Académique Documents
Professionnel Documents
Culture Documents
EPWPINCENTIVEGRANT
ApprovalandVersionControl
TheAuditRegulationswereapprovedby:
Designation
1|P a g e
Signature
Date
Version
TableofContents
1. Generaldefinitions..............................................................................................................................3
2. Introduction........................................................................................................................................4
2.1 Application...........................................................................................................................................4
2.2 Dateofcommencement......................................................................................................................4
3. ManagementArrangements................................................................................................................4
3.1 KeyPrinciples.......................................................................................................................................4
3.1.1Independenceandobjectivity.....................................................................................................4
3.1.2ProficiencyandDueProfessionalCare.......................................................................................4
3.1.3QualityAssurance.......................................................................................................................4
3.1.4Capacity.......................................................................................................................................5
3.2 Internalauditpurpose,responsibilityandaccountability...................................................................5
3.2.1Purpose.......................................................................................................................................5
3.2.2Objective.....................................................................................................................................5
3.2.3RolesandResponsibilitiesofrelevantParties............................................................................5
3.2.4AccountabilityArrangements.....................................................................................................6
4. ScopeofWork.....................................................................................................................................7
4.1 Planning...............................................................................................................................................7
4.2 RiskManagement................................................................................................................................7
4.2.1DPWInternalAudit.....................................................................................................................7
4.2.2PublicBodiesInternalAudit........................................................................................................7
4.3 Control.................................................................................................................................................7
4.4 Detailedauditprocedures...................................................................................................................8
4.4.1Complianceprocedures..............................................................................................................8
4.4.2Documentationandinformationretention................................................................................8
4.4.3Controlsandverificationofinformation....................................................................................8
4.4.4Sampling....................................................................................................................................11
4.5 Communicatingresults......................................................................................................................12
4.5.1Monthlyauditreporting...........................................................................................................12
4.5.2Quarterlyauditreporting..........................................................................................................12
4.5.3AnnualReporting......................................................................................................................13
4.6 Followupprocedures........................................................................................................................14
4.7 Internalauditrepresentations..........................................................................................................14
4.8 Adherencetotimelines.....................................................................................................................14
5. StandardsofInternalAuditPractice...................................................................................................14
6. NoncompliancetoAuditRegulations................................................................................................14
2|P a g e
1.
Generaldefinitions
IntheseAuditRegulations:
Term
Definition
AuditSampling
This involves the application of audit procedures to less than 100% of the items
within a class of transactions to enable the auditor to obtain and evaluate audit
evidenceaboutsomecharacteristicsoftheitemsselected,inordertoformorassistin
forming a conclusion concerning the population. Audit sampling can use either a
statisticalornonstatisticalapproach.
Charter
Meansaformaldocumentthatdefinestheinternalauditactivityspurpose,authority
and responsibility. The internal audit charter establish the internal audit activitys
positionwithintheorganisation;authorisesaccesstorecords,personnelandphysical
properties relevant to the performance of engagements; and define the scope of
internalauditactivities.
Compliance
Meansadherencetopolicies,plans,procedures,laws,regulations,contracts,orother
requirements.
Control
Refers to any action taken by management and other parties to manage risk and
increasethelikelihoodthatestablishedobjectivesandgoalswillbeachieved.
EligiblePublicBody
Fraud
Governance
Isthecombinationofprocessesandstructuresimplementedbythegoverningbodies
to inform, direct, manage and monitor the activities of the organisation toward the
achievementofitsobjectives.
Independence
InternalAudit
PublicBody
Risk
Risk is the possibility of an event occurring that will have an impact on the
achievementofobjectives.Riskismeasuredintermsofimpactandlikelihood.
Riskmanagement
Risk management is the process to identify, assess, manage and control potential
events or situations to provide reasonable assurance regarding the achievement of
theorganisationsobjectives.
Definitions,whererelevantareinalignmentwiththedefinitionsoftheInstituteofInternalAuditors.
3|P a g e
2.
