Sign In

Legislation - Public Entity

 

Contents

1       Introduction

1.1    Accounting Officer / Authority

1.1.1 Section 51 (1) (a) (i) of the Public Finance Management Act (Act 1 of 1999 as amended by Act 29 of 1999) (PFMA)

1.1.2 Section 27.2.1 of the Treasury Regulations

1.2    Management, Other Personnel, Chief Risk Officer, Risk Champions

1.2.1 Section 57 of the Public Finance Management Act (Act 1 of 1999 as amended by Act 29 of 1999) (PFMA)

1.3    Internal Auditors

1.3.1 Section 51 (1) (a) (ii) of the Public Finance Management Act (Act 1 of 1999 as amended by Act 29 of 1999) (PFMA)

1.3.2 Section 27.2.6 of the Treasury Regulations

1.3.3 Section 27.2.7 (a) of the Treasury Regulations

1.3.4 Section 2110 - Risk Management of the International standards for the Professional Practice of Internal Auditing

1.4    Audit Committee

1.4.1 Section 77 of the Public Finance Management Act (Act 1 of 1999 as amended by Act 29 of 1999) (PFMA)

1.4.2 Section 27.1.8 of the Treasury Regulations

1.4.3 Section 27.1.10 of the Treasury Regulations

 

1 Introduction

1.1 Accounting Officer / Authority

1.1.1 Section 51 (1) (a) (i) of the Public Finance Management Act (Act 1 of 1999 as amended by Act 29 of 1999) (PFMA)

Section 51 (1) (a) (i) of the PFMA requires that:

"An Accounting Authority for a public entity -

(a) must ensure that the public entity has and maintains -

·       (i) effective, efficient and transparent systems of financial and risk management and internal control."

1.1.2 Section 27.2.1 of the Treasury Regulations

The roles and responsibilities for the implementation of the ERM strategy is contained in the Treasury Regulations published in terms of the PFMA. Section 27.2.1 of the regulations addresses risk management summarised as follows:

·      The accounting officer must ensure that a risk assessment is conducted regularly to identify emerging risks for the institution.

·     The risk management strategy, which must include a fraud prevention plan, must be used to direct internal audit effort and priority and to determine the skills required of managers and staff to improve controls and to manage these risks.

·      The risk management strategy must be clearly communicated to all officials to ensure that it is incorporated into the language and culture of the institution and embedded in the behaviour and mindset of its people.

1.2 Management, Other Personnel, Chief Risk Officer, Risk Champions

1.2.1 Section 57 of the Public Finance Management Act (Act 1 of 1999 as amended by Act 29 of 1999) (PFMA)

The extension of general responsibilities in terms of Section 57 of the PFMA to all managers within the public sector implies that responsibility for risk management vests at all levels of management and that it is not limited to only the accounting officer and internal audit.

1.3 Internal Auditors

1.3.1 Section 51 (1) (a) (ii) of the Public Finance Management Act (Act 1 of 1999 as amended by Act 29 of 1999) (PFMA)

Section 51 (1) (a) (ii) of the PFMA requires that:

"(i) An accounting authority for a public entity -

(a) must ensure that the public entity has and maintains -

·   (ii) a system of internal audit under the control and direction of an audit committee complying with and in accordance with regulations and instructions prescribed in terms of sections 76 and 77."

1.3.2 Section 27.2.6 of the Treasury Regulations

Section 27.2.6 of the Treasury Regulations states:

"Internal Audit must be conducted in accordance with the standards set by the Institute of Internal Auditors."

1.3.3 Section 27.2.7 (a) of the Treasury Regulations

Section 27.2.7.(a) of the Treasury regulations states:

"An internal audit unit must prepare, in consultation with and for approval by the audit committee –

·     (a) a rolling three-year strategic internal audit plan based on its assessment of key areas of risk for the institution, having regard to its current operations, those proposed in its strategic plan and its risk management strategy."

1.3.4 Section 2110 - Risk Management of the International standards for the Professional Practice of Internal Auditing

Section 2110 - Risk Management of the International standards for the Professional Practice of Internal Auditing states:

"The internal audit activity should assist the organisation by identifying and evaluating significant exposures to risk and contributing to the improvements of risk management and control systems.

2110. A1 - The internal audit activity should monitor and evaluate the effectiveness of the organisation's risk management system.

2110. A2 - The internal audit activity should evaluate risk exposures relating to the organisation's governance, operations, and information systems regarding the:

·         Reliability an integrity of financial and operational information;

·         Effectiveness and efficiency of operations;

·         Safeguarding of assets;

·         Compliance with laws, regulations, and contracts.

2110. C1 - During consulting engagements, internal auditors should address risk consistent with the engagement's objectives and be alert to the existence of other significant risks.

2110. C2 - Internal Auditors should incorporate knowledge of risks gained from consulting engagements into the process of identifying and evaluating significant risk exposures of the organisation."

1.4 Audit Committee

1.4.1 Section 77 of the Public Finance Management Act (Act 1 of 1999 as amended by Act 29 of 1999) (PFMA)

Section 77 of the PFMA states:

·         "An audit committee -

a) Must consist of at least three persons;

b) Must meet at least twice a year;

c) May be established for two or more departments or institutions if the relevant treasury considers it to be more economical."

1.4.2 Section 27.1.8 of the Treasury Regulations

Section 27.1.8 of the Treasury Regulations states:

·         "27.1.8 - The audit committee must, amongst others, review the following:

a) The effectiveness of the internal control system;

b) The effectiveness of internal audit;

c) The risk area's of the entity's operations to be covered in the scope of the internal and external audits;

d) The adequacy, reliability and accuracy of financial information provided to management and other users of such information;

e) Any accounting and auditing concerns identified as a result of internal and external audits;

f) The entity's compliance with legal and regulatory provisions;

g) The activities of the internal audit function, including its annual work programme, co-ordination with external auditors, the reports of significant investigations and responses of management to specific recommendations;

h) Where relevant, the independence and objectivity of the external auditors."

1.4.3 Section 27.1.10 of the Treasury Regulations

·         Section 27.1.10 of the Treasury Regulations states:

a) "Report and make recommendations to the accounting authority;

b) Report on the effectiveness of internal controls in the annual report of the institution;

c) Comment on its evaluation of the financial statements in the annual report."


© Maintained by the National Treasury. All Rights Reserved.