjectives
obtainingacomprehensiveunderstandingoftheMIS,projectoperationsandmanagement
identifying,evaluatingandrankingriskstowhichthepublicbodyisexposed
takingintoaccounttheweaknessesofthepublicbodiescontrolsandmanagementconcerns
identifyingauditareasanddeterminingthetypeofauditandauditprocedures
(c) Operationalworkplansshouldbepreparedforeachinternalauditassignment,including:
objectivesandscopeoftheaudit
timebudgetandstaffallocations
methods, procedures and reporting arrangements, including supervision and allocation of
responsibilities.

4.2

RiskManagement

4.2.1DPWInternalAudit
DPWInternalAuditmustevaluatetheeffectivenessoftheriskmanagementprocessoftheEPWPIncentiveGrantat
Publicbodies.Aspartoftheevaluationconsiderationwillbegivento,interalia,theappropriatenessandsufficiencyof
resources with the necessary competencies in the Public Bodies Internal Audit function to perform the audit
procedures.
4.2.2PublicBodiesInternalAudit
Public Bodies Internal Audit must evaluate risk exposures regarding the reliability and integrity of information and
compliancewithtotheDORArequirements,theIncentiveGrantAgreement,theIncentiveGrantManualandanyother
relevant documentation issued by DPW in terms of the Incentive Grant and contribute to the improvement of risk
management.Aspartoftheevaluationconsiderationwillbegivento,interalia,significantrisksidentifiedandassessed
andpotentialfortheoccurrenceoffraudandhowfraudriskismanaged.

4.3

Control

ThePublicBodyinternalauditmustevaluatetheadequacyandeffectivenessofcontrolsrelatedtotheIncentiveGrant
regardingthereliabilityandintegrityofinformationandcompliancewiththeDORArequirements,theIncentiveGrant
Agreement,theIncentiveGrantManualandanyotherrelevantdocumentationissuedbyDPWintermsoftheIncentive
Grant.
WhenevaluatingtheinternalcontrolswithintheEPWPManagementInformationSystem,theInternalAuditshould:
(a)
(b)
(c)
(d)

7|P a g e

understandthesystemparametersandcontrolobjectives
assesswhetherthecontrolsputinplacemeetcontrolobjectivesfortheprojectsunderreview
testtheoperationofthecontrolsinpracticefortheprojectsunderreview
provide an opinion based on audit objectives as to whether the system provides an adequate basis for
effectivecontrolandwhetheritisproperlyoperatedinpractice.

4.4

Detailedauditprocedures

4.4.1Complianceprocedures
Public Bodies Internal Audit must test compliance to the DORA requirements, the Incentive Grant Agreement, the
IncentiveGrantManualandanyotherrelevantdocumentationissuedbyDPWintermsoftheIncentiveGrant.Included
intheEPWPIncentiveGrantManualisacompliancechecklistthatisacompletelistofconditionsandrulesthatpublic
bodiesshouldensurearemet.ThecompliancechecklistmustbecompletedbythePublicBodiesInternalAuditandany
noncompliancemustbereportedtomanagement,theAuditCommitteeandDPWaspartofthemonthlyandquarterly
reports.
4.4.2Documentationandinformationretention
Public Bodies Internal Audit must ensure on a monthly basis that the following documentation and information is
collatedandretained:
(a) Beneficiaryinformationincludingbutnotlimitedto:
Identityname,surname,identitynumber(acertifiedcopyoftheidentitydocumentoftheworker
shouldbekeptatthepublicbodyforauditpurposes)andacontactnumber
Gender,ageanddisabilitystatus
Educationlevel
Dailywagetobereceived
Trainingplanned
(b) Siteinformationincludingbutnotlimitedto.
Dailysiteattendanceregisterindicatingallthebeneficiariesthatwereregisteredasatworkeveryday
Summaryofmonthlyattendanceregister
(c) Payment register showing wages paid per beneficiary, signed off by each beneficiary. The payment register
containsthefollowinginformation:
Identityname,surname,identitynumberandacontactnumber
Gender,ageanddisabilitystatus
Wageratepaid
Totalnumberofdaysthatthepayperiodcovers
Signatureorproofofacceptanceofpayment
Access to project records and required information must be controlled. Retention requirements for project
recordsmustbecompliedwith.
4.4.3Controlsandverificationofinformation
Public Body Internal Auditors must identify, analyse, evaluate and document sufficient information to achieve the
internalauditobjectives.Publicbodiesinternalauditproceduresmustincludebutnotbelimitedto:
(a)
(b)
(c)
(d)
(e)
(f)
(g)
(h)

Testcontrolofsignoffofattendanceregister,beneficiaryinformationandpaymentregister
Conductsurprisevisitstoensureactualattendanceinaccordancewithattendanceregisters
Conductsurprisevisitstoensurevalidityofrecordedbeneficiaryinformation
Compareworkerdetailsonattendanceregisterwithsupportingcopiesofidentitydocuments
ConductteststoensureinformationonMISagreeswithsupportinginformation
Conductteststoensureinformationonpaymentregisteragreeswithattendanceregister
Testpaymentregistertoensureeachcontractworkersignedasproofthatpaymentwasreceived
Conductteststoensurerateofpayfallswithintherequiredparameters.