Introduction
Thisdocumentprovidesthebasicregulatoryframeworkformaintaininganeffectiveinternalauditfunctiontobeable
toreceivetheEPWPIncentiveGrant.
Theseregulationsweredevelopedinresponsetotherequirementsofthe2009DivisionofRevenueAct.
It is expected that public bodies will compare their current practices and approaches to the management of project
informationwiththeseregulationsandtakenecessaryactiontocomplywiththestatedrequirements.
These regulations have been formulated as a set of principles for all public bodies to assist their understanding in
meetingtheserequirements.
2.1
Application
TheAuditRegulationsapplytotheinternalauditorsofeligiblepublicbodiesintermsofthe2009DORAFrameworkfor
the EPWP Incentive Grant to provinces and municipalities. The 2009 DORA Framework refers to the need for public
bodiestocomplywithauditregulations.
TheAuditRegulationsshouldbereadinthecontextoftheIncentiveGrantManual.
2.2
Dateofcommencement
TheseAuditRegulationstakeeffectfrom1April2009,unlessotherwiseindicatedinthetext.
3.
ManagementArrangements
3.1
KeyPrinciples
3.1.1Independenceandobjectivity
Organisationalindependence:Theinternalauditfunctionmustbefreetoperformworkandcommunicateresults.
TheInternalAuditDepartmentmustremainindependentofalllineandfunctionalmanagementandwillbeanswerable
solelytothepublicbodysManagementandAuditCommittee.
TheindependenceoftheInternalAuditunitwillbeensuredby:
(a) aclearinprincipleagreementthatinternalauditwillhavefullaccessatalltimestoanyrecords,propertiesand
resourcesrelevanttotheprojectsunderreview
(b) accesstotheChairpersonoftheAuditCommittee.
(c) notassuminganylinemanagementcontrol
(d) theInternalAuditfunctionbeingfreeofanyundueinfluencesorinterferenceswhichcouldrestrict,overrule
or otherwise affect the judgement as to the content of a report or in any way require the unit to function
underduressorwhichcouldaffecttheconductofaninvestigation.
Individualobjectivity:Internalauditorsmusthaveanimpartial,unbiasedattitudeandavoidanyconflictofinterest.
3.1.2ProficiencyandDueProfessionalCare
Internalauditorsmustpossesstheknowledge,skills,andothercompetenciesneededtoperformtheirresponsibilities
intermsoftheseregulations.
Internalauditorsmustapplythecareandskillexpectedofareasonablyprudentandcompetentinternalauditor.
3.1.3QualityAssurance
InternalAuditorsshallatalltimesconducttheworkassignedtotheminaccordancewiththeAuditMethodologyand
the Standards for the Professional Practice of Internal Auditing. Internal Audit shall further comply with the Code of
EthicsofInternalAuditors,aspublishedbytheInstituteofInternalAuditors.
4|P a g e
Regular reviews will be performed by DPW Internal Audit function to assess compliance with the Audit Regulations
including,butnotlimitedto,thescopeofworkconductedandthemonthly,quarterlyandannualreportssubmittedby
PublicBodiesInternalAudit.
3.1.4Capacity
The internal audit function must establish sufficient capacityto conduct the scope of auditwork required toreceive
theIncentiveGrant.InternalAuditsatPublicbodiesneedtobeproperlysupervisedtoensureobjectivesareachieved,
andqualityisassured.Ifaneligiblepublicbodydoesnothaveanestablishedinternalauditfunction,thepublicbodyis
advised to make the necessary arrangements to outsource or cosource the function to ensure compliance with the
AuditRegulations.
3.2
Internalauditpurpose,responsibilityandaccountability
3.2.1Purpose
ThepurposeoftheinternalauditfunctionatpublicbodiesfortheEPWPIncentiveGrantistomaintainanindependent
objective assurance activity designed to improve the public bodys infrastructure project management operations. It
will assist the public body accomplish its objectives by bringing a systematic, disciplined approach to evaluate and
improvetheeffectivenessofriskmanagement,control,andgovernanceprocesses.InternalAuditwillthereforeprovide
the management of the public body, the Audit Committee and DPWs Internal Audit Management with analysis,
appraisals,recommendationsandinformationconcerningtheprojectactivitiesandinformationreviewed.
