Home > Panels > Technical Panel Websites > Audit Panel > Publications

Print

Publications

The Audit Panel has produced many publications that are designed to provide practical assistance to both external and internal auditors. Recent publications are listed below. For further information on any of the publications or to purchase online, please click on the publication title or go to the CIPFA Shop.

If you would like to subscribe to CIPFA’s free bi-monthly e-newsletter advising on forthcoming and recently published titles, as well as upcoming events please go to www.cipfa.org.uk/shop_subscribe.cfm

Systems Based Auditing Control Matrices: Series 6 (2007)

This sixth series of Systems Based Auditing features the following four critical non-financial systems (the first three of which are closely linked to ERM – Enterprise Risk Management):

• Business Continuity Management
• Information Technology Service Continuity Management
• Civil Emergencies
• Performance Indicators and Data Quality

The value of risk management is now widely recognised. The need for business and service continuity, however, has not attracted the same attention even though it is far more important. Whilst risk management may/can reduce the impact and likelihood of an event, some events are bound to happen. It is essential, therefore, that continuity plans and procedures are prepared and in place in order to ensure prompt recovery and resumption, and thereby survival of the business concerned.

As is the norm, the control matrices are non-sector specific (with the exception of Civil Emergencies which only applies to local authorities) and are therefore suitable for use in the public, private and voluntary sectors.

Contract Procedure Rules (2006)

Clear and modern contract procedure rules is one of the keys to adopting best practice, encouraging innovation and achieving greater efficiency when procuring goods, works or services. Now CIPFA in association with the Constructing Excellence: Local Government Task Force has produced an updated example of contract procedure rules that accommodates current procurement initiatives and which can be adopted by an authority with minimal effort.

This document is FREE to download from the CIPFA shop.

Audit Viewpoint - Annual Subscription

CIPFA's magazine for the audit practitioner, Audit Viewpoint, is used to communicate expert, practical advice on a wide range of audit issues. It is also used to update readers on the activities of the Institute's Audit Panel.

Code of Practice for Internal Audit in Local Government in the United Kingdom (2006)

The context within which internal audit operates has seen significant changes over the last three years. The previous Code, published in 2003, has now been updated extensively to ensure that internal audit standards remain consistent with a modern local government setting.

The revised Code of Practice covers the following areas:

• Scope of Internal Audit
• Independence
• Ethics for Internal Auditors
• Audit Committees
• Relationships
• Staffing, Training and Continuing Professional Development
• Audit Strategy and Planning
• Undertaking Audit Work
• Due Professional Care
• Reporting
• Performance, Quality and Effectiveness

Systems Based Auditing Control Matrices: Series 5 (2006)

The fifth in the perennially popular series of Systems Based Auditing (SBA) Control Matrices features the following critical non-financial systems:

• Enterprise Risk Management
• Health & Safety
• Data Protection
• Freedom of Information
• Records Management

Systems Based Auditing Control Matrices: Series 5 are available as a combined pack, comprising loose-leaf sheets in a robust binder, plus CD-ROM. The CD-ROM comes with a licence for the purchaser to network the matrices throughout the acquiring organisation, and this is included within the sale price. The CD-ROM carries the material in pdf and Word formats and has conveniently embedded hyperlinks to allow users to navigate easily between the elements of each control matrix, ie HIDs, ICQs and CTPs.

The Excellent Internal Auditor: A Good Practice Guide to Skills and Competencies (2006)

This guide is a revised and updated version of CIPFA's Audit Training Planning Guide, published in 1994. It has stood the test of time in assisting internal audit units to determine their auditors short-term training and longer-term development needs. But there have been significant changes in the role of internal audit during recent years and the opportunity has been taken to thoroughly review the skills and competencies, and training and development needs, that are required to provide the complete and 'excellent' service from the internal audit function.

A powerful matrix is provided within the guide which sets out the key skills considered relevant to carry out the role of an internal auditor. These skills are broadly generic across all levels of audit staff, and are split into three main areas - behavioural, technical, and management.

Systems Based Auditing Control Matrices: Series 1 & 2 (2006 Fully Revised and Expanded Edition) (2006)

These revised control matrices now incorporate Hazard Identification Documents (HIDs) that set out the hazards, the possible consequences of such and the expected controls and countermeasures that should be in place to reduce the risks. The Internal Control Questionnaires (ICQs) and Compliance Test Papers (CTPs) have been broken down conveniently into sub-headings so that specific areas of weakness can be readily identified.

The control matrices provide a comprehensive method for recording, evaluating and reporting on control systems, and incorporate the revised ‘risk based’ SBA approach developed by Exeter City Council’s high-performing internal audit team. The control matrices are presented in a durable binder for practical referencing, and in handy CD-ROM format to enable flexibility of use and tailoring to local circumstances.

The CD-ROM comes with a licence for the purchaser to network the matrices throughout the acquiring organisation, and this is included within the sale price. The CD-ROM carries the material in pdf and Word formats and has conveniently embedded hyperlinks to allow users to navigate easily between the elements of each control matrix, ie HIDs, ICQs and CTPs.

Audit Committees – Practical Guidance For Local Authorities (2005)

This guidance from CIPFA encourages local authorities to put in place an audit committee where they do not have one, and helps those with established committees to make them more effective.

Ideally, audit committees should be separate from executive and scrutiny arrangements, and chaired independently from both these functions. Local authorities may organise their committee functions differently, but what is important is that the functions of an audit committee are delivered efficiently and effectively.

Status and independence are important, but being effective also means having well informed people able to confirm to the council that the right processes are in place to give confidence that the local authority's financial stewardship and overall governance arrangements can be relied upon. CIPFA's guidance, therefore, provides valuable advice on the skills required by members, their selection and training, and how committees should be supported.

It's a Risky Business: A Practical Guide to Risk Based Auditing (Fully Revised Second Edition) (2005)

The regulatory bodies of the main public sectors have issued codes of guidance and requirements that make specific reference to the implementation of risk management. Reporting on the development and implementation has become a key part of the annual reporting requirement in the form of Statements on Internal Control and is seen as an integral part of good corporate governance.

This guide is a revised and updated version of It's a Risky Business, first published in 1996. It has been aligned to the CIPFA publication Risk Management in the Public Services and provides practical advice on how to audit each of the key elements of good risk management: