Contents
Report 11 of the 08 April 2005 meeting of the Corporate Governance Committee and sets out the proposed plan for the use of Internal Audit resources from 1 April 2005 to 31 March 2006.
Warning: This is archived material and may be out of date. The Metropolitan Police Authority has been replaced by the Mayor's Office for Policing and Crime (MOPC).
See the MOPC website for further information.
Internal Audit plan for April 2005 to March 2006
Report: 11
Date: 08 April 2005
By: Director of Internal Audit
Summary
This report and associated appendices sets out the proposed plan for the use of Internal Audit resources from 1 April 2005 to 31 March 2006. The annual plan is based on an updated Audit Needs Assessment and Risk Analysis for the next five years ahead. The Treasurer has approved the proposed annual plan for submission to the Corporate Governance Committee.
A. Recommendation
That
- members approve the proposed use of Internal Audit resources and note the summary calculation of audit need and comparison to planned work set out in Appendices 1 and 2; and
- approve the programme of Internal Audit work, set out in Appendices 3 to 6.
B. Supporting information
Purpose and basis of the Annual Internal Audit Plan
1. The plan is designed to ensure that I have sufficient information to form an opinion on the adequacy of the MPA/MPS control framework. In turn, that opinion will feed into the Authority’s Statement of Internal Control for the published accounts for 2005/6, as well as providing a degree of assurance for the MPA and external reviewers.
2. My opinion on control in the MPS is based on risk scores given at the end of each systems review (including operational audits of local systems). The scores are on a scale of 1 to 5, where 1 = excellent and 5 = unacceptable. I also take into account the results of any significant audit investigations.
3. The draft plan has been agreed in principle by the Director of Resources and was presented to MPS senior management at Commissioner’s SMT on 8 April, in conjunction with the Audit Commission and with the agreement of HMIC. This has been a major move forward in co-ordinating review and audit activity external to the MPS.
4. Our audit plan is risk based, the highest current risk determines those systems that will be audited in year. Our risk model takes into account a number of factors, including financial values, impact on operational objectives, the likelihood of a major system failure and the length of time since the last audit.
5. The plan is drawn from our assessment of need based on a five-year cycle and takes account of staffing levels with some contingency time built in. Assessment takes account of the Corporate Risk Assessment and risk profiles produced by the MPS Risk Manager and agreed by the MPS Management Board.
6. Appendix 1 and Appendix 2 highlight the calculated need and the resources available to meet the need. In summary:
- 81% of the identified need will be met for systems advice and routine audits (3162 audit days out of 3896)
- 86% of the need for investigative work will be met (1707 days out of 1976)
- 83% of overall need should be met with this plan (our target is 80%).
Appendices 3, 4 and 5 outline systems audits, our follow up programme and systems development work. In summary:
- Fewer systems audits this year (seven (19%) less than last year) emphasis will be on following up implementation of our recommendations – to give a definitive picture of where the organisation stands in terms of progress and offer further advice.
- Key systems audits include; Business Continuity and Disaster Recovery, IS/IT Strategy, Consultation Funding and Control, Property Acquisitions and Disposals, Command and Control Management, Crime Reporting Information System, Strategic Planning for Training, Human Resource Planning, Systems Supporting Service-wide Priorities, Resourcing and Management of PCSOs.
Appendix 6 highlights our BOCU/OCU review programme – we have now developed a risk assessment for BOCU/OCUs and the programme of work has been drawn up using this process. The programme also takes account of HMIC planned reviews.
Key themes of our work for 2005 – 2006
7. We will continue to increase the time spent on BOCU/OCU reviews and increase our profile at the local level – work in this area is being well received. A new approach is being developed and we will spend time at the end of each review developing the local understanding of risk and controls.
8. We will also continue with the expansion of our advisory role - key areas will be the Service Review, Outsourcing, NSPIS, C3i, MetTime and Devolved Financial Management.
9. We will aim to provide further risk and control awareness training to the MPS.
10. We intend to increase further the visibility and profile of Internal Audit throughout the MPS and MPA.
Liaison with other review bodies and police authority auditors
11. There will be increased and visible co-ordination with Audit Commission and HMIC.
12. We will further develop working relationship with Corporate Risk Management Group, in particular advising on the roll out and review of the risk identification and control at a B/OCU and Business Group Level
13. My senior management and I advise a range of review bodies in the MPS, including the MPS Corporate Governance Strategic Committee, the Statement of Internal Control Working Group – helping to develop a practical approach that will give the Authority the appropriate level of annual assurance, the National Intelligence Model risk assessment working group, the Inspection and Liaison Group.
14. In addition I will shortly take over the chair of the National Group of Police Auditors and my Deputy Director is an active member of the Metropolitan and Northern group of Police Auditors – contributing to the development of auditing within the national policing environment.
Fraud investigation and liaison
15. My Forensic Audit Branch has two major investigations planned and in addition will respond to any allegations of fraud, abuse and waste put to them.
16. We will continue our strong links and working relationship with both MPS Professional Standards Directorate and the Public Sector Anti-Corruption team in the Economic Crime Directorate.
C. Race and equality impact
Internal Audit continues to reflect the diverse community within which the MPS and MPA operate. The percentage of visible ethnic minority staff is 32% and the percentage of female staff has increased to 25%. We also employ staff with disabilities and from a wide age range.
D. Financial implications
The Annual Plan is designed to match the agreed budget for 2005-2006. There are no further financial implications.
E. Background papers
None
F. Contact details
Report author: Peter Tickner, Director of Internal Audit, MPA.
For information contact:
MPA general: 020 7202 0202
Media enquiries: 020 7202 0217/18
Appendix 1
Calculation of annual Internal Audit need
- Systems audits per audit needs assessment (based on five year cycle – high risk system three audits in five years, Medium risk system twice in five years, Low risk system once in five years): 12800
- Every BOCU/OCU one 45 day audit every five years: 2600
- Five year total system audits and reviews: 3080 days (52%)
- Systems development work per annum: 606 days (10%)
- Analysing key financial systems per annum: 210 days (4%)
- Total systems audit and audit advice: 3896 days (66%)
- Forensic Audit (investigations, preventative advice and National Fraud Initiative): 1976 days (34%)
- Total Annual Internal Audit Need: 5872 (100%)
Supporting material
- Appendix 2 [PDF]
Internal Audit Plan 2005/2006 based on probable staffing levels - Appendix 3 [PDF]
Internal Audit - Proposed Systems Audit Plan 2005/06 - Appendix 4 [PDF]
Internal Audit - Proposed Follow Up Plan 2005/06 - Appendix 5 [PDF]
Internal Audit - Proposed Systems Development Plan 2005/06 - Appendix 6 [PDF]
Internal Audit - Proposed B/OCU Audit Plan 2005/06
Send an e-mail linking to this page
Feedback