3.2.2Objective
TheobjectiveoftheinternalauditfunctionatpublicbodiesfortheEPWPIncentiveGrantistoidentifyandevaluate
significantexposurestoriskandcontributetotheimprovementofriskmanagement,controlandgovernancesystems.
Thisshouldinclude:
(a) Overseeingtheriskmanagementframeworkandmonitoringrisk
(b) Reviewing the established systems to ensure compliance with those procedures, laws and regulations that
could have a significant impact on operations and report and determine whether the public body is in
compliance
(c) Ensuringthataneffectivesystemofinternalcontrolsexistandisoperatingasrequired
(d) Evaluatingthereliabilityandintegrityoffinancial,projectmanagementandotheroperationalinformation.
3.2.3RolesandResponsibilitiesofrelevantParties
TheInternalAuditunitofpublicbodies
(a) The role of the Internal Audit unit is to assist the public body to meet their objectives by providing an
independentappraisaloftheadequacyandeffectivenessofthecontrolssetupbythepublicbodytomanage
infrastructureprojectimplementation,withparticularinteresttothoseprojectsclaimingtheEPWPIncentive
Grant.
(b) The Internal Audit unit of each public body is responsible to render the internal audit services required in
terms of these Audit Regulations, DORA requirements, the Incentive Grant Agreement, the Incentive Grant
ManualandanyotherrelevantdocumentationissuedbyDPWintermsoftheIncentiveGrant.
(c) TheresponsibilitiesoftheInternalAuditunitinclude:
developing an annual audit plan using an appropriate riskbased methodology, including any risk or
control concerns identified by the public bodys Management and submit that plan to the Audit
Committeeforreviewandapproval
implementingtheannualauditplan
maintaining a professional audit staff with sufficient knowledge, skills, experience and professional
certification
issuing periodic reports to the Audit Committee and the public bodys Management summarizing the
resultsoftheauditactivities
providing a list of significant results to the public bodys Management, the Audit Committee and DPW
InternalAudit.
5|P a g e
ThePublicbody
(a) Although the role of Internal Audit Section is to review internal controls, system procedures, risks etc,
ultimatelythepublicbodyretainsfullresponsibilityforensuringthattheyactuallyimplementandmaintain
anappropriateframeworkofcontrols.
(b) Thepublicbodyalsohastheresponsibilityandaccountabilityforaddressingnoncompliance,weaknessesand
inefficiencies that have been identified by both External Audit and Internal Audits (conducted by DPW and
PublicBodyInternalAudit),andfortakingthenecessarycorrectiveaction.
(c) Thepublicbodyisfurtherresponsiblefor:
ProvidinginputontheareasofinvestigationbytheInternalAudit
ensuring support for the Internal Audit function, including ensuring that the Internal Audit unit has
unrestricted access to all relevant functions, records and personnel pertaining to any project whose
activitiesareunderreview
maintaining internal control, including proper accounting records and other management information
requiredforproperandcompliantprojectgovernance
compellingprojectmanagerstorespondtointernalauditqueriessubmitted
reviewing Internal Audit reports and implementing recommendations as considered appropriate or as
requiredbyDPW
informingtheInternalAuditorsofanysignificantinternalcontrolproblems.
TheAuditCommittee
(a) The Audit Committee in conjunction with the Accounting Officer is responsible for reviewing the scope of
InternalAuditwork,andtheactiontobetakenontheoutcomeorfindingfromtheirwork.
(b) TheAuditCommitteewill:
Ratifytheapprovaloftheinternalauditcharterorannualauditplan
EnsurethattheInternalAuditorseffectivelyperformtheirresponsibilitiesandduties
EnsurethattheInternalAuditunitcomplieswiththerelevantauditrulesandregulations
EnsurethattheInternalAuditunitmaintainsitsindependence
Reviewtheresultsofanyauditworkperformed
ReviewtheinternalauditreportstothepublicbodysManagementandtheirresponsethereto
LiaisewithDPWInternalAuditwhennecessary.
