Presentation by libby mac rae and bob mcdonald


Published on

Published in: Business, Economy & Finance
  • Be the first to comment

  • Be the first to like this

Presentation by libby mac rae and bob mcdonald

  1. 1. PRESENTATION TO THE PARTNERS OF IG MPWIndII Activity P243-02: Governance Reform in Internal Audit Function (IG-MPW)
  2. 2. Internal Audit Capability Model (IA-CM) for the Public Sector Overview Presentation Libby MacRae Bob McDonald 2
  3. 3. AgendaThe IA-CM – Its structure and underlying concepts – Principles in its application – Using the IA-CM 3 3
  4. 4. What is the IA-CM?• A universal model with comparability – principles, processes and practices• To be used globally to improve internal auditing• Framework for assessing capabilities against standards and practices• Communication vehicle for defining and advocating the importance of internal auditing• Roadmap and toolkit for orderly improvement 4
  5. 5. Underlying PrinciplesIA Activity’s Obligations• Be an integral component of effective governance in the public sector• Assist organizations achieve their objectives and account for their resultsOrganization’s Obligations• Determine optimum level of IA capability to support required governance structures• Achieve and maintain the desired capability 5 5
  6. 6. Underlying PrinciplesSelecting Optimum Capability• Three variables – Environment – Organization – IA Activity• Different capability required• Auditing must be cost-effective• No “one size fits all” 6 6
  7. 7. IA-CM Levels IA learning from inside and outside the organization for LEVEL 5 continuous improvement Optimizing IA integrates information from across the organization to improve LEVEL 4 governance and risk management Managed IA management and professional practices LEVEL 3 uniformly applied Integrated Sustainable and repeatable IA LEVEL 2 practices and procedures Infrastructure No sustainable, repeatable capabilities – LEVEL 1 dependent upon Initialindividual efforts 7 7
  8. 8. Level 1- Initial• Ad hoc or unstructured• Isolated single audits, document reviews, transaction verification• Outputs dependent on incumbent skills• No professional practices or standards applied• Funding approved by management as needed• Absence of Infrastructure• Auditors likely belong to a larger organizational unit• Institutional capability not developed 8
  9. 9. Level 2- Infrastructure• Repeatable processes or capability established• Reporting relationships, management, administrative infrastructure, professional practices established• Audit planning based principally on management priorities• Continued reliance essentially on skills and competencies of incumbents• Partial conformance with IIA Standards 9
  10. 10. Level 3 - Integrated• Defined IA policies, procedures, documented and integrated into organization structure• IA management and professional practices well established, uniformly applied• IA beginning to align with business and its risks• IA providing advice on performance and management of risks• Focus on team building and IA capacity and independence and objectivity• Generally conforms to IIA Standards 10
  11. 11. IA-CM 1-page Matrix © 2009, The IIA Research Foundation – All Rights Reserved Services and Role People Management Professional Performance Organizational Governance of IA Practices Management and Relationships Structures Accountability and CultureLevel 5 – Leadership ContinuousOptimizing Involvement with Improvement in IA Recognized as Public Reporting of Effective and Independence, Professional Bodies Professional Key Agent of IA Effectiveness Ongoing Power, and Practices Change Workforce Projection Relationships Authority of the IA Strategic IA Activity PlanningLevel 4 – IA Contributes to IndependentManaged Management Oversight of the Overall Assurance Audit Strategy Integration of CAE Advises and Development IA Activity on Governance, Leverages Qualitative and Influences Top- Risk Management, IA Activity Supports Organization’s Quantitative level CAE Reports to and Control Professional Bodies Management of Performance Management Top-level Risk Measures Authority Workforce PlanningLevel 3 – Team Building and Quality Performance Coordination with ManagementIntegrated Competency Management Measures Other Review Oversight of the Advisory Services Framework Groups IA Activity Professionally Cost Information Performance/ Qualified Staff Risk-based Audit Integral Funding Value-for-Money IA Management Plans Component of Mechanisms Audits Workforce Reports Management Coordination TeamLevel 2 – Individual Professional Full Access to theInfrastructure Professional Practices and Managing within Organization’s Compliance IA Operating Development Processes the IA Activity Information, Auditing Budget Framework Assets, and Skilled People IA Business Plan People Identified and Audit Plan Based Recruited on Management/ Reporting Stakeholder Relationships Priorities EstablishedLevel 1 – Ad hoc and unstructured; isolated single audits or reviews of documents and transactions for accuracy and compliance; outputsInitial dependent upon the skills of specific individuals holding the position; no specific professional practices established other than those provided by professional associations; funding approved by management, as needed; absence of infrastructure; auditors likely part of a larger organizational unit; no established capabilities; therefore, no specific key process areas
