CIPFA would like to thank the author of this publication, Simon Perks, Director of Sockmonkey Consulting.

The author would like to thank the following CIPFA members of staff, who provided data and reviewed drafts of this publication:

• ■Chris Greene
• ■Julia Kairis
• ■Keeley Lund
• ■Jane Owen
• ■Rhiannon Price

Introduction

As local authorities are forced to cut costs and to make difficult decisions, the need to maintain robust processes and to remain fully accountable for public funds is greater than ever. This is where the internal audit function fulfils a vital role.

But auditors themselves must also strive continuously to ensure that their work represents value for money. They must deliver a high-quality service that meets the needs of their organisations. And they must do this in an environment that is challenging both financially and operationally.

In this short guide, CIPFA lifts the lid on its successful audit benchmarking club and provides valuable insight into the current state of local government internal audit services across the United Kingdom.

Overview of the guide

The aim of this guide is to provide readers with insight into the performance of local government internal audit functions, drawing on the quantitative and qualitative data submitted by members of the benchmarking club.

We go beyond a simple narrative description of the findings of the benchmarking club to include analysis of these findings and interpretation of what they might mean for local authority audit functions.

We start by looking at the internal audit function itself. We explore what it does, how it is organised and how its role and structure vary across local authorities. We also consider trends and recent developments in how local authorities provide audit services, and the nature and role of the audit committee.

We then get into the detail of the benchmarking data. We look first at the cost of the internal audit function, including the overall cost of the function, the number of chargeable and total audit days available and the cost of having an internal auditor on staff.

We look at the work of the internal audit function. We reflect on the way in which audit work is planned, the scope and coverage of internal audit work and the involvement of the internal audit function in corporate governance and counter-fraud activities.

We consider the staffing of the internal audit function. This includes the number of staff in the function, the salaries that they earn and the qualifications that they hold.

We conclude by looking to the future of the internal audit function. We consider the key themes that are impacting its work. We explore the issues and challenges that local authority auditors are facing. And we ask how they are addressing them.

Using this guide

To help readers to get the most from this guide, we have included a number of features designed to highlight key ideas.

We have included at the start of each chapter a short summary of the main findings from the work of the benchmarking club. This is aimed specifically at senior managers, who may wish to understand the key issues, but not to go into too much detail.

Figure 1: Example bar chart with benchmarking club data

Source: CIPFA Audit Benchmarking Club, 2014

Where we present time series data, the financial and performance data from the years 2008/09 to 2013/14 is ‘actual’ data. Data for the 2014/15 financial year is ‘forecast’ data compiled on the basis of local authorities’ budgets and internal audit plans.

We have also included a small number of anonymised case studies, which highlight specific issues that members of the benchmarking club have faced or action that they are taking in response to them.

The CIPFA Audit Benchmarking Club

The CIPFA Audit Benchmarking Club draws on financial, activity and performance data from over 60 local government bodies across England, Scotland, Wales and Northern Ireland. This includes local authorities of all shapes and sizes, from metropolitan districts, unitary authorities and county councils to London boroughs and shire districts.

Members of the benchmarking club submit an annual return setting out detailed information about their audit function. To ensure consistency, members are provided with comprehensive guidance on data definitions and submission formats. Furthermore, all data is validated by CIPFA and subsequently reviewed by the submitting organisation.

This approach ensures that all data supplied to the benchmarking club is comparable across organisations and over time. It allows organisations to understand not just how well they are doing, but how well they are doing in comparison with their peers.

The internal audit function and the audit committee

The role of the internal audit function

The role of the internal audit function is to provide independent, objective assurance and advice that adds value to and improves an organisation’s operations. The internal audit function supports the organisation in achieving its objectives by bringing a systematic, disciplined approach to the assessment and improvement of the organisation’s risk management, control and governance processes.

The Public Sector Internal Audit Standards, which apply the Chartered Institute of Internal Auditors’ international standards to the UK public sector, set out a range of attributes that define and govern the role of the internal audit function. Table 1 overleaf summarises these attributes.

Source: Public Sector Internal Audit Standards (the Relevant Internal Audit Standard Setters, 2013)

The scope of the internal audit function

Because the nature and structure of individual internal audit functions can vary significantly between organisations, the benchmarking club has agreed on a specific set of categories to describe the activities that such functions undertake. These encompass both planned and reactive activities, a s well as advice and consultancy support provided to the organisation.

