Contents
Report 7 of the 8 December 2008 meeting of the Corporate Governance Committee and sets out the proposed plan for the use of Internal Audit resources from 1 April 2009 to 31 March 2010.
Warning: This is archived material and may be out of date. The Metropolitan Police Authority has been replaced by the Mayor's Office for Policing and Crime (MOPC).
See the MOPC website for further information.
MPA internal audit plan for April 2009 to 31 March 2010
Report: 7
Date: 8 December 2008
By: Director of Internal Audit
Summary
This report and associated appendices sets out the proposed plan for the use of Internal Audit resources from 1 April 2009 to 31 March 2010.
The annual plan is based on an updated Audit Needs Assessment and Risk Analysis for the next five years ahead and the MPA Internal Audit Strategy approved by Corporate Governance Committee in March 2008.
The Director of Resources for the MPS, MPA Treasurer and the MPA Chief Executive are content with the proposed annual plan.
A. Recommendation
That
- members approve the proposed use of Internal Audit resources and note the summary calculation of audit need and comparison to planned work set out in Appendices 1 and 2; and
- approve the programme of Internal Audit work, set out in Appendices 3 to 6.
B. Supporting information
Purpose and basis of the Annual Internal Audit plan
1. The plan is designed to ensure that I have sufficient information to form an opinion on the adequacy of the MPA/MPS control framework. That opinion will feed into the Authority’s Governance Statement for the published accounts for 2009/10, as well as providing a degree of assurance for the MPA and external reviewers.
2. My opinion on control is based on risk scores given at the end of each systems review (including operational audits of local systems). The scores are on a scale of 1 to 5, where 1 = excellent and 5 = unacceptable. The scoring system also includes the results of any significant audit investigations, major advisory work on developing systems and other relevant professional review activity of the MPS.
3. The annual plan is drawn from a five-year rolling risk analysis and is based on the three-year strategy for Internal Audit approved by Corporate Governance Committee. Our risk model takes into account a number of factors, including financial values, impact on operational activities, likelihood of a major system failure and the length of time since the last audit. We also refer to the MPA and MPS risk registers to ensure that there is parity in our assessment of risk. The highest current risk determines those systems that will be audited in year.
4. The Director of Resources and the Treasurer have agreed the draft plan. I have also sought the views of Management Board members, senior MPS managers, the Chair and other senior members of the Authority and consulted with HMIC and the Audit Commission in drawing up the plan.
5. Appendix 1 and Appendix 2 highlight the calculated need and the resources available to meet the need. In summary:
- 80% of need will be met for systems advice and routine audits (3274 audit days out of 4074)
- 80% of the need for investigative work will be met (1766 days out of 2210)
- 80% of the overall need will be met in completing the proposed annual work programme.
6. Appendices 3 to 5 outline systems audits, our follow up programme and systems development and advisory work. In summary:
- Key systems audits include: Business Continuity and Disaster Recovery, Corporate Governance Framework, Voice Communications, Allowances and Expenses, Budget Preparation, Approval and Monitoring, Partnerships Funding and Control, Systems Supporting Community Engagement Funding, Induction and Assessment of New Recruits, Police Operational Training, Imaging Services, Identification Services, DNA, Fingerprint, Witness and Jury Protection Funding and Control, Technical Support, and Systems Supporting Service-wide Priorities – Crime Operations
- A significant part of the follow up programme focuses on tracking progress made in implementing our B/OCU recommendations and following up those audits conducted on key financial systems.
7. Appendix 6 highlights our B/OCU review programme. The number of reviews in the B/OCU programme has been set at eight for next year. We will also be carrying out a significant amount of systems development work at a local level to support the Transforming HR Programme and the projects under the Developing Resource Management Programme.
Key themes of our work for 2009–10
8. Continue to work with MPS senior management to improve the internal control environment in the MPS. If resources permit, following the current budgetary round, we intend to enhance our provision of specialised audit advice and review, particularly around procurement, risk, major IT and major works projects.
