• Nie Znaleziono Wyników

The role and tasks of internal audit in the units of local governments

N/A
N/A
Protected

Academic year: 2021

Share "The role and tasks of internal audit in the units of local governments"

Copied!
15
0
0

Pełen tekst

(1)

ELBIETA IZABELA SZCZEPANKIEWICZ Pozna University of Economics

Summary

The state uses public finance sector units to execute its tasks in the public fi-nance. For the public finance sector to be effective and stable internal audits are conducted in its supervision systems. Internal audits in this sector are adopted as in-struments to control public finance. This work aims to discuss the binding internal audit regulations, instruction and standards as well as the fundamental rules and scope of internal auditing in the public sector units, in local governments in particu-lar. Qualification requirements for the function of a unit’s internal auditor and the rules an external service provider are elaborated on.

Key phrases: internal audit, internal control, management. 1. Introduction

The state uses public finance sector units to execute its tasks in the public finance. For the public finance sector to be effective and stable internal audits are conducted in its supervision systems. Internal audits in this sector are adopted as instruments to control public finance. For the past several years Polish public finance sector has adopted internal audit to control public finance. The obligations and rules connected with internal audit were introduced to the public finance sec-tor units in January 2002 by virtue of the Public Finance Act. A subsequent yet a significant amendment of this Act, which has been effective since 2010, extends the list of the sector units obliged to implement internal audit. Hence, pursuant to pertinent regulation the local governments unit, are obliged to establish internal audit divisions. The regulations also specifies units, which provided that they meet the Public Finance Act – defined criteria, are authorized to outsource in-ternal auditing. Inin-ternal audits in subject units can be conducted by superior or supervisory bodies. It is the primary objective of the currently binding internal audit regulations and standards to sup-port a manager in efficient unit management.

Internal audit is a management instrument used by unit managers to gain rational assurance that objectives and tasks of a given unit are attained, procedures resulting from acts of law or adopted by a unit manager are implemented and observed, while internal audit mechanisms and procedures adequately and correctly support unit’s operation. Presently internal audit not only analyzes internal control efficiency but also public finance management control. Furthermore, it is a vital tool for risk management estimation and execution public tasks.

This work aims to discuss the binding internal audit regulations, instruction and standards as well as the fundamental rules and scope of internal auditing in the public sector units, in local governments in particular. Qualification requirements for the function of a unit’s internal auditor and the rules an external service provider are elaborated on.

(2)

2. Formal bases of internal audit in the units of local governments

In 2010 in accordance with the amended acts of law internal audit is obligatory in the units of local governments, provided that they collect substantial public funds or make substantial public outlays.

The Public Finance Act1, executive orders issued pursuant thereto by the Minister of Finance as well as the guidelines of the Minister of Finance published in the communications and the In-ternational Standards for the Professional Practice of Internal Audit (The Institute of Internal Audi-tors – IIA), which were adopted as internal audit standards in the public finance sector units. In 2010 internal audit is in regulations:

• The ordinance concerning internal audit execution and documentation2,

• Communication of the Minister of Finance concerning the internal audit standards in the public finance sector units3,

• Communication of the Minister of Finance concerning the management control standards for the public finance sector units4,

• Communication of the Minister of Finance concerning the announcement of the “Internal Auditor’s Code of Ethics in the public finance sector units” and the “Internal Audit Char-ter in the public finance sector units”5.

Additionally, for the execution of the internal audit tasks concerning information system audits in the public finance sector units, internal auditors are recommended by the Minister of Finance to apply standards and guidelines published by the international Information Systems Audit and Control Association (ISACA): SISA6 – standards and guidelines for information systems audit and COBIT7 − guidelines for Information Technology management. Furthermore, at its website the Ministry of Finance publishes and recommends other documents to be used by managers and internal auditors in the public finance sector units.

The currently effective Public Finance Act it regulates the problems: 1. Definition and rules of Internal audit,

2. Definition and rules of Management Control, which is evaluated by an internal audi-tor,

3. The obligation to inform the local government the results of a financial economy au-dit and report from the execution of an auau-dit plan for the previous year,

1

Ustawa z 27 sierpnia 2009 r. o finansach publicznych (Dz. U. Nr 157, poz. 1240).

2 Rozporządzenie Ministra Finansów z 1 lutego 2010 r. w sprawie przeprowadzania i dokumentowania audytu wewnĊtrz-nego (Dz. U. Nr 21, poz. 108).

3 Komunikat Nr 1 MF z 19 lutego 2009 r. w sprawie standardów audytu wewnĊtrznego w jednostkach sektora finansów publicznych (Dz.Urz. MF Nr 2, poz. 12) and The International Standards for the Professional Practice of Internal Audit, The Institute of Internal Auditors (IIA), 247 Maitland Avenue, Altamonte Springs, Florida 32701-4201, USA 2001. www.iia.org.

4 Komunikat nr 23 MF z 16 grudnia 2009 r. w sprawie standardów kontroli zarządczej dla sektora finansów publicznych (Dz. Urz. MF Nr 15, poz. 84).

