Emerging risks in Quarter 1 & 2 of 2017/18; Internal Control challenges in Economic Audit Committee Cluster

Meeting report

Audit Committee report on Departments in the Economic Cluster

Ms Judy Gunter, Chairperson: Economic Cluster Audit Committee, described the responsibilities of the committee with regard to the identification of emerging and transversal risks for departments. She said strategic risks were those risks that affected the Department’s ability to meet strategic goals and required oversight by senior management. The effect of these risks may cut across all the departments and impact on the vision of a department in the five-year strategic plan. Consequently, these risks were constantly considered by the accounting officer due to their long-term nature.

She also spoke about programme risks, which arise in the day-to-day operations in programmes. These risks required specific and detailed responses and monitoring regimes. Their nature was short-term and was linked to the annual performance plan indicators for a given programme. Operational risks may result in adverse consequences for the department if they were not properly treated.

There were various emerging and continuing transversal risks for departments in the Western Cape. The Head of Department (HOD) may sometimes be unable to perform certain duties due to consequence management contained in the draft Public Audit Amendment Bill. Also, predetermined objectives from the central/national level placed certain limitations on departments, as the departments had no influence over those objectives. However, the Auditor General (AG) may intervene to audit at the source. The Audit Committee acknowledged that this process may take considerable time. The process may become more onerous every year due to the processes engaged by the AG. Extreme budgetary constraints associated with cash flow management may also constitute a risk for departments. Water-related issues, such as water security and climate change; business continuity, misaligned organisational culture and budget risks had been included in the Provincial Risk Register. Interpretation differences between AGSA and departments in terms of payment transfers for goods and services may have transversal effects. Some of the matters involving payment transfers were yet to be resolved.

Ms Gunter referred to the completed internal audit assignments and the risks that influenced various Departments in the Economic Cluster in the first and second quarters of 2017/2018. For the Department of Environmental Affairs and Development Planning, there was implementation of the Western Cape Government’s Corporate Governance of Information Technology Policy and Charter (WCGCGITPC). Areas for improvement had been identified and were ready for implementation. This audit assignment was transversal. Another assignment for the Department was Asset Management (a consulting assignment). This included a refresher workshop for all role players. Matters of concern were followed up at each Audit Committee meeting. The Department had made considerable effort to implement the recommendations of the Audit Committee.

Risks that affected the Department included the unsustainable use of natural resources, especially water; fire and destruction of bio-diversity resources; and the interpretation of payment transfers and goods and services.

Discussion

Ms C Beerwinkel (ANC) expressed concern about the role of consultants in the internal audit process. Why did they have to use consultants?

Ms Gunter said that consultants helped to identify risks and to recommend appropriate processes and controls to mitigate risks. They also gave an assurance that risks would be minimised if their recommendations were complied with. Consultants also helped to improve already existing processes. Consultants were not external entities, but were sourced internally, and this was in compliance with international practice.

She then spoke about the Department of Agriculture. The internal audit assignments in the first and second quarters of 2017/2018 included the Fruitlook Project, where the consulting assignment was to identify areas that needed improvement. There was also a consulting assignment for Further Education and Training and Higher Education and Training. The findings in terms of Quality Assessment Management indicated that the system could be improved by adding self- and subject- evaluation, with the implementation date of 31 March 2018.

Another assignment was the implementation of the Western Cape Government’s Corporate Governance of Information Technology Policy and Charter (WCGCGITPC). Areas for improvement were indicated, and agreed actions had been identified and were already in the process of implementation. This had been a transversal audit.

The Audit Committee monitored the agreed actions. The Department’s internal control unit reported on the implementation status at every Audit Committee meeting. Risks influencing the Department included water shortages, destruction of crops by fire, floods resulting from heavy rainfall, as well as discrepancies between the Department and AGSA in the interpretation of payment transfers. The Audit Committee was still awaiting the AG’s report.

Ms Beerwinkel sought clarity on the status of Fruitlook Project. Why were consultants needed to identify areas for improvement if Fruitlook was working perfectly, as was commonly reported?

Ms Gunter said she would respond to Ms Beerwinkel’s question later in the presentation.

The internal audit assignments for the Department of Economic Development and Tourism were also discussed. These included the following;

• Demand Management Audit (Assurance Assignment). Recommendations regarding the terms of reference for the Committee would enhance the process and would be implemented;
• Department of Public Service and Administration (DPSA) directive (regulatory audit). Internal audit had to report compliance on an annual basis. The legal validation of the report would be performed by Professional Financial Solutions (PFS);
• Though 100% implementation was not realised, 95% implementation was laudable;
• Implementation of the Western Cape Government’s Corporate Governance of Information Technology Policy and Charter (WCGCGITPC). Areas for improvement were indicated and agreed actions had been identified and were already in the process of implementation.

This was a transversal audit. The implementation of recommendations was closely monitored. Detailed explanations were required and new implementation dates were set in cases where 100% implementation had not been realised. Risks that influenced and may influence the Department included the unsustainable use of natural resources, fire and destruction of bio-diversity resources, and a difference in interpretation of payment transfers and goods and services.

The Chairperson asked if the outcome and transfers in terms of good and services were the same throughout the various departments.

Ms Gunter said that payment transfers were put in place to facilitate easy transfer of money to departments. Any change to the current payment transfer system would impact negatively on the financial outcomes for all the departments, not only in the Western Cape (WC) but throughout the country. However, the National Treasury (NT) could come up with measures to improve how payment transfers were done.

Ms Beerwinkel said that based on the announcement by the President, the Fruitlook Project would foster economic development in the country, contrary to the notion that companies would leave the country. She would maintain her stance on transfer services and payment transfers until documentations were presented that pointed in the other direction.

The Chairperson expressed concern about consequence management. He said appropriate planning would ensure that objectives were achieved and those that exhibited laxity in planning should be held accountable.

Ms Gunter confirmed to that concerns about consequence management would be addressed and people would be held accountable for any lapses.

The Chairperson maintained that consequence management must be in place to make people responsible for their decisions. He also spoke about the Expanded Public Works Programme (EPWP) and the concerns of the AG. The departments must be transparent with contract details, including names and identity document (ID) numbers of contractors, payments and the nature of the contracts.

Ms Gunter said that the AG intended to audit at the municipal level. However, complications sometimes arose if the AG found something different at the municipal level, because the people in charge claimed that they were acting on the figures from the national level.

Ms Beerwinkel suggested that the Audit Committee should monitor what happens at the source, as a lot was hidden at the EPWP. There had to be adequate information about the number of jobs created and the purpose those jobs were meant to serve. Based on her close working relationship at the local level, she asserted that there was huge discrepancy between what went on at the local level as opposed to what was reported. The activities at the local level must be properly monitored and reports made available at the national level.

Ms Gunter said steps would be taken to ensure proper monitoring of activities at the local level. She cautioned, however, that this process must be done carefully in order to avoid duplication of effort.

Ms Beerwinkel said that activities could be duplicated only if efforts were focused on names and numbers. She emphasised that monitoring at the local level should target outcomes in order to ensure proper consequence management.

The Chairperson asked if the provincial risk register was available to the Audit Committee. He also asked if there was an active working relationship between the Audit Committee, the Province and the AG.

Regarding the provincial risk register, Ms Gunter said that there was an Audit Committee Acting Chairperson’s Forum, where relevant plans and risks were discussed. The Forum convened on a quarterly basis.

Audit Committee report on Departments in the Governance and Administration cluster

Ms Merle Kinnes, a member of the Governance and Administration Audit Committee, represented the Acting Chairperson of the Audit Committee in charge of the Governance and Administrative cluster, who was on an official assignment. She spoke about the various emerging and continuing transversal risks facing departments within the Governance and Administrative cluster. She said that the transversal risks cut across the various departments within the Province. Some of the risks included Treasury regulations; asset and property disclosure; pre-determined objectives which needed to be adjusted due to changing requirements; personnel and cash flow management under severe budgetary constraints; the water, business continuity, and marginalised organisational culture; and supply chain management. Additional risks included inadequate financial and information technology (IT) capacities. The identified risks had been included in the Provincial Risk Register.

She discussed the various assignments that had been completed and areas that had been identified for improvement. She commended the compliance of the departments with the relevant requirements in terms of delegation and recommendations. The departments had been obliged to conduct internal audit and ensure that controls were in place for the implementation of action plans. Some of the completed assignments included the formulation of an administrative framework and policy co-ordination among the departments under the Governance and Administrative cluster.

Discussion

The Chairperson commented that the presentation had not referred to any action taken to resolve the identified risks.

