Annual Report Year Ending 31 March 2012

SECRETARIAT AUDIT AND RISK COMMITTEE
REPORT TO THE ASSEMBLY COMMISSION

YEAR ENDING 31 MARCH 2012

CHAIRMAN’S FOREWORD

I am pleased to present the Annual Report for 2011/2012 on behalf of the Secretariat Audit and Risk Committee (SARC). This Report describes how SARC fulfilled its role of providing support and advice to the Assembly Commission and the Clerk/Director General in order to ensure sound financial and governance arrangements. In line with its policy of openness and accessibility, SARC Annual Reports and the minutes of SARC meetings are placed on the Assembly website.

This has been another interesting and busy year for SARC as the Commission and the Secretariat Management Group (SMG) have pressed on with their programme of reform of corporate governance including:

  • Publication of Members’ expenses
  • New rules on the payment of expenses and allowances
  • The establishment of the Independent Financial Review Panel to set future pay and allowances
  • The review of Financial Assistance for Political Parties

During the reporting year, SARC provided support to the Secretariat in relation to managing risk and contributed to the completion process for 2010/11 Accounts. In particular, SARC concentrated on procurement compliance, the implementation of outstanding audit recommendations and on further improving and refining Management Controls, including the further development of Stewardship Statements. SARC also considered Risk Management policy, issues relating to the Spending Review and Business Efficiency Programme, and the Report to those charged with Governance. The Corporate Risk Register was reviewed each quarter by SARC.

The Internal Audit Plan for 2011/2012 (the final year of a three-year plan originally agreed by SARC in 2009) was reviewed by SARC on 1 June 2011, and Activity Reports were received from the Head of Internal Audit at each meeting. With the exception of an audit of Security and Usher services, which was deferred at Management’s request, the revised programme was successfully completed. A draft Audit Strategy was considered by SARC at its meeting on 14 March 2012.

When SARC was created some three years ago, it and the newly appointed Secretariat Management Group (SMG) inherited a list of over 100 earlier audit recommendations at various stages of implementation. We have put in place an effective system for systematically assessing new audit recommendations as they arise and actively managing and monitoring implementation with clear timetables and targets. During the past year, this has resulted in SARC ensuring that all audit recommendations have now been implemented or have action in hand to implement them.

In these financially challenging times, I am also pleased to report that we achieved all this and made a substantial saving on our allocated budget

I am grateful to the Assembly Commission for its support and for allowing me and my predecessor to attend its meetings and to contribute to its discussions. This has been very helpful in providing a broader perspective for the work of SARC. I have also been privileged to have an active role in the ongoing work of the Business Efficiency Project Board.

I would like to thank my predecessor Alan McQuillan, who chaired SARC until July 2011, for his support, professionalism, insight and enthusiasm. I also wish to thank Pat Ramsey MLA for his important and valued contribution to the work of SARC, and I am delighted to welcome Douglas Bain as the new independent member of SARC.

Finally, my thanks go to the Clerk/Director General and the staff of the Assembly Secretariat for their commitment and diligence in providing SARC with the information necessary to achieve its objectives as well as very valuable secretarial services.

COLM McKENNA
CHAIRMAN

CONTENTS

Introduction

The Secretariat Audit and Risk Committee (SARC)

Progress of SARC 2011/2012

Internal Audit Activity 2011/12

NI Assembly Accounts 2010/2011

Evaluation of SARC 2011/12

SARC Plan 2012/13

Internal Audit Strategy

Annexes

A - Internal Audit Programme Progress Report 2011/2012

B - Definition of Audit Ratings

C - SARC Self Assessment

D - SARC Budget 2012/2013

SECRETARIAT AUDIT AND RISK COMMITTEE
REPORT TO THE ASSEMBLY COMMISSION
FOR YEAR ENDING 31 MARCH 2012

1 INTRODUCTION

This Report provides the Assembly Commission with an account of the activity and achievements of the Secretariat Audit and Risk Committee (SARC) in 2011/2012 in relation to its objectives for that year. The Report also sets out SARC’s objectives and budget for 2012/2013.

2 SECRETARIAT AUDIT AND RISK COMMITTEE (SARC)

SARC plays an important role in the overall system of corporate governance in the NI Assembly Secretariat. It is independent of the Secretariat and aims to support the Clerk/Director General in his role as Accounting Officer. It also provides independent support to the Assembly Commission in monitoring its responsibilities for issues of risk, control and governance and by reviewing the comprehensiveness of assurances.  