The agreed categories of activity, together with examples of what these activities involve in practice, are as follows.

Table 2: The activities of the internal audit function

Source: CIPFA Audit Benchmarking Club, 2014

Recent trends in the structure and delivery of the internal audit function

There is a noticeable preference among members of the benchmarking club for delivering the function in house. As Figure 2 shows, over half of members have an internal audit function that is delivered entirely in house, as opposed to only 7% with a service that is outsourced completely to an external contractor or shared services provider.

Source: CIPFA Audit Benchmarking Club, 2014

It may, of course, be that outsourced providers of internal audit services are less likely to participate in the benchmarking club, meaning that our sample is skewed towards in-house delivery. Interestingly, however, the remaining 36% of benchmarking club members have opted for a mixed delivery model. This approach takes varying forms across different members, including:

• ■outsourcing the management of the function, with the actual audit activity delivered by an in-house team
• ■managing the internal audit function in house, but with activity outsourced to an external provider
• ■delivering most of the function in house, but using external providers where specialist expertise is required, such as for the audit of information technology systems
• ■using external providers to provide additional capacity to support the in-house team at peak periods
• ■sharing internal audit resources with other organisations on an ad hoc basis as resources permit and require.

Members of the benchmarking club have also been taking action to respond to the impact that the current financial climate is having on their organisations. In addition to a significant number of members having to operate the internal audit function with reduced staffing and resources, it is clear from the survey that the nature of the work undertaken by internal audit is changing.

As organisations institute large transformation projects, the internal audit function is increasingly being called upon to provide assurance that these are being delivered effectively and that the proposed savings or efficiency gains are being realised.

Some members find that they are devoting more resources towards the prevention and detection of fraud and corruption, so much so that they have now established dedicated counter-fraud teams. Others face increasing demands from other teams within their organisations for advice and support in the development of new systems and processes.

Furthermore, members are working to ensure that their internal audit functions are compliant with the requirements of the Public Sector Internal Audit Standards. In many cases, this includes updating operating procedures, developing new reporting lines and introducing formal quality assurance and improvement processes.

The audit committee

Within local authorities, the audit committee or its equivalent plays a significant role in respect of governance, risk management and internal control. Indeed, if the audit committee fulfils the role of ‘the board’ within the scope of the Public Sector Internal Audit Standards, it has a specific responsibility to provide independent assurance on the adequacy of the risk management framework, the internal control environment and the integrity of financial reporting.

For this reason, and as shown in Figure 3, the head of internal audit in the significant majority of benchmarking club members reports functionally to elected members via the audit committee. Only in a few cases does he or she report to an advisory board or to another committee or individual. And in some of these cases, the committee to which the head of internal audit reports is likely to be an audit committee in all but name.

Source: CIPFA Audit Benchmarking Club, 2014

The way in which the audit committee operates, though, varies from authority to authority. Figure 4 shows that the frequency with which the committee meets varies from three to 10 times a year, with most meeting between four and six times.

Source: CIPFA Audit Benchmarking Club, 2014

The number of members of the audit committee varies, too, from four to 14 or more. Figure 5 shows that membership of around seven is the norm.

Source: CIPFA Audit Benchmarking Club, 2014

Within the membership of the audit committee, it is normal to strive for political balance. In fact, as can be seen from Figure 6, the membership of the committee matches the political balance of the council in over 95% of benchmarking club members.

Source: CIPFA Audit Benchmarking Club, 2014

The way in which the chair of the audit committee is selected varies, however, across local authorities. Figure 7 shows that the chair is elected by the full council in over half of cases.

Source: CIPFA Audit Benchmarking Club, 2014

It is not uncommon for the chair to be appointed by cabinet. In other cases, an opposition member, an independent member or even an independent non-member is selected to chair the committee.

The cost of the internal audit function

In this section, we consider the cost of the internal audit function. We look at overall cost, audit days and costs per auditor. We consider average costs for members of the benchmarking club and how these costs vary across members. In order to ensure comparability between local government bodies of different sizes, costs are shown generally as a percentage of gross revenue turnover (GRT). GRT is defined as net expenditure plus service income plus housing revenue account income.