5 Komunikat Nr 16 MF z 18 lipca 2006 r. w sprawie ogłoszenia „Kodeksu etyki audytora wewnĊtrznego w jednostkach sektora finansów publicznych” i „Karty audytu wewnĊtrznego w jednostkach sektora finansów publicznych” (Dz.Urz. MF Nr 9, poz. 70).

6 Standards for Information Systems Auditing, ISACA 2002. www.isaca.org.pl

7 Control Objectives for Information and Related Technology. Management Guidelines (COBIT). IT Governance Institute, April 2001, www.itgi.org. and www.isaca.org.pl.

(3)

4. A possibility of internal audit in outsourcing to a party external auditor by a unit. 5. A list of professional qualifications for internal auditors in public finance sector

units.

In accordance with Article 275 of the Public Finance Act an internal audit is carried out by an internal auditor employed by a unit or a external service provider by a unit. Internal audit is obliga-tory in the unit of local governments if the budget of local governments units income and revenue as well as expenses and cost it tops PLN 40 000 thousand. In public finance sector units, which were established by local governments, can also outsource internal audit, if the local government's budgetary resolution stipulates income and revenue as well as expenses and costs are below PLN 100,000. thousand, or the unit employs fewer than 200 people. At a local government the tasks related to internal audit are assigned to its head in accordance with Article 276 of the Act, that is respectively to: the commune administrator, mayor, chairman of the a local government’s man-agement board.

3. Qualifications of internal auditors in the unit of local governments

Internal audits in the units of the local governments are conducted by internal auditors em-ployed by the unit or by an external service provider8. Internal auditor in the unit of local govern-ments must be a university graduate and possess pertinent qualifications to perform an internal audit, as specified in the article 286 of the Public Finance Act (table 1).

Table 1. Requirements and qualifications of internal auditors in public finance sector

Internal audits can be conducted by a person, who:

Qualifications of Internal Auditors (Art. 286 of the Public Finance Act): 1. Is a EU citizen or a citizen of any other

country, the citizens of which, pursuant to international agreement or the European Community law regulations, are entitled to be employed in the Republic of Poland,

2. Is capable of performing legal activities, executing all public rights,

3. Was not punished for any intentional crimes or any intentional fiscal crimes,

4. Is a university graduate,

5. Has the qualifications defined in the Public Finance Act to conduct an internal audit

1. holds an international certificate: Certified Internal Auditor (CIA), Certified Government Auditing Profes-sional (CGAP), Certified Information Systems Auditor (CISA), Association of Chartered Certified Accountants (ACCA), Certified Fraud Examiner (CFE), Certification in Control Self Assessment (CCSA), Certified Financial Services Auditor (CFSA), Chartered Financial Analyst (CFA) or

2. in the years 2003–2006 passed the internal audit ex-amination before the Exex-amination Committee appointed by the Minister of Finance, or

3. holds external auditor’s qualifications, or

4. has a two-year internal audit practice and graduated from post-graduate studies in internal audit issued by an organizational unit, which, upon the diploma issue, was authorized to award Ph.D. titles in economics or law.

Source: Ustawa z 27 sierpnia 2009 r. o finansach publicznych (Dz. U. Nr 157, poz. 1240).

Moreover, internal audit practice means at least half-time employment documented by a head of a unit from the public finance sector, which is connected with:

conducting audits under the supervision of an internal auditor,

8External Service Provider - a person or firm outside of the organization, that has special knowledge, skill, and experience

(4)

certifying and issuing EU financial assistance discontinuation declarations, which are referred to in the Fiscal Inspection Act, by fiscal inspectors,9

supervising or performing inspections, which are referred to in the Supreme Chamber of Con-trol Act.10

An outsourced internal auditor in the units of local governments can mean: a natural person, a natural person conducting business, for instance an auditor or other persons on conditions that they meet the above mentioned requirements specified in Article 286 of the Public Finance Act. A private partnership, a general partnership, professional partnership, limited partnership, limited joint stock partnership or a corporate person can act as an outsourced internal auditor provided that their employees conducting internal audit in a unit meet the requirements specified in Article 286 of the Public Finance Act. Any agreement executed between a unit and an outsourced service provider should feature provisions guaranteeing an internal audit will be conducted in accordance with the act and its executive orders. Such an agreement, in accordance with Article 279 of the Public Finance Act, should specify how to handle documents, in particular it should indicate how to proceed with electronic documents, prepared for internal auditing so as to make them accessi-ble, protected against unauthorized dissemination, mutilation or destruction.:

4. The role and types of internal audit in the units of local governments

Internal audit is a management instrument used by unit managers to gain rational assurance that objectives and tasks of a given unit are attained, procedures resulting from acts of law or adopted by a unit manager are implemented and observed, while internal audit mechanisms and procedures adequately and correctly support unit’s operation. In accordance with Article 272 of the Public Finance Act internal audit means independent and objective activities, which support a manager heading a unit in attaining their goals and executing their tasks by regular evaluation of management control as well as consulting services. What is evaluated in particular is if manage-ment control in the governmanage-ment administration or a given unit is adequate, effective and efficient. Consequently, the idea behind internal audit is to identify and comprehend potential risks faced by a units and to examine and evaluate the effectiveness of the internal control system, which was implemented to control risks and financial safety. The underlying objective of an internal audit in a units is to support its management in attainment of its goals and execution of its tasks by regular management control evaluation of public spending.

