• No results found

ESSEX FIRE AUTHORITY. Internal Audit Progress Report. Audit Sub-Committee Meeting: April 2012

N/A
N/A
Protected

Academic year: 2021

Share "ESSEX FIRE AUTHORITY. Internal Audit Progress Report. Audit Sub-Committee Meeting: April 2012"

Copied!
9
0
0

Loading.... (view fulltext now)

Full text

(1)

ESSEX FIRE AUTHORITY

Internal Audit Progress Report

(2)

CONTENTS

Section Page

1 Introduction 1

2 Final reports issued 1

3 Key Findings from Internal Audit Work 1

4 Work in Progress or Planned 1

5 Liaison with Management and External Audit 1

6 Changes to our Plan 1

7 Client Briefings 2

Appendices

A 2011/12 Work Completed to Date Including Summary of Assurance Levels and Recommendations 3

B Work in Progress or Yet to Start (including reports still in draft) 5

C Client Briefings 6

The matters raised in this report are only those which came to our attention during our internal audit work and are not necessarily a comprehensive statement of all the weaknesses that exist, or of all the improvements that may be required. Whilst every care has been taken to ensure that the information provided in this report is as accurate as possible, based on the information provided and documentation reviewed, no complete guarantee or warranty can be given with regard to the advice and information contained herein. Our work does not provide absolute assurance that material errors, loss or fraud do not exist.

This report is prepared solely for the use of Essex Fire Authority. Details may be made available to specified external agencies, including external auditors, but otherwise the report should not be quoted or referred to in whole or in part without prior consent. No responsibility to any third party is accepted as the report has not been prepared, and is not intended for any other purpose.

© 2012 RSM Tenon Limited

RSM Tenon Limited is a member of RSM Tenon Group

RSM Tenon Limited is an independent member firm of RSM International an affiliation of independent accounting and consulting firms. RSM International is the name given to a network of independent accounting and consulting firms each of which practices in its own right. RSM International does not exist in any jurisdiction as a separate legal entity. RSM Tenon Limited (No 4066924) is registered in England and Wales. Registered Office 66 Chiltern Street, London W1U 4GB. England

(3)

Essex Fire Authority 1 Internal Audit Progress Report April 2012

1. INTRODUCTION

1.1 The periodic internal audit plan for 2011/12 was approved by the Audit Sub-Committee in July 2011. This report summarises the outcome of work completed to date against that plan. Appendices A and B provide cumulative data in support of internal audit performance.

2. FINAL REPORTS ISSUED

2.1 We have finalised two reports from the 2011/12 audit plan since the last meeting, these being in the areas of:  Safer Communities (6.11/12); and

 Key Financial Controls (7.11/12).

2.2 Appendix A summarises our opinions and the number of recommendations made during the year to date. 3. KEY FINDINGS FROM INTERNAL AUDIT WORK

3.1 The Audit Sub-Committee should note that the assurances given in our audit assignments will be taken into account when we form our overall opinion on the assurance that we provide in our Annual Report at the end of the year. In particular the Audit Sub-Committee should note that any negative assurance opinions will need to be noted in the annual report and may result in a qualified or negative annual opinion. However we have not identified any issues that will result in a qualified opinion to date

3.2 No common weaknesses have been identified within our reports so far for 2011/12.

4. WORK IN PROGRESS OR PLANNED

4.1 We have issued one further draft report, this being in the area of:  Follow Up (8.11/12).

5. LIAISON WITH MANAGEMENT AND EXTERNAL AUDIT

5.1 We have held a meeting with Management to discuss the Internal Audit Plan for 2012/13. 5.2 External Audit has reviewed our work during their interim assessments.

(4)

5.3 CHANGES TO OUR PLAN

5.4 We have made no changes to the audits within the agreed plan. 6. CLIENT BRIEFINGS

(5)

Essex Fire Authority 3 Internal Audit Progress Report April 2012

APPENDIX A: 2011/12 WORK COMPLETED TO DATE INCLUDING SUMMARY OF ASURANCE LEVELS AND RECOMMENDATIONS Reports being considered at this Committee are shown in italics.

Auditable Are0a Start Date Debrief date Draft report issued Responses received Final report issued Audit Sub-Committee

Assurance level given Number of Recommendations Made

Actual (Planned) High Medium Low In

Total

Agreed

Risk Management

(1.11/12) 4 Jul 2011 7 Jul 11 19 Jul 11 8 Sept 11 9 Sept 11 October 2011 0 3 1 4 4

Management of Volunteers (2.11/12)

27 Jul

2011 8 Aug 11 11 Aug 11 8 Sept 11 8 Sept 11 October 2011 ADVISORY - - - 4 4

Business Planning (3.11/12)

15 Aug

2011 19 Aug 11

31 Aug 11 07 Nov 11

20 Oct 11 30 Nov 11 February 2012 0 3 0 3 3

Budgetary Control and Financial Planning (4.11/12)