9. Increase our involvement in the provision of systems development and control advice providing control advice at the earliest opportunity as key systems develop. Areas for next year include, Improving Police Information, Olympics, Transforming HR, Developing Resource Management Programme, Service Improvement Programme, Borough Based Custody Centres and Secure Information Programme. Management. We will also continue to support members by attending and advising the Authority’s sub-committees as appropriate.
External liaison
10. We will be maintaining and further developing our links with those that have responsibility or a key interest in the review of MPS activities. We will also continue to contribute to the development of auditing in the police environment. This will be achieved through;
- Increased and visible co-ordination with Audit Commission and HMIC.
- Membership of Inspection and Liaison Groups – internal and external reviewers
- Attending the GLA Heads of Audit Group – working with other Heads of Internal Audit in the GLA family to benchmark and discuss developments in Internal Audit
- Working in liaison with Home Office Internal Audit
- DIA Chairing the National Group of Police Authority Auditors, DDIA attending the Northern Group. Continuing our work to help establish agreed auditing standards in the national policing environment
- Increasing liaison with the Police Authority Treasurers Group to highlight issues around internal control and the provision of internal audit services in the policing context
Fraud prevention, investigation and liaison
- We will continue to build on our anti-fraud and corruption drive that commenced last year. We will also continue to raise awareness on identifying and dealing with fraud and corruption and the steps that can be taken to prevent it.
- Every alternate year we are required to participate in a fresh round of National Fraud Initiative work overseen by the Audit Commission. 2009/10 will be such a year and we are expecting additional work as a result.
- We are currently developing our risk-based approach to encompass determining the future need for fraud prevention and investigative resources. As a preliminary step the investigations plan has been broken down to identify the anticipated split of current resources.
C. Race and equality impact
1. Internal Audit continues to reflect the diverse community within which the MPS and MPA operate. All field auditors and investigators have received appropriate training in equality and diversity issues and their performance within the MPS is monitored.
2. The plan of work is designed to provide as wide a range of coverage of MPS staff and systems as is possible and practicable.
D. Financial implications
The agreed budget for 2009/10 has been determined in line with Internal Audit resources required to deliver the approved Annual Programme.
E. Background papers
None
F. Contact details
Report author: Peter Tickner, Director of Internal Audit, MPA.
For information contact:
MPA general: 020 7202 0202
Media enquiries: 020 7202 0217/18
Appendix 1
Calculation of annual Internal Audit need
- Total systems audit need as per Audit Needs Assessment (based on five year cycle – high risk system three audits in five years, medium risk system twice in five years, low risk system once in five years): 13365 days
- Total B/OCU audit need based on one 45 day audit every five years: 3005 days
- System audits and B/OCU reviews per annum: 3274 days (52% need)
- Systems development work per annum: 580 days (9% need)
- Analysing key financial systems per annum: 220 days (4% need)
- Total systems audit and audit advice per annum: 4074 days (65% need)
- Forensic Audit (investigations, preventative advice and National Fraud Initiative) per annum: 2210 days (35% need)
- Total Annual Internal Audit Need: 6284 (100%)
Appendix 3
Proposed Internal Audit systems audit plan 2009/10
| System group | Audit title | Risk |
|---|---|---|
| Central Operations | Business Continuity and Disaster Recovery | High |
| Central Operations | Firearms Registration | Med |
| Deputy Commissioner’s Portfolio | Covert Account Control – Professional Standards | High |
| Directorate of Information | Data Protection and FOI Control and Enforcement | Med |
| Directorate of Information | Identity Management | Med |
| Directorate of Information | Radio Communication Systems | Med |
