|
|
|
|
|
|
|
APPENDIX B |
|
Terms of Reference for the provision of Internal Audit Services to Hampshire Fire and Rescue Authority |
|
|
|
|
1 |
Hampshire Audit Services, as the appointed internal auditor, is responsible for conducting an independent appraisal of all the Hampshire Fire and Rescue Authority's activities, financial and otherwise. It should provide a service to the whole Hampshire Fire and Rescue Authority, including the members of the Hampshire Fire and Rescue Authority and all levels of management within Hampshire Fire and Rescue Authority. It is not an extension of, nor a substitute for, good management of the Hampshire Fire and Rescue Authority although it can have a role in advising those with management responsibilities. Hampshire Audit Services is also responsible for giving assurance to the members of the Hampshire Fire and Rescue Authority and the Chief Officer on the adequacy and effectiveness of the Hampshire Fire and Rescue Authority's risk management, control and governance processes. Hampshire Audit Services assists managers by evaluating and reporting to them the effectiveness of the controls for which they are responsible. This work contributes to the opinion that Hampshire Audit Services provides on risk management, control and governance processes. It remains the duty of management within the Hampshire Fire and Rescue Authority, not Hampshire Audit Services, to operate adequate systems of risk management, control and governance. It is for Hampshire Fire and Rescue Authority's management to determine whether or not to accept audit recommendations and to recognise and accept any risks of not taking action. |
|
|
Scope |
2 |
All the Hampshire Fire and Rescue Authority's activities, funded from whatever source, fall within the remit of Hampshire Audit Services. Hampshire Audit Services may consider the adequacy of controls necessary to secure propriety, economy, efficiency and effectiveness in all areas. It will seek to confirm that Hampshire Fire and Rescue Authority management has taken the necessary steps to achieve these objectives and manage the associated risks. The scope of Hampshire Audit Services' work shall cover operational and management controls and shall not be restricted to the audit of systems and controls necessary to form an opinion on the financial statements. Hampshire Audit Services shall devote particular attention to any aspects of risk management, control and governance processes affected by material changes to the Hampshire Fire and Rescue Authority's risk environment. |
3 |
The systems of control subject to Hampshire Audit Service's work also shall include those systems of control operated by: |
|
· |
all the Hampshire Fire and Rescue Authority's subsidiary or associated companies |
|
· |
partnership arrangements, unless contract arrangements specifically assign this responsibility to the internal audit providers of other partners within the agreement |
|
· |
contractors of the Hampshire Fire and Rescue Authority who provide any service that handles or processes Hampshire Fire and Rescue Authority finances or management information in any form. |
|
|
|
4 |
It is not within the remit of Hampshire Audit Services to question the appropriateness of policy decisions. However, Hampshire Audit Services is required to examine the arrangements by which such decisions are made, monitored and reviewed. |
|
|
5 |
Hampshire Audit Services may also conduct any special reviews requested by the members of the Hampshire Fire and Rescue Authority, Governance Committee or Chief Officer, provided such reviews do not compromise the audit service's objectivity or independence, or the achievement of the approved audit plan. |
|
|
Responsibilities |
6 |
The Chief Internal Auditor is required to give an annual opinion to the members of the Hampshire Fire and Rescue Authority, through the Governance Committee, on the adequacy and effectiveness of the Hampshire Fire and Rescue Authority's risk management, control and governance processes. He shall also comment on other activities for which the members of the Hampshire Fire and Rescue Authority are responsible, and to which Hampshire Audit Services has access. This assurance is also required in support of: · the Treasurer's Section 151 responsibilities under the Local Government Act 1972, which require him to make arrangements for the proper administration of the Authority's financial affairs · the Monitoring Officer's responsibility for annually reviewing the effectiveness of, and compliance with the County Council's Code of Corporate Governance. |
7 |
Hampshire Audit Services fulfils its terms of reference through review and evaluation of risk management, control and governance processes. These comprise the policies, procedures and operations in place to: |
|
· |
establish and monitor the achievement of the Hampshire Fire and Rescue Authority's objectives |
|
· |
identify, assess and manage the risks to achieving the Hampshire Fire and Rescue Authority's objectives |
|
· |
advise on, formulate, and evaluate policy, within the responsibilities of the Treasurer as accounting officer |
|
· |
ensure the economical, effective and efficient use of resources |
|
· |
ensure compliance with established policies, procedures, laws and regulations |
|
· |
safeguard the Hampshire Fire and Rescue Authority's assets and interests from losses of all kinds including those arising from fraud, irregularity and corruption, and |
|
· |
ensure the integrity and reliability of information, accounts and data, including internal and external reporting and accountability processes. |
|
|
Standards and approach |
8 |
