The Government, through the Public Finance Management Bill, 2019 has recognised the value of Internal Auditors by including sections which speak to the Internal Audit Office and its responsibility for audits of Public Entities.
This is a significant step for Barbados and, if done well, could create an example of good governance and accountability for the country and the region.
Internal Auditors help to ensure that good governance and implemented controls within an entity are functioning as intended. They analys risks that could create breakdowns in the achievement of objectives and provide professional advice to help prevent or correct identified failings.
In other words, the Internal Auditor is your professional best friend.
Imagine having someone by your side providing advice for optimal performance, an advisor that can identify what is going wrong and offer solutions to get you on the right track. You can rely on this person because they are professionally trained and will likely have experience in your industry to give another perspective.
Within the public service, an Internal Auditor can be invaluable. Internal Auditors should have unrestricted access to review any area of the public service, including State Owned Entities (SOE), and can provide professional advice on any of the following areas:
- Operations: This typically includes a review of a process such as purchases, investments, payroll, customer service, marketing, etc. to identify whether objectives are met and to highlight identified deficiencies. For example, during an audit of the purchases process, an Internal Auditor can review a sample of major purchases to verify whether they have been through the appropriate bidding process. Identified deficiencies will be documented and recommendations made for improvements.
- Compliance: Most, if not all, entities are subject to various legislation, regulations, standards or policies. The Internal Auditor can review these requirements and provide an assessment as to the level of compliance in place. Breaches can be reported, particularly for areas that would incur monetary fines and penalties or reputational damage.
- Information Technology: The Internal Auditor can provide advice for the acquisition of systems or required upgrades to improve the functions of the entity. They can also use data analytics to provide information for strategic decision making. Often, the advice as to the vulnerabilities within these systems can prevent breaches or help an entity back on its feet quickly after an identified breach.
- Fraud Investigations: A specially trained Internal Auditor can assist with the detection or investigation of red flag situations identified by Ministers, Management, whistleblowers, staff, the public or the Auditor and conduct interviews to identify if there has been any wrongdoing. This Auditor will likely be invaluable to the Attorney General’s office.
- Risk Assessments: An Internal Auditor can provide a structured system for identifying the key risks that a Ministry or SOE must face and prioritizing those risks so that scarce financial and human resources can be adequately allocated to address these risks. These risks can be designated as high, medium and low with attached action plans and timelines for the identified solutions.
- Training: Internal Auditors can play a valuable role in educating process owners about best practices. They can help in the understanding of good governance and ethical practices, risk management, identifying red flags, maximizing the use of technology and so on.
- Financial reviews: Although the Internal Auditor is qualified to perform financial reviews, this area is currently managed by the Auditor General.
The potential for an Internal Audit department is almost limitless. However, it must be highlighted that the value of this department can be easily diminished through understaffing, employing under qualified or inexperienced auditors, a lack of cooperation from audited entities or a weak Internal Audit Committee that is unable or unwilling to provide the support required for this department. Education is required so that audited entities understand what is required to promote a cooperative relationship, rather than an adversarial one.
The Internal Audit Committee should comprise of independent members that support the functional reporting of the Internal Audit department, as auditors should only report administratively to the Ministry of Finance. This distinction is critical as the Auditor cannot report to the Ministry of Finance as this Ministry is an auditable entity.
If this is not in place, the Internal Auditor office will be significantly hampered in providing objective reports, particularly where those reports may contain unfavourable findings for this Ministry. Administrative reporting will keep this Ministry in the loop without giving it the ability to interfere in investigations.
As an Internal Auditor, I look forward to the implementation of this function and the improvements that are sure to come with a well-functioning department such as this.
*Krystle Howell, CPA, CIA, COSO, ALMI, ACS, aka Mavis, is an Internal Auditor by profession, avid artist and a lover of dance.