In accordance with the regulations of the Internal Audit Standards (IIA) internal auditing is an independent, objective assurance and consulting activity designed to add value11 and improve an organization's operations. It helps an organization accomplish its objectives by bringing a system-atic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.12 Internal audits should provide unit management with an unbiased and independent evaluation of management and internal control mechanisms, inclusive of financial control procedures, are in place and operate adequately, effectively and efficiently. An audit en-compasses examination and evaluation of risk management and task execution quality

9 Ustawa z 28 wrzeĞnia 1991 r. o kontroli skarbowej (Dz.U. z 2004 r. Nr 8, poz. 65, ze zm.).

10 Ustawa z 23 grudnia 1994 r. o NajwyĪszej Izbie Kontroli (Dz.U. z 2007 r. Nr 231, poz. 1701, ze zm.).

11 Value is provided by improving opportunities to achieve organizational objectives, identifying operational improvement, and/or reducing risk exposure through both assurance and consulting services - Definition in Glossary - The International Standards for the Professional Practice of Internal Audit (Internal Audit Standards IIA), www.iia.org.

(5)

pankiewicz, 2009). Internal audits include assurance activities (evaluation) and consulting ser-vices. Assurance activities constitute a fundamental task of an audit. An independent and unbiased management evaluation, inclusive of evaluation of risk management and control and unit’s opera-tion areas and systems, should assure a unit management that its systems operate properly.

In accordance with the regulations of the Internal Audit Standards (IIA) assurance services in-volve the internal auditor’s objective assessment of evidence to provide an independent opinion or conclusions regarding an entity, an operation, a function, a process, system, or other subject mat-ter. The nature and scope of the assurance engagement are determined by the auditor. Examples may include financial, performance, compliance, system security, and due diligence engage-ments.13

Audit by counseling should also lead to the facilitation of unit operation. An auditor can sub-mit requests to the management or the management of audited units, which should result in the facilitation of the operation of a unit or its organizational units. In accordance with the regulations of the Internal Audit Standards (IIA) consulting services are advisory in nature, and are generally performed at the specific request of an engagement client. The nature and scope of the consulting engagement are subject to agreement with the engagement client. Advisory and related client ser-vice activities, the nature and scope of which are agreed with the client, are intended to add value and improve an organization’s governance, risk management, and control processes without the auditor assuming management responsibility. Examples include counsel, advice, facilitation, and training.14

An internal audit should cover all areas of unit operations. Audit is a management instrument used by unit managers to gain rational assurance that objectives and tasks of a given unit are being attained, procedures resulting from acts of law or adopted by unit management are being imple-mented and observed, while audit mechanisms and procedures adequately and correctly support unit’s operation. Internal audit should include in particular:

• A review of internal control mechanisms and reliability and credibility of operational, management and financial information,

• An identification and analysis of risks related to unit operation, including evaluation of the effectiveness of risk management and internal control,

• An opinion if the control mechanisms put in place in the audited systems by unit man-agement are adequate and efficient,

• An opinion about procedures and practices of financial information development, classifi-cation and presentation,

• An opinion if acts of law, internal unit regulations as well as programs, strategies and standards introduced by pertinent bodies are observed,

• An opinion about unit property security, an evaluation of the effectiveness and economy of unit resources use and public funds management,

• Submission of reports with conclusions and presentation of recommendations concerning enhancement of effectiveness of unit’s operation in a given area,

• A review of programs and projects to establish if a unit generates planned results and meets its objectives,

13

Standards Introduction in the Internal Audit Standards (IIA). 14 Ibidem.

(6)

• An evaluation if a unit’s operation is adjusted to the previously presented recommenda-tions of an internal audit or a control (Szczepankiewicz, 2009).

The basic internal audit types include: operational audit (including compliance audit, which is sometimes referred to as separate audit type, performance audit), financial audit, information technology audit (table 2).

Table 2. The basic internal audit types in the units of local governments

The audit types

Character Operational

audit

The operational audit examines if unit's operations are in accordance with its opera-tional and strategic objectives and evaluates a unit's systems in operation. The results of an operational audit are later used to enhance a unit's future operation. Internal auditors must assesses an organization's operations, functions, process, systems. The operational audit activity must evaluate risk exposures relating to operations in the organization's regarding the reliability and integrity of operational information, effec-tiveness and efficiency of operations, safeguarding of assets and compliance with laws, regulations and contracts.

Financial audit

The financial audit is chiefly associated with the evaluation of the accounting system and the reliability of financial statements and of budget reports, Internal audit should include in particular an review of the accuracy, adherence to accounting standards, credibility and reliability of financial statements and budget reports. The financial audit aims to identify all negligence and irregularities in the financial and accounting areas of unit's operation. The financial audit activity must evaluate risk exposures relating to the organization's finance operations regarding the reliability and integrity of financial information; safeguarding of assets; and compliance with laws, regulations, and con-tracts. Internal audit should include in particular a review of internal control mecha-nisms in system of accounting, financial responsibility and control, financial risk, check of accounting records and transactions, period of account, reconciliation inven-tory book, trial balance, investment appraisal, funds, methods depreciation and re-valuation, stock re-valuation, budgeted costs and expenses, expense voucher, budgeted income and revenue, backlog of debts and tax arrears.

