Appendix A

Introduction

This charter establishes the framework within which Lancashire County Council’s Internal Audit Service operates to best serve the Combined Fire Authority and to meet its professional obligations under applicable professional standards. It defines the purpose, authority and responsibility of internal audit activity, establishes the Internal Audit Service's position in relation to the Combined Fire Authority; authorises access to records, personnel and physical properties relevant to the performance of engagements; and defines the scope of internal audit activities.

It will be subject to periodic review by the Head of Service – Internal Audit ('Head of Internal Audit') and presented to the Audit Committee for approval.

Relevant Regulations and Interpretation

The Chartered Institute of Public Finance and Accountancy (CIPFA) is the relevant standard setter for Internal Audit in local government in the United Kingdom. From 1 April 2025, the Global Internal Audit Standards (GIAS) and the Application Note: Global Internal Audit Standards in the UK Public Sector will replace the Public Sector Internal Audit Standards (PSIAS). The Internal Audit Service therefore operates in accordance with this mandatory definition, code, standards, and advice.

The new Global Internal Audit Standards are organised into five domains: Purpose, Ethics and Professionalism, Governing the Internal Audit Function, Managing the Internal Audit Function, and Performing Internal Audit Services. These domains encompass 52 standards that provide comprehensive guidance for Internal Audit practices. The principles within these domains emphasise the importance of serving the public interest, maintaining ethical conduct, ensuring effective governance, managing audit functions efficiently, and performing audit services with due diligence.

Authority and Requirement for Effective Internal Audit

The authority and requirement for Internal Audit in local government is established under the Local Government Act 1972 and the Accounts and Audit Regulations 2015. Specifically:

Local Government Act 1972:

Section 151: Requires every local authority to make arrangements for the proper administration of their financial affairs, which includes measures to prevent and detect fraud.

Accounts and Audit Regulations 2015:

Part 2, Section 3: Mandates that local authorities must have sound systems of internal control, which include arrangements for the management of risk, control, and governance processes, encompassing counter fraud measures.

Authority and Requirement for Effective Counter Fraud Arrangements

Local Government Act 1972:

Section 151: Requires every local authority to make arrangements for the proper administration of their financial affairs, which includes measures to prevent and detect fraud.

Section 222: Empowers local authorities to prosecute or defend legal proceedings if it is considered expedient for the promotion or protection of the interests of its inhabitants. This includes prosecuting individuals who commit fraud against the authority.

Accounts and Audit Regulations 2015:

Part 2, Section 3: Mandates that local authorities must have sound systems of internal control, which include arrangements for the management of risk, control, and governance processes, encompassing counter fraud measures.

Definitions

The Institute of Internal Auditors (IIA) defines Internal Auditing as:

Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

In relation to the Combined Fire Authority, the board is defined as the Audit Committee

Senior management is represented by the Executive Board which consists of the Chief Fire Officer, the Deputy and Assistant Chief Fire Officer, the Director of Corporate Services and the Director of People and Development

 

Responsibilities

Role of Internal Audit

The Regulations set out that the Combined Fire Authority must ensure that they have a sound system of internal control which facilitates the effective exercise of its functions and the achievement of its aims and objectives; ensures that financial and operational management is effective; and includes effective arrangements for the management of risk.

 

The Combined Fire Authority has taken the decision to outsource their internal audit provision to Lancashire County Council's Internal Audit Service. However, responsibility for maintaining an adequate and effective system of internal audit remains with the Combined Fire Authority.

Internal Audit provides independent, objective assurance and consulting services designed to add value and improve an organisation's operations. It helps organisations achieve their objectives by systematically evaluating and improving the effectiveness of risk management, control, and governance processes. This service adds value by:

·         Identifying areas for improvement

·         Ensuring compliance with laws and regulations

·         Providing insights that enhance decision-making and organisational performance

Responsibilities of Key Stakeholders

Board and Audit Committee:

·         Ensure the Internal Audit function is independent and has sufficient resources.

·         Approve the Internal Audit Charter, risk-based audit plan, and Internal Audit resources.

·         Oversee the performance and effectiveness of the Internal Audit function.

Chief Executive Officer (CEO) and Senior Management:

·         Support the Internal Audit function by providing access to necessary information and resources.

·         Ensure that management actions are taken in response to Internal Audit recommendations.

·         Foster an organisational culture that values Internal Audit and risk management.

Head of Audit (CAE):

·         Develop and maintain a risk-based audit plan.

·         Ensure the Internal Audit function adheres to the IIA standards and other relevant standards.

·         Report on the Internal Audit function’s performance and findings to the board and audit committee.

