2 Results of IT audits
This Part provides a high-level analysis of the findings from our 2015–16 information technology (IT) general controls audits, analysed by:
1 Audit context
When planning a financial audit, our auditing standards require that we understand and evaluate an entity's information technology (IT) environment and any risks arising from this that relate to the reliability of financial reporting.
During the audit we may then test the effectiveness of selected IT controls to determine whether they are operating as the entity's management intended and are effectively mitigating risk.
Audit overview
This report is in its third year and builds on last year's Financial Systems Controls Report: Information Technology 2014–15. In this report we provide a high-level overview of the strength of information technology (IT) controls that operate across a number of entities to protect their financial information.
Financial Systems Controls Report: 2015–16: Message
Ordered to be published
VICTORIAN GOVERNMENT PRINTER November 2016
PP No 218, Session 2014–16
The Hon. Bruce Atkinson MLC
President
Legislative Council
Parliament House
Melbourne
President
Legislative Council
Parliament House
Melbourne
The Hon. Telmo Languiller MP
Speaker
Legislative Assembly
Parliament House
Melbourne
Speaker
Legislative Assembly
Parliament House
Melbourne
Dear Presiding Officers
Financial Systems Controls Report: 2015–16
Body
This report builds on last year’s Financial Systems Controls Report: Information Technology 2014–15. In this report we provide a high-level overview of the strength of information technology controls that operate across a number of entities to protect their financial information.
Appendix B. Audit Act 1994 section 16—submissions and comments
Introduction
In accordance with section 16(3) of the Audit Act 1994, a copy of this report, or part of this report, was provided to the Department of Economic Development, Jobs, Transport & Resources, the Department of Education & Training, the Department of Environment, Land, Water & Planning, the Department of Health & Human Services, the Department of Justice & Regulation, the Department of Premier & Cabinet, the Department of Treasury & Finance and Victoria Police.
Appendix A. Key Standing Directions requirements for audit committees
Figure A1
Key 2003 and 2016 Standing Directions requirements for audit committees
Category |
2003 Standing Directions |
2016 Standing Directions |
|---|---|---|
Role |
5 Monitoring implementation of audit actions
At a glance
Background
Where significant risks have been identified through audits and agencies have committed to addressing those risks through proposed actions, it is important that actions are completed in a timely manner and in a way that fully addresses the underlying issues. If not, the agency could be exposed to risk.
Audit committees have a key role in monitoring agencies' implementation of agreed actions agreed in response to internal and external audits.
4 Oversight of internal
At a glance
Background
For an audit committee, the internal audit function is a major source of information and assurance about the agency's performance and risk management activities. The audit committee has a key role in directing and reviewing internal audit.
3 Oversight of risk management
At a glance
Background
One of the primary tasks of an audit committee is to provide independent oversight of and advice on the agency's risk management framework.