| Directorate of Information | Voice Communications (excluding radio) | High |
| Resources Directorate | Corporate Governance Framework | High |
| Resources Directorate | Allowances and Expenses | High |
| Resources Directorate | Budget Preparation, Approval and Monitoring | High |
| Resources Directorate | Forensic Medical Examiners (FMEs) - Payments | Med |
| Resources Directorate | Inspection and Review Framework | Med |
| Resources Directorate | Inventories and Asset Registers | Med |
| Resources Directorate | Partnerships Funding and Control | High |
| Resources Directorate | Police Officer and Staff Pensions | High |
| Resources Directorate/HR Logistics | Procurement and Contract Management – Uniform Services | Med |
| Resources Directorate | Receipt and Banking of Income | High |
| Resources Directorate | Service Improvement Programme | Med |
| Resources Directorate | Systems Supporting Community Engagement Funding | High |
| Human Resources | Employment of Temporary Staff | Med |
| Human Resources | Police Operational Training | High |
| Human Resources/Specialist Operations/Specialist Crime | Police/Police Staff Support Outside the UK | Med |
| Human Resources | Uniform Services – Stores and Stock Control | Med |
| Specialist Crime | Communications | Med |
| Specialist Crime | Imaging Services, Identification Services, DNA, Fingerprint | High |
| Specialist Crime | Technical Support – Crime Operations | Med |
| Specialist Crime | Use of Specialist Units and Equipment | Med |
| Specialist Crime | Witness and Jury Protection Funding and Control | High |
| Specialist Operations | Secure Intelligence Systems | Med |
| Specialist Operations | Technical Support – Covert Support | High |
| Specialist Operations | Use and Control of Resources for Covert Operations | High |
| Territorial Policing | Digital Interview Media – Retention, Storage and Disposal | Med |
| Territorial Policing | Linguists | Med |
| Territorial Policing | Management of ASBO’s | Med |
| Territorial Policing | Systems Supporting Service-wide Priorities – Crime Operations | High |
Appendix 4
Proposed Internal Audit follow up systems plan 2009/10
| System group | Audit title | Risk |
|---|---|---|
| Central Operations | Business Continuity and Disaster Planning | High |
| Central Operations | Use and Control of Firearms | Med |
| Central Operations/Specialist Operations | Royalty/VIP/Diplomatic Protection – Funding and Control | High |
| Central Operations/Resources Directorate | Building Security – Physical, Technical, Guards | Med |
| Resources Directorate | Capital Budget Preparation, Approval and Monitoring | High |
| Resources Directorate | Estates – Property Leasing, Rent and Rates | High |
| Resources Directorate | Fees and Charges System | Med |
| Resources Directorate | Financial and Accounting Advice | Med |
| Resources Directorate | Major Works | Med |
| Resources Directorate | Management of Additional Funding | High |
| Resources Directorate | Management of Outsourced Financial Services | High |
| Resources Directorate | Management of Outsourced Property Services | High |
| Resources Directorate | Police Officer Overtime Payments | High |
| Resources Directorate | Maintenance of Payroll Data | Med |
| Resources Directorate | Police Staff Overtime Payments | High |
| Resources Directorate | Corporate Governance Framework | High |
| Resources Directorate | Revenue Budget Preparation, Approval and Monitoring | High |
| Resources Directorate | Procurement and Contract Management | Med |
| Resources Directorate | Programme Management Framework | High |
| Resources Directorate | Property Acquisitions and Disposals | High |
| Resources Directorate | Strategic and Budgetary Planning and Performance Management | High |
| Resources Directorate | Write-Offs and Losses | Med |
| Resources Directorate | Allowances and Expenses | High |
| Resources Directorate/Specialist Crime | Repair and Maintenance of Covert Vehicles | High |
| Resources Directorate/Territorial Policing | BOCU Review (Corporate Issues) | High |
| Territorial Policing | Equalities and Diversity Application and Monitoring | High |
| Territorial Policing | Equalities and Diversity Application and Monitoring | High |
| Specialist Crime | Witness and Jury Protection | High |
| Specialist Crime | Covert Human Intelligence Systems (CHIS) | Med |
