Risk Management, Audit and Internal Controls
Internal audit is an essential component of a good governance framework for all councils. At both a management and councillor level, councils must strive to ensure there is a risk management culture.
Internal audit’s role is primarily one of providing independent assurance over the internal controls and risk management framework of the council. Management has primary day-to-day responsibility for the design, implementation, and operation of internal controls.
Internal audit has no direct involvement in day-to-day operations, but it has a direct functional relationship with the General Manager and the council. An effective internal audit function should evaluate and monitor the adequacy and effectiveness of the internal control framework as a minimum.
Risk management is also an essential part of a council’s management and internal control framework. It looks at what risks the council may face and the best way to address these risks. Assessment and management of risk is central to determining internal audit activities.