3.2.4AccountabilityArrangements
Thefollowingdiagramdepictstheaccountabilityarrangements:
AuditCommittee
DPWIA
PBInternalAudit
PBManagement
TheInternalAuditunitofeachpublicbodyshallberesponsibletoreporttotheDPWInternalAuditon:
6|P a g e
compliancewiththeconditionsoftheIncentiveGrant
riskmanagementandrisks
the controls in place to collect and verify the performance information upon which the Incentive
Grantisdisbursed
andotherinformationrequiredaspartoftheAuditRegulations.
4.
ScopeofWork
4.1
Planning
DPWInternalAuditmustadequatelyplanfortheperformanceofauditprocedurestoensuretheobjectivesoftheaudit
isachieved.
(a) The primary purpose of planning the internal audit work for the grant is for each public body to determine
priorities in order to establish the most costeffective means of achieving audit objectives; to assist in the
directionandcontrolofauditworkcompletioninaccordancewithpredeterminedcriteria.
(b) Itisimportantthattheinternalauditplanninginclude:
defininginternalauditobjectives
obtainingacomprehensiveunderstandingoftheMIS,projectoperationsandmanagement
identifying,evaluatingandrankingriskstowhichthepublicbodyisexposed
takingintoaccounttheweaknessesofthepublicbodiescontrolsandmanagementconcerns
identifyingauditareasanddeterminingthetypeofauditandauditprocedures
(c) Operationalworkplansshouldbepreparedforeachinternalauditassignment,including:
objectivesandscopeoftheaudit
timebudgetandstaffallocations
methods, procedures and reporting arrangements, including supervision and allocation of
responsibilities.
4.2
RiskManagement
4.2.1DPWInternalAudit
DPWInternalAuditmustevaluatetheeffectivenessoftheriskmanagementprocessoftheEPWPIncentiveGrantat
Publicbodies.Aspartoftheevaluationconsiderationwillbegivento,interalia,theappropriatenessandsufficiencyof
resources with the necessary competencies in the Public Bodies Internal Audit function to perform the audit
procedures.
4.2.2PublicBodiesInternalAudit
Public Bodies Internal Audit must evaluate risk exposures regarding the reliability and integrity of information and
compliancewithtotheDORArequirements,theIncentiveGrantAgreement,theIncentiveGrantManualandanyother
relevant documentation issued by DPW in terms of the Incentive Grant and contribute to the improvement of risk
management.Aspartoftheevaluationconsiderationwillbegivento,interalia,significantrisksidentifiedandassessed
andpotentialfortheoccurrenceoffraudandhowfraudriskismanaged.
4.3
Control
ThePublicBodyinternalauditmustevaluatetheadequacyandeffectivenessofcontrolsrelatedtotheIncentiveGrant
regardingthereliabilityandintegrityofinformationandcompliancewiththeDORArequirements,theIncentiveGrant
Agreement,theIncentiveGrantManualandanyotherrelevantdocumentationissuedbyDPWintermsoftheIncentive
Grant.
WhenevaluatingtheinternalcontrolswithintheEPWPManagementInformationSystem,theInternalAuditshould:
(a)
(b)
(c)
(d)
7|P a g e
understandthesystemparametersandcontrolobjectives
assesswhetherthecontrolsputinplacemeetcontrolobjectivesfortheprojectsunderreview
testtheoperationofthecontrolsinpracticefortheprojectsunderreview
provide an opinion based on audit objectives as to whether the system provides an adequate basis for
effectivecontrolandwhetheritisproperlyoperatedinpractice.