The overall cost of the internal audit function

As with any aspect of local authority activity, the cost of the internal audit activity varies significantly between organisations. Such cost will depend on a number of factors, including not least the size of the authority. However, even when the size of the organisation is taken into account, by considering the cost of the audit function per £ million of GRT, there is still a high level of variation. This is shown in Figure 8 overleaf, which looks at actual costs for the 2013/14 financial year.

Source: CIPFA Audit Benchmarking Club, 2014

A similar level of variation is evident in forecast costs for 2014/15, as shown in Figure 9. Such variation is only to be expected, and is likely to be due to a number of factors, such as the complexity of the organisation; its internal structure; its historical development; the nature and level of risk that it faces; and the role, responsibilities and structure of the internal audit function.

Source: CIPFA Audit Benchmarking Club, 2014

If we look at the average cost of the internal audit function across the members of the benchmarking club, a much clearer pattern emerges. As Figure 10 shows, from an average cost of some £1,150 per £ million of GRT in 2008/09 and 2009/10, the average cost has reduced gradually – but consistently – over time to its present low of just under £900.

This is clear evidence of the actions that internal audit teams have taken in response to the current financial climate to cut costs and improve efficiency, as discussed in the previous section, especially given that the GRT of local authorities has itself declined over this period due to spending cuts.

Source: CIPFA Audit Benchmarking Club, 2014

There is also clear evidence that larger authorities benefit from economies of scale in their internal audit functions. Figure 11 shows the cost of the internal audit function per £ million of GRT plotted against the GRT of each authority. With the occasional exception, larger authorities benefit from proportionally lower costs.

Source: CIPFA Audit Benchmarking Club, 2014

Audit days

The overall cost of the internal audit function is, of course, only one area of interest. Just as important is what the function actually delivers for this cost. And one way to measure this is by considering ‘chargeable’ audit days, ie days spent delivering audit services to the organisation.

Figure 12 shows that the average cost of the internal audit function per chargeable day is almost exactly £300. The cost across members of the benchmarking club varies quite significantly, though; from a low of around £200 to a maximum (if we ignore the small number of outliers at the top end) of almost twice that.

Source: CIPFA Audit Benchmarking Club, 2014

The average cost of the audit function per chargeable day had increased gradually from 2009/10 to 2012/13, as shown in Figure 13, although it has since fallen to the current figure of £300.

Source: CIPFA Audit Benchmarking Club, 2014

One of the drivers of cost per chargeable day is, of course, the cost of the internal audit function. The other driver is the number of chargeable days worked by each auditor. Figure 14 shows that the average number of chargeable days per auditor across members of the benchmarking club is fairly consistent, with an average of almost 180 days and with most organisations coming in within 10 days either side of the average.

Source: CIPFA Audit Benchmarking Club, 2014

But it was not always like this. Figure 15 shows that the average number of chargeable days per auditor across all members of the benchmarking club has risen gradually over the past few years, from just under 160 days in 2008/09 to 180 today. This hints at a greater focus on the efficient use of audit resources and is also an indication of a gradual reduction in the size of audit teams, with a smaller number of people doing the same amount of work and therefore ‘charging’ more time. Both of these factors help to account for the recent reduction in the cost of the function per chargeable audit day.

Source: CIPFA Audit Benchmarking Club, 2014

It would be entirely reasonable to expect there to be some correlation between the size of the local authority and the number of days devoted to internal audit activity. But Figure 16 shows that this is not the case. The number of chargeable audit days per £ million of GRT varies from one day to almost 14. If the obvious outliers at the upper end are excluded, a more reasonable range of one to six days emerges, with an average of three.

Source: CIPFA Audit Benchmarking Club, 2014

The average number of chargeable audit days per £ million of GRT has, however, fallen over time from almost four in 2008/09 and 2009/10 to its current level of three days, where is has remained since 2012/13. This is shown in Figure 17. Again, this points to improved efficiency in the internal audit function, or – at the very least – to a steady downward pressure in the level of resources available.

Source: CIPFA Audit Benchmarking Club, 2014

In addition to chargeable days, members of the internal audit function have other demands on their time. Figure 18 shows that annual leave is –as would be expected – one of the biggest contributors to non-chargeable time, with sickness, training and bank holidays also playing a role. ‘Other’ non-chargeable days are likely to vary from authority to authority, and might include such activities as non-audit corporate activities, administrative activities and attendance at conferences and other non-training events.

