Abstract
The internal audit remit includes assessing budgetary compliance by departments, investigating fraud and error, appraising systems of control and undertaking consulting, the last including risk management even though internal auditors generally lack risk training and expertise. Surveying internal auditors in Scottish local authorities, this paper investigates discrepancies between professional guidance and current practice regarding the risk management remit of internal audit. Lines of responsibility were found to be blurred, so there were insufficient safeguards to ensure compliance and the roles and responsibilities of internal audit involvement in risk management assurance did not fully comply with professional guidance.
| Original language | English |
|---|---|
| Pages (from-to) | 102-112 |
| Number of pages | 11 |
| Journal | Public Money and Management |
| Volume | 40 |
| Issue number | 2 |
| Early online date | 26 Sept 2019 |
| DOIs | |
| Publication status | Published - 17 Feb 2020 |
Keywords
- Critical friend
- ERM fan
- internal audit
- local government
- risk management
ASJC Scopus subject areas
- General Business,Management and Accounting
- Sociology and Political Science
- Public Administration