4.4
Detailedauditprocedures
4.4.1Complianceprocedures
Public Bodies Internal Audit must test compliance to the DORA requirements, the Incentive Grant Agreement, the
IncentiveGrantManualandanyotherrelevantdocumentationissuedbyDPWintermsoftheIncentiveGrant.Included
intheEPWPIncentiveGrantManualisacompliancechecklistthatisacompletelistofconditionsandrulesthatpublic
bodiesshouldensurearemet.ThecompliancechecklistmustbecompletedbythePublicBodiesInternalAuditandany
noncompliancemustbereportedtomanagement,theAuditCommitteeandDPWaspartofthemonthlyandquarterly
reports.
4.4.2Documentationandinformationretention
Public Bodies Internal Audit must ensure on a monthly basis that the following documentation and information is
collatedandretained:
(a) Beneficiaryinformationincludingbutnotlimitedto:
Identityname,surname,identitynumber(acertifiedcopyoftheidentitydocumentoftheworker
shouldbekeptatthepublicbodyforauditpurposes)andacontactnumber
Gender,ageanddisabilitystatus
Educationlevel
Dailywagetobereceived
Trainingplanned
(b) Siteinformationincludingbutnotlimitedto.
Dailysiteattendanceregisterindicatingallthebeneficiariesthatwereregisteredasatworkeveryday
Summaryofmonthlyattendanceregister
(c) Payment register showing wages paid per beneficiary, signed off by each beneficiary. The payment register
containsthefollowinginformation:
Identityname,surname,identitynumberandacontactnumber
Gender,ageanddisabilitystatus
Wageratepaid
Totalnumberofdaysthatthepayperiodcovers
Signatureorproofofacceptanceofpayment
Access to project records and required information must be controlled. Retention requirements for project
recordsmustbecompliedwith.
4.4.3Controlsandverificationofinformation
Public Body Internal Auditors must identify, analyse, evaluate and document sufficient information to achieve the
internalauditobjectives.Publicbodiesinternalauditproceduresmustincludebutnotbelimitedto:
(a)
(b)
(c)
(d)
(e)
(f)
(g)
(h)
Testcontrolofsignoffofattendanceregister,beneficiaryinformationandpaymentregister
Conductsurprisevisitstoensureactualattendanceinaccordancewithattendanceregisters
Conductsurprisevisitstoensurevalidityofrecordedbeneficiaryinformation
Compareworkerdetailsonattendanceregisterwithsupportingcopiesofidentitydocuments
ConductteststoensureinformationonMISagreeswithsupportinginformation
Conductteststoensureinformationonpaymentregisteragreeswithattendanceregister
Testpaymentregistertoensureeachcontractworkersignedasproofthatpaymentwasreceived
Conductteststoensurerateofpayfallswithintherequiredparameters.
Thefollowingtablereflectsmoredetailoncontrolsandprocedurestobeperformed.Referenceshouldalsobemadeto
theEPWIncentiveGrantManual.
8|P a g e
Activity
Responsibility Risk
Time
lapse
Internal
controls
Auditprocedures
Sample
method/
method
ology
Timefra
mefor
audit
procedu
res
PublicBodyinternal
auditors:
1)totestcontrolofsignoff
ofattendanceregister
2)toconductsurprisevisits
toensureactualattendance
inaccordancewithregister
3)Compareworkerdetails
onattendanceregisterwith
supportingcopiesofidentity
documents
4)Includeresultsinaudit
reporttobeissuedtwo
weeksaftertheendofthe
quarter.
100%
Monthly
Oncea
month
DPWInternalauditto
reviewmonthlyand
quarterlyreportsfrom
PublicBodyinternal
auditors(completedand
submittedwithintwoweeks
afterthecloseofthe
quarter)andselectpublic
bodiesonwhichfurther
auditworkwillbe
conducted.
DPWInternalauditto
reviewauditreports/
consultwithauditorsofMIG
8reportingonActual
employmentandminimum
dailywagerate.
DPWInternalaudit:
1)totestcontrolofsignoff
ofattendanceregister
2)toperformdetailtesting
onsupporting
documentationdependent
onriskassessmenttaking
PublicBodyinternal
auditorsauditworkand
extentofrelianceinto
account.