Hampshire Audit Services' work will be performed with due professional care, in accordance with the standards and requirements of the Chartered Institute of Public Finance and Accountancy's Code of Practice for Internal Audit in Local Government in the United Kingdom. The work shall comply in all material respects with these recognised auditing standards. Hampshire Audit services shall also have regard to advice provided by professional auditing and accountancy bodies. |
|
|
9 |
The Chief Internal Auditor shall implement procedures to monitor the effectiveness of the service and compliance with standards. The Chief Internal Auditor shall prepare a set of performance measures and criteria for the internal audit function, which shall be agreed with the Governance Committee. |
|
|
10 |
In achieving its objectives, Hampshire Audit Services shall develop and implement an audit strategy that assesses the Hampshire Fire and Rescue Authority's risk management, control and governance processes. |
|
|
Independence |
|
|
11 |
Hampshire Audit Services has no executive role, nor does it have any responsibility for the development, implementation or operation of systems. However, it may provide independent and objective advice on risk management, control, governance processes and related matters, subject to resource constraints. For day to day administrative purposes only, the Chief Internal Auditor reports to senior officers within the Hampshire Fire and Rescue Authority and the reporting arrangements must take account of the nature of audit work undertaken. The Chief Internal Auditor has a right of direct access to the chair of the Hampshire Fire and Rescue Authority, the chair of the Governance Committee and the Chief Officer. |
|
|
12 |
The Governance Committee shall advise the members of the Hampshire Fire and Rescue Authority on all matters concerning internal control. Within the Hampshire Fire and Rescue Authority, responsibility for the Hampshire Fire and Rescue Authority's risk management, control and governance processes rests with the members of the Hampshire Fire and Rescue Authority and management, who shall ensure that appropriate and adequate arrangements exist without relying on internal audit. To preserve the objectivity and impartiality of Hampshire Audit Services's professional judgement, responsibility for implementing audit recommendations rests with Hampshire Fire and Rescue Authority management. |
|
|
Access and liaison |
|
|
13 |
Hampshire Audit Services shall have unrestricted access to all documents, records, assets, personnel and premises of the Hampshire Fire and Rescue Authority and its companies, and be authorised to obtain such information and explanations as they consider necessary to form their opinion. |
|
|
14 |
In turn, Hampshire Audit Services agrees to comply with any requests from the Audit Commission for access to any information, files or working papers obtained or prepared during audit work that they need to discharge their responsibilities as the financial statements auditors. |
|
|
15 |
Hampshire Audit Services shall liaise with the Audit Commission to enhance the level of service it provides to the Hampshire Fire and Rescue Authority management. |
|
|
Reporting |
|
|
16 |
Hampshire Audit services shall prepare, before the beginning of the year, a long-term strategy document supported by an assessment of resource needs and an annual audit plan. The strategy report shall be submitted to the Governance Committee for approval following consultation with relevant managers and the Chief Officer. The annual audit plan shall be approved by the Treasurer after consultation with the Chief Officer and copied to the Governance Committee. |
|
|
17 |
Hampshire Audit Services produces its reports, in writing, usually within three weeks of completion of each audit, giving an opinion on the area reviewed and making recommendations where appropriate. Recommendations shall be prioritised. The designated managers of department or services shall be required to respond to each audit report, usually within one month of issue. In their response, they shall state, for agreed recommendations, their proposed action, the person responsible for implementation and a date by which action will be completed. Copies of all reports are also provided to the Chief Officer. Material recommendations will usually be followed up some six to 12 months later and the progress of implementation by management will be reported to the Governance Committee. |
|
|
18 |
The Chief Internal Auditor is accountable to the Treasurer and the members of the Hampshire Fire and Rescue Authority through the Governance Committee for the performance of internal audit. The Chief Internal Auditor shall keep the Chief Officer informed of audit results and draw the attention of the Governance Committee to significant findings and recommendations. This will be done by providing the Governance Committee with a summary of key issues at least twice a year. |
|
|
19 |
The Chief Internal Auditor submits an annual report to the members of the Hampshire Fire and Rescue Authority and Chief Officer through the Governance Committee, based on the Hampshire Fire and Rescue Authority's financial year. This gives an opinion on the adequacy and effectiveness of the Hampshire Fire and Rescue Authority's risk management, control and governance processes and on the arrangements for securing economy, efficiency and effectiveness. |
|
|
20 |
The Chief Internal Auditor's annual report to the members of the Hampshire Fire and Rescue Authority shall include: |
|
· |
a statement of the overall adequacy and effectiveness of the Hampshire Fire and Rescue Authority's risk management, control and governance processes |
|
· |
any qualifications to that opinion, together with the reasons for the qualification |
|
· |
