Working the Greener Way - online!
Working the Greener Way - online!
Local Councils, Internal Drainage Boards and other Smaller Authorities in England and Wales all need to properly prepare for their interim (where applicable) and year end audit. Audits can be very stressful, and critical to decreasing the stress of the audit is preparation. Preparation and planning are key to helping you achieve a smooth and successful audit.
Audits are a process where an organisations financial and governance records are examined and verified to ensure accuracy and fair representation. The audit is the keystone which satisfies statutory regulations and maintains the public trust for government funded organisations. Without auditing, government funded organisations could inadvertently misstate their financial records, fail to comply with their lawful authority and misrepresent their operational efficacy, making themselves appear more performant than they actually are.
Two different audits are performed for government funded organisations and charities:
Preparing for an audit is crucial in ensuring that the government funded organisation receives an unqualified or clean opinion. The opinions essentially mean that the auditor stamps its approval that the financial and governance records are not materially misstated and that other statutory requirements have been met.
How we can assist you
Our Audit & Internal Controls Advisory team is able to assist you with the following:
Our approach is aimed at developing a detailed audit preparation process for your organisation, which can be conducted on a one off or an annual basis, that ensures that our advice is of lasting value to you.
The Data Protection Impact Assessment (DPIA) is an instrument which is used to identify the privacy risks associated with data processing prior to the event, and then develop comprehensive and quantifiably defined measures to reduce these risks. A DPIA is mandatory under certain conditions. All organisations in the UK that process personal data must comply with these two data privacy laws or risk fines of up to £17.5 million or 4% of annual global turnover – whichever is greater.
In the UK, data protection is governed by the UK GDPR (General Data Protection Regulation) and the DPA (Data Protection Act) 2018, which should be read together. Organisations may be required to carry out a Data Protection Impact Assessment.
A DPIA is required when a data processing operation is likely to pose a high privacy risk to the people whose data the organisation is processing or when an organisation falls into one of the following categories:
In addition, the Data Protection Authority has drawn up a list of types of processing for which the performance of a DPIA is mandatory before a processing operation starts. For all variants, it is your own responsibility to determine whether a DPIA is necessary.
How we can assist you?
Our Audit & Internal Controls Advisory team is able to assist you with the following:
Our approach is aimed at developing a detailed and proportionate DPIA for your organisation, which ensures that our advice is of lasting value to you.
A General Data Protection Regulation (GDPR) compliance audit is an independent audit of an organisation’s compliance with the GDPR legislation which may be amended from time to time.
The purpose of a GDPR compliance audit is to assist organisations to ensure that they meet all their obligations under the GDPR and to make recommendations for improvement where areas of weakness or non-compliance are identified. We recommended that all organisations conduct a GDPR audit at least once a year during the first three years, and then at a time interval indicated by the size, complexity and risk factor.
Under the Regulation, personal data must be processed according to six principles:
These are underpinned by the principle of accountability: Data controllers must keep certain records to demonstrate organisational compliance.
The GDPR compliance audit considers the extent to which data protection policies and procedures, internal controls, reporting mechanisms are implemented and operating throughout your organisation and how responsibility and accountability is understood.
How can we assist you?
We audit the following:
Our General Data Protection Regulation (GDPR) compliance audit confirms the extent to which your organisation meets its requirements under the GDPR, assessing your data privacy and information security practices against regulatory requirements, Information Commissioner’s Office (ICO) guidance and IT Governance best practice, making recommendations for improvement where appropriate.
Our approach is aimed at developing a detailed and proportionate GDPR and Data Protection infrastructure for your organisation, which ensures that our advice is of lasting value to you.
Internal control is a process, effected by an organisations Members, Proper Officers and management, which is designed to provide reasonable assurance that:
Internal controls are a mechanism by which problems and irregularities are identified, corrective action taken to correct and prevent errors. In the majority of cases, process owners within your organisation will perform controls, and interact with the control structure on a daily basis, sometimes without even realising it, as the controls are built into operational procedures.
How can we assist you?
Working the Greener Way – online, provides end-to-end internal control mapping, analysis, transformation, and implementation based on these fundamental concepts:
Internal controls are designed and implemented to further strengthen:
Our approach is aimed at developing a detailed and proportionate system of Internal Controls for your organisation, which ensure that our advice is of lasting value to you.