Systems Based Auditing Control Matrices: Series 7

Series 7 contains Systems Based Auditing control matrices covering the crucial areas of:

• Procurement
• Sustainability
• Partnerships
• Insurance
• Value Added Tax.

It is particularly apt that systems control matrices have been produced for both procurement and sustainability as each is very relevant and current in both the public and private sectors. Procurement is seen as a means of driving efficiency and achieving savings targets. Sustainability is of vital importance as a means of showing how the organisation is contributing to tackling the worldwide problem of climate change, and its recognition of its corporate social responsibilities by, for example, ensuring that its operations are the least damaging to the environment.

The authors, Exeter City Council's award-winning internal audit team, have revamped the traditional systems based auditing approach to align it with the Committee of Sponsoring Organisations of the Treadway Commission's (COSO) Enterprise Risk Management - Integrated Framework (2004).

This Enhanced Systems Based Auditing (ESBA) approach uses risk management techniques in order to assess the effectiveness of a system's internal controls and thereby the risks that the organisation faces. ESBA's starting point is to identify 'hazards' rather than 'control objectives' as in traditional SBA and, as purported by COSO's ERM framework, assesses the extent that risk and business continuity management have been embedded within the organisation. The matrices contain tests on risk and internal control which cover all areas of the Audit Commission's KLOE guidance on risk management.

More than ever, therefore, the control matrices are essential tools for auditors who wish to add value to their organisations and extend internal audit's remit beyond its traditional finance base.

The control matrices are delivered to you as a zip file containing the PDF and the Word files, to enable flexibility of use and tailoring to local circumstances. The PDF comes with a licence for the purchaser to network the matrices throughout the acquiring organisation.