a notice of any issues that the Chief Internal Auditor judges relevant to the preparation of the Statement of the Responsibilities of the Members of the Hampshire Fire and Rescue Authority, the Statement on the System of Internal Financial Control (if still required) and the Statement on Internal Control such as an analysis of common or significant weaknesses or details of any major internal audit findings where action appears to be desirable but has not been taken |
|
· |
a comparison of Hampshire Audit Services's activity during the year with that planned |
|
· |
a summary of the performance of the internal audit function against its performance measures and criteria |
|
· |
comment on compliance with the CIPFA Code of Practice for Internal Audit in Local Government in the United Kingdom, and |
|
· |
the results of Hampshire Audit Services quality assurance programme. |
|
|
21 |
The Chief Internal Auditor reviews the annual report with the Treasurer, the Chief Officer and Governance Committee prior to publication. |
|
|
Irregularities, including fraud and corruption |
|
|
22 |
Hampshire Audit services shall without delay report to the Chief Officer and Chairman of the Governance Committee, serious weaknesses, significant fraud, major accounting and other breakdowns. |
|
|
23 |
The Chief Internal Auditor shall be informed when evidence of potential irregularity, including fraud, corruption or any impropriety, is discovered so that he can; · consider the adequacy of the relevant controls · evaluate the implication of the fraud on the risk management, control and governance processes, and · consider making recommendations as appropriate.
The role of Hampshire Audit Services is not to commence the investigation of an irregularity unless requested to do so by the Chief Internal Auditor or Monitoring Officer. |
| |
|
Working in partnership |
|
24 |
Management within the Hampshire Fire and Rescue Authority can help to ensure the smooth running of the service provided by: |
|
· |
being available to discuss the audit needs assessment on an annual basis |
|
· |
keeping Hampshire Audit Services informed of major issues which may affect the audit plan |
|
· |
being available at the start of each visit to discuss the scope and objectives of the audit and any particular concerns |
|
· |
ensuring that adequate desk space is available for each auditor on site, with secure storage facilities for audit working papers during the site visit and access to a telephone and a photocopier |
|
· |
ensuring that key staff, records and systems are available at each visit / review |
|
· |
being available at the end of each visit / review to discuss findings and recommendations |
|
· |
confirming the factual accuracy of a draft report and providing a management response to all recommendations before the final report is issued to the Chief Officer and head of department or service |
|
· |
notifying Hampshire Audit Services of all suspected cases of fraud or irregularity |
|
· |
providing Hampshire Audit Services with copies of plans and reports issued by the Hampshire Fire and Rescue Authority's external auditors |
|
· |
notifying Hampshire Audit Services of Governance Committee meeting dates and providing papers in advance. |
|
|
|
Confidentiality and Freedom of Information |
|
|
25 |
For the purposes of this clause, the following words and expressions shall have the following meaning: "Commercially Sensitive Information" means information that constitutes a trade secret; "Confidential Information" means any information which has been designated as confidential by either Party in writing or that ought to be considered as confidential (however it is conveyed or on whatever media it is stored) including information which relates to the business, affairs, properties, assets, trading practices, developments, trade secrets, Intellectual Property Rights, know-how, personnel, customers and suppliers of either Party, all personal data and sensitive personal data within the meaning of the Data Protection Act 1998 and the Commercially Sensitive Information; "EIR" means the Environmental Information Regulations 2004; "FOIA" means the Freedom of Information Act 2000 and any subordinate legislation made under this Act from time to time together with any guidance and / or codes of practice issued by the Information Commissioner in relation to such legislation; "Information" has the meaning given under section 84 of the Freedom of Information Act 2000; "Requests for Information" shall have the meaning set out in FOIA or any apparent request for information under the FOIA or the EIR. Confidentiality Subject to the Freedom of Information Act, each Party shall treat all Confidential Information belonging to the other Party as confidential and safeguard it accordingly except as required by law or as reasonably required in order to carry out the Contract. Confidential documents includes but is not limited to those shown at Appendix A. Freedom of Information i) The Party acknowledges that the other Party is subject to the requirements of the FOIA and the EIRs 2004 and each Party shall assist and co-operate with the other (at their own expense) to enable the other Party to comply with these Information disclosure obligations. ii) Where a Party received a Request for Information in relation to Information which it is holding on behalf of the other Party, it shall (and shall procure that its sub-contractors shall) :- (a) transfer the Request for Information to the other Party as soon as practicable after receipt and in any event within three working days of receiving a Request for Information; (b) provide the other Party with a copy of all Information in its possession or power in the form that the other Party requires within ten working days (or such other period as the client may specify) of the Client's requesting that Information ; and (c) provide all necessary assistance as reasonably requested by the Client to enable the Client to respond to a Request for Information within the time for compliance set out in Section 10 of the FOIA.
