-
Supporting new systems
Internal Audit plays a crucial role in the development of new systems, ensuring risks are highlighted and controls are built into systems and processes being developed.
Learn more
-
Action Planning
Helping to ensure that action plans are robust, audit recommendations are clearly articulated and understood with actions to be taken reflect the risks identified.
Learn more
-
Audit Tracking
Helping to establish an effective system for monitoring the implementation of audit recommendations, supporting the overall governance framework.
Learn more
-
Policy Review
Policy and procedure reviews to ensure the effectiveness, consistency and clarity of these so that stated requirements are implemented appropriately.
Learn more
Supporting new systems
Examples of key areas where having internal audit on the project team can add value include:
Risk Management
- Identification of risks associated with a new system
- Providing recommendations for mitigating risks at an early stage in the development process
Compliance and Regulatory Requirements
- Ensuring the new system complies with relevant regulations and internal policies
Control Environment
- Assessing the design of internal controls within new systems to ensure that they are effective in preventing and detecting errors and fraud
- Recommending mechanisms for ongoing monitoring of controls to ensure that they are effective
Change Management
- Reviewing change control processes to ensure that changes to systems are properly authorised, documented and tested
- Assessing the impact of changes on the system and related business processes to minimise disruption
By including internal audit in a new system development process, organisations can enhance the quality, reliability and compliance of their systems, ultimately leading to better outcomes and more efficient operations.
Action Planning
We believe that the work of the internal audit function is not finished when the audit report has been finalised and handed over to management. In our experience, many controls fail to become embedded after an audit has been undertaken due to teams and individuals not fully understanding the recommendations, the risk around not having a control in place and what action owners’ responsibilities are in being part of the control framework going forward.
Elsiarc works with business owners to ensure that:
- Audit recommendations are clearly understood and that they can be implemented within the business environment effectively
- The risks around not having controls in place are clear and are linked to the risk register and strategic objectives
We can support organisations and teams to devise more detailed robust action plans across a breadth of activities, with clear focus on the individual risks of not having controls and standards in place and the detailed actions required.
Audit Tracking
Our team can help you to establish an effective tracking system for monitoring the implementation of internal audit recommendations on a monthly or quarterly basis which can be used to support the overall governance and assurance framework and reporting to Executive and non-Executive Boards.
This tracking and reporting can also bring together recommendations made by external bodies from the likes of CQC, HSE, ISI and other regulatory inspections to provide overall assurance to the governance boards that statutory requirements are being met.
Policy Review
Whilst internal audit functions cannot be responsible for writing policies and procedures they can play an important role in providing a detailed review of these across the organisation.
This review can assist with ensuring consistency between policies and procedures, together with ensuring there is clarity, so that policy requirements are implemented appropriately. Often policies are too lengthy and ambiguous, and the core requirements are lost to the individuals responsible for adhering to these.
We can provide specific reviews of the policy framework, the effectiveness of individual policies and an overview of the arrangements in place for managing and monitoring compliance with policies.
