-
Quality assessment
The Quality Assurance and Improvement Programme (QAIP) is aimed at evaluating internal audit’s conformity with the International Professional Practice Framework (IPPF) for internal auditing.
Internal assessments are conducted and results are presented to the Audit and Risk Assurance Committee (ARC) on an annual basis.
Independent and objective external assessments are conducted by an outsourced external provider every five years. The last external assessment was conducted in 2018 and the next assessment is scheduled for FY 2023/24. -
External auditors
The powers to appoint external auditors for Public Institutions (like NSSF) is vested in the Office of the Auditor General of Uganda (OAG). In line with Section 23 of the National Audit Act (2008), the Auditor General may appoint private auditors to assist him or her in the performance of his or her functions under this Act.
Section 32(2) of the NSSF Act gives the Auditor General the mandate to audit its financials or by an Auditor appointed by the Auditor General.
Accordingly, the Auditor General appointed PricewaterhouseCoopers Limited (PWC) to conduct an annual audit of NSSF for the year ending 30 June 2021. The length of service of external auditors is determined by the appointing authority and the general practice has been for a duration of three years.
The ARC reviews the external audit plan and oversees the relationship between the internal and external auditors to ensure efforts are coordinated.
Assurance Function of Internal Audit (IA) as a way of making lives better for our members.
Making lives better for our members is enhanced by promoting peace of mind, reducing uncertainty and ensuring positive returns.
HEAD OF INTERNAL AUDIT
Mr. Geoffrey Barigye
Strategic Objectives
Strategic Objectives
Stakeholders Matters
Capitals
Risks
Internal Audit (IA) supports the Board and Management to execute their mandate by providing independent, objective assurance of the Fund’s operations and system of internal controls, thereby protecting and creating value for a better future.
The role of the audit function is therefore to assist the Board to:
The Internal Audit Charter provides the framework that guides activities, purpose, authority and responsibility, approved by the Board of Directors.
In line with best practice, IA reports functionally to the Board and administratively to the Managing Director.
Issues raised in various audit reviews, are reported to both Management for remediation and to the Board Audit Committee for oversight. Internal Audit makes value adding recommendations to Management and all remedial actions are tracked to completion and independently validated.
The annual risk based audit plan and IA budget are developed in consultation with Management and approved by the Audit and Risk Assurance Committee of the Board (ARC).
The key areas of focus are aligned to the strategic objectives of the Fund and most audits are focused on non-financial information for example; audits on real estate projects focus on environmental impact and energy reduction.
The audit team also regularly reviews the financial statements to ensure their accuracy, reliability and completeness.
Internal Audit’s role in integrated reporting
IA provides assurance on key components of the integrated report, such governance, risk management and internal controls. Technology has been leveraged on to incorporate data consistency and integrity, stronger collaboration among functions, concise information, and real-time visibility to help identify key areas of focus and opportunities to create and protect strategic business value.
Combined assurance
Accountability is clear within the three lines of defence model, with assurance providers working together to provide coordinated assurance.
IA consults and engages other assurance providers during the audit planning and execution stages.
All audit reports are shared with other assurance providers and investigations are undertaken collaboratively.
However, the coordination with other assurance providers does not impair the independence of IA. IA objectively reviews all internal controls, risk management and governance processes for the other assurance providers.
Going forward, IA will engage assurance providers to develop a formalised combined assurance model to improve the coordination of work plans and minimise duplication of efforts.