Ms Beerwinkel sought clarity on the risks associated with financial and IT resources. She also expressed concern about the challenges encountered with delegation. There should be well-established criteria guiding how delegation of responsibilities was done, which responsibility could be delegated and how delegated responsibilities should be implemented and monitored. What areas of delegation needed improvement? Were people delegating more than necessary? Why did people continue to delegate responsibilities when delegated responsibilities were not always well implemented?

Ms Kinnes said that the Audit Committee met on a quarterly basis to discuss and monitor the action plans. Sometimes, improvements in processes were reported and areas that needed improvement were identified. Measures were in place to ensure that delegation was done appropriately. For the past two years, internal auditors had monitored adherence to relevant requirements on an annual basis. The Audit Committee ensured that the internal auditor had the required capacity to enforce compliance with requirements, so delegation of responsibilities was a compliance-driven process. Departments also had a framework for the delegation of responsibilities, and it had been in use for many years now. There was a delegation register, which showed the details of delegated responsibilities. There was also decision register that allowed the person handling delegated responsibilities to record the decision taken.

The Acting Chairperson expressed further concern about the challenges encountered with delegated responsibilities. Were delegated responsibilities not managed well because of administrative challenges or did people act outside of the scope of delegated responsibilities?

Ms Kinnes said that the Audit Committee had not received any complaints about administration or the scope of delegated responsibilities. The Audit Committee monitored compliance on a quarterly basis and ensured the implementation of action plans.

In response to Ms Beerwinkel’s question on risks associated with financial and IT capacities, she said that a number of factors, including limitations attributable to the equitable share allocation, impacted adversely on the purchase of equipment, as well as goods and services.

Ms Kinnes suggested that certain questions were better answered by the departments within the Province, as they had full knowledge of the processes taken in the implementation of action plans. The Audit Committee monitored compliance with action plans only on a quarterly basis.

The Chairperson maintained that it was important for the Committee ask relevant questions from the Audit Committee before engaging with the departments.

Ms Beerwinkel insisted that the Audit Committee should update the Committeee on a quarterly basis. The report of the Audit Committee would give the necessary information that the Committee would deploy when engaging the departments.

Audit Committee Report on Department of Treasury

Ms Kinnes spoke about the completed consultation assignments in the Provincial Treasury Department. There were areas identified for improvement, especially the Provincial Risk Register. The Department was left with a tool to monitor compliance with the requirements of delegated responsibilities. This ensured that people were held accountable for their decisions and actions. There was also the Financial Compliance Act, which was the internal control process that was used to monitor financial statements in the municipalities, and which also facilitated improvement in governance. Steps had been taken to co-ordinate activities between entities, especially in terms of compiling the terms of arrangements.

There had also been a consulting engagement that investigated the workability of the internal control process. Questionnaires had been compiled, and areas that needed improved had been identified. Financial accounting was another assignment that had been completed. This dealt with the financial statement of the Western Cape. There had been adherence to requirements, and the implementation of national action plans had been commendable. The internal audit monitored implementation of action plans on a quarterly basis. Some of the risks confronting the Provincial Treasury included the lack of adequate funding, inadequate security measures for personal information, lack of financial and resource capacity and a lack of integration between internal and external systems.

Discussion

Ms Beerwinkel expressed concern about the disparity between reported outcomes and the actual achievements at the local levels. She lamented the lack of co-ordination between different government entities in the Province. This was evident in the outcomes of activities in the Province. Sometimes an entity appeared to work hard to achieve desired outcomes, while another entity lagged behind in its duties. This problem may persist into the future if not properly addressed.

She said that municipalities sometimes complained about the lack of support in the implementation of action plans. She also pointed to the inadequacy in the organograms of departments in the Province. Implementation of action plans may be adversely affected if organograms were not structured well. She enquired about those who were responsible for identifying areas for improvement. Risks could be prevented or mitigated if action plans were based on a solid background.

The Chairperson urged the Audit Committee and relevant entities to ensure that security measures were in place to protect personal information. He suggested that continuity, especially in top management, was important as instability often led to the inadequate implementation of action plans.

Ms Kinnes said that the Audit Committee often made recommendations on areas that needed improvement. The Department ensured that control measures were in place to ensure adequate implementation of action plans before the time of audit. The Audit Committee then checked if the controls were working effectively. There was synergy between the Audit Committee and the various departments. Measures were in place to ensure continuity, especially in top management and the Audit Committee made recommendations if the need arose. Measures were also being put in place to ensure the protection of personal information. The legal services would continue to ensure that personal information was protected.