Tobe
completed
within
week
threeand
fourafter
closeof
quarter
ContractortoprovideinformationtoProjectManager
Contractorto
signoffdaily
on
attendance
registerand
provideto
Project
Manager
weekly
Contractorto
completeand
signoff
Contractorto
provideto
Project
Manager
weekly
9|P a g e
Incorrect
information
compiled
Invalid
information
compiled
Continuous
Weekly
Signoffby
contractor
20%
Within
two
weeks
afterclose
ofquarter
Activity
Responsibility Risk
Time
lapse
Internal
controls
Auditprocedures
Sample
method/
method
ology
Timefra
mefor
audit
procedu
res
Contractorto
generate
signed
fortnightly
payment
registerand
provideto
Project
Manager
Contractor
Every
fortnight
from
beginning
ofmonth
Signoffby
contractor
PublicBodyinternal
auditors:
1)totestcontrolofsignoff
ofpaymentregister
2)toconductteststoensure
informationonpayment
registeragreeswith
attendanceregister
3)testpaymentregisterto
ensureeachcontractworker
signedasproofthat
paymentwerereceived
4)conductteststoensure
rateofpayfallswithinthe
requiredparameters
5)includeresultsinaudit
reporttobeissuedtwo
weeksaftertheendofthe
quarter.
100%
Within
two
weeks
afterclose
ofquarter
DPWInternalaudit:
1)totestcontrolofsignoff
ofattendanceregister
2)toperformdetailtesting
onsupporting
documentationdependent
onriskassessmenttaking
PublicBodyinternal
auditorsauditworkand
extentofrelianceinto
account
3)includeresultsinaudit
reporttobeissuedfour
weeksaftertheendofthe
quarter.
Tobe
completed
within
week
threeand
fourafter
closeof
quarter
Seeauditproceduresabove
Identifytheregisters
relevantforauditpurposes
100%
Within
two
weeks
afterclose
ofquarter
Contractorto
signoffon
allregisters
toProject
Manager
Contractor
Incorrect
information
compiled
Invalid
information
compiled
Paymentto
fictitious
workers
Incorrect
information
compiled
Invalid
information
compiled
Oncea
month
Signoffby
contractor
ContractortocaptureinformationandsubmittoPublicBodyandTA
Project
Managerto
submit
information
electronically
toPB
ProjectManager
10|P a g e
Continuous
Incorrect
or
Weekly
incomplete
information
loaded
Invalid
information
Signoffby
consultant
MIS
controls
PublicBodyinternal
auditors:
1)totestcontrolofsignoff
2)toconductteststoensure
informationonMISagrees
withsupportinginformation
3)includeresultsinaudit
reporttobeissuedtwo
weeksaftertheendofthe
100%
100%
50%
Activity
Responsibility Risk
Time
lapse
Internal
controls
loaded
Project
Managerto
generate
payment
certificateat
theendofthe
monthand
submitto
publicbody
outputsand
expenditure
datafor
progress
report
ProjectManager
Project
Managerto
signoffand
distribute
copiesto:i)
contractor,ii)
ownrecord,
iii)public
body
ProjectManager
Incorrect,
Endof
invalidor
month
incomplete
information
Incorrect,
Endof
invalidor
month
incomplete
information
Auditprocedures
Sample
method/
method
ology
quarter.
Signoffby
Project
Manager
Signoffby
contractor
Signoffby
Public
Body
Signoffby
Project
Manager
Timefra
mefor
audit
procedu
res
DPWInternalaudit:
1)totestcontrolofsignoff
2)toconductteststoensure
informationonMISagrees
withsupporting
information.3)Include
resultsinauditreporttobe
issuedfourweeksafterthe
endofthequarter.
Tobe
completed
within
week
threeand
fourafter
closeof
quarter
PublicBodyinternal
auditors:
1)totestcontrolofsignoff
2)includeresultsinaudit
reporttobeissuedtwo
weeksaftertheendofthe
quarter
100%
Tobe
completed
within
two
weeks
afterclose
ofquarter
DPWInternalaudit:
1)totestcontrolofsignoff
2)includeresultsinaudit
reporttobeissuedfour
weeksaftertheendofthe
quarter
Referauditprocedures
above
Tobe
completed
within
week
threeand
fourafter
closeof
quarter
4.4.4Sampling
Appropriatemeansforselectingitemsfortestingtogathersufficientappropriateauditevidencetomeettheobjectives
fortheauditproceduresmustbeapplied.Resultsofthetestsonthesamplemustbeextrapolatedoverthepopulation
asawhole.
11|P a g e
4.5
Communicatingresults
4.5.1Monthlyauditreporting
TheInternalAuditunitofpublicbodiesmustreporttoDPWInternalAuditonamonthlybasistwoweeksafterthe
closeofeverymonth,basedonauditprocedurescompleted,on,interalia,thefollowing:
(a) AnynoncompliancetotheDORArequirements,theIncentiveGrantAgreement,theIncentiveGrantManual
and any other relevant documentation issued by DPW in terms of the Incentive Grant. The compliance
checklistincludedintheEPWPIncentiveGrantManualmustbeusedasabasistoidentifyanynoncompliance.
(b) Anyweaknessesincontrols,procedures,informationcollatedandreportedorproblematicoutcomesforthe
month.
ThetemplatetobeusedforthemonthlyreportsbyPublicBodies:
Headingstobecovered
Example
Title
Addressee
Scope
Auditfindings
Repeatfindings
Significantrisksidentified
Othermattersforattention
Conclusion
Signoffreport
Public Body Name Internal Audit Report on the EPWP Incentive Grant for the
monthofMarch2009
ThereportshouldbeaddressedtoManagementwithcopiestoDPWInternalAudit
Theauditproceduresperformedshouldbedescribed
Any non compliance, weaknesses in controls, inaccurate and incomplete
information reported with an indication of the effect/impact, recommendations
andmanagementcomments.
ReporttobesignedoffbyChiefInternalAuditorindicatingthedateofsignoff
4.5.2Quarterlyauditreporting
TheInternalAuditunitofpublicbodiesmustreporttoDPWInternalAuditonaquarterlybasistwoweeksafterthe
closeofeveryquarter,on,interalia,thefollowing:
(a) Purpose,authorityandresponsibilityofPublicBodyInternalAudit
(b) Objectivesandscopeoftheauditworkcompletedforthequarter
(c) Based on audit procedures completed, the audit findings/results including any weaknesses in controls,
procedures,informationcollatedandreportedorproblematicoutcomesforthequarter
(d) Quantificationoferrorsextrapolatedoverpopulation
(e) Repeat findings with reference to findings reported in previous months or quarters by Internal Audit and
managementactionswererequiredbutnotyetaimplemented
(f) Significantriskexposures
(g) Conclusionbasedonappropriateanalysisandevaluations
(h) Recommendationsandactionplans
(i) Othermattersneededorrequested
Communicationmustbeaccurate,objective,clear,concise,constructive,completeandtimely
ThetemplatetobeusedforthequarterlyreportsbyPublicBodies:
Headingstobecovered
Example
Title
Addressee
Accountabilitystatement
Scope
Auditfindings
12|P a g e
Public Body Name Internal Audit Report on the EPWP Incentive Grant for the
quarterending30June2009
ThereportshouldbeaddressedtoManagementwithcopiestoDPWInternalAudit
IndicatingwhattheaccountabilityofthevariespartiesareincludingManagement
andthePublicBodyInternalAudit
Theauditproceduresperformedshouldbedescribed
Any non compliance, weaknesses in controls, inaccurate and incomplete
information reported with an indication of the effect/impact, recommendations
andmanagementcomments.
Headingstobecovered
Example
Extrapolationoferrors
Based on errors find in information reported the error extrapolated over the
populationifrelevant
ReporttobesignedoffbyChiefInternalAuditorindicatingthedateofsignoff
Repeatfindings
Significantrisksidentified
Othermattersforattention
Conclusion
Signoffreport
DPW Internal Audit must obtain confirmation from Provincial Treasuries on a quarterly basis that the incentive has
beencorrectlydisbursed.