| Specialist Crime | Missing Persons Linked Indices System (Merlin) | Med |
| Specialist Crime | Security Vetting and Clearance | Med |
| Specialist Crime | Commission and Use of Independent Advisors | Med |
| Deputy Commissioner’s Portfolio | Covert Account Control – Professional Standards | High |
| Directorate of Information | Command and Control Management | High |
| Directorate of Information | Corporate Data Warehouse | High |
| Directorate of Information | Enterprise Content Management | Med |
| Directorate of Information | External Data Communications | High |
| Directorate of Information | Information Records Management | Med |
| Directorate of Information | Use and Control of Mobile Resources | Med |
| Directorate of Information | Systems Supporting Financial Reporting | Med |
| Directorate of Information | IT/IS Access and Usage Control | Med |
| Directorate of Information | Major Enquiries Systems – HOLMES | Med |
| Directorate of Information | Security of Information | Med |
| Human Resources | Directorate Crime Related Property | Med |
| Human Resources | Directorate Health and Safety Legislation Implementation | High |
| Human Resources | Directorate Induction and Assessment of New Recruits | High |
| Human Resources | Directorate Police Specialised Training – Leadership Academy | High |
| Human Resources | Directorate Retention – Incentives and Rewards | Med |
| Human Resources | Directorate Use and Control of Consultants | High |
| Human Resources | Directorate Vehicle Fleet Management | High |
| Human Resources | Directorate Vehicle Removal and Statutory Charges | High |
| Human Resources/Specialist Operations/Specialist Crime | Police/Police Staff Support Outside the UK | High |
| Specialist Operations | Conflict Policing (NPOIU) | Med |
Appendix 5
Proposed Internal Audit systems development and advisory plan 2009/10
| System group | Project |
|---|---|
| Central Operations | Olympics |
| Directorate of Information | Electronic Document Records Management (EDRM) |
| Directorate of Information | Identity and Access Management (IAM) |
| Directorate of Information | Improving Police Information |
| Directorate of Information | METSEC Project Board |
| Human Resources | Directorate Transforming HR |
| MPA | Finance and Resources Sub-committee |
| MPA | MPA Olympics Sub-committee |
| MPA | MPA National Fraud Initiative |
| MPA/Resources/Deputy Commissioner | Fraud Prevention Training and Awareness |
| Resources Directorate | Corporate Governance Framework |
| Resources Directorate | Corporate Risk Assessment |
| Resources Directorate | DRM – Contract Compliance and Management |
| Resources Directorate | DRM – Corporate Decision Making |
| Resources Directorate | DRM – Finance and Resources Review |
| Resources Directorate | DRM - Partnerships |
| Resources Directorate | DRM – Purchase to Pay |
| Resources Directorate | DRM – Scheme of Delegation |
| Resources Directorate | DRM – Strategic Procurement |
| Resources Directorate | Risk and Control Awareness Training |
| Resources Directorate | Service Improvement Programme |
| Specialist Crime | Covert Control Environment |
| Specialist Crime | METAFOR |
| Specialist Crime | Secure Communications |
| Specialist Operations | Secure Information Programme |
| Territorial Policing | Borough Based Custody Centres |
| Territorial Policing | MetTime |
| Territorial Policing | NSPIS |
Appendix 6
Proposed Internal Audit B/OCU plan 2009/10
|
Main System Group |
Audit Title |
Risk |
|---|---|---|
| System Reviews | ||
| Specialist Crime | Specialist Crime SCD6 Economic and Specialist Crime | Mid |
| Territorial Policing | Barnet | Mid |
| Territorial Policing | Brent | Mid |
| Territorial Policing | Bromley | Mid |
| Territorial Policing | Enfield | Mid |
| Territorial Policing | Richmond | Mid |
| Territorial Policing | Resourcing and Management of Specials | Mid |
| Territorial Policing | Violent Crime Directorate | Mid |
| Follow-Ups | ||
| Central Operations | CO12 Olympics | High |
| Central Operations | Key Financial and Business Systems at CO15 Traffic OCU | High |
| Specialist Crime | SCD – HQ | High |
| Specialist Operations | SO15 Counter Terrorism Command | High |
| Territorial Policing | Camden BOCU | High |
| Territorial Policing | Hounslow BOCU | High |
| Territorial Policing | Territorial Support Group | High |
Supporting material
Send an e-mail linking to this page
Feedback