Internal Audit / Evaluation
OECD Internal Audit (IA) reports directly to the Secretary-General, and, including its Director, comprises a team of four. It is part of an Audit Architecture which also comprises External Audit (the Supreme Audit Institution of a Member country selected via call for tender) and an Audit Committee (a sub-Committee of the governing body).
IA was created on 1 January 2003, and its mandate was updated effective 1 November 2008. In accordance with the International Standards for the Professional Practice of Internal Auditing of the Institute of Internal Auditors (“the Standards”), IA provides the Secretary-General with an independent and objective assurance and advisory activity designed to add value and improve the Organization’s operations. It helps the Organisation achieve its objectives by bringing a systematic, disciplined approach and improve the effectiveness of risk management, control and governance processes.
Internal Control Framework
IA exists in a context where the Organisation has adopted an Internal Control Framework, which is based on “COSO”, the generally accepted definition of Internal Control. Internal Control comprises policies and procedures implemented by, and under the responsibility of, management, designed to mitigate risks. Risks are factors which might prevent the achievement of objectives, strategic, operational and financial.
A register of risks as compiled by management, describing the risks, their likelihood and impact, and defining those responsible for managing them, is prepared for the Secretary-General and the Budget and Audit Committees.
At year end, Directors attest to having in place controls that provide “reasonable assurance” that Financial, Staff and other relevant regulations have been complied with for the budgets for which they are responsible.
In accordance with the Standards, IA compiles and conducts a work plan designed to enable it to provide the Secretary-General with an independent and objective opinion on the quality of this Internal Control Framework.
A risk-based Internal Audit work plan
The IA annual work plan is based on several factors, including IA’s own perception of areas meriting attention, the risk register, discussion with management. It is also established in coordination with External Audit. Following the input and approval of the Secretary-General, this plan is presented to and discussed with the Audit Committee. In addition to this work plan, IA will propose, or will respond to requests for, independent advice for the Secretary-General and management on internal control issues relating to ongoing financial and operational reforms.
Internal Audit methodology and reporting
Assignments are performed in accordance with agreed terms of reference, findings are made based mainly on interview and sample testing, and participating management is provided with drafts of IA observations and recommendations for discussion.
When finalized, the report, comprising an Executive Summary and detail, and including the responses of management, is communicated to the Secretary-General. The Secretary-General then sends this report to management requesting their planned action for implementation of the recommendations. Six months following receipt of this action plan, the Secretary-General requests an update on the status of implementation.
The Executive Summary of each report is communicated to, and discussed with, the Audit Committee, as is the status of follow-up to IA recommendations.
This work is summarized in an annual report to Council.
An IA official performs the function of secretary to the Audit Committee (agenda, meeting summaries and other administrative duties).
Evaluation & the OECD
Evaluation is an instrument that is used by administrations and organisations to produce relevant and reliable results-focused information that enables them to take decisions on a more informed basis. In accordance with this general principle, the overarching goal of In-depth Evaluation in the OECD is to provide the Council with a mechanism through which it can “assess whether Committees are conducting processes, delivering outputs and achieving impacts that are in line with Members’ policy expectations and priorities and the comparative advantage of the OECD, and that represent value-for-money to capitals” [C(2004)190].
In-depth Evaluation, as an integral part of the OECD’s Integrated Management Cycle, was implemented in 2005 under the responsibility of the Evaluation Committee (an advisory body of the Council) and conducted by the In-depth Evaluation function situated within the Secretariat’s Internal Audit and Evaluation Unit. It comprises three staff members.
In-depth Evaluations are designed to support Council in its oversight of Committees so as to better hold them accountable for their performance. In this context, Committees are assessed with respect to the relevance of their policy direction, their effectiveness in terms of policy impact and how efficiently they function.
A second and equally important aspect of In-depth Evaluation is the use of evaluation results to increase the understanding of the strengths and weaknesses of Committees so as to provide a basis for learning from past performance in order to optimise future results. It is in the context of fostering improved performance that evaluation recommendations are endorsed by Council and systematically monitored for implementation for a year, and sometimes longer, after the completion of an evaluation.
Permanent URL: www.oecd.org/internalaudit
Financial Statements of the OECD as of 31 December 2003