Audit Committee Report on Department of Transport and Public Works

Ms Gunter presented on behalf of Mr Francois Bernard, Acting Chairperson of the Audit Committee for the Department of Transport and Public Works, who was on an official assignment.

She said the internal audit assignments completed during the first and second quarters included the delegation framework in terms of the DPSA directive on public and management delegations, as well as the status of compliance. Areas for improvements had been identified and addressed. The Government Motor Transport Fleet Services had been another completed assignment, and areas for improvements had been identified and addressed. An assignment on transfer payments had been concluded and no areas for improvement were recommended. Finally, there had been implementation of the WCG Corporate Governance of Information Technology Policy and Charter. Areas for improvement had been identified and addressed. The agreed action plans had been monitored for implementation by the Audit Committee. The Department’s Internal Control Unit reported on the implementation status at every Audit Committee meeting.

Emerging risks included differences in interpretation between the AG and the departments, non-compliance with national instruction notes and Treasury regulations, dependence on other departments, entities and municipalities in reporting the outcomes of EPWP programmes, which could have a negative impact on the audit report. The risks were discussed at every Audit Committee meeting, and the Department had made significant progress in mitigating the risks.

Audit Committee Report on Department of Education

Mr Nick Buick, Audit Committee Acting Chairperson, Department of Education, briefed the Committee on the emerging and transversal risks, and internal audit assignments completed in the first and second quarters of 2017/2018 financial year.

According to the AG’s report for 2016/2017, emerging risks in terms of financial reporting were the following:

• Componentisation of assets in the asset register;
• The Treasury regulations were currently under revision, which may introduce a number of new requirements once effective;
• Disclosure of inventory in notes to the annual financial statements.

Emerging risks discovered in the Departmental Risk Register included business continuity and IT risks. These risks would be unpacked with the respective programmes and risk managers. Action plans would be developed to mitigate the risks. On-going transversal risks that affected the Department included the water risk and budgetary constraints. Schools faced water shortages and the Department of Education consumed a significant proportion of the budget.

The Audit Committee monitored the risk register as well as the status of the relevant action plans on a quarterly basis. Specific attention had been paid by the Audit Committee to the readiness of the Department to manage water shortages that may arise as a result of the drought.

The internal audits completed in the first and second quarters of 2017/2018 financial year included a directive on Public Administration and Management delegations, quality of marking, district financial monitoring, as well as continuity planning. The action plans had been agreed by management. Internal Audit would follow up on the implementation of action plans when the due dates expire, and would report back to the Audit Committee in the quarterly progress report. The Audit Committee continued to raise its concern with management regarding the lack of timely implementation of action plans in response to the internal control findings raised by the assurance providers. The Audit Committee continued to monitor the implementation rate on a quarterly basis.

Discussion

Ms M Maseko (ANC) asked if there was a will on the part of Management to implement the action plans.

Mr Buick assured the Committee that there was optimism on the part of the management to implement action plans. However, the implementation of action plans sometimes suffered setbacks due to various reasons, including inadequate ICT capacity, or a lack of internal control measures. There was need for monitoring action plans at an internal level. He recommended that the Department handle its duties appropriately before going to audit meetings.

Ms Beerwinkel sought clarity on what was meant by financial monitoring and evaluation. Why was there a huge disparity among schools in terms of what they were able to do? She also sought clarity on the standardisation of schools. The transport system and lack of diversification were risks that may persist into the future if not managed properly. Many students dropped out of school because they were not academically inclined -- were there plans to diversify learning in schools?

On the standardisation of schools, Mr Buick said that different schools had different resources. However, they were all expected to meet certain requirements. Therefore, responses to problems differ from school to school. The challenges with transport and diversification formed part of the strategic risks. The Audit Committee was engaging the Department to provide a solution to these risks at the operational level.

The Chairperson commented that budgetary constraints could have adverse effects on learners, given the fact that the number of students increased significantly from time to time due to the influx of students into the Province.

 

Mr Buick agreed that the migration of students into the Province constituted a risk, especially in terms of budgetary allocation. Measures were in place to manage this challenge. The Audit Committee met on a quarterly basis to monitor the implementation of the action plans.

Committee matters

The Committee adopted the minutes of the meeting held on 11 April 2018.

The Chairperson told the Committee that the Chairperson of SCOPA, Mr Godi (APC), had told him that the meeting previously scheduled for 2 May had been postponed to 9 May. The briefings by the Departments of Community Safety and Health take place on 9 and 16 May respectively.

The meeting was adjourned.