23 Sept

2011 27 Sept 11 7 Oct 11 17 Nov 11 17 Nov 11 February 2012 0 0 0 0 0

Proactive Fraud – Review of Key Anti Fraud Policies (5.11/12)

Nov / Dec 2011

1 Nov 11 14 Nov 11 13 Dec 11 13 Dec 11 February 2012 ADVISORY 0 2 12 14 14

Safer Communities (6.11/12)

23 Jan

(6)

Auditable Are0a Start Date Debrief date Draft report issued

Responses received

Final report issued

Audit Sub-Committee

Assurance level given Number of Recommendations Made

Actual (Planned) High Medium Low In

Total

Agreed

Key Financial

Controls (7.11/12) 22 Feb 2012 24 Feb 12

20 March

12 11 April 12 11 April 12 April 2012 0 4 10 14 14

(7)

Essex Fire Authority 5 Internal Audit Progress Report April 2012

APPENDIX B: WORK IN PROGRESS OR YET TO START (INCLUDING REPORTS STILL IN DRAFT) Auditable Area Start Date Debrief date Draft report

issued

Responses received

Audit Sub-Committee

Follow Up (8.11/12) 24 February 2012 7 March 2012 30 March

2012 April 2012

ICT May / June

(8)

APPENDIX C: CLIENT BRIEFINGS

This client briefing has been issued following the investigation of a number of cases involving spurious requests purporting to be from suppliers detailing changes of bank account details. The requests are followed by fraudulent invoices which have subsequently been paid by organisations.

This type of fraud has been an issue previously in the NHS and the private sector and more recently in local authorities and the education sector. As fraudsters continually develop and apply new methods to circumvent controls, it is essential that all organisations assess the effectiveness of controls in relation to the

administration procedures for changing supplier bank account details on invoice payment systems. It is also important to ensure that mitigating action is taken where necessary to minimise any fraud risk; for example, by independently verifying with the supplier the change to supplier details before it is actioned.

The result of such scams can have a multitude of repercussions, such as impacting upon resource levels, causing conflict within the organisation and reputational damage. The results of these consequences could be significant financial loss, job losses, costly disciplinary / investigation processes, legal fees, disfavour with key stakeholders and loss of public confidence / trust.

Fraud risk: changing supplier details

27 February 2012

Client Briefing - Gen 01.12

A number of cases have been identified where the bank details of legitimate suppliers and contractors have been changed on organisations’ finance systems in order for payments to be diverted to bank accounts controlled by fraudsters; for example:

 A local authority processed two amendments with a resulting loss of £500,000.

 The Olympic Development Agency lost £2m as a result of a key building contractor’s identity being hijacked and payments diverted into the fraudster’s account.

 In the NHS approximately £1.5m of fraudulent transactions have been paid to fraudsters through supplier bank account amendment requests. The payments have ranged from a few thousand to £864,000.

(9)

Essex Fire Authority 7 Internal Audit Progress Report April 2012

The cases so far indicate that the criminals are targeting larger companies for identity assumption. Criminals are researching the suppliers engaged with organisations through reviewing public domain information such as published tender awards or supplier lists.

If you would like to discuss your organisation’s controls over suppliers and Accounts Payable, please contact your internal audit manager in the first instance. Alternatively you can contact RSM Tenon’s Fraud Solutions team who will be happy to assist your organisation to minimise this fraud risk.

John Baker

Director of Fraud Solutions 07753 584 973

john.baker@rsmtenon.com

David Foley

Associate Director 07721 977 523

david.foley@rsmtenon.com

Andrea Deegan

Senior Manager 07817 002 136

andrea.deegan@rsmtenon.co m

References

Related documents

After 4 days of stroke onset, right (normal) hand movement induced a normal activation pattern in the left primary sensorimotor cortex, supplementary motor areas, and

Imajo pa tudi spremljajo č e u č inke: interferirajo z eritropoetinom s pove č ano eritropoezo, možna je anafilaktoidna reakcija ob membrani dializatorja AN69, pove č ano je

For the non-smoker classes, mortality increases by risk class rank from 54% by amount for best preferred classes, to 64% for classes in the middle ranks, and to 77% for the

ABSTRACT: In this study, we examined whether parenting and HPA-axis reactivity during middle childhood predicted increases in internalizing symptoms during the transition

reported that except time availability, other factors in the internal environment: management support, work discretion, reward/re-enforcement and organizational

Seen in this way, then, the class ceiling in British acting is not just the result of the different resources actors themselves bring to the profession, but also that the

 TITTLE: QUALITY QUALITY MANAGEMENT SYSTEM IN MANAGEMENT SYSTEM INTERNAL TERNAL AUDITOR COURSE.

A test vehicle equipped with four in-wheel electric motors, vehicle sensors, communication buses, and dSPACE rapid prototyping hardware is instrumented and the control performance