Latest News

  The Central Internal Audit Unit (CIAU) held the Internal Audit Service annual meeting which was held at Bingu International Convention Centre on 25th July, 2019. Activities that were carried out du...

  Organizations are constantly exposed to significant errors, frauds, or inefficiencies that can lead to financial loss and increased levels of risk. This results in the need for regulatory requireme...

The Polytechnic a constituent college of University of Malawi, (now Malawi University of Business and Applied Sciences) organized a five (5) day training workshop for District Councils’ Internal Audit...

DEMYSTIFYING PUBLIC SECTOR INTERNAL AUDIT INDEPENDENCE MISCONCEPTIONS                                 By Andy Lazarus Chitete MSc. FCCA, CA (M), CIA, CRMA. – GIZ-PFEM Technical Advisor: Central Inte...

MORE NEWS

More From: Insights Expression of Interest

 

The Central Internal Audit Unit (CIAU) held the Internal Audit Service annual meeting which was held at Bingu International Convention Centre on 25th July, 2019. Activities that were carried out during the meeting included presentations of 2019 – 2020 consolidated annual work plan, performance for 2018 – 2019 financial year, staffing issues for 2018 – 2019 and continuous auditing. In addition, there was a presentation on HIV & Aids which was done by a representative from UNFPA. The meeting was attended by 111 participants from almost all internal audit units across the ministries and departments of the central government. Prior to the meeting, all new internal auditors particularly those who were recruited in 2018/2019 financial year were welcomed to the internal audit common service and oriented on internal auditing in Government.         

IASAM2019
Internal Auditors after the official opening of the meeting

 

Organizations are constantly exposed to significant errors, frauds, or inefficiencies that can lead to financial loss and increased levels of risk. This results in the need for regulatory requirements and improvement of business operations by organizations to ensure that controls are working effectively and that risk is being properly mitigated. In order to fulfill this expanded mandate, Internal Audit is turning to continuous auditing ...

Download the full article here; 

DEMYSTIFYING PUBLIC SECTOR INTERNAL AUDIT INDEPENDENCE MISCONCEPTIONS

                                By Andy Lazarus Chitete MSc. FCCA, CA (M), CIA, CRMA. – GIZ-PFEM Technical Advisor: Central Internal Audit Unit (CIAU), Government of Malawi

 

  1. Introduction

 

Internal Audit independence is one concept in the internal auditing profession which is often misunderstood in the public sector as well as the private sector.  In this paper on demystifying public sector internal audit independence misconceptions I will demystify some of the misconceptions which people outside the profession generally have towards internal audit independence in the public sector. I will do this by addressing concerns related to independence and objectivity and methods to achieve independence in the public sector.

 

The Institute of Internal Auditors (IIA) Inc. defines internal auditing as an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. The fact that Internal Audit Independence is enshrined in the definition of internal auditing shows how pivotal the concept of independence is to internal auditing.

 

Internal auditing is performed in diverse environments and within organizations that vary in purpose, size, and structure. In addition, the laws and regulations within various countries differ from one another. Particularly, public sector internal auditors operate in organizational structures that are as complex and different as the many types of government that exist throughout the world today. The International Standards of Supreme Audit Institutions (ISSAI) and the Institute of Internal Auditors’ Standards for the Professional Practice of Internal Auditing (ISPPIA), provide general guidance which governments, in different national contexts should adopt with the understanding that implementation will be governed by the environment in which the internal audit function carries out its responsibilities and in accordance with the applicable laws and regulations. The IIA’s Standards are universal and are intended to apply to all members of the internal audit profession.

 

Internal auditing has become a factor of the new accountability and control era. The manner in which public sector entities maintain internal control and how they are held accountable has evolved to require more transparency and more accountability on how they spend the taxpayers’ funds. This trend has significantly impacted on how management implements, monitors and reports on internal controls.  Although internal auditors can be a valuable advisory resource on internal controls, the internal auditor should not be a substitute for a strong internal control system. A system of internal control is the primary response to risks. The role of internal auditing has evolved from an administrative procedure with a focus on compliance, to an important element of governance. To many governments, the existence of internal auditing is now mandatory.

 

  1. DEFINITION OF INTERNAL AUDIT INDEPENDENCE AND OBJECTIVITY

 

The issue of independence of internal auditors is an issue that has brought controversy and misunderstanding in many circles. Many people don’t understand how internal auditors can be independent from the organinsation that employs them. Knowledge of external auditing, especially in the private sector has contributed to the misunderstanding of independence of internal auditing because external auditors are not employees of the organisation, they come from outside the organization hence their independence is somehow wrongly understood to mean coming from outside the organisation. 

