View Document

Financial Code of Conduct - Victoria University's Internal Audit Service Provider Potentially Undertaking Non-audit Work Procedure

This is not a current document. It has been repealed and is no longer in force.

Section 1 - Summary

(1) This Procedure outlines the requirements of the external internal audit service provider to identify and disclose any planned or current work at VU that may result in a conflict or perceived conflict of interest.

Top of Page

Section 2 - HESF/ASQA/ESOS Alignment

(2) HESF Standard: 6.2 Corporate Monitoring and Accountability

Top of Page

Section 3 - Scope

(3) VU currently engages an external service provider to perform its internal audit function. This Procedure applies to VU’s internal audit service provider.

Top of Page

Section 4 - Definitions

(4) Nil.

Top of Page

Section 5 - Policy/Regulation

(5) Financial Code of Conduct Policy

Top of Page

Section 6 - Procedures

Part A - Summary of Roles and Responsibilities

Roles Responsibilities
Internal Audit Service Provider Notify intention to respond to a quotation/tender issued by VU for other services outside the internal audit function.
Report all awarded contracts to the Vice President Planning and Registrar and Compliance Audit and Risk Committee (or equivalent).
Investigate and assess whether an actual or perceived COI may exist prior to finalisation of an audit scope.
Vice-President, Planning and Registrar To notify the Chair of the Compliance Audit and Risk Committee (or equivalent) if there appears to be a conflict of interest or it appears the non audit work will exceed the annual internal audit service costs and provide advice and feedback to service provider and relevant portfolio seeking quotation/tender (procurement lead).
Compliance Audit and Risk Committee Chair (or equivalent) Receive reports identifying potential or actual conflict of interest by service provider or where the non audit work will exceed the internal audit annual services costs and provide advice and feedback.

Part B - Guidelines

(6) VU has a duty to effectively manage actual or perceived conflicts of interests (COI) in line with current policies and legislative requirements. To fulfil this responsibility, VU requires its external service provider of internal audit services to consider and make an assessment of the likelihood that a conflict of interest may occur as a result of other services performed in or on behalf of VU.

Request for Quotations/Tender

(7) If the service provider intends to respond to a request for quotation/tender issued by VU they will notify the Vice-President, Planning and Registrar (or equivalent) in writing of their intention to respond.

(8) The Vice-President, Planning and Registrar (or equivalent) will, within two university business days of receiving the notification from the internal audit service provider, advise the internal audit service provider and the procurement lead of any COI issues identified and the recommended treatments. Where there appears to be a conflict or the non audit costs will exceed the annual internal audit service costs the Vice-President, Planning and Registrar (or equivalent) will notify the Chair of Compliance Audit and Risk Committee (or equivalent) and seek their advice and feedback. Recommended treatments that require the internal audit service provider’s exclusion from the tender process must be endorsed by the Chief Operating Officer (or equivalent).

(9) Assuming prompt notification by the internal audit service provider, the above process may be expedited as required in order for the internal audit service provider to meet quotation/tender deadlines.

(10) The internal audit service provider must report all awarded contracts to the Vice-President, Planning and Registrar in writing.

(11) The service provider will notify the Compliance Audit and Risk Committee or equivalent, at its next scheduled meeting, via its internal audit status report, of all intentions to respond to a requests for quotation/tender and the awarding of contracts. 

(12) For each audit activity undertaken, the service provider must investigate and assess whether an actual or perceived COI may exist prior to finalisation of the audit scope. The result of this process must be documented in the audit scope document.

(13) If a conflict of interest is identified at any stage:

  1. The internal audit service provider must immediately notify the Vice-President, Planning and Registrar (or equivalent), detailing the nature and extent of the conflict.
  2. The internal audit service provider must submit a plan with proposed actions to manage the conflict.
  3. The Vice-President, Planning and Registrar will review the plan to determine whether it is sufficient to manage the conflict and advise on a suitable course of action: to approve the plan if satisfactory, or reassign the audit to another provider if unsatisfactory.
  4. The Vice-President, Planning and Registrar(or equivalent) must report any identified COI to Compliance Audit and Risk Committee at the next schedule meeting.