Evaluation of the perceived effectiveness of internal audit activity in selected government owned and managed entities
Abstract
Internal audit is an independent assurance provider with its role being to review the effectiveness of risk management, controls and governance processes. Internal audit is the custodian of good governance and is trusted with reviewing and providing assurance on the effectiveness of governance processes within the organisation. Internal audit in the South African government owned and managed entities is critical in that it assists the Accounting Officers to effectively execute their responsibilities as noted in the Public Finance Management Act (PFMA). The PFMA’s main focus among others is to promoting good governance and accountability. It is because of the PFMA that the establishment of internal audit in government owned and managed entities became mandatory.
Of late, the government owned and managed entities have been in the public light with all sort of wrongs emerging mostly as a result of issues related to weak governance. The Auditor General in the consolidated general report of 2016 stated that some of the challenges (uncompetitive and unfair procurement processes; increase in unauthorised and irregular expenditure; slow response by management in improving internal controls; and inadequate consequences for poor performance and transgressions) faced by government entities are attributed to weak governance and that effective internal audit activities can assist to curb these challenges.
The main focus of this study was to evaluate the perceived effectiveness of internal audit activity in selected government owned and managed entities. The Institute of Internal Auditors (The IIA) identified some core principles to be used in measuring the effectiveness of the internal audit activity. Accordingly, internal auditing is effective if it: i) demonstrates integrity; ii) demonstrates competence and due professional care; iii) is objective and free from undue influence independent; iv) aligns with the strategies, objectives, and risks of the organisation; v) is appropriately positioned and adequately resourced; vi) demonstrates quality and continuous improvement; vii) communicates effectively; viii) provides risk based assurance; ix) is insightful, proactive, and future-focused; and x) promotes organisation improvement. The IIA further states that the factors should be present and be operating for the internal audit activity to be seen as effective. Much as the core principles make no mention of “management support”, management support is also a critical element which directly affects the effectiveness of an internal audit activity.
A quantitative research method was utilised where the two samples (internal auditors sample and management sample) were identified and applied at Entity A to source the results from the respondents. As the effectiveness of internal audit activity is pivotal in government owned and managed entities, the internal audit activity at Entity A was perceived to be ineffective as the core principles as listed above were present but not operating as they should. In addition, it was also noted that management does not entirely support the work of the internal audit.
In an attempt to add value and a start a process of ensuring that the internal audit is effective at government owned and managed entities, several recommendations were proposed which include amongst others, internal auditors strengthening their independence and objectivity; incorporation of organisation’s risks in internal audit plans to ensure broad coverage; internal audit being pro-active and future focused in their approach; to be insightful, deploying time to learn and understand the organisations’ processes and operation so to ensure that audit/engagement plans aligns to that of the organisation