Information technology audit

Internal auditors must have sufficient knowledge of key information technology risks and technical controls of IT. Internal auditors controls applications, information, infra-structure. The Information technology audit activity must evaluate risk exposures relating to information systems in the organization's, the safeguarding of information assets and compliance with laws and IT contracts. Internal auditors apply automated audit tool, audit software, test data generators, computerized audit programs, and specialized audit utilities. Information technology audit activity must evaluate the confidentiality, integrality, safety estimates as well as the accessibility of information kept and processed in computer systems.

(7)

5. Rules of internal audit in the units of local governments

As previously mentioned internal audits must be conducted in accordance with the provisions of the Public Finance Act, pertinent ordinances and instructions of the Minister of Finance as well as the International Standards for the Professional Practice of Internal Auditing, which were adopted as internal audit standards for public finance sector units.

The structure of the International Standards for the Professional Practice of Internal Audit, which should be observed by auditors in public finance sector units, that is in local governments units, includes Attribute, Performance and Implementation Standards. Attribute Standards address the attributes of organizations and individuals performing internal audit services. The Performance Standards describe the nature of internal audit services and provide quality criteria against which the performance of these services can be measured. The Attribute and Performance Standards apply to all internal audit services. They are supplemented by the Implementation Standards, which feature detailed instructions and procedures. They are defined separately for: Assurance activities (marked as A) and counseling (marked as C). Table 3 presents the current structure of audit standards.

In accordance with the Standards Introduction in Internal Audit Standards (IIA) the purpose of the Standards is to:

1. Delineate basic principles that represent the practice of internal auditing. 2. Establish the basis for the evaluation of internal audit performance. 3. Foster improved organizational processes and operations.

4. Provide a framework for performing and promoting a broad range of value-added in-ternal auditing.

An internal audit can be considered properly performed if the following activities indicated in the standards ware taken, that is, for instance:

1. the unit management was responsible for the internal control system (the Standard 2600),

2. the audit was targeted to unit operation facilitation (the Standard 2110), 3. risks were prioritized (the Standard 2120),

4. audit was of high quality (the Standards 1300, 1310,1311,1312,1320),

5. the auditor’s opinions were independent, impartial and unbiased (the Standards 1100, 1110, 1120, 1130),

6. the auditor was professional, knowledgeable and diligent (the Standards 1200, 1210,1220,1230),

7. internal audit results were used effectively (the Standards 2000, 2010, 2030, 2230), 8. information circulation and communication were problem-free (the Standards 2050,

2060, 2400).

In accordance with the regulations of the Internal Audit Standards (IIA) the internal audit ac-tivity must be independent (table 4), and internal auditors must be objective in performing their work (the Standard 1100).

(8)

Table 3. The basic internal audit types in the units of local governments

Attribute Standards

and Implementation Standards

Performance Standards and Implementation Standards 1000. Purpose, Authority, and Responsibility

1000.A1, 1000.C1

1010. Recognition of the Definition of Internal Auditing, the Code of Ethics, and the Standards in the Internal Au-dit Charter

1100. Independence and Objectivity 1110. Organizational Independence 1111. Direct Interaction With the Board

1110.A1 1120. Individual Objectivity

1130. Impairment to Independence or Objectivity 1130.A1, 1130.A, 1130.C1, 1130.C2 1200. Proficiency and Due Professional Care 1210. Proficiency

1210.A1, 1210.A2, 1210.A3, 1210.C1

1220. Due Professional Care

1230. Continuing Professional Development 1300. Quality Assurance and Improvement Program 1310. Requirements of the Quality Assurance and

Improve-ment Program 1311. Internal Assessments 1312. External Assessments

1320. Reporting on the Quality Assurance and Improvement Program

1321. Use of “Conforms with the International Standards for the Professional Practice of Internal Auditing” 1322. Disclosure of Nonconformance

2000. Managing the Internal Audit Activity 2010. Planning

2010.A1, 2010.C1 2020. Communication and Approval 2030. Resource Management 2040. Policies and Procedures 2050. Coordination

2060. Reporting to Senior Management and the Board 2100. Nature of Work 2110. Governance 2110.A1, 2110.A2, 2110.C1 2120. Risk Management 2120.A1, 2120.A2, 2120.C1, 2120.C2, 2120.C3 2130. Control

2130.A1, 2130.A2, 2130.A3, 2130.C1, 2130.C2

2200. Engagement Planning 2201.A1, 2201.C1 2201. Planning Considerations 2210. Engagement Objectives

2210.A1, 2210.A2, 2210.A3, 2210.C1

2220. Engagement Scope

2220.A1, 2220.A2, 2220.C1 2230. Engagement Resource Allocation 2240. Engagement Work Program

