Internal audit for Academy Trust & Colleges

Internal Audit

Previously known as responsible office services

It is a requirement of the Academies Financial Handbook that all academy trusts must have a programme of internal scrutiny (Internal Scrutiny is a term used in the Academies Financial Handbook. We use the terms Internal Scrutiny and Internal Audit interchangeably throughout this site) to provide independent assurance to the board that its financial and other controls, and risk management procedures, are operating effectively.

Each trust must identify on a risk-basis, by reference to its risk register, the areas it will review each year.

Because we're a specialist firm that focuses entirely on services to the academy sector, we can provide independent, internal scrutiny at the highest quality at a fraction of the cost of some larger accountancy practices.

You can be assured of the competence and quality of our work because...

Academy Advisory Ltd is regulated by the ACCA, the world’s largest global body of accountants.
We act as internal auditors for academies and trusts across the UK.
Our team works as both auditors and finance directors within the sector.
We know the challenges you face running your trust because we help to run them too.
Each audit visit will be reported formally and summarised in a termly report for the Trust audit committee.

How much will these services cost?

Our rates vary depending on the number of areas to be audited and the complexity of each trust. A trust with a centralised administrative and finance functions is likely to be more efficient to review than a geographically disperse decentralised trust.

In addition, preparing once consolidated trust-wide report for audit committee will be significantly less expensive than preparing individual reports for each academy.

As a guide, we would expect an initial visit to review a trust’s risk map, interview key staff, and prepare a draft internal scrutiny plan for approval to cost in the region of £1,000 to £2,000 plus VAT. Our fees for each individual internal audit review will depend on the complexity of the area to be reviewed and the seniority of staff consequently required to perform the review. For example, we would typically expect a one-day on-site review of core financial controls at one academy, including preparation of a draft report, to cost in the region of £500 to £800 plus VAT.

Additional assurance work

In the event of additional assurance work being required we will submit a quotation based on estimated time of delivery and our current day rates. Below we have included the daily charges out rates for key members of the team:

DIRECTOR / ASSOCIATE DIRECTOR

Daily rate

£475.00

SENIOR CONSULTANT

Daily rate

£400.00

ACCOUNTANT / INTERNAL AUDITOR

Daily rate

£300.00

ASSISTANT

Daily rate

£250.00

The Risk Management Cycle

Risk management is a process of understanding and managing the risks that the organisation is subject to in attempting to achieve its strategic objectives. The risk management framework is a vital business process; ideally risk registers should be a living and breathing part of regular senior leadership meetings both at academy and trust levels.

Four key stages

Identify

STAGE ONE

Assessment

STAGE TWO

Mitigate

STAGE THREE

Monitor and Report

STAGE FOUR

Identify

The first stage of risk management is to identify the risks that most affect the organisation. These risks are summarised in the Risk Register.

Assessment

Once the risks have been identified, they are assessed and risk ratings are attributed according to probability and potential impact.

Mitigate

The third stage is to identify any controls that exist, or that could be put into effect in order to reduce risk. A good example would be health and safety compliance, where a member of staff will be accountable for checking compliance and approved suppliers used in order to ensure regulations are adhered to.

Monitor and Report

The controls that help to mitigate risk are subject to internal audit checks or other internal monitoring. Monitoring activities are summarised into reports that are received by the audit committee, allowing the committee and board to assess the adequacy of the internal control framework, and to assist in the planning the next round of internal audits.

The Role of Internal Scrutiny

The role of Internal Scrutiny is to provide independent scrutiny and assurance that an organisation's risk management, governance and internal control processes are operating effectively.

Prior to the publication of the latest Financial Handbook, internal scrutiny was only required in certain areas, in particular key financial controls. The latest Financial Handbook has extended the requirement for internal scrutiny to cover the whole control framework. It is therefore likely that trusts will now need assurance in areas that have never previously been reviewed.

Below we provide a breakdown of the typical work we conduct on a review of key financial controls.
Our approach to auditing key financial controls
It is necessary to plan our work carefully so we will undertake an initial visit at the trust’s centre to ensure the management structure and processes are documented. It is vital that the structure of the trust’s management is fully understood through robust audit planning, as different MATs have differing levels of decentralisation, and it is important to tailor tests accordingly to ensure an efficient and effective audit.

There are two key elements to the internal scrutiny work programme: tests to be conducted at the trust’s centre and those undertaken at academy level.

