C.2 Policy on Provision of Management Services

  1. The Auditor General, the Audit Committee and the Office’s Executive Committee recognize the importance and value of internal audit maintaining clear independence from management and full objectivity in carrying out its duties, as set out in the Standards. As a result, it is recognized that internal audit, although being a trusted advisor to management projects and functions, should not be directly involved in design, approval, or operation of any management system, function, or process.

  2. However, as a medium-sized organization with limited resources in some specialized areas including governance, risk, and control, the Office recognizes that PRIA is occasionally the best suited resource to provide more hands-on expertise to the development of new systems and processes.

  3. To provide balance to the above competing factors, this “exit” policy is designed to allow the Office to take advantage of the internal audit resource on an approved exception basis while having a protocol for removing internal audit from the process in a timely manner and turning responsibility and accountability back to management.

Protocol for Consulting Engagements in which Internal Audit “Crosses the Line” to Take On Management Duties or Responsibilities

  1. When the Chief Audit Executive agrees to take on a consulting engagement involving internal audit developing, implementing, or operating a system, process, or function, the project must be brought to the Audit Committee for approval.

  2. Support for the request must include the following information:

    • Justification based on normal risk assessment;

    • Reasons why internal audit is the best resource to complete the task (including cost comparison);

    • Effect on existing internal audit plan; and

    • Scheduled exit strategy.

  3. Following the transfer of ownership to management, PRIA will be expected to be completely independent of the process and to maintain full objectivity through both attitude and, where possible, assignment of other staff to any future audit of the area.

  4. If, within one year of the process turning back to management, the area is included in the approved annual audit plan, the resulting internal audit report will note the potential impairment of objectivity, in conformance with the Standards.

  5. Auditor General will provide oversight for such arrangements in order to address any potential impairments and may include the periodic evaluation of reporting lines and responsibilities and developing alternate processes to obtain assurance related to the areas of additional responsibility.

  6. They Audit Committee will be informed if the CAE takes on additional responsibilities that are deemed to be providing management services.

Last modified:
2018-02-19