2240.A1, 2240.C1 2300. Performing the Engagement 2310. Identifying Information 2320. Analysis and Evaluation 2330. Documenting Information

2330.A1, 2330.A2, 2330.C1 2340. Engagement Supervision 2400. Communicating Results 2410. Criteria for Communicating

2410.A1, 2410.A2, 2410.A3, 2410.C1

2420. Quality of Communications 2421. Errors and Omissions

2430. Use of “Conducted in Conformance with the International Standards for the Pro-fessional Practice of Internal Auditing” 2431. Engagement Disclosure of Noncompliance

2440. Disseminating Results

2440.A1, 2440.A1, 2440.C1, 2440.C2

2500. Monitoring Progress

2600. Resolution of Management’s Acceptance of Risks

(9)

Source: Komunikat Nr 1 MF z 19 lutego 2009 r. w sprawie standardów audytu wewntrznego w jednostkach sektora finansów publicznych (Dz. Urz. MF Nr 2, poz. 12) and Internal Au-dit Standards IIA (The International Standards for the Professional Practice of Internal Audit, The Institute of Internal Auditors (IIA), 247 Maitland Avenue, Altamonte Springs, Florida 32701–4201, USA 2001. www.iia.org.).

Table 4. Independence of internal auditors in the units of local governments

Marshal's Office The Office of City The Office of Commune Staroste Office So always 33,3 81,8 33,30 53,30 In large degree 66,7 9,10 33,30 13,30 In small degree 0,00 9,10 16,70 26,70 Not never 0,00 0,00 16,70 6,70

Source: P. Sołtyk, Dualizm Audytu Wewntrznego w jednostkach samorzdu terytorialnego w Polsce – wstpne wyniki bada [w:] Audyt wewntrzny instrumentem zarzdzania, Uniwersytet Szczeciski, Zeszyty Naukowe nr 564, Szczecin 2009, s. 74.

Independence is the freedom from conditions that threaten the ability of the audit activity or the chief audit executive to carry out internal audit responsibilities in an unbiased manner. To achieve the degree of independence necessary to effectively carry out the responsibilities of the audit activity, the chief audit executive has direct and unrestricted access to senior management and the board. This can be achieved through a dual-reporting relationship.15 Objectivity is an unbi-ased mental attitude that allows internal auditors to perform engagements in such a manner that they believe in their work product and that no quality compromises are made. Objectivity requires that internal auditors do not subordinate their judgment on audit matters to others (the Standard 1100). The chief audit executive must report to a level within the organization that allows the audit activity to fulfill its responsibilities (the Standard 1110). The audit activity must be free from inter-ference in determining the scope of internal auditing, performing work, and communicating results (the Standard 1110.A1). Internal auditors must have an impartial, unbiased attitude and avoid any conflicts of interest (the Standard 1120).16 Auditors must refrain from assessing specific operations for which they were previously responsible (the Standard 1130.A1).

Engagements must be performed with proficiency and due professional care (the Standard 1200). Internal auditors must possess the knowledge, skills, and other competencies needed to perform their individual responsibilities. The audit activity collectively must possess or obtain the knowledge, skills, and other competencies needed to perform its responsibilities (the Standard 1210). Auditors must apply the care and skill expected of a reasonably prudent and competent internal auditor (the Standard 1220). Auditors must enhance their knowledge, skills, and other competencies through continuing professional development (the Standard 1230). The chief audit

15

In accordance with the Interpretation in the International Standards IIA.

16 In accordance with the regulations of the Internal Audit Standards (IIA): Conflict of interest is a situation in which an internal auditor, who is in a position of trust, has a competing professional or personal interest. Such competing interests can make it difficult to fulfill his or her duties impartially. A conflict of interest exists even if no unethical or improper act results. A conflict of interest can create an appearance of impropriety that can undermine confidence in the internal audi-tor, the internal audit activity, and the profession. A conflict of interest could impair an individual's ability to perform his or her duties and responsibilities objectively.

(10)

executive must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity (the Standard 1300).

In accordance with the regulations of the Internal Audit Standards (IIA) the internal audit ac-tivity must assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives: promoting appropriate ethics and values within the organization; ensuring effective organizational performance management and accountability; communicating risk and control information to appropriate areas of the organization; coordinating the activities of and communicating information among external and internal auditors, and man-agement (Standards 2110). The audit activity must evaluate the effectiveness and contribute to the improvement of risk management processes (the Standard 2120). The audit activity must evaluate the potential for the occurrence of fraud and how the organization manages fraud risk (the Stan-dard 2120.A2). The audit activity must assist the organization in maintaining effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement (Standard 2130).

Internal auditors must communicate the engagement results (the Standard 2400). Communica-tions must be accurate, objective, clear, concise, constructive, complete, and timely (the Standard 2420).17 The chief audit executive must communicate results to the appropriate parties (the Stan-dard 2440). The chief audit executive must establish a follow-up process to monitor and ensure that management actions have been effectively implemented or that senior management has ac-cepted the risk of not taking action (the Standard 2500.A1).

