Portfolio Committee Portfolio Committee PresentationPresentation

Government printing WorksGovernment printing WorksAudit and Compliance Audit and Compliance

07 May 201307 May 2013

Presented by: Chief Executive OfficerPresented by: Chief Executive Officer

In attendance from the GPWIn attendance from the GPW

• Prof AD MbewuChief Executive Officer

• Ms PM SediteChairperson Audit Committee

• Ms M StrydomAudit Committee Member

• Ms C ShibamboChief Audit Executive

ScopeScope

1. Purpose2. Background3. Internal Audit Challenges4. Overview of Strategic Outcomes5. Performance against strategic plan6. Report of the Auditor General7. Risk Management

1. Purpose1. Purpose

• To brief the Portfolio Committee on internal audit and compliance monitoring capacity and functioning at the Government Printing Works as at 31 March 2013

2. Background2. Background

2. Background2. Background

3. Internal Audit Challenges3. Internal Audit Challenges

• New ERP systems implemented 01 October 2012• This impacted on the scope of internal audit to

be evaluated• Lack of approved policies and procedures for

audit compliance testing• Capacity constraints resulting in audit

information requested not provided in time• Management responses to audit findings not

timely addressed

4. Overview of Strategic Outcomes4. Overview of Strategic Outcomes

• Monthly risk management compliance / improvement reports

• Updated Internal Audit policies• Approved Internal Audit plan• Percentage of Internal Audit plan

implemented

5. Performance against Strategic Plan5. Performance against Strategic Plan

• Monthly risk management compliance reports to be generated once the risk assessment is completed

• The Internal Audit Charter and methodology as well as the Audit Committee Charter are reviewed and updated annually

• Internal Audit Plan submitted annually at the beginning of the financial year for approval by the Audit Committee

• 87% of the Internal Audit plan implemented in 2012/13

6. Report of the Auditor General6. Report of the Auditor GeneralArea of Audit Concern

Detail Management Intervention

Status

Compliance with laws and regulations

The Audit Committee did not review the entity’s compliance with laws and regulations as per the requirements of Treasury Regulations3.1.10(f) as no compliance reports were submitted by management

The audit committee will review GPW’s compliance with legal and regulatory provisions during the next financial year.

Evaluation of information system environment

Internal Audit did not adequately evaluate the effectiveness and efficiency of controls and did not give recommendations for their enhancement and improvement with regard to the information system environment and compliance with significant laws and regulations

The current GPW structure did not make any provision for an IT Auditor. The evaluation of information systems requires the expertise and skill of a qualified and experienced IT Auditor. Current establishment does not have such expertise.A decision was taken by management on the advice of the Audit Committee to appoint an IT Audit Specialist

GPW is in the process of outsourcing the services of an IT Audit Specialist

Risk assessment No risk assessment was performed during the financial year under review

Risk assessment to be conducted before end of financial year 2012/13

Risk Assessment was conducted in February 2013 by KPMG

Monitoring controls

There is lack of sufficient monitoring controls to ensure adherence to the internal policies and procedures and for purposes of taking corrective action to address deficiencies in a timely manner in the trading entity

7. Risk Management7. Risk Management

• KPMG was appointed to conduct a comprehensive risk assessment of the GPW

• Strategic and operational risk assessments took place in February 2013

• Risk registers generated• A risk-based audit plan for the financial year

2013/14 to be developed