Source: CIPFA Audit Benchmarking Club, 2014

Costs per auditor

The average cost of an auditor varies significantly across members of the benchmarking club. As Figure 19 shows, this average cost ranges in 2013/14 from just under £40,000 per annum to almost £80,000. This is likely to be due to a number of factors, such as the relative seniority and level of qualification of members of the internal audit function, as well as differences in salary levels across local authorities.

Source: CIPFA Audit Benchmarking Club, 2014

Figure 20 shows an almost identical picture in budgeted costs for 2014/15.

Source: CIPFA Audit Benchmarking Club, 2014

Indeed, the average cost of an internal auditor has remained remarkably consistent over recent years. As Figure 21 shows, the average cost across members of the benchmarking club has remained resolutely around the £54,000 mark since at least 2008/09. However, with little in terms of wage inflation or other cost increases over this period, this is to be expected.

Source: CIPFA Audit Benchmarking Club, 2014

It will come as no surprise to learn that staff costs make up by far the most significant element of the total cost per auditor. As Figure 22 shows, staff costs make up over three-quarters of this total cost, at an average of just over £44,000 per auditor.

Source: CIPFA Audit Benchmarking Club, 2014

The average staff cost per auditor follows a similar patter to the average overall cost per auditor, as shown in Figure 23. If we ignore the small number of outliers at either end of the chart, average staff costs per auditor range from around £35,000 to about £55,000, with about half of members coming in within £5,000 of the average.

The outliers at the upper end relate in the main to authorities where much of the audit function has been outsourced to a third party provider, while senior (and, therefore, more expensive) internal audit staff have been retained in house.

Source: CIPFA Audit Benchmarking Club, 2014

This variation in costs between local authorities is likely to be due to several factors, including the relative seniority and level of qualification of staff of the internal audit function, as well as differences in salary levels across members of the benchmarking club.

Although overhead costs make up a relatively small proportion of overall costs, it is nevertheless helpful to consider what they include. As Figure 24 shows, the average overhead costs per auditor across members of the benchmarking club are made up principally of the function’s contribution to organisational accommodation, informational technology and other running costs. The only element that is really controllable by internal audit in the short term, transport and travel costs, is relatively insignificant in terms of overhead costs more generally.

Source: CIPFA Audit Benchmarking Club, 2014

We have looked in this section at the overall cost of the internal audit function, the number of days of chargeable work that it undertakes and the average cost of each individual auditor. But how does the internal audit function spend this time? What does it actually do? It is to this topic that we now turn.

The work of the internal audit function

In this section, we look in more detail at the work of the internal audit function. We consider how its work is planned, how it allocates its time across different areas of activity, its work in respect of corporate governance and how the function is working to combat fraud and corruption.

Audit planning

Critical to the effective operation of the internal audit function is the audit plan. Usually prepared on the basis of a risk assessment, organisational priorities and the previous experience of the internal audit function, the audit plan identifies the areas to be reviewed and the resources that will be allocated to them.

As shown in Figure 25, most members of the benchmarking club prepare an annual internal audit plan. A few, however, work within the context of an agreed three-year plan.

Source: CIPFA Audit Benchmarking Club, 2014

Most members review progress against the plan formally on a quarterly basis, though some do so six monthly. A small number of members monitor progress monthly. This is shown in Figure 26.

Source: CIPFA Audit Benchmarking Club, 2014

The number of audit days included within the plan obviously depends on the size of the local authority and on the level of resources available. However, as Figure 27 shows, members of the benchmarking club have access to, on average, three chargeable audit days for every
£ million of GRT.

Source: CIPFA Audit Benchmarking Club, 2014

Audit coverage

In terms of areas covered by the work of internal audit, Figure 28 shows that reviews of the organisation’s fundamental financial systems and of its strategic and operational risks take up the most significant amount of time. However, the function is also active in a broad range of other areas, including corporate governance, procurement and counter-fraud activities.

Source: CIPFA Audit Benchmarking Club, 2014

Figure 29 shows a high level of variation in the number of audit days per £ million of GRT allocated to the review of fundamental financial systems. This is perhaps only to be expected, as a certain minimum level of work will be required regardless of the authority’s financial size.

Source: CIPFA Audit Benchmarking Club, 2014

Looking in more detail, Figure 30 shows the average number of audit days spent by members of the benchmarking club on each of the main financial systems. These numbers are not adjusted to reflect the size of the authority. As can be seen, payroll, debtors, creditors, accounting and benefits administration all place significant demands on audit resources.