Internal audits, which cover the evaluation of risk management, internal control systems and unit management, are to a large extent based on the trust placed on an auditor. An auditor is trusted if he/she is ethical. The currently binding Code of Internal Auditor’s Ethics in the public finance sector units was published in 2006. The Code supplements the audit standards and provides in-structions for internal auditors in the public finance sector units. The rules of audit practice in the public finance sector units include: honesty, objectivity, confidentiality, professionalism, internal auditor’s procedures and relations between internal auditors and conflicts of interests (table 5). In the light of the Code of Ethics an internal auditor is obliged to audit and counsel in an honest, reliable and decent manner. It presents principles of internal audit practice and standard procedures expected for an auditor. Each of the rules was specified in rules of conduct for internal auditors.18 These rules are an aid to interpreting the Principles into practical applications and are intended to guide the ethical conduct of internal auditors. The purpose Code of Ethics is to promote an ethical culture in the profession of auditing.19

17 In accordance with the regulations of the Internal Audit Standards (IIA): Accurate communications are free from errors and distortions and are faithful to the underlying facts. Objective communications are fair, impartial, and unbiased and are the result of a fair-minded and balanced assessment of all relevant facts and circumstances. Clear communications are easily understood and logical, avoiding unnecessary technical language and providing all significant and relevant infor-mation. Concise communications are to the point and avoid unnecessary elaboration, superfluous detail, redundancy, and wordiness. Constructive communications are helpful to the engagement client and the organization and lead to improve-ments where needed. Complete communications lack nothing that is essential to the target audience and include all signifi-cant and relevant information and observations to support recommendations and conclusions. Timely communications are opportune and expedient, depending on the significance of the issue, allowing management to take appropriate corrective action.

18

The Code of Ethics in the Internal Audit Standards (IIA). 19 The Code of Ethics in the Internal Audit Standards (IIA).

(11)

Table 5. The principles and rules of conduct of internal auditors in the public finance sector

Honesty - If an internal auditor is honesty, his work is trusted and his evaluation is relied on An internal auditor:

1) performs his/her work in a honest, reliable and responsible manner; 2) observes the law and internal regulations of a unit;

3) recognizes and supports ethical and legitimate objectives of a unit; 4) puts public good before his/her own and his/her community's interest.

5) does not get involved in illegal activities or any actions, which could question the credibility of his/her work as an internal auditor or unit’s operation.

2. Objectivity - An internal auditor is highly objective during an internal audit, in particular when collecting, examining and forwarding information about the audited activities or processes. An internal auditor makes balanced judgments taking into consideration all significant circumstances connected with the audit task. In his opinions he/she disregards his/her own interest and does not allow other persons influence his/her judgments.

An internal auditor:

1) protects his/her independence from any attempts to influence his/her conclusions and recom-mendations;

2) presents clear and transparent reports for audit tasks, which are based on the evidence collected and estimated in accordance with the binding regulations and recognized internal audit practice

3) does not participate in activities, which can jeopardize impartial judgment or which can be con-sidered as an obstacle to such a judgment. In particular, this pertains to actions, which are not in accor-dance with a unit’s objectives or interests;

4) does not accept anything, which can jeopardize his/her objective judgment or be perceived as a lack of objectivity;

5) divulges all significant facts he/she is aware of, which undisclosed, could distort a report from an audit of a given area of a unit’s operation.

3. Confidentiality - An internal auditor respects the value and property of information, which he/she receives and unauthorized does not disseminate it, unless legally or professionally obliged.

An internal auditor:

1) sensibly uses and protects information he/she came in possession of during an audit’

2) does not use information for his/her personal benefit or for any other purpose, which could be illegal or detrimental to the ethical and legitimate objectives of a unit.

4. Professionalism - An internal auditor uses his/her knowledge, skills and experience to conduct an audit.

An internal auditor:

1) takes on tasks, which he/she is capable of performing with the use of his/her knowledge, skills and experience;

2) conducts an internal audit in accordance with acts of law, standards of internal auditing in PFSU and unit’s internal regulations concerning internal auditing;

3) constantly increases his/her professional qualifications and effectiveness and quality of his/her task performance;

5. Internal auditor’s internal auditor’s procedures and relations between internal auditors - An internal auditor acts in a manner, which reinforces professional cooperation and good relations with other auditors.

An internal auditor:

1) with his/her actions and mutual cooperation ranks up the significance of auditing for proper unit's operation;

(12)

6. Conflict of interests - An internal auditor does not participate in an audit task, if it could result in a conflict of interests.

An internal auditor:

1) ensures that none of the recommendations from an audit task do not transfer on him/her any competences or responsibilities connected with unit management and that it is guaranteed that they remain within the total and exclusive remit of a unit’s manager.

2) protects his/her independence and avoids conflicts of interests by refusing to accept any bene-fits, which could challenge the independence, honesty, objectivity of his/her work or could be perceived as a violation hereof;

3) avoids any relations with management and employees of a unit and with any other per-sons,which can influence him/her or in any way limit or contain his/her actions;

4) avoids connections, which can be considered corruption-prone or which can cause doubts about auditor's objectivity and independence.

