Internal Audit plan for April 2006 to March 2007

Report: 6
Date: 16 March 2006
By: Director of Internal Audit

Summary

This report and associated appendices sets out the proposed plan for the use of Internal Audit resources from 1 April 2006 to 31 March 2007.

The annual plan is based on an updated Audit Needs Assessment and Risk Analysis for the next five years ahead.

The MPS Director of Resources and the MPA Treasurer have both indicated that they are content with the proposed plan.

A. Recommendation

That

1. members approve the proposed use of Internal Audit resources and note the summary calculation of audit need and comparison to planned work set out in Appendices 1 and 2; and
2. approve the programme of Internal Audit work, set out in Appendices 3 to 6.

B. Supporting information

Purpose and basis of the annual Internal Audit plan

1. The plan is designed to ensure that I have sufficient information to form an opinion on the adequacy of the MPA/MPS control framework. In turn, that opinion will feed into the Authority’s Statement of Internal Control for the published accounts for 2006/7, as well as providing a degree of assurance for the MPA and external reviewers.

2. My opinion on control in the MPS is based on risk scores given at the end of each systems review (including operational audits of local systems). The scores are on a scale of 1 to 5, where 1 = excellent and 5 = unacceptable. Following discussions with the MPS Risk Manager I have agreed to extend my scoring system to include the results of any significant audit investigations, major advisory work by my staff on developing systems and other relevant professional review activity in the MPS.

3. The Director of Resources and the Treasurer have agreed the draft plan. In drawing up the plan I have taken into account the views of individual MPS Management Board members and the parts of the plan that cover their areas of responsibility have been circulated to them in draft for any further comments or requests prior to producing the final draft to this Committee. Both HMIC and the Audit Commission have been provided with advance copies of the draft plans to assist in co-ordinating inspection and review activity in the MPS.

4. Our audit plan is risk based and the highest current risk determines those systems that will be audited in year. Our risk model takes into account a number of factors, including financial values, impact on operational objectives, likelihood of a major system failure and the length of time since the last audit.

5. The plan is drawn from our assessment of need based on a five-year cycle and takes account of staffing levels with some contingency time built in. The assessment takes account of the Corporate Risk Assessment and risk profiles produced by the MPS Risk Manager and agreed by the MPS Management Board.

6. Appendix 1 and 2 highlight the calculated need and the resources available to meet the need. In summary:

• 79% of the identified need will be met for systems advice and routine audits (3197 audit days out of 4071)
• 82% of the need for investigative work will be met (1628 days out of 1976)
• 80% of overall need should be met with this plan (our target is 80%).

7. Appendices 3 to 5 outline systems audits, our follow up programme and systems development work. In summary:

• Two less main systems audits have been selected for review this year. Greater emphasis will be placed on following up implementation of our recommendations – to inform on the progress made by MPS management to improve internal control.
• Key main systems audits include: Corporate Risk Assessment and Management, Command and Control Management, Management of Outsourced IS/IT, Telephony & Property Services, Strategic Planning, Budgetary Planning & Performance Management, Informants Reward System, Use and Control of Firearms, Equalities, Diversity Application and Monitoring, Provision and Disposal of Property & Fittings.

8. Appendix 6 highlights our BOCU/OCU review programme – we have a risk assessment for BOCU/OCUs and the programme of work has been drawn up using this process. The programme also takes account of HMIC planned reviews.

Key themes of our work for 2006–07

9. We will continue to maintain our programme of BOCU/OCU reviews and keep our profile at the local level, albeit streamlining some of our activities to maintain and build on our effectiveness. Work in this area has been highly appreciated and valued by MPS management. We will provide further feedback at the end of each review to improve the local understanding of risk, controls and effectiveness.

10. We will also continue with the expansion of our advisory role - key areas will be the Modernisation Programme, Outsourcing, NSPIS, C3i, MetTime and Devolved Financial Management.

11. We will aim to provide further risk and control awareness training to the MPS both through our participation in the financial awareness workshops run by the Resources Directorate and through input into centrally organised training.

12. We intend to increase further the visibility and profile of Internal Audit throughout the MPS and MPA.

Liaison with external review bodies and auditors

13. There will be increased and visible co-ordination with the Audit Commission and HMIC.

Liaison with internal review bodies

14. We will further develop working relationships with the Corporate Risk Management Group, in particular advising on the roll out and review of the risk identification and control at a B/OCU and Business Group Level.

15. My senior management and I advise a range of review bodies in the MPS, including the MPS Professional Standards Strategic Committee, the Statement of Internal Control Working Group – helping to develop a practical approach that will give the Authority the appropriate level of annual assurance, the National Intelligence Model risk assessment working group, and the Inspection and Liaison Group.

16. We will continue our support and liaison with MPA Scrutiny and others with review and scrutiny roles at the MPA in relation to the MPS.

Fraud investigation and liaison

17. We will continue our strong links and working relationship with both MPS Professional Standards Directorate and the Public Sector Anti-Corruption team in the Economic Crime Directorate. We will build a closer liaison with the Audit Commission and, within the GLA family, Transport for London.

C. Race and equality impact

1. Internal Audit continues to reflect the diverse community within which the MPS and MPA operate. All field auditors and investigators have received appropriate training in equality and diversity issues and their performance within the MPS is monitored.

2. The plan of work is designed to provide as wide a range of coverage of MPS staff and systems as is possible and practicable. One of our planned audits will review the system for applying and monitoring equality and diversity within the MPS.

D. Financial implications

The Annual Plan is designed to match the agreed budget for 2006-2007. There are no further financial implications.

E. Background papers

None

F. Contact details

Report author: Peter Tickner, Director of Internal Audit, MPA.

For information contact:

MPA general: 020 7202 0202
Media enquiries: 020 7202 0217/18

Appendix 1

Calculation of annual Internal Audit need

• Systems audits per audit needs assessment (based on five year cycle – high risk system three audits in five years, Medium risk system twice in five years, Low risk system once in five years): 13725
• Every BOCU/OCU one 40 day audit every five years: 2680
• Five year total system audits and reviews: 3281 days (54% need)
• Systems development work per annum: 580 days (10% need)
• Analysing key financial systems per annum: 210 days (3% need)
• Total systems audit and audit advice: 4071 days (67% need)
• Forensic Audit (investigations, preventative advice and National Fraud Initiative): 1976 days (33% need)
• Total Annual Internal Audit Need: 6047 (100%)

Send an e-mail linking to this page

Feedback