1

Trust level review will be tailored to suit the management structure of the trust, but indicative themes are provided below:
- Review policies in place at the trust and how they are implemented operationally
- Review the controls in place centrally in order to ensure effective management of academies
- Review the risk register and key central controls that mitigate those risks
- Review the financial systems and controls in place at the trust's centre are effective
2

The following tests are often carried out at academy level, but will be tailored to suit the needs of the trust. They’re included below to provide an indication as to the usual scope of work:
- Review a sample of purchase orders for each academy, reviewing adherence to trust policies.
- Review any leases/contracts held to ensure documentation is available.
- A sample of capital grant expenditure items are reviewed to ensure spend is in line with trust policies and grant terms.
- A sample of income transactions are reviewed to ensure prompt recording and banking takes place, in accordance with policies.
- A sample of payroll transactions are reviewed to ensure pay is in accordance with HR records and policies.
- A sample of new starters are reviewed to ensure they have been properly authorised in accordance with trust policies.
- A sample of expense claims are reviewed to ensure spend is appropriate and authorised in accordance with trust policies.
- All ex-gratia payments are reviewed to ensure they’re in line with trust policy.
- A sample of business card transactions are reviewed to establish whether they've been properly authorised and incurred in accordance with trust policy.
- A sample of journals are reviewed to ensure they’re appropriate, and have been authorised in line with trust policy.
- We review petty cash transactions to establish whether transactions over the authorised limit have been made.
- We review whether month-end petty cash has been properly reconciled.
- We review whether month-end bank balances have been properly reconciled.
- We establish whether the academy budget has been approved by the trust in accordance with stated policies.
- We review petty cash controls and balances (to establish whether the authorised limit has been exceeded).
- We review and test the procedures and controls around non-grant income, covering areas such as: trips; facilities hire; catering; and donation income.
- We review monthly management accounts to identify any financial issues, and to gauge the effectiveness of budgetary control.
- We enquire as to the level of communication with the academy principal.
- We review any disposal of assets to ensure they’re in accordance with the ESFA Financial Handbook and trust policy.
- We review the procedures in place at the academy to capture any potential conflicts of interest.
- We review any related party transactions and report any that may be of significant issue.
- All previous recommendations of internal audit are followed up and considered as part of our reporting.
- We consider the findings of and liaise with External Audit.
- We review for any instances of whistleblowing and / or fraud.
Other scrutiny reviews
Aside from the scrutiny of key financial controls, it is likely that that the internal scrutiny plan will need assurance on other areas of risk that the trust faces. These might include:
- Governance (including trust-level compliance to handbook and governance structures at local levels)
- Fixed assets
- Procurement and contract management
- ICT strategies
- Estates strategies
- HR policies, systems and controls
- Review of policy framework
- Business and strategic planning processes
- Budget preparation processes and procedures
- Management reporting
- Management of trips
Working with you to ensure our reporting is timely and accurate

Following the publication of the revised Financial Handbook we have enhanced how we communicate to clients in order to improve the timeliness, accuracy and transparency of our findings.

At the end of each visit we will provide each academy/trust with a spreadsheet-based summary of our findings and recommendations. Academies will then have time to review our findings, ensure they are satisfied with the factual accuracy, and provide their responses to those findings. Once this is complete, we will draft the findings and responses into our formal report for presentation to the Audit Committee. This new approach means that academies receive feedback immediately, plus it allows us to consider academies’ plans for implementing our recommendations when we draft our report.

A new requirement of the Financial Handbook is a termly report to the Audit Committee summarising the internal scrutiny work undertaken in that term. It is up to each trust to decide how it divides its internal scrutiny plan between the terms. In our termly report we will consider the outcome of that term’s work and its impact on the agreed internal scrutiny plan and suggest amendments where we feel the risks in particular areas have changed.

We will also provide an Annual Report summarising our work for the year, highlighting any risk areas that we have identified, and any follow up reviews undertaken.

Our leadership team

Chris Whiting FCCA

FINANCIAL SERVICES

Ralph Hilton

ESTATE SERVICES

Financial Services

Additional Services

Website Design by Blake Designs Ltd

Internal Audit

Previously known as responsible office services

How much will these services cost?

Additional assurance work

DIRECTOR / ASSOCIATE DIRECTOR

SENIOR CONSULTANT

ACCOUNTANT / INTERNAL AUDITOR

ASSISTANT

The Risk Management Cycle

Four key stages

Identify

Assessment

Mitigate

Monitor and Report

Identify

Assessment

Mitigate

Monitor and Report

Trust level review will be tailored to suit the management structure of the trust, but indicative themes are provided below:

The following tests are often carried out at academy level, but will be tailored to suit the needs of the trust. They’re included below to provide an indication as to the usual scope of work:

Our leadership team

Chris Whiting FCCA

Ralph Hilton

Academy Advisory

Financial Services

Additional Services