Source: Komunikat Nr 16 MF z 18 lipca 2006r. w sprawie ogłoszenia „Kodeksu etyki audytora wewntrznego w jednostkach sektora finansów publicznych” i „Karty audytu wewntrz-nego w jednostkach sektora finansów publicznych” (Dz.Urz.MF Nr9, poz.70).

In accordance with acts of law and internal audit standards a person in charge of internal audit should set out rules and procedures to be observed during an audit. The form and content of the rules and procedures depends on the scale and structure of an internal audit as well as its complex-ity (Standard 2040). The Internal audit charter20(M. Dudek, E.I, Szczepankiewicz, 2008) as well as the description of the internal audit procedures (M. Dudek, E.I. Szczepankiewicz, P. Szczepankiewicz, 2008), which frequently in practice are referred to as Internal Audit Book of Procedures, constitute fundamental internal documents governing internal audit performance.

In accordance with the regulations of the Internal Audit Standards (IIA) the purpose, author-ity, and responsibility of the audit activity must be formally defined in an internal audit charter, consistent with the Definition of Internal Auditing, the Code of Ethics, and the Standards. The chief audit executive must periodically review the audit charter and present it to senior manage-ment and the board for approval (the Standard 1000). The audit charter is a formal documanage-ment that defines the internal audit activity's purpose, authority, and responsibility. The audit charter estab-lishes the internal audit activity's position within the organization; authorizes access to records, personnel, and physical properties relevant to the performance of engagements; and defines the scope of audit activities. Final approval of the audit charter resides with the chief.21

In accordance with the regulations of the Public Finance Act and its executive orders the audit charter specifies the chief objectives and rules of an audit. Furthermore, it should define the basic rights, obligations and responsibilities of an auditor and specify his/her status in a unit as well as the relation with other control institutions such as the Supreme Chamber of Control, inspectors from the Inland Revenue Agencies and the Social Security Company, etc. The charter of the audit activity is a formal written document that defines the audit activity’s purpose, authority, and re-sponsibility. The charter should: establish the audit activity’s position within the organization; authorize access to records, personnel, and physical properties relevant to the performance of en-gagements; define the scope of audit activities.22

20

Komunikat Nr 16 MF z 18 lipca 2006 r. w sprawie ogłoszenia „Kodeksu etyki audytora wewnĊtrznego w jsfp” i „Karty audytu wewnĊtrznego w jsfp” (Dz. Urz. MF Nr 9, poz. 70).

21

Interpretation in the Internal Audit Standards (IIA). 22 Definition in Glossary in the Internal Audit Standards (IIA).

(13)

The chief audit executive must establish policies and procedures to guide the internal audit ac-tivity. The form and content of policies and procedures are dependent upon the size and structure of the internal audit activity and the complexity of its work (the Standard 2040). The Internal Au-dit Book of Procedures specifies the general provisions of the charter and describes the detailed audit methods, inclusive of the planning procedures, audit task execution, documentation devel-opment and reporting.

In accordance with the regulations of the Internal Audit Standards (IIA) internal auditors must develop and document a plan for each engagement, including the engagement’s objectives, scope, timing, and resource allocations (the Standard 2200). Auditors must document relevant informa-tion to support the conclusions and engagement results (the Standard 2330). An auditor documents all activities and events, which are significant for internal audit. An auditor keeps the current audit files in order to document the audit and its results as well as the permanent audit files to collect information about risk areas, which can possibly constitute a subject of an audit. The obligation to document all the activities and events significant to perform an audit is stipulated in the ordinance concerning the audits and their documentation. The chief audit executive must develop retention requirements for engagement records, regardless of the medium in which each record is stored. These retention requirements must be consistent with the organization’s guidelines and any perti-nent regulatory or other requirements (the Standard 2330.A2). In accordance with the regulations of the Public Finance Act and its executive orders the unit management, the head of the audited unit, in which an audit is performed as well as all authorized persons can gain access to current audit files. The chief audit executive must develop policies governing the custody and retention of consulting engagement records, as well as their release to internal and external parties (the Stan-dard 2330.C1). The internal audit documents are marked and stored in accordance with the general rules concerning the files left behind in a unit.

6. Final conclusions

In 2010 internal audit becomes obligatory in local governments units in particular. Internal audit becomes obligatory in more and more public finance sector units, including the local gov-ernments units, which means it is necessary and efficient for public sector operation. Thus, in light of the currently binding regulations and adopted standards an internal audit should support a man-ager of a unit in effective unit management, evaluation of the efficiency of internal control, public finance management, risk management and execution of public governance tasks.

7. Literature

[1] Control Objectives for Information and Related Technology. Management Guidelines (COBIT). IT Governance Institute, April 2001, www.itgi.org. and www.isaca.org.pl. [2] Dudek M., Szczepankiewicz E.I., Karta audytu wewnĊtrznego w jednostce sektora finansów

publicznych, [w:] Funkcjonowanie audytu wewntrznego w Polsce, Zeszyty Naukowe 512 Uniwersytetu Szczeciskiego, Szczecin 2008.

