1 / 16

Federal Internal Audit Agency (FIA) Context- Organisation - Strategy PEMPAL, March 2017

Federal Internal Audit Agency (FIA) Context- Organisation - Strategy PEMPAL, March 2017. Present context. Environment Audit universe = whole of the federal government .

Télécharger la présentation

Federal Internal Audit Agency (FIA) Context- Organisation - Strategy PEMPAL, March 2017

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.


Presentation Transcript

  1. Federal Internal Audit Agency (FIA)Context-Organisation-StrategyPEMPAL, March 2017

  2. Present context Environment • Audit universe = whole of thefederalgovernment. • Withinthefederalgovernmentmany different entitieswithgreatdiversity in organizationalmaturity, varying levels of Internal Control & assurance, risk management, governance, reporting & transparancy. • Limited mutually, shared strategicobjectives, absence of joint risk management & policy. • No joint understanding of tasks, rolesandresponsibilities of Internal Audit. Limited experiencewithInternal Audit as a governancepractice. • External environment: Increasing level of expectationstowards high qualitygovernmental services, economy, effectivenssand efficiency. Rapidlychanging context andfastevolvingdigitalizationimplies new risksandincreasestheneedforshorterreactiontimeswithintheorganisationalentities. Organisation • FIA as a service in full expansion (Audit organisation, Forensic audit) • Allnecessarycompetencesnotyetavailableto cover the full range of audit topics • Internal Audit togainmaturity: • promotecollaborationwith different parties,leadingtoaddedvaluefortheglobalorganisation • createcredibilityandvisibilitywithintheglobalorganisaton • Positiontowardsother 2nd and 3rd level control instances (Cour des Comptes, Inspection of Finance)) • Develop a partnership en relationshipbased on trust withthe different actors.

  3. Present context FIA Assessment FIA end 2017 Team Goodcollaborationandcohesion. Smoothgradualexpansion Data-analysis No systemicchecking of data whilstauditing Limited knowledge of systemic data withintheorganization No data analytics Knowledge audituniverse Insufficient awareness of audit universe as a whole. Limited insight in business objectives, organizational changes, strategicprojects … Client relations Mainly Audit-oriented Lilitedoutreachtowards management & audit comittee Limited outreachtoother control instances Knowledge audit Sufficientknowledgeauditmethodology. Todevelop IT audits, financial, strategic audits. Communication Insufficientcommunicationandvisibility of IA withintheglobalorganisation. Improvequality of andoutreach of audit reporting. 0 1 2 3 4 5 sufficient good insufficient excellent Verygood

  4. FIA stakeholders Critical stakeholders High impact on perception of IA withintheorganization. High impact on thefunctioning of theorganizationandthefunctioning of FIA. Collaboration High impact on otherswithintheorganization, limited impact on thefunctioning of FIA. Professional link Low impact on theorganization but high impact on thefunctioning of FIA – professionalism. Monitor & inform Low impact on theorganization & low impact on thefunctioning of FIA. High Collaboration, trust Operational management, external auditors Critical stakeholders ACFO, Ministers, Chairpersons Low Monitor & inform HR, ICT, Third Party, Professional link IIA, ISACA, Invloed Low High Impact

  5. FIA stakeholders Expectationscritical stakeholders towards FIA • Relationship of mutual respect and trust with ACFO and management • Emphasis on assurance. Through assurance-audits promoting of recommendationsandadvice, as well as theuse of best practices. • Auditplan in line withstrategicrisksthat are relevant fortheorganisation; bothactual as well as futurerisks. • Conformitywith IIA standards, timelyreportingandqualityassurance. • Add support tointernal control mechanisms, risk identificationand management (business processes, effective risk management, alert management of new risksand scenario’s,..). • Assureknowledgeandunderstanding of “their” organisation - mission, vision, objectives, risks – speakthelanguage of the ‘business’. • Communicate auditplan to management. • Timelycommunication of assmentsandrecommendations. • Coordinatewith 2nd line– single audit principe. Evaluation of effectiveness of control mechanisms. Balance

  6. FIA Mission Create, improveandsafeguard ‘value’ forand of theorganizationthrough risk basedandobjectiveassurance, independantadviceand professional insight. Brand “FIA” • Independant, objectiveandreliable partner • Addedvalue • Agile (preparedandflexible) • Expertise andknowledge • Qualityandclientoriented • Continuousimprovement

  7. Strategy Aligning business Quality & Innovation Service culture AGILE QUALITY VALUE EXPERTISE Risk focus Technology Talent model Cost efficient Stakeholder Management

  8. Strategy

  9. Strategy

  10. Timing Risk assessment Netwerk Risk Officers Start FA Single audit protocols Customer satisfaction Quality IA Check externalpartie Data Analytics 06/2018 12/2018 06/2019 12/2019 01/2018 Recruiting specificprofiles Recruiting 1 Recruiting 2 Co –sourcing model

  11. Partnership ACFO - FIA Positioning of Internal Audit andcredibility • A strong relationshipbetweenthe audit-commiteeand FIA is paramount in order toderiveoptimalresults of theinternal audit practiceforthe benefit of theorganization • Relationship of trust betweentheparties • Clarifyrolesandemphasizecommunicationbetweenthe different actors in thegovernance model • Aligninitiativestoenhancematurity of internal control and risk management in theorganization Ttransparentlines of reportingandindependance Cleardemarcation of rolesandresponsibiliteis Trust relationshipAuditcomitteeandInternal Audit

  12. Partnership ACFO -FIA • Loyaltyand open line of communication • Reporting about: • Auditactivities (significant assessments andrecommendations, plans of action, follow up of action plansby management) • KPI’sabout performance andfunctioning of internal audit (# audits accordingto plan, audits/FTE, % time spent audits/total,…) • Reporting evolution of resources (number, competences), evolution co-sourcing • Amendments/changes auditplan • Status introduction new techniques, auditmethodology, quality • Communication • Results risk assessment • Transparancyaboutdecisionprocess auditplan • Ad hoc requests management/ministers (audit requests or management support) • Fraude (forensic) issues or ethics (whistle blowers) • Possible issues aboutindependance • Significant risksand control issues Engagement FIA

  13. Partnership ACFO - FIA • Approvaland review Charter FIA, protocols etc.. • Approval audit programmeandannual action plan • Safeguard FIA means and resources toguarantee FIA activities • Safeguard FIA authorityand status toprotect FIA mandate • Ensure high level attention for audit functionandresults • Ensure direct, open relationshipandcommunicationwith FIA, direct link between CAE and ACFO • Joint deliberationsabout culture andstrategy of FIA. What is most desirableandvaluablefortheglobalorganization? • Keep FIA informedabout important changes, trends etc. – joint assessment of impact of changes in the audit programma • Follow up and review status actionplan by management – escalation procedure, make management accountable • Monitoring en evaluation of thequalityandeffectiveness of theinternal audit function en therole of IA in risk management withintheglobalorganization. Expectations FIA

  14. Auditplan 2018 Approach Auditplan 2018 Selection of topics forthe auditplan 2018 based on: • rudimentary risk-identificationbased on management agreements of the audit universe; identification of risk zones • Discussionswithpresidents of the board(s)- desiderata • Consolidationreporting IC • Risks assessments in the context of globalobjectiveswithintheorganisationandrisktrendingwithin IA Ad hoc audit plan restrictedto 2018 Next steps: • 1st semester 2018 – implementation risk asessmentallentities. Purpose: Joint understandingand awareness risks • Elaboratepluriannual audit program based on results + detailed “rolling”planforthe next 12 to 18 months • Support riskmanagement structurewith “ Risk-Officers” in eachentity • Facilitatecontinuous risk assessment withintheorganisation (eyeforinternal en externalevolutions)

  15. Model Auditplan 2018 GOVERNANCE & COMPLIANCE FINANCIAL IC REGIE BOCA Strategie DEFENSIE IC FAGG Certif 2020 Subsidies BUZA DIGITAL OPERATIONAL DIGITALISERING HR Certifi-cering Controleket-ting salaris JUSTITTIE Outsourcing DEFENSIE Crisisbeheer FAVV GDPR IT Governance Cyber-security BFAST BUZA PPM MOB, REGIE Wetgeving & support SZ HRM gesloten centra BIZA MATCH IT FEDASIL ECHA VVVL Operationeel Toepassing wetgeving VVVL Log gesloten centra BIZA Minderjarigen BIZA Inspectie procedures WASO Thematische audit Voorgestelde audit FOD

  16. Auditplan 2018 - Summary Audit & risk assessment Mandaysinternal : 3910 Mandaysexternal : 820 (±20%) Budget indication : 4.683 k€ personnel – 760 k€ operational Budget forecast 1,900 k€ personnel – 1,230 k€ operational 35 audit assignments

More Related