Internal Auditors:

·         Conduct audits in accordance with the IIA standards and the Internal Audit charter.

·         Maintain objectivity, integrity, and confidentiality.

·         Communicate audit findings and recommendations clearly and effectively.

·         Maintain professional competence through continuous training and development.

External Auditors:

·         Collaborate with the Internal Audit function to enhance audit coverage and efficiency.

·         Consider the work of Internal Auditors when planning and conducting external audits.

·         Share relevant findings and insights with the Internal Audit function.

These responsibilities ensure that the Internal Audit function operates effectively and adds value to the organisation by providing assurance and insights on governance, risk management, and control processes.

Independence, Objectivity, and Integrity

Everyone in the public sector must comply with the Nolan Principles, which include selflessness, integrity, objectivity, accountability, openness, honesty, and leadership. However, Internal Audit has additional requirements for independence, objectivity, and integrity.

Independence

• Internal Auditors must be free from conditions that threaten their ability to perform their duties impartially. This means:

Ø  Organisational Independence: The Internal Audit function must report functionally to the board or audit committee, ensuring it has the authority to act independently.

Ø  Individual Independence: Internal Auditors must avoid conflicts of interest and not engage in activities that could impair their unbiased judgment.

Objectivity

• Internal Auditors must maintain an unbiased mental attitude and avoid conflicts of interest. This requires:

Ø  Professional Judgment: Internal Auditors should not subordinate their judgment to others and must make decisions based on objective criteria.

Ø  Impartiality: Auditors must perform their work without any bias, ensuring that their findings and recommendations are based solely on evidence.

Integrity

• Internal Auditors must adhere to high ethical standards and be honest and forthright in their work. This involves:

Ø  Ethical Conduct: Auditors must act with integrity, ensuring their actions and decisions are in the best interest of the organisation.

Ø  Professional Competence: Auditors must maintain their professional knowledge and skills through continuous training and development, ensuring they stay updated with the latest auditing standards and practices.

These additional requirements ensure that Internal Auditors can provide reliable and objective assurance and consulting services, thereby enhancing the effectiveness of governance, risk management, and control processes within the organisation.

Reporting Lines and Relationships

Functional Reporting

The Head of Internal Audit reports functionally to the Audit Committee. This ensures that the Internal Audit function operates independently from management and can provide unbiased assurance.

Organisational Reporting

The Head of Internal Audit has direct access to senior management within the Lancashire Fire and Rescue Service. This access ensures that the Internal Audit function can communicate important findings and recommendations directly to those in positions of authority.

Regular Access to the Audit Committee

The Head of Internal Audit has regular access to the chair of the Audit Committee, which typically meets at least four times a year. The Head of Internal Audit reports to each meeting of the committee under its terms of reference. The committee is responsible for approving the annual audit plan and overseeing the performance of the Internal Audit function.

These reporting requirements, as set out in the Global Internal Audit Standards (GIAS), ensure that the Internal Audit function can operate independently and effectively, providing valuable insights and assurance to the organisation.

Access to Information

Right of Access for Internal Audit

Internal Auditors respect the value and ownership of information they receive and the reports they produce, and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so. They are prudent in the use and protection of information acquired in the course of their duties and shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the authority's legitimate and ethical objectives.

The Internal Audit function has unrestricted direct access to all records, This right of access is essential to ensure that Internal Auditors can carry out their responsibilities without any limitations or hindrances.

Access to Records

Internal Auditors have the authority to access all records, documents, data, and correspondence relating to the Lancashire Fire and Rescue Service, regardless of the format in which they are held (physical form or electronically). This includes any unofficial funds operated by an employee as part of their duties. This access allows auditors to gather the evidence needed to evaluate the effectiveness of risk management, control, and governance processes, or to aid any investigation

Access to Premises

Internal Auditors have the authority to enter any premises or land of the organisation to conduct audits. This includes access to all departments, offices, and facilities, ensuring that auditors can observe operations and verify the existence and condition of assets.

Access to Personnel

Internal Auditors have the authority to interview any employee or officer of the organisation to provide such explanations, information or other assistance concerning any matter under examination as part of any audit engagement This access is crucial for understanding processes, identifying potential issues, and obtaining insights that may not be evident from documents alone.

Access to Property

Internal Auditors have the authority to require any employee of the Lancashire Fire and Rescue Service to produce cash, stores, or any other  property under his or her control.

Access to Computer Systems

Internal Auditors have the authority to access all computer systems as and when required. This ensures that auditors can review electronic records, data, and systems to perform comprehensive audits.

These rights of access are fundamental to the Internal Audit function's ability to provide independent and objective assurance. Any restrictions on access to records, premises, personnel, or computer systems would impair the audit function's independence and objectivity, thereby reducing its effectiveness.

Internal Audit Resources and Effectiveness

Sufficiency of Resources

The Internal Audit function shall be provided with sufficient resources, including professional audit staff possessing the necessary knowledge, skills, experience, and professional qualifications to effectively fulfil its responsibilities. This includes resources for counter fraud and investigation work designed to comply with the four pillars of the Fighting Fraud and Corruption Locally strategy: Govern, Acknowledge, Prevent, and Pursue.

Continuous Professional Development

The Internal Audit staff shall engage in continuous professional development to maintain and enhance their competencies, ensuring they remain current with industry standards and best practices.

Access to Specialised Skills

The Internal Audit function shall have access to specialised skills from within or outside the organisation as necessary to address specific audit requirements and complexities, including counter fraud and investigation activities.

Independence and Objectivity

Internal Audit resources shall be independent and objective, free from any conflicts of interest, to ensure unbiased and effective audit activities.

Adequate Budget

The Internal Audit function shall be allocated an adequate budget to meet its objectives and execute its audit plan effectively, ensuring the necessary resources are available, including those required for counter fraud and investigation work.

Responsibility for Internal Audit Resources

The responsibility for ensuring that Internal Audit resources are in place lies with the Combined Fire Authority as well as the Audit Committee. The Audit Committee reviews and approves the Internal Audit plan and resource requirements, ensuring that the Internal Audit function is adequately resourced.

Section 10.01 of the Global Internal Audit Standards (GIAS) requires the Head of Internal Audit to seek budget approval from the Audit Committee. However, senior management is responsible for allocating and approving service budgets. Despite this, the Audit Committee plays a crucial role in ensuring that sufficient budget and resources are allocated to Internal Audit. They can raise concerns with management if they believe additional budget and resources are necessary to support the internal audit function effectively. Additionally, the Head of Audit will promptly communicate the impact of insufficient financial resources to the board and senior management, as per the GIAS requirements.

The Head of Internal Audit ensures that the Internal Audit Service has the necessary skills and competencies to perform their duties, including those related to counter fraud and investigation work. The committee ensures that the Internal Audit function remains independent and objective, and it monitors the implementation of the Internal Audit plan and the use of resources.

Section 4.1 of the Global Internal Audit Standards (GIAS) requires the Head of Audit to report to the Audit Committee if resources are not adequate to fulfil the internal audit mandate effectively. This ensures that the Internal Audit function can operate independently and provide the necessary assurance and advisory services without any limitations

Competency

The Head of Internal Audit and audit managers are required to hold appropriate professional audit qualifications. These are defined as full membership of one of the institutes of the Consultative Committee of Accountancy Bodies (CCAB) or professional membership of the Chartered Institute of Internal Auditors (CIIA). It is expected that senior auditors will either hold or be close to and actively working towards full professional qualification but, exceptionally, they may be qualified by experience at a demonstrably professional level.

The county council's performance and development opportunities are applicable to all staff within the Internal Audit Service, which supports continuous staff development.

Quality Assurance and Improvement

The Head of Internal Audit operates a quality assurance and improvement programme that both monitors the ongoing performance of Internal Audit activity and periodically assesses the Internal Audit Service's compliance with the Global Internal Audit Standards (GIAS). This includes both internal and external assessments and is set out in a separate quality assurance and improvement programme.

The results of the quality assurance and improvement programme, including any areas of non-conformance with GIAS, are reported annually to the Audit Committee. This report will include information regarding:

• The scope and frequency of both the internal and external assessments.
• The qualifications and independence of the assessor(s) or assessment team, including potential conflicts of interest.
• Conclusions of assessors.
• Corrective action plans.

Non-Audit Work

The Head of Internal Audit shall maintain independence and objectivity in the performance of their duties. To ensure this, the Head of Internal Audit shall not have responsibilities for non-audit functions that could impair their professional judgment.

If the Head of Internal Audit does have responsibilities for non-audit functions such as the Investigation Service, clear segregation of duties and safeguards shall be in place to maintain the independence and objectivity of the Internal Audit function. Any such responsibilities shall be disclosed to the Audit Committee, which shall regularly review these arrangements to ensure the Internal Audit function remains independent and effective.

 

 

Title
Version number	1
Document author(s) name and role title	Laura Rix- Audit Manager
Document owner name and role title	Laura Rix- Audit Manager
Document approver name and role title	Fire Combined Audit Committee

 

Date of creation		Review cycle
Last review	June 2025	Next review date	March 2026 (in line with the Audit Plan)

 

Version	Date	Section/Reference	Amendment