[3] Dudek M., Szczepankiewicz E.I, Szczepankiewicz P., Opis procedur audytu wewnĊtrznego w jednostce sektora finansów publicznych z wzorami dokumentów, współautor, Poradnik Rachunkowoci Budetowej 2008, Nr 7, Wyd. INFOR.

[4] Komunikat Nr 1 MF z 19 lutego 2009 r. w sprawie standardów audytu wewntrznego w jednostkach sektora finansów publicznych (Dz.Urz. MF Nr 2, poz. 12).

(14)

[5] Komunikat Nr 16 MF z 18 lipca 2006r. w sprawie ogłoszenia „Kodeksu etyki audytora wewntrznego w jednostkach sektora finansów publicznych” i „Karty audytu wewn-trznego w jednostkach sektora finansów publicznych” (Dz.Urz.MF Nr9, poz.70).

[6] Komunikat Nr 23 MF z 16 grudnia 2009 r. w sprawie standardów kontroli zarzdczej dla sektora finansów publicznych (Dz. Urz. MF Nr 15, poz. 84).

[7] Rozporzdzenie MF z 1 lutego 2010 r. w sprawie przeprowadzania i dokumentowania audytu wewntrznego (Dz. U. Nr 21, poz. 108).

[8] Sołtyk P., Dualizm Audytu WewnĊtrznego w jednostkach samorządu terytorialnego w Polsce – wstĊpne wyniki badaĔ [w:] Audyt wewntrzny instrumentem zarzdzania, Uni-wersytet Szczeciski, Zeszyty Naukowe nr 564, Szczecin 2009.

[9] Standards for Information Systems Auditing, ISACA 2002. www.isaca.org.pl

[10] Szczepankiewicz E.I. Zasady funkcjonowania audytu wewntrznego w 2009 r. w jednost-kach sektora finansów publicznych, Poradnik Rachunkowoci Budetowej 2009, Nr 11, Wyd. INFOR.

[11] The International Standards for the Professional Practice of Internal Audit, The Institute of Internal Auditors (IIA), 247 Maitland Avenue, Altamonte Springs, Florida 32701–4201, USA 2001. – www.iia.org.pl.

(15)

ROLA I ZADANIA AUDYTU WEWNĉTRZNEGO W JEDNOSTKACH SAMORZĄDU TERYTORIALNEGO

Streszczenie

W 2010 roku znowelizowana ustawa o finansach publicznych zobowiązuje znacznie wiĊcej jednostek sektora finansów publicznych do przeprowadzania audytu wewnĊtrznego. Na liĞcie zobowiązanych do przeprowadzania audytu wewnĊtrznego są równieĪ jednostki samorządu terytorialnego. Obecnie funkcja audytu wewnĊtrz-nego sprawia, Īe jego miejsce w sektorze publicznym jest bardzo waĪne i szczegóło-wo regulowane przepisami prawa oraz standardami. W opracowaniu omówiono obowiązujące w 2010 roku przepisy prawne, wytyczne i standardy w zakresie audytu wewnĊtrznego, a takĪe podstawowe zasady przeprowadzania audytu w jednostkach samorządu terytorialnego. W opracowaniu omówiono równieĪ wymagania kwalifi-kacyjne wobec osoby pełniącej funkcjĊ audytora wewnĊtrznego zatrudnionego w jednostce i zasady korzystania z audytu wewnĊtrznego wykonywanego przez usłu-godawcĊ zewnĊtrznego.

Słowa kluczowe: audyt wewntrzny, kontrola wewntrzna, zarzdzanie.

Elbieta Izabela Szczepankiewicz Uniwersytet Ekonomiczny w Poznaniu

Cytaty

Powiązane dokumenty

Ponieważ w tym wyrażeniu użyte jest słowo kairos, możemy interpretować tę wypowiedź nie tylko w tym sensie, że nadszedł dla Jezusa stosowny moment do rozpoczęcia

In light of the agency theory, the asymmetry of information and the legiti- macy of internal auditing are of particular importance when they are related to the public finance

Piaskowce charakteryzuj¹ siê zbli¿onymi wartoœciami porowatoœci otwartej, wynosz¹- cymi œrednio 7,4% dla próbek pochodz¹cych ze z³o¿a G³êbiec i 7,0% dla próbek ze

Konwencja ONZ to konceptualny drogowskaz i niezbe˛dny element budowy społeczen ´ stwa otwartego ,,dla’’ oso´b z niepełnosprawnos´cia˛ i ,,na’’ ich sprawy,

Od wielu lat Belgia charakteryzuje się napływem imigrantów, przede wszystkim z państw europejskich, jednakże w związku z kryzysem imigracyjnym trwającym od 2015 r.. w Belgii de

W tym miejscu warto odnotować, nie tylko jako ciekawostkę, że zgadza się to także z wnioskiem wyciągniętym przez Ludwiga Wittgensteina w drugim okresie uprawiania przezeń

The predicted micromechanical properties of ITZ can be further used to determine the interface properties between aggregate and HCP in the discrete fracture modelling of concrete

że normy etyczne nie są już bezwzględnie obowiązujące, nowina o przebaczeniu win sta- rciła wyraźnego adresata, co uzasadnia wypowiedź wybitnego protestanckiego filozofa re-