 

The independence of auditors whether external or internal doesn’t necessarily emanate from whether they come from outside or inside the organinsation. It emanates from the freedom they should have from conditions that threaten their ability to carry out internal audit work in an unbiased manner. The independence of internal and external auditors simply means that they should not take part in transactions, operations, administration, management or decisions over which they will later be required to audit. If they take part, their objectivity will be impaired and those to whom they provide assurance or advice will doubt the credibility of their assurance or advice. This is the reason why internal auditors should not carry out roles such as risk management and pre-auditing of transactions which they will later be required to audit and provide assurance to management and the board.

 

The IIA’s Standard 1100 – Independence and Objectivity and the Code of Ethics, recognize the importance of internal auditors maintaining their independence and objectivity when performing their work. The Standard states that the internal audit activity must be independent, and internal auditors must be objective in performing their work. It defines independence as the freedom from conditions that threaten the ability of the internal audit activity to carry out internal audit responsibilities in an unbiased manner. To achieve the degree of independence necessary to effectively carry out the responsibilities of the internal audit activity, the Head of Internal Audit (HOIA) should have direct and unrestricted access to senior management and the board. This can be achieved through a dual-reporting relationship. Dual reporting relationship means reporting to the Audit Committee technically or functionally and to management (the head of the organisation) administratively. Administrative reporting means the reporting to executive management by the HOIA for assistance in establishing direction, support, and administrative interface; while technical reporting means reporting to those charged with governance (such as the Audit Committee) for strategic direction, reinforcement, and accountability. The administrative reporting to senior management has two critical aspects to independence. One, the level of the HOIA should be maintained at a sufficiently senior level (in terms of both remuneration and profile).  This means that the HOIA should be equal in rank to senior management of the organization to ensure the ability to discuss audit results with senior management on a reasonably equal footing, and two, the person to whom the HOIA reports should be the head of the organisation (such as the Chief Executive Officer or equivalent). This helps to raise the profile of the Internal Audit activity in the organisation

 

The Standard further defines objectivity as an unbiased mental attitude that allows internal auditors to perform engagements in such a manner that they believe in their work product and that no quality compromises are made. Objectivity requires that internal auditors do not subordinate their judgment on audit matters to others. In addition, the IIA Standards advocate a strong system of internal control that is monitored by a well-resourced internal audit activity as a fundamental feature of good governance. In the public sector, a strong system of governance is essential in ensuring adequate service delivery to the public at large. 

 

In describing public sector auditing, the Lima Declaration calls for internal audit services to be functionally and organizationally independent as far as possible within their respective constitutional frameworks (ISSAI 1/section 3, par. 2). For both Supreme Audit Institutions (SAIs) auditors (external auditors in the Public sector) and internal auditors, the need for independence and objectivity in conducting an audit is essential. Internal auditors’ independence and objectivity is an important factor to enable coordination and cooperation between SAIs and internal auditors (INTOSAI GOV 9150), including in determining whether and to what extent SAIs can use the work of internal auditors (ISSAI 1610, ISA 610/par. 9). In this regard, it is critical that public sector internal audit activities are configured and positioned appropriately within the organization.

 

The concept of three lines of defence also helps to define the independence of audit functions in organisations. The Concept explains that the first line consists of the business’ frontline staff who are charged with understanding their roles and responsibilities and carrying them out well. The second line is created by the oversight function(s) made up of compliance, risk management, Security and others while the third and final line of defence is that of auditors, non-executive directors and regulators. The third line should not be involved in operations and administration of the organisation to prevent impairment of their independence and objectivity. Their involvement will affect credibility of their assurance and advise which they give to Shareholders in the case of the board of directors and external auditors, and to the board of directors and management in the case of internal auditors. The figure below illustrates the three lines of defence.

The Polytechnic a constituent college of University of Malawi, (now Malawi University of Business and Applied Sciences) organized a five (5) day training workshop for District Councils’ Internal Auditors at Staff Development Institute in Blantyre. The training which was sponsored by the Ministry of Local Government and Rural Development and held from 25th to 29th March 2019 was aimed at improving the technical competence of Internal Auditors in Councils in areas of internal controls and reporting. One officer from CIAU, Mr Atusaye Kayuni, co – facilitated the workshop on invitation by from Polytechnic after considering the knowledge and experience of CIAU in the areas of internal controls and reporting in the Public Sector.

In its quest to reduce staff vacancy rate from 47% to 20% by 2021, the Central Internal Audit Unit has recruited 23 Internal Auditors at Grade I and K during the 2018-2019 financial year. The recruitment has reduced vacancy rate of the Internal Audit Service from 38% to 28%. This follows the recruitment of 28 Internal Auditors at Grade I and K during the 2017 – 2018 financial year which reduced the staff vacancy rate from 50% as at July 2017 to 30% as at June 2018. The newly recruited auditors will assist greatly in increasing audit coverage as well as ensuring that audits are completed on time.