Not adjusted for size of local authority

Source: CIPFA Audit Benchmarking Club, 2014

As can be seen in Figure 31, there is no direct link between the size of the organisation and the number of days spent on the audit of different financial systems (using here the example of the creditor payments system). Rather, the determining factors are likely to be things such as the systems used, the internal audit function’s approach to its work, the use of information technology audit techniques, the resources available to the function and the specific risks faced by each area under review.

Source: CIPFA Audit Benchmarking Club, 2014

There is evidence of a similar level of variation in the amount of time devoted to consideration of the organisation’s strategic and operational risks. This is shown in Figure 32. This high level of variation is likely to be due not only to the different levels of risk faced by different organisations, but also to different attitudes within internal audit and senior management across members of the benchmarking club to the management of these risks and to the involvement of internal audit in this area.

Source: CIPFA Audit Benchmarking Club, 2014

The extent to which the internal audit function provides consultancy support and advice to the organisation will also depend to a great extent on the function’s historical role and to the attitudes of the head of internal audit and of other senior managers within the organisation. While most internal audit functions will find themselves spending a greater proportion of their time providing advice and undertaking a more consultancy-focused role, Figure 33 shows that this is not the case for all members of the benchmarking club.

Source: CIPFA Audit Benchmarking Club, 2014

Corporate governance

The internal audit function plays a significant role in the organisation’s corporate governance activities. As Figure 34 shows, this includes reviewing the annual governance statement, auditing the organisation’s risk management processes, assessing performance management arrangements and assessing the controls in place around information governance.

Not adjusted for size of local authority

Source: CIPFA Audit Benchmarking Club, 2014

The average number of days spent on each of these activities, however, hides a high level of variation across members of the benchmarking club. Focusing on the audit of the annual governance statement, for example, Figure 35 shows that benchmarking club members devote between one and 50 days to this activity. And a significant number do not do any work on this at all. Even if the unusually high figures at the upper end of the range are disregarded, the level of variation in internal audit work in this area provides considerable food for thought.

Not adjusted for size of local authority

Source: CIPFA Audit Benchmarking Club, 2014

There is no evidence that this level of variation is correlated with the financial size of the members of the benchmarking club. As Figure 36 shows, authorities of all sizes devote varying amounts of time to the audit of the annual governance statement. This variation is more likely to be due to the role of internal audit within the organisation, the attitudes of senior managers to internal audit involvement and the nature and level of available internal audit resources.

Source: CIPFA Audit Benchmarking Club, 2014

Changes over time

Figure 37 sets out the average number of audit days allocated to different activities, per £ million of GRT, for 2013/14 (actuals) and 2014/15 (planned). There is relatively little difference between the two years in how the internal audit function allocates its time.

The amount of time allocated to the different fundamental financial systems has remained broadly constant across the two years, as can be seen from Figure 38.

Source: CIPFA Audit Benchmarking Club, 2014

Not adjusted for size of local authority

Source: CIPFA Audit Benchmarking Club, 2014

The amount of audit time devoted to corporate governance activities, shown in Figure 39, paints a similar picture. There is a slight increase in planned corporate governance activity for 2014/15, though most of this relates to ‘other’ governance activities, which are likely to vary from authority to authority.

Not adjusted for size of local authority

Source: CIPFA Audit Benchmarking Club, 2014

Counter-fraud activities

In these financially straitened times, safeguarding of and accountability for resources remains a high priority for organisations throughout the public sector. So it comes as no surprise that nearly two-thirds of members of the benchmarking club have a dedicated counter-fraud resource in addition to their internal audit function. This is shown in Figure 40.

Source: CIPFA Audit Benchmarking Club, 2014

In terms of internal audit resources devoted to counter-fraud activities, members of the benchmarking club spend an average of 0.2 days per £ million of GRT on this area. Some spend significantly more, as Figure 41 shows.

Source: CIPFA Audit Benchmarking Club, 2014

The amount of time allocated to fraud and corruption investigations, shown in Figure 42, paints a very similar picture, with an average of 0.3 days per £ million of GRT devoted to this area.

Source: CIPFA Audit Benchmarking Club, 2014

The range of fraud and corruption investigations undertaken by members of the benchmarking club is particularly broad. Figure 43 shows that this includes housing benefit fraud, procurement fraud, payroll fraud, theft of equipment and a whole host of other types of investigation.

