Internal Audit provides Management with analyses, assessments, recommendations and advice concerning the operations reviewed, and carries out investigations when necessary.
It provides information about the adequacy and effectiveness of internal controls and of operations and, more widely, the performance of the Secretariat of the Council of Europe in carrying out policies, programmes and actions. Internal Audit also monitors the implementation of audit recommendations.
Internal Audit provides:
- Performance Audits, which are comprehensive reviews addressing issues related to effectiveness, efficiency and programme management;
- Compliance Audits, which address issues relating to financial integrity, compliance with rules and the safeguarding of assets;
- Information Technology Audits, which address issues of security and application controls, and the efficiency and effectiveness of electronic data processing systems;
- Management Consulting Services at the request of Management to address emerging issues.
How does Internal Audit work?
Internal Audit works in line with the professional practices as defined by The Institute of Internal Auditors. Independence is essential to the effectiveness of internal auditing in order to ensure that unbiased judgements and impartial advice are given to Management.
IA works according to an annual Audit Work Programme, which is approved by the Secretary General. This risk-based Work Programme identifies the audit assignments for the year, which are considered to be priority areas for independent control or assessment. The annual plan may be amended if necessary during the year due to urgent requests or unforeseen developments. Audit assignments may relate to any function, activity or entity of the Council of Europe.
The audit starts with the preliminary work, i.e. analysing all the relevant information and discussing the subject with the responsible operational staff in order to determine risk areas. These defined risks indicate the areas on which the audit will be focused. A Mission letter is sent to the Head of the audited sector. Audit steps are defined and the time-schedule of the audit is prepared.
Interviews are a common method used for almost all types of audits. Another audit step common in many types of audits is tests. On the basis of a sample of activities/programmes/financial transactions, background files/documents/supporting documents are checked.
The audit findings and recommendations for improvements are reflected in the draft audit report. This draft report is sent to the audited sector for a verification of the stated facts and for comments on the conclusions and recommendations.
The comments of the audited sector are taken into account when the final audit report, which is submitted to the Secretary General, is prepared. An action plan for the implementation of recommendations is included with each report and a periodical follow up is made on the progress towards the implementation of the accepted audit recommendations.
The progress is reported annually to the Secretary General and a summary to the Committee of Ministers.