FUNCTIONAL GOVERNANCE AREAS
The IA Strategic Plan is aligned to the strategic objectives of the Fund and includes the following strategic focus areas:
IA has embraced technology to enable the function to realise the goal of efficiency, optimisation, accountability, and transparency.
The IT auditing and data analytics tools, audit management system, as well as the continuous auditing software have facilitated the automation of the IA processes and deeper analysis of data.
This has helped to improve efficiency and effectiveness of the audit processes while determining the scale and depth of audit observations and compliance status, which has enabled decision-makers to timely mitigate risks.
IA has introduced and implemented agile auditing to respond to emerging risks and established a robust risk assessment to focus on emerging technological, strategic, and business risks.
The implementation of a QAIP is to ensure conformance with the definition of IA, the Code of Ethics for internal auditors and the Auditing Standards.
Internal assessments include comprehensive ongoing and periodic monitoring. The programme incorporates quality assurance processes in the stages of planning, engagement, and reporting.
On an annual basis, the function conducts and reports the results of the internal assessment to ARC.
Independent and objective external quality assessment evaluates conformance of IA with the IA Charter, Code of Ethics, and Auditing Standards. The last external assessment was conducted by KPMG in 2018 and the next assessment is due in the FY2023/2024.
IA has developed a Stakeholder Engagement Matrix to identify and appropriately respond to different stakeholders’ needs.
In addition, IA is engaging with other assurance providers to develop a formalised combined assurance model to improve the coordination of work plans, minimise duplication of efforts and facilitate collaboration and uniform reporting to Management and the Board.
Currently, IA consults and engages other assurance providers during the audit planning and execution stages.
However, the coordination with other assurance providers does not impair the independence of IA. IA objectively reviews all internal controls, risk management and governance processes for the other assurance providers.
Capacity building to improve skills is being achieved in the following ways:
The professional certifications obtained to date include Certified Information Systems Manager (CISM), Certified Chartered Accountant (ACCA), Certified Public Accountant (CPA), Certified Information Systems Auditor (CISA) and Certified Internal Auditor (CIA)