Source: CIPFA Audit Benchmarking Club, 2014

The success of individual members of the benchmarking club in pursuing such investigations varies considerably. As Figure 44 shows, the average proportion of investigations leading to prosecution or sanctions lies at 30%. While the rate for some members lies significantly below this, others achieve prosecution or sanctions in more than two-thirds of cases.

Source: CIPFA Audit Benchmarking Club, 2014

To a certain extent, the cost of the internal audit function and the nature and level of work that it is able to undertake will depend on the number, training and skills of members of staff. Also critical is the function’s relationship with the organisation’s audit committee. These issues are considered in the next section of this guide.

The staffing of the internal audit function

We looked earlier in this guide at the number of chargeable days per internal auditor and at the number of chargeable days available in authorities of different sizes. We also looked at average overall costs and staff costs for members of internal audit staff. In this section, we look at internal audit staff numbers, salaries and working patterns. We also look at staff qualifications within the internal audit function.

Audit staffing

Unsurprisingly, the number of internal audit staff varies significantly across members of the benchmarking club. This is shown in Figure 45, from which it can be seen that the staffing of the internal audit function ranges (if we ignore the organisations returning a zero figure) from one to over 30 members of full-time equivalent staff. The average complement of the internal audit function is 8.5 full-time equivalent staff.

It would be reasonable to expect smaller organisations to have a smaller internal audit function and for larger organisations to have a correspondingly larger one. And this is, indeed, the case. As Figure 46 shows, there is at least some evidence of a correlation between the staffing complement of the internal audit function and the GRT of the organisation.

Source: CIPFA Audit Benchmarking Club, 2014

It is also evident that even when we exclude organisations where considerable proportions of internal audit activity are outsourced or shared (as in Figure 46), there are other factors beyond financial size that determine the number of staff within the function.

Showing only organisations where 90% or more of internal audit activity is delivered in house

Source: CIPFA Audit Benchmarking Club, 2014

Audit salaries

It is to be expected that members of the internal audit function will receive different salaries. Seniority, level of qualification and amount of experience will all play a decisive role. Figure 47, shows, however, that nearly 40% of internal audit staff salaries fall within the £30,000–£40,000 band. A further 23% earn £25,000–£30,000, while 15% enjoy salaries of £40,000–£50,000.

Source: CIPFA Audit Benchmarking Club, 2014

Full- and part-time staffing

Figure 48 shows that more than one in five internal auditors work part time. Interestingly, this proportion has remained consistent over the last five years, so the tendency for part-time working is unlikely to be related to the need to cut costs or to reduce staffing numbers.

Source: CIPFA Audit Benchmarking Club, 2014

A significant proportion of the staff of some members of the benchmarking club take advantage of part-time working. As Figure 49 shows, in some cases around two-thirds of audit staff work part time. More notable, though, is that over two-thirds of benchmarking club members have at least some members of audit staff working part time.

Source: CIPFA Audit Benchmarking Club, 2014

Staff qualifications

Studying for and achieving professional qualifications play a significant role in an auditor’s early career and can have a significant impact on their future prospects. So it comes as little surprise, as shown in Figure 50, that nearly half of the internal audit staff of members of the benchmarking club hold such a qualification. (The benchmarking club defines ‘professional qualification’ as membership of a Consultative Committee of Accountancy Bodies (CCAB) member body or equivalent. ‘Part-qualified’ is defined as part-qualification with a CCAB member body, membership of the Association of Accounting Technicians or equivalent.)

A further third of audit staff are part-qualified.

Source: CIPFA Audit Benchmarking Club, 2014

Numbers of audit staff at different levels of qualification vary considerably across local authorities, as is only to be expected given the differing sizes of their internal audit functions. This is shown in Figure 51.

Source: CIPFA Audit Benchmarking Club, 2014

When we look at percentages of staff at different levels of qualification, as in Figure 52, it is clear that, while there is a considerable degree of variation, most internal audit functions have a reasonable proportion of professionally qualified staff and more who are part-qualified. Very few have no staff with professional qualifications.

Source: CIPFA Audit Benchmarking Club, 2014

Agency staffing

In addition to their own internal resources, a number of benchmarking club members make use of agency staff from time to time. Such additional support costs an average of just under £25 per hour, as shown in Figure 53. Costs range, however, from £15 to £40 an hour, though this is likely to depend on the qualifications and experience of the agency auditor, the nature of the work performed and the duration of the assignment.

