The key aspects of Public Sector Corporate Governance

• Meeting Stakeholder requirements
• How the organisation is managed on behalf of the stakeholders
• The key parties within Governance
  • Audit Committee
  • Cabinet
  • Scrutiny Committee
  • External Assessors
  • Chief Officers/ Board
• Why a positive approach to auditing Corporate Governance is needed
• Who needs to sanction the audit?

  Exercise 1 – Defining the parties and the key governance issues for each party

The key issues to consider in the audit

• The Risk management process
• The Audit Committee process
• The Corporate Governance Statement
• Managing Reputation
• Crisis Management
• Social Responsibility and ethics
• Meeting public expectations

Planning the Governance audit

Exercise 2 – The challenges in carrying out a Governance Audit

• Who to meet with to discuss the assignment
• Holding a pre-meeting – do’s and don’ts
• Developing a terms of reference for the assignment
• Should this be a review only – will evidence be gathered?
• Determining who to interview and it what sequence
• The use of diagnostic questions and thought-provokers

The Risk Management process

• The Board / Chief Officers
  • Establish the position regarding RM in the business
  • Establish corporate targets and monitor overall progress
  • Keep apprised of the most significant risks
• Heads of Service
  • Assessment of RM capabilities
  • Review of risk evaluations in own function
  • Ensuring actions to treat exposures implemented
• Risk Management function (if you have one)
  • Ensuring all functions evaluate their risks consistently
  • Evaluating the results and challenging where necessary
  • Defining policy etc
  • Overall responsibility
  • Identification of exposures
• Internal Audit (needs to be independently assessed)
  • Auditing the RM process and its implementation
  • Basing programme on most significant risks
  • Comparing perceived versus actual controls

  Exercise 3 –The challenges in meeting RM Governance requirements

Auditing The Audit Committee process

• Are the CIPFA Audit Panel Requirements met?
• Are Members independent of executive and scrutiny committees
• Are there clear reporting lines and right of access to other committees and the risk management group
• Does the Committee meet regularly – about 4 times a year
• Does The Chairperson meet privately with external audit and the Head of internal audit
• Does the Committee include as regular attendees the Director of Finance, Head of IA, the External Auditor, the Monitoring officer, Chief Executive.
• Do these officers should have access to the Committee when required
• Does the Committee has the right to call any other officer it deems necessary
• Are members properly trained to fulfil their role
• Does the Committee approve (but not direct) internal audit strategy, plan and performance
• Does the Committee review summary IA reports and the main issues arising and seek assurance that action has been taken
• Does the Committee consider the reports of external audit and other external agencies
• Are effective relationships between IA and EA and other bodies reviewed
• Is the effectiveness of the risk management environment and anti fraud arrangements assessed
• Are The Committee satisfied that assurance statements including the SIC properly reflect the risk
• Does the Committee review the financial statements, external auditor’s opinion and reports to members and monitor actions taken in response to issues raised

Reputational Management

• Do the goals and values of the business, as well as its principal policies on conduct, sufficiently address the main areas of reputational risk?
• Are our corporate values within the public arena?
• How is sufficient coverage of different business issues achieved within the policy statements and codes of practice, and is reputational risk addressed appropriately in each case?
• How does the organisation ensure it has a reputation for observing the highest standards of corporate governance?
• How are unfulfilled promises and misleading assertions avoided in the Chief Executive’s report and in other parts of the published interim and annual report and accounts and other public statements
• Are policies governing reputation management clearly communicated internally?

  Exercise 4 –Assessing Reputation drivers

Social Responsibility, Ethics and meeting public expectations

• Is communication with main stakeholders taken seriously?
• Are the expectations of the public accurately understood, and what are the risks that these will not be met?
• Are opportunities taken to develop the ethical reputation of our services?
• How do we ensure that staff have and display the right attitudes?
• Are the expectations of the wider body of stakeholders accurately understood, and what are the risks that these will not be met?
• How specifically do we ensure we maximise the commitment of staff to promote the organisation positively?
• Have we assessed our reputation for social responsibility and its impact on our business prosperity?
• How do we ensure that staff understand what constitutes acceptable conduct?
• Is the Board, and in particular the Chief Executive, sensitive and responsive to the concerns of the public
• Is the Board well set up to respond swiftly and capably in a crisis?
• Is there an appropriate contingency plan ready to be used to manage a crisis?

  Exercise 5 –CSR and meeting expectations – the audit challenges

©Business Risk Management Ltd 2009