iii) Where a Party receives a Request for Information which relates to the Contract, it shall inform the other Party of the Request for Information as soon as practicable after receipt and in any event with two Working Days before disclosure. iv) Where a Party determines that Information (including Confidential Information) must be disclosed pursuant to Clause (iii) it shall notify the other Party of that decision at least two Working Days before disclosure. v) Each Party shall be responsible for determining at it absolute discretion whether the Commercially Sensitive Information and / or Information :- (b) is to be disclosed in response to a Request for Information. vi) Each Party acknowledges that the other Party may be obliged under the FOIA or the EIR to disclose Information: (a) without consulting with the other Party, or (b) following consultation with the other Party and having taken its views on account.
|
| |
|
Ownership of documentation |
|
|
26 |
Hampshire Audit Services' files and working papers, which demonstrate compliance with the CIPFA Code of Practice for Internal Audit in Local Government in the United Kingdom, are the property of the Hampshire Fire and Rescue Authority. |
|
|
Electronic communication |
|
|
27 |
During the engagement Hampshire Audit Services and the Hampshire Fire and Rescue Authority may from time to time communicate electronically with each other. However, the electronic transmission of information cannot be guaranteed to be secure or free of viruses or error and such information could arrive late or incomplete, be intercepted, corrupted, lost, destroyed, or otherwise be adversely affected or unsafe to use. No systems or procedures can guarantee that transmissions will be unaffected by such hazards. |
|
|
28 |
Hampshire Audit Services and the Hampshire Fire and Rescue Authority confirm that each accepts the risks of electronic communications between each other. Each agrees to use commercially reasonable procedures to check for the most commonly known viruses before sending information electronically. Each shall be responsible for protecting its own systems and interests in using electronic communications. Hampshire Audit Services and the Hampshire Fire and Rescue Authority shall have no liability to each other on any basis, whether in contract, tort (including negligence) or otherwise, in respect of any error, damage, loss or omission arising from or in connection with the electronic communication of information between each other and the reliance on such information. |
|
|
Indemnity and Insurance |
|
|
29 |
Hampshire Audit Services' professional indemnity cover is provided through the County Council and is sufficient to meet all eventualities in respect of external contract arrangements up to the sum of £10 million. Hampshire Audit Services will indemnify the Hampshire Fire and Rescue Authority against claims and costs arising from its negligence or wilful breach of any obligation under this agreement provided that its maximum liability shall not exceed £10 million. |
|
|
Fees |
|
|
30 |
The fees for internal audit work will be agreed in advance of each financial year to reflect the number and mix of days required and movements in cost base. |
|
|
31 |
If specific assignments are requested in addition to the annual plan, fees will be agreed in advance based on the staff mix required. |
|
|
Payment |
|
|
32 |
Hampshire Audit Services will invoice six monthly in arrears with all sums due on presentation. |
|
|
Agreement of terms |
|
|
33 |
On behalf of Hampshire Audit Services, I confirm the above terms in respect of Hampshire Fire and Rescue Authority: |
|
|
|
|
|
|
Signed: |
|
|
|
|
|
Name: |
Ejner Knudsen |
|
|
|
|
Position: |
Chief Internal Auditor |
|
|
|
|
Date: |
March 2006 |
|
|
|
|
|
|
|
On behalf of the Hampshire Fire and Rescue Authority, I confirm the above terms in respect of Hampshire Fire and Rescue Authority: |
|
|
|
|
|
|
|
|
Signed: |
|
|
|
|
|
Name: |
|
|
|
|
|
Position: |
|
|
|
|
|
Date: |
March 2006 |
|
|
|