2.1 Meetings

SARC meets at least four times a year, although the Chairperson may convene additional meetings should he feel that this is necessary. During 2011/12, SARC met six times (1 June 2011; 27 June 2011; 6 September 2011; 11 October 2011; 9 December 2011; and 14 March 2012).

SARC meetings are normally attended by the Accounting Officer, the Director of Corporate Services, the Head of Internal Audit and a representative from the Northern Ireland Audit Office. Secretarial support is provided by the Legal and Governance Services Directorate.

The Chairperson of SARC attends meetings of the Assembly Commission as an observer. Mr McQuillan attended meetings of the Commission on 23 May 2011 and 31 May 2011. Mr McKenna attended the Commission meetings on 4 July 2011; 27 September 2011; 8 November 2011; 29 November 2011; 13 December 2011; 24 January 2012; and 28 February 2012. Douglas Bain attended the Commission meetings on 28 February 2012 and 20 March 2012.

2.2 Management Information Systems and Controls

At each meeting, SARC is provided with a number of analyses and reports including:

  • A log of all outstanding Audit Recommendations together with a statement of the current position on each and a target date for completion of any outstanding actions. This is used at each meeting to monitor progress and ensure that recommendations are managed and closed in a controlled manner.
  • Any significant changes to the Corporate Risk Register and any areas of concern. SARC monitors the actions taken by SMG to manage the Corporate Risks to ensure they remain both relevant and effective. Copies of the Assurance Statements completed by Risk Owners are submitted to the SARC for scrutiny every six months.
  • A report in relation to any issues of concern relevant to SARC regarding the delivery of the Corporate Plan objectives.
  • A progress report from the Head of Internal Audit summarising:
  • Work performed (and a comparison with work planned)
  • Key issues emerging from Internal Audit work
  • Management response to audit recommendations
  • Changes to the Periodic Plan
  • Any resource issues affecting the delivery of Internal Audit objectives
  • A progress report from the NI Audit Office representative summarising work done and emerging findings.

As and when appropriate, or when requested, the SARC will also be provided with:

  • Proposals for the Terms of Reference of Internal Audit;
  • The Internal Audit Strategy;
  • Head of Internal Audit’s Annual Opinion and Report;
  • Quality Assurance reports on the Internal Audit function;
  • The draft accounts of the Assembly;
  • The draft Statement on Internal Control;
  • A report on any changes to accounting policies;
  • A report from the Accounting Officer summarising progress against the Secretariat’s Business Plan, highlighting any issues that may be relevant to the work of the SARC;
  • The NIAO’s Report to those charged with Governance;
  • A report on any proposals to tender for audit functions;
  • A report on co-operation between Internal and External Audit;
  • The NIAO audit strategy;
  • Information on any impending changes (as identified by Internal or External Audit) that may impact upon the work of the SARC.

3 PROGRESS OF SARC IN 2011/12

3.1 Performance against key objectives

KEY OBJECTIVE

PERFORMANCE

To consolidate and embed the recent changes in the rapid implementation of audit recommendations to make them even more effective.

Noticeable improvement in the rapid implementation the outstanding audit recommendations. An effective system for assessing new audit recommendations as well as managing and monitoring their implementation was maintained and improved.

To adapt SARC processes to any changes emerging from the work of the Independent Financial Review Panel.

Watching brief to date.

To continue to work with the SMG on key risk areas including procurement to help manage risk and secure value for money. 

Significant emphasis placed on monitoring procurement throughout the year.

To support the Commission and SMG in the challenges posed by declining budgets and the desire to refine and improve services to MLAs and the public in this new Mandate.

SARC Chairperson attends meetings of the Business Efficiency Project Board.

3.2 SARC budget and expenditure

The budget for 2011/2012 was estimated based on anticipated activity and the activity in the previous year. Adjustments were made in year in line with the actual level of activity.

BUDGET HEADING
ORIGINAL BUDGET
£
IN YEAR ADJUSTED BUDGET
£
EXPENDITURE
£
Committee members’ fees
22,670
10,000
8,221
Travel and subsistence
2,240
200
185
General Business Expenditure
2,434
395
312
TOTAL
27,344
10,595
8,718

4 INTERNAL AUDIT ACTIVITY 2011/12

4.1 Internal Audit Programme 2011/12

Details of the progress in relation to the Internal Audit Programme for 2011/12 are attached at Annex A.