4.5.3AnnualReporting
PublicBodiesInternalAuditmustreporttoDPWInternalAuditonanannualbasistwoweeksafterthecloseofthe
financialyearon,interalia,thefollowing:
(a) Purpose,authorityandresponsibility
(b) Objectivesandscopeofworkcompletedforthequarter
(c) Based on audit procedures completed, any weaknesses in controls, procedures, information collated and
reportedorproblematicoutcomesforthequarter.
(d) Quantificationoferrorsextrapolatedoverpopulation
(e) Repeatfindings
(f) Significantriskexposures
(g) Conclusionbasedonappropriateanalysisandevaluations
(h) Recommendationsandactionplans
(i) Othermattersneededorrequested
ThetemplatetobeusedfortheannualreportsbyPublicBodies:
Headingstobecovered
Example
Title
Addressee
Accountabilitystatement
Scope
Auditfindings
Extrapolationoferrors
Repeatfindings
Significantrisksidentified
Othermattersforattention
Conclusion
Signoffreport
Public Body Name Internal Audit Report on the EPWP Incentive Grant for the
yearendingMarch2010
ThereportshouldbeaddressedtoManagementwithcopiestoDPWInternalAudit
IndicatingwhattheaccountabilityofthevariespartiesareincludingManagement
andthePublicBodyInternalAudit
Theauditproceduresperformedshouldbedescribed
Any non compliance, weaknesses in controls, inaccurate and incomplete
information reported with an indication of the effect/impact, recommendations
andmanagementcomments.
Based on errors find in information reported the error extrapolated over the
populationifrelevant
ReporttobesignedoffbyChiefInternalAuditorindicatingthedateofsignoff
ReportingtoensurecompliancewiththeDORA,Section13,shouldtakeplaceandDPWInternalAuditmustreviewthe
information provided to ensure compliance with requirements and information reported can be substantiated by
supportingevidence.Informationthatneedtobeincluded:
(a) thetotalamountofallallocationsreceived
(b) thetotalamountofactualexpenditureonallallocationsexceptSchedule4allocations
(c) certificationthatalltransfersintermsofDORAtotheprovinceweredepositedintotheprimarybankaccount
oftheprovinceor,whereappropriate,intothecorporationforpublicdepositsaccountofaprovince.
(d) theextenttheprovincemettheconditionsprovidedforintheframeworkandcompliedwiththeprovisionsof
theDORA
13|P a g e
(e) the steps taken to deal with noncompliance with the conditions provided for in the framework of such an
allocationandtheprovisionsoftheDORA
(f) theextenttowhichtheobjectivesandoutputsoftheallocationwereachieved
(g) containsuchotherinformationastheNationalTreasurymaydetermine.
4.6
Followupprocedures
Duringtheauditprocess,theInternalAuditorsofthepublicbodymustcompletefollowupprocedurestomonitorand
ensureactionshavebeeneffectivelyimplementedorthatseniormanagementacceptedtheriskofnottakingaction.
Followupprocedureswillformpartoftheauditproceduresperformedeveryquarterandhastobeincludedaspartof
therepeatfindingsofthequarterlyandannualPublicBodyinternalauditreports.
4.7
Internalauditrepresentations
As part of the audit procedures it is required of the Internal Audit of Public Bodies to make quarterly and yearly
representationsbycompletionandsignoffofthecompliancechecklist.
4.8
Adherencetotimelines
PublicBodiesneedtostrictlycomplywithprescribedtimelinesindicatedinsection4.4.3.
5.
StandardsofInternalAuditPractice
TheInternalAuditFunction mustmeettheStandardsfortheProfessionalPracticeofInternalAuditingprescribedby
theInstituteofInternalAuditors(refertowww.theiia.org).
6.
NoncompliancetoAuditRegulations
AnynoncompliancetotheAuditRegulationsinfactorappearancemustimmediatelybereported,includingthedetails
ofnoncompliancetoDPWInternalAudit,ChiefExecutiveAuditor.
14|P a g e