Thefollowingtablereflectsmoredetailoncontrolsandprocedurestobeperformed.Referenceshouldalsobemadeto
theEPWIncentiveGrantManual.

8|P a g e

Controls and Procedures for project data collection

Activity

Responsibility Risk

Time
lapse

Internal
controls

Auditprocedures

Sample
method/
method
ology

Timefra
mefor
audit
procedu
res

PublicBodyinternal
auditors:
1)totestcontrolofsignoff
ofattendanceregister
2)toconductsurprisevisits
toensureactualattendance
inaccordancewithregister
3)Compareworkerdetails
onattendanceregisterwith
supportingcopiesofidentity
documents
4)Includeresultsinaudit
reporttobeissuedtwo
weeksaftertheendofthe
quarter.

100%

Monthly

Oncea
month

DPWInternalauditto
reviewmonthlyand
quarterlyreportsfrom
PublicBodyinternal
auditors(completedand
submittedwithintwoweeks
afterthecloseofthe
quarter)andselectpublic
bodiesonwhichfurther
auditworkwillbe
conducted.

DPWInternalauditto
reviewauditreports/
consultwithauditorsofMIG
8reportingonActual
employmentandminimum
dailywagerate.

DPWInternalaudit:
1)totestcontrolofsignoff
ofattendanceregister
2)toperformdetailtesting
onsupporting
documentationdependent
onriskassessmenttaking
PublicBodyinternal
auditorsauditworkand
extentofrelianceinto
account.

Tobe
completed
within
week
threeand
fourafter
closeof
quarter

ContractortoprovideinformationtoProjectManager
Contractorto
signoffdaily
on
attendance
registerand
provideto
Project
Manager
weekly

Contractorto
completeand
signoff

Contractorto
provideto
Project
Manager
weekly

9|P a g e

Incorrect
information
compiled

Invalid
information
compiled

Continuous
Weekly

Signoffby
contractor

20%

Within
two
weeks
afterclose
ofquarter

Activity

Responsibility Risk

Time
lapse

Internal
controls

Auditprocedures

Sample
method/
method
ology

Timefra
mefor
audit
procedu
res

Contractorto
generate
signed
fortnightly
payment
registerand
provideto
Project
Manager

Contractor

Every
fortnight
from
beginning
ofmonth

Signoffby
contractor

PublicBodyinternal
auditors:
1)totestcontrolofsignoff
ofpaymentregister
2)toconductteststoensure
informationonpayment
registeragreeswith
attendanceregister
3)testpaymentregisterto
ensureeachcontractworker
signedasproofthat
paymentwerereceived
4)conductteststoensure
rateofpayfallswithinthe
requiredparameters
5)includeresultsinaudit
reporttobeissuedtwo
weeksaftertheendofthe
quarter.

100%

Within
two
weeks
afterclose
ofquarter

DPWInternalaudit:
1)totestcontrolofsignoff
ofattendanceregister
2)toperformdetailtesting
onsupporting
documentationdependent
onriskassessmenttaking
PublicBodyinternal
auditorsauditworkand
extentofrelianceinto
account
3)includeresultsinaudit
reporttobeissuedfour
weeksaftertheendofthe
quarter.

Tobe
completed
within
week
threeand
fourafter
closeof
quarter

Seeauditproceduresabove

Identifytheregisters
relevantforauditpurposes

100%

Within
two
weeks
afterclose
ofquarter

Contractorto
signoffon
allregisters
toProject
Manager

Contractor

Incorrect
information
compiled

Invalid
information
compiled

Paymentto
fictitious
workers

Incorrect
information
compiled
Invalid
information
compiled

Oncea
month

Signoffby
contractor

ContractortocaptureinformationandsubmittoPublicBodyandTA
Project
Managerto
submit
information
electronically
toPB

ProjectManager

10|P a g e

Continuous
Incorrect
or
Weekly
incomplete
information
loaded

Invalid
information

Signoffby
consultant

MIS
controls

PublicBodyinternal
auditors:
1)totestcontrolofsignoff
2)toconductteststoensure
informationonMISagrees
withsupportinginformation
3)includeresultsinaudit
reporttobeissuedtwo
weeksaftertheendofthe

100%

100%

50%

Activity

Responsibility Risk

Time
lapse

Internal
controls

loaded

Project
Managerto
generate
payment
certificateat
theendofthe
monthand
submitto
publicbody
outputsand
expenditure
datafor
progress
report

ProjectManager

Project
Managerto
signoffand
distribute
copiesto:i)
contractor,ii)
ownrecord,
iii)public
body

ProjectManager

Incorrect,
Endof
invalidor
month
incomplete
information

Incorrect,
Endof
invalidor
month
incomplete
information

Auditprocedures

Sample
method/
method
ology

quarter.