4.2 Work completed

Risk Rating Definitions are attached at Annex B. Final Internal Audit reports have been issued in respect of the following assignments:

ASSIGNMENT

AUDIT RATING

Use of Procurement Cards

Limited

Review of Members’ Expenses

Satisfactory

N.I. Assembly & Business Trust

Limited

Managed Print Contract

Unacceptable

Learning & Development

Satisfactory

Bill Office

Substantial

Events Office

Satisfactory

FOI unit

Satisfactory

In addition the following assignments were in progress:

ASSIGNMENT

Secretariat Payroll

Members’ Expenses

Business Continuity Planning

Systems Under Development

4.3 Key Issues

A range of risk and control issues was brought to Management’s attention during the year and included risks relating to minor breaches of usage guidelines for procurement cards, financial management arrangements for the NI Assembly and Business Trust, and the availability of information relating to the managed print contract.

5 NI ASSEMBLY ACCOUNTS 2010/2011

Based on an examination of the Accounts and the Report to Those Charged with Governance, SARC recommended on 27 June 2011 that the Clerk/ Director General sign the 2010/11 accounts.  The SARC Chairperson and the Clerk/Director General thanked the Secretariat and NIAO staff involved for delivering the accounts to timetable.

6 EVALUATION OF SARC 2011/12

At the SARC meeting on 14 March 2012, SARC members completed a self-assessment checklist for 2011/2012 which is attached at Annex C. This indicates the extent to which SARC has complied with its remit.

7 SARC PLAN 2012/13

7.1 SARC Key Objectives

On 9 December 2011, the Secretariat Audit and Risk Committee agreed the following objectives for 2012/2013:

  • To consolidate and embed the recent changes in the rapid implementation of audit recommendations to make them even more effective.
  • To adapt SARC processes to any changes emerging from the work of the Independent Financial Review Panel.
  • To continue to work with the SMG on key risk areas including procurement to help manage risk and secure value for money.
  • To support the Commission and SMG in the challenges posed by declining budgets and the desire to refine and improve services to MLAs and the public in this new Mandate

7.2 SARC Budget

Details of the SARC budget for 2012/13 are attached at Annex D.

8 INTERNAL AUDIT STRATEGY

A draft revised Internal Audit strategy is in development and was considered by SARC on 14 March 2012.

MEMBERS OF SARC 2011/12:

COLM McKENNA, INDEPENDENT CHAIRPERSON FROM 1 DECEMBER 2011 (ACTING INDEPENDENT CHAIRPERSON FROM 11 JULY 2011 TO 1 DECEMBER 2011)
ALAN McQUILLAN, INDEPENDENT CHAIRPERSON TO 11 JULY 2011
DOUGLAS BAIN, INDEPENDENT MEMBER FROM 1 FEBRUARY 2012
PAT RAMSEY MLA, ASSEMBLY COMMISSION REPRESENTATIVE

ANNEX A

INTERNAL AUDIT PROGRAMME 2011/2012

PROGRESS REPORT

DIRECTORATE/BUSINESS AREA

RISK SCORE

ASSURANCE

REPORT

       

CLERKING & REPORTING

     

Review of Bill Office

105

Substantial

September 2011

       

CORPORATE SERVICES

     

Review of Procurement Cards

130

Limited

May 2011

Review of Members’ Expenses

130

Satisfactory

May 2011

Review of Learning & Development

140

Satisfactory

September 2011

       

INFORMATION & OUTREACH

     

NI Assembly & Business Trust

N/A

Limited

June 2011

Managed Print Contract

N/A

Unacceptable

June 2011

Review of Events Office

90

Satisfactory

October 2011

Review of Freedom of Information unit

110

Satisfactory

December 2011

 

FOLLOW-UP AUDITS

ASSURANCE

REPORT

Building Services

Satisfactory

May 2011

Hansard

Substantial

May 2011

Secretariat Travel & Subsistence

Substantial

August 2011

Procurement

Limited

June 2011

FAPP

Satisfactory

November 2011

NI Assembly & Business Trust

Limited

November 2011

Procurement Cards

Substantial

December 2011


ANNEX B

ASSURANCE DEFINITIONS

SUBSTANTIAL

There is a robust system of risk management, control and governance which should ensure that objectives are fully achieved.

SATISFACTORY

There is some risk that objectives may not be fully achieved. Some improvements are required to enhance the adequacy and / or effectiveness of risk management, control and governance.

LIMITED

There is considerable risk that the system will fail to meet its objectives. Prompt action is required to improve the adequacy and effectiveness or risk management, control and governance.