Source: CIPFA Audit Benchmarking Club, 2014

Staff turnover

Members of the benchmarking club have experienced a modest level of staff turnover, with an average net internal audit staff turnover (leavers minus new starters) of 7%. Figure 54 shows that this level of turnover is not consistent across local authorities. Rather, some have experienced no staff turnover, while others have had a net reduction in staff of up to 30%; and, in one case, nearly twice that. These high levels of staff turnover are due, in the main, to structural issues such as internal reorganisation or the outsourcing of elements of the internal audit service.

Source: CIPFA Audit Benchmarking Club, 2014

The availability of qualified, competent and experienced staff is critical to the internal audit function’s ability to respond to the significant and varied challenges that it faces in today’s uncertain operating environment. We turn our attention now to what these challenges might be and how they impact on the work of the internal audit function.

Looking to the future

In this section, we explore some of the challenges facing the internal audit function and consider how they impact on the work of the function in practice.

Key challenges facing the internal audit function

Based on the information submitted by members of the benchmarking club, it is evident that internal audit in local government is facing a number of challenges. Some relate to the external environment, while others are more to do with the way in which the function itself operates.

Members of the benchmarking club highlight in particular the need to respond to:

• ■the current economic environment and especially the need to reduce costs and to achieve more with the same level of resources or to achieve the same with less
• ■changes to the structure and responsibilities of the internal audit function, either in response to the need to cut costs or for other reasons
• ■the nature and significance of new strategic and operational risks to local authorities, together with how these risks are identified, assessed and managed.

Other challenges identified by members of the benchmarking club include:

• ■the effective use of assurance mapping to gain the full picture of all potential sources of assurance and to ensure that internal audit resources are targeted where they can be of most value
• ■ensuring compliance with the requirements of the Public Sector Internal Audit Standards.

The impact of these challenges

Table 3 sets out an overview of how the challenges identified above are impacting on the work of the internal audit function, on the basis of information submitted by members of the benchmarking club.

Source: CIPFA Audit Benchmarking Club, 2014

Assurance mapping

In respect of assurance mapping, members of the benchmarking club have outlined a broad range of internal, peer and external sources of assurance upon which they draw when planning and reporting on their work. A selection of these are set out in Table 4.

Source: CIPFA Audit Benchmarking Club, 2014

Public Sector Internal Audit Standards

Over 95% of members of the benchmarking club report that their internal audit function is compliant with the Public Sector Internal Audit Standards. But this is not to say that they have not experienced difficulties along the way.

Some of the compliance issues that members have faced or are currently dealing with include:

• ■the process for appointing the head of internal audit
• ■the mechanism for appraising the performance of the head of internal audit
• ■updating the internal audit handbook to reflect the new standards
• ■implementing a quality assurance and improvement programme
• ■assessing the design, implementation and effectiveness of the organisation’s ethics-related objectives, programmes and activities
• ■clarifying the reporting lines of the head of internal audit
• ■securing auditor declarations of interest
• ■commissioning an external review of compliance.

Despite these issues, together with some reservations about the applicability of all of the standards to local government organisations, most benchmarking club members are confident that compliance with the Public Sector Internal Audit Standards will be achieved in full.

How to join the
benchmarking club

About CIPFA Benchmarking

The CIPFA benchmarking services allow organisations to understand their strengths and to identify opportunities for improvement by comparing their performance with that of their peers.

These services cover all of the key corporate functions affecting the efficiency and effectiveness of local government organisations, such as accountancy, governance, revenues and benefits, human resources, legal and democratic services.

CIPFA also offers specific benchmarking services focused on social care, planning, customer contact and value for money.

The services provide detailed and individually-tailored reports, databases and interactive tools that provide users with clear evidence to support decision making.

Who can join the benchmarking clubs

Membership of the benchmarking clubs is open to all local authorities across the United Kingdom. With an extensive membership base, the clubs allow members to compare their performance with like organisations across the sector.

What members need to do

Once members have signed up for an annual subscription to the club(s) of their choice, they are asked to complete a questionnaire for each club. This questionnaire will cover a range of different topics, depending on the function to which it relates.

Questionnaires are usually sent out in April to June, collecting data in respect of the previous financial year. Members are given two months to complete and return the form. Benchmarking reports are issued to members a further two months after that.

How to join