  12. 12. Key Process Area (KPA) Key Process Area Purpose Essential Activities Outputs Outcomes Institutionalizing Practice Examples 12 12
  13. 13. People Management Level 2 – Infrastructure Skilled People Identified and RecruitedPurpose – To identify and attract people with the necessary competencies and relevant skills to carry out the work of the IA activity. Appropriately qualified and recruited internal auditors are more likely to provide credibility to the internal audit results.Essential Activities• Identify and define the specific audit tasks to be conducted• Identify the knowledge, skills (technical and behavioral), and other competencies required to conduct audit tasks• Develop job descriptions for positions• Determine proper pay classification for positions• Conduct valid, credible recruitment process to select appropriate candidates 13 13
  14. 14. People Management Level 2 – Infrastructure Skilled People Identified and RecruitedOutputs• Internal audit positions are filled with appropriately qualified personsOutcomes• Audit work is conducted with due professional care• There are credible audit observations, conclusions, and recommendationsInstitutionalizing Practice Examples• Visible commitment and support through senior management action to ensure that a competent and qualified CAE is in place, and the necessary resources are provided to appropriately staff the IA activity• Staffing and recruitment policy• Job descriptions• Classification system, including levels specific to internal auditing 14 14
  15. 15. Institutionalizing a Key Process Area Commitment To Perform Activities Activities Ability to Verified Perform Key Process Activities Area Activities Activities Measured Performed 15
  16. 16. Using the IA-CM as an Assessment Tool• Understand the purpose and structure of the IA-CM• Identify the KPAs that appear to be institutionalized by the IA activity• Obtain and review documentation re: IA activity, organization, and environment• Interview managers/stakeholders• Confirm the actual KPAs institutionalized• Determine the capability level• Communicate and confirm the opportunities for improvement• Develop and implement the improvement plan 16 16
  17. 17. Principles in its Application• Apply professional judgment• Environmental and organizational factors• A practice cannot be improved if it cannot be repeated• Capability gets built in steps/stages• KPAs at one level set the foundation for KPAs at the next level• A KPA is achieved when it is institutionalized into the culture of the IA activity• All KPAs, up to and including the KPAs at a given level, must be institutionalized to achieve that level• Not all all elements need be at the same level 17 17
  18. 18. Important Considerations• All levels in the IG participate• Organizational management and stakeholder support• Processes are institutionalized and sustainable 18
  19. 19. Procurement Standards in Indonesia IndII Activity P243-02: Governance Reform in Internal Audit Function (IG-MPW) Presented by Rob Thompson IndII Activity P243-02: Governance Reform9/6/2012 in Internal Audit Function (IG-MPW)
  20. 20. The Procurement Process Identify the Need Review of Approval to Proceed Performance Develop Contract Strategy Payment Manage Set Evaluation Criteria Relationship Develop the Specification MonitorPerformance Define the Contract Award Contractual Terms Clarify/ PTN VFM Research the Analyse Quotes/ Market Tenders Invite Quotes/ Identify Pre-Qualification Tenders and Select Bidders
  21. 21. Key Areas of Procurement Activity• Good Sourcing Principles and Practices• Price and Cost Analysis• Inventory Management• Legal ProtectionProcurement Competencies being prepared
  22. 22. Approach• Analysis of current competencies, procedures, practices and policies• Work with MPW management and selected DG’s to enhance procurement competency• Develop and support the ULP in developing good procurement practice• Applying Risk Assessment & Management techniques to all procurement• Introduction of best practice procurement training• Presenting and mentoring the introduction of new procurement tools and techniques• Providing practical guidance to MPW & DG’s to ensure a consistent application of best practice techniques
  23. 23. Key Messages• Early involvement (by both parties) in the procurements to resolve potential risk areas in time• Shared understanding of what is procurement• Integrate lessons learnt from past experience in future training and procurement practices• Best practice contract management• Cost not price• Performance not conformance• Consistency in actions.
  24. 24. Best Practice Procurement WILL achieve compliance, Compliance alone does not ensure a best value for money procurement. IndII Activity P243-02: Governance Reform9/6/2012 in Internal Audit Function (IG-MPW)