Signoffby
Project
Manager

Signoffby
contractor

Signoffby
Public
Body

Signoffby
Project
Manager

Timefra
mefor
audit
procedu
res

DPWInternalaudit:
1)totestcontrolofsignoff
2)toconductteststoensure
informationonMISagrees
withsupporting
information.3)Include
resultsinauditreporttobe
issuedfourweeksafterthe
endofthequarter.

Tobe
completed
within
week
threeand
fourafter
closeof
quarter

PublicBodyinternal
auditors:
1)totestcontrolofsignoff
2)includeresultsinaudit
reporttobeissuedtwo
weeksaftertheendofthe
quarter

100%

Tobe
completed
within
two
weeks
afterclose
ofquarter

DPWInternalaudit:
1)totestcontrolofsignoff
2)includeresultsinaudit
reporttobeissuedfour
weeksaftertheendofthe
quarter

Referauditprocedures
above

Tobe
completed
within
week
threeand
fourafter
closeof
quarter

4.4.4Sampling
Appropriatemeansforselectingitemsfortestingtogathersufficientappropriateauditevidencetomeettheobjectives
fortheauditproceduresmustbeapplied.Resultsofthetestsonthesamplemustbeextrapolatedoverthepopulation
asawhole.

11|P a g e

4.5

Communicatingresults

4.5.1Monthlyauditreporting
TheInternalAuditunitofpublicbodiesmustreporttoDPWInternalAuditonamonthlybasistwoweeksafterthe
closeofeverymonth,basedonauditprocedurescompleted,on,interalia,thefollowing:
(a) AnynoncompliancetotheDORArequirements,theIncentiveGrantAgreement,theIncentiveGrantManual
and any other relevant documentation issued by DPW in terms of the Incentive Grant. The compliance
checklistincludedintheEPWPIncentiveGrantManualmustbeusedasabasistoidentifyanynoncompliance.
(b) Anyweaknessesincontrols,procedures,informationcollatedandreportedorproblematicoutcomesforthe
month.

ThetemplatetobeusedforthemonthlyreportsbyPublicBodies:
Headingstobecovered
Example
Title
Addressee
Scope
Auditfindings
Repeatfindings
Significantrisksidentified
Othermattersforattention
Conclusion
Signoffreport

Public Body Name Internal Audit Report on the EPWP Incentive Grant for the
monthofMarch2009
ThereportshouldbeaddressedtoManagementwithcopiestoDPWInternalAudit
Theauditproceduresperformedshouldbedescribed
Any non compliance, weaknesses in controls, inaccurate and incomplete
information reported with an indication of the effect/impact, recommendations
andmanagementcomments.

ReporttobesignedoffbyChiefInternalAuditorindicatingthedateofsignoff

4.5.2Quarterlyauditreporting
TheInternalAuditunitofpublicbodiesmustreporttoDPWInternalAuditonaquarterlybasistwoweeksafterthe
closeofeveryquarter,on,interalia,thefollowing:
(a) Purpose,authorityandresponsibilityofPublicBodyInternalAudit
(b) Objectivesandscopeoftheauditworkcompletedforthequarter
(c) Based on audit procedures completed, the audit findings/results including any weaknesses in controls,
procedures,informationcollatedandreportedorproblematicoutcomesforthequarter
(d) Quantificationoferrorsextrapolatedoverpopulation
(e) Repeat findings with reference to findings reported in previous months or quarters by Internal Audit and
managementactionswererequiredbutnotyetaimplemented
(f) Significantriskexposures
(g) Conclusionbasedonappropriateanalysisandevaluations
(h) Recommendationsandactionplans
(i) Othermattersneededorrequested
Communicationmustbeaccurate,objective,clear,concise,constructive,completeandtimely
ThetemplatetobeusedforthequarterlyreportsbyPublicBodies:
Headingstobecovered
Example
Title
Addressee
Accountabilitystatement
Scope
Auditfindings

12|P a g e

Public Body Name Internal Audit Report on the EPWP Incentive Grant for the
quarterending30June2009
ThereportshouldbeaddressedtoManagementwithcopiestoDPWInternalAudit
IndicatingwhattheaccountabilityofthevariespartiesareincludingManagement
andthePublicBodyInternalAudit
Theauditproceduresperformedshouldbedescribed
Any non compliance, weaknesses in controls, inaccurate and incomplete
information reported with an indication of the effect/impact, recommendations
andmanagementcomments.