UNACCEPTABLE

The system has failed or there is a real and substantial risk that the system will fail to meet its objectives. Urgent action is required to improve the adequacy and effectiveness of risk management, control and governance.

ANNEX C

SELF ASSESSMENT OF THE ASSEMBLY SECRETARIAT AUDIT AND RISK COMMITTEE FOR YEAR ENDING 31 MARCH 2012

ROLE AND REMIT

YES/NO/NA

COMMENTS/ACTION

Does SARC have written terms of reference?

YES

 

Do the terms of reference cover the core functions of an audit committee as identified in the HM Treasury Audit Committee Handbook?

YES

 

Are the terms of reference approved by SARC and reviewed periodically?

YES

The Terms of Reference were reviewed on 30 September 2010

Has SARC been provided with sufficient membership, authority and resources to perform its role effectively and independently?

YES

 

Does SARC periodically assess its own effectiveness?

YES

This is done annually

MEMBERSHIP, INDUCTION AND TRAINING

YES/NO/NA

COMMENTS/ACTION

Has the membership of the SARC been formally agreed by the Assembly Commission and/or Accountable Officer and a quorum set?

YES

 

Are the independent members of SARC appointed for a fixed term?

YES

The Chairperson and Independent member are appointed for an initial period of three years with the option of two additional periods of one year each.

Does SARC have the appropriate skills eg does at least one member of SARC have a financial background?

YES

 

Are all members of SARC, including the chair, independent of the executive function?

YES

 

Are new SARC members provided with an appropriate induction?

YES

 

Has each SARC member formally declared his/her business interests?

YES

 

Are SARC members sufficiently independent of the other key management committees of the Assembly?

YES

 

Has SARC considered the arrangements for assessing the attendance and performance of each member?

YES

This is carried out annually.

MEETINGS

YES/NO/NA

COMMENTS/ACTION

Does SARC meet regularly, at least four times a year?

YES

 

Do the terms of reference set out the frequency and broad timing of meetings?

YES

 

Does the SARC calendar meet the Assembly’s business and governance needs, as well as the requirements of the financial reporting calendar?

YES

 

Do SARC members attend meetings on a regular basis and if not, is appropriate action taken?

YES

 

Does the Accounting Officer attend all meetings and, if not, is he/she provided with a record of discussions?

YES

 

Do appropriate officials attend SARC meetings, including representatives from Internal Audit, External Audit and Finance?

YES

 

Does SARC have sufficient time to give proper consideration to its business?

YES

 

INTERNAL CONTROL

YES/NO/NA

COMMENTS/ACTION

Does SARC consider the findings of annual reviews by Internal Audit and others, on the effectiveness of the arrangements for risk management, control and governance?

YES

 

Does SARC consider the findings of reviews on the effectiveness of the system of internal control?

YES

 

Does SARC have responsibility for review of the draft Statement on Internal Control (SIC) and does it consider this separately from the accounts?

YES

 

Does SARC consider how accurate and meaningful the SIC is?

YES

 

Does SARC satisfy itself that the arrangements for risk management, control and governance have operated effectively throughout the reporting period?

YES

 

Has SARC considered how it should coordinate with other management committees that have responsibility for risk management and corporate governance ie the Assembly Commission and the Secretariat Management Group?

YES

Independent Members of the SARC attend meetings of the Assembly Commission.

Members of the Secretariat Management Group attend meetings of the SARC on a rolling-programme basis.

Has SARC satisfied itself that the Assembly has adopted appropriate arrangements to counter and deal with fraud?

YES

 

Has SARC been made aware of the role of risk management in the preparation of the internal audit plan?

YES

 

Does SARC’s Terms of Reference include oversight of the risk management process?

YES

 

Does SARC receive and consider Stewardship Statements from senior staff including those in key business areas such as Finance, HR and Information Systems?

YES

 

FINANCIAL REPORTING AND REGULATORY MATTERS

YES/NO/NA

COMMENTS/ACTION

Is SARC’s role in the consideration of the annual accounts clearly defined?

YES

 

Does SARC consider, as appropriate:

  • the suitability of accounting policies
  • major judgments made
  • large write-offs
  • changes in accounting treatment
  • the reasonableness of accounting estimates
  • the narrative aspects of reporting?

YES TO ALL

 

Is a SARC meeting scheduled to receive the external auditor's report to those charged with governance including a discussion of proposed adjustments to the accounts and other issues arising from the audit?

YES

 

Does SARC have an understanding of management's procedures for preparing the Assembly’s annual accounts?

YES

 

Does SARC have a mechanism to keep it aware of topical legal and regulatory issues?

SARC members are kept aware of such developments through circulation of all DAO letters and information provided by external auditor and Assembly officials. SARC members also attend relevant training courses and conferences.

 

INTERNAL AUDIT

YES/NO/NA

COMMENTS/ACTION

Does the Head of Internal Audit attend meetings of SARC?

YES

 

Does SARC approve, annually and in detail, the internal audit plans including consideration of whether the scope of internal audit work addresses the Assembly’s significant risks?

YES

 

Does Internal Audit have a direct reporting line, if required, to SARC?

YES

 

As well as an annual report from the Head of Internal Audit, does SARC receive progress reports from the Internal Audit service?

YES

 

Are outputs from follow-up audits by Internal Audit monitored by SARC and does it consider the adequacy of implementation of recommendations?

YES

 

If considered necessary, is the SARC chair able to hold private discussions with the Head of Internal Audit?

YES

 

Is there appropriate co-operation between the internal and external auditors?

YES

 

Does SARC review the adequacy of internal audit staffing and other resources?

YES

 

Are Internal Audit performance measures monitored by SARC?

YES

 

Has SARC considered the information it wishes to receive from Internal Audit?

YES

Do formal terms of reference exist defining Internal Audit's objectives, responsibilities, authority and reporting lines?

YES

The responsibilities of the Head of Internal Audit are defined in a letter of delegation from the Clerk/DG

EXTERNAL AUDIT

YES/NO/NA

COMMENTS/ACTION

Does the External Audit representative attend meetings of SARC?

YES

 

Do the external auditors present and discuss their audit plans and strategy with SARC (recognising the statutory duties of external audit)?

YES

 

Does the SARC chair hold periodic private discussions with the external auditor?

YES

The SARC Chairperson meets with the Comptroller and Auditor General as appropriate and with the NIAO representative on SARC on a regular basis.

Does SARC review the external auditor's annual report to those charged with governance?

YES

 

Does SARC ensure that officials are monitoring action taken to implement external audit recommendations?

YES

 

Are reports on the work of External Audit presented to SARC?

YES

 

Does SARC assess the performance of External Audit?

NO

Whilst there is no formal assessment mechanism, SARC sees all of this work. Where there are any concerns that have not been resolved at operational levels these are discussed between SARC and the NIAO representative on the Committee.

ADMINISTRATION

YES/NO/NA

COMMENTS/ACTION

Does SARC have a designated secretariat?

YES

 

Are agenda papers circulated in advance of meetings to allow adequate preparation by SARC members?

YES

 

Do reports to SARC communicate relevant information at the right frequency, time, and in a format that is effective?

YES

 

Does SARC issue guidelines and/or a pro forma concerning the format and content of the papers to be presented?

YES

 

Are SARC minutes prepared and circulated promptly to the appropriate people, including all SARC members?

YES

 

Is a report on matters arising presented or does the Chair raise them at SARC's next meeting?

Action points in relation to issues discussed are circulated to all attendees following each SARC meeting.

 

Do action points indicate who is to perform what and by when?

YES

 

Does SARC provide an effective Annual Report on its own activities?

YES

OVERALL

YES/NO/NA

COMMENTS/ACTION

Does SARC effectively contribute to the overall control environment of the Assembly?

YES

 

Are there any areas where SARC could improve upon its current level of effectiveness?

YES

The culture of SARC is to seek continuous improvement in its work and around the audit business processes. Its work in this is also driven in part by the commitment of the Commission and SMG to improvements in areas like the framework of rules around Members’ pay and allowances, audit of expenses and procurement.

SARC members attend induction training and continue to develop skills.

Does SARC seek feedback on its performance from the Assembly Commission and Accounting Officer?

YES

 

ANNEX D

SECRETARIAT AUDIT AND RISK COMMITTEE
BUDGET 2012/2013

BUDGET HEADING

AMOUNT

(£)

Committee members’ fees

12,000

Travel and Subsistence

2,186

General Business Expenditure

2,370

TOTAL (excluding fees)

4,556

Find MLAs

Find your MLAs

Locate MLAs

Search

News and Media Centre

Visit the News and Media Centre

Read press releases, watch live and archived video

Find out more

Follow the Assembly

Follow the Assembly on our social media channels

Keep up-to-date with the Assembly

Find out more

Useful Contacts

Contact us

Contacts for different parts of the Assembly

Contact Us