Headingstobecovered

Example

Extrapolationoferrors

Based on errors find in information reported the error extrapolated over the
populationifrelevant

ReporttobesignedoffbyChiefInternalAuditorindicatingthedateofsignoff

Repeatfindings
Significantrisksidentified
Othermattersforattention
Conclusion
Signoffreport

DPW Internal Audit must obtain confirmation from Provincial Treasuries on a quarterly basis that the incentive has
beencorrectlydisbursed.
4.5.3AnnualReporting
PublicBodiesInternalAuditmustreporttoDPWInternalAuditonanannualbasistwoweeksafterthecloseofthe
financialyearon,interalia,thefollowing:
(a) Purpose,authorityandresponsibility
(b) Objectivesandscopeofworkcompletedforthequarter
(c) Based on audit procedures completed, any weaknesses in controls, procedures, information collated and
reportedorproblematicoutcomesforthequarter.
(d) Quantificationoferrorsextrapolatedoverpopulation
(e) Repeatfindings
(f) Significantriskexposures
(g) Conclusionbasedonappropriateanalysisandevaluations
(h) Recommendationsandactionplans
(i) Othermattersneededorrequested

ThetemplatetobeusedfortheannualreportsbyPublicBodies:
Headingstobecovered
Example
Title
Addressee
Accountabilitystatement
Scope
Auditfindings
Extrapolationoferrors
Repeatfindings
Significantrisksidentified
Othermattersforattention
Conclusion
Signoffreport

Public Body Name Internal Audit Report on the EPWP Incentive Grant for the
yearendingMarch2010
ThereportshouldbeaddressedtoManagementwithcopiestoDPWInternalAudit
IndicatingwhattheaccountabilityofthevariespartiesareincludingManagement
andthePublicBodyInternalAudit
Theauditproceduresperformedshouldbedescribed
Any non compliance, weaknesses in controls, inaccurate and incomplete
information reported with an indication of the effect/impact, recommendations
andmanagementcomments.
Based on errors find in information reported the error extrapolated over the
populationifrelevant

ReporttobesignedoffbyChiefInternalAuditorindicatingthedateofsignoff

ReportingtoensurecompliancewiththeDORA,Section13,shouldtakeplaceandDPWInternalAuditmustreviewthe
information provided to ensure compliance with requirements and information reported can be substantiated by
supportingevidence.Informationthatneedtobeincluded:

(a) thetotalamountofallallocationsreceived
(b) thetotalamountofactualexpenditureonallallocationsexceptSchedule4allocations
(c) certificationthatalltransfersintermsofDORAtotheprovinceweredepositedintotheprimarybankaccount
oftheprovinceor,whereappropriate,intothecorporationforpublicdepositsaccountofaprovince.
(d) theextenttheprovincemettheconditionsprovidedforintheframeworkandcompliedwiththeprovisionsof
theDORA

13|P a g e

(e) the steps taken to deal with noncompliance with the conditions provided for in the framework of such an
allocationandtheprovisionsoftheDORA
(f) theextenttowhichtheobjectivesandoutputsoftheallocationwereachieved
(g) containsuchotherinformationastheNationalTreasurymaydetermine.

4.6

Followupprocedures

Duringtheauditprocess,theInternalAuditorsofthepublicbodymustcompletefollowupprocedurestomonitorand
ensureactionshavebeeneffectivelyimplementedorthatseniormanagementacceptedtheriskofnottakingaction.
Followupprocedureswillformpartoftheauditproceduresperformedeveryquarterandhastobeincludedaspartof
therepeatfindingsofthequarterlyandannualPublicBodyinternalauditreports.

4.7

Internalauditrepresentations

As part of the audit procedures it is required of the Internal Audit of Public Bodies to make quarterly and yearly
representationsbycompletionandsignoffofthecompliancechecklist.

4.8

Adherencetotimelines

PublicBodiesneedtostrictlycomplywithprescribedtimelinesindicatedinsection4.4.3.

5.

StandardsofInternalAuditPractice

TheInternalAuditFunction mustmeettheStandardsfortheProfessionalPracticeofInternalAuditingprescribedby
theInstituteofInternalAuditors(refertowww.theiia.org).

6.

NoncompliancetoAuditRegulations

AnynoncompliancetotheAuditRegulationsinfactorappearancemustimmediatelybereported,includingthedetails
ofnoncompliancetoDPWInternalAudit,ChiefExecutiveAuditor.

14|P a g e