The Internal Audit and Risk Management Policy for the NSW Public Sector was issued in 2009 to strengthen internal audit, risk management and governance processes across the NSW public sector and promote the integrity of, and accountability for, the allocation and management of the State’s resources. The Policy has since been reviewed and an updated Policy was released in 2015. A copy of the updated Policy is available at this link.
The Policy implemented key recommendations of the Department of Premier and Cabinet’s (DPC) Performance Review of the Internal Audit Capacity in the NSW Public Sector. The Review’s key recommendation was to strengthen the “whole of government” policy and regulatory arrangements for the governance of internal audit and risk management.
The Internal Audit and Risk Management Policy requires agencies to comply with the Core Requirements of the Policy, and to provide an attestation to this effect to Treasury on an annual basis. That attestation is also published in the agency’s annual report.
Where a shared arrangement has been approved by NSW Treasury, agencies must submit individual annual attestations and publish these attestations in their annual reports accordingly. For agencies that have entered into a shared arrangement, the relevant templates must be used from Guidance on Shared Arrangements and Subcommittees for Audit and Risk Committees (TPP16-02).
Frequently Asked Questions
To assist and guide NSW public sector departments and agencies, below are responses to some of the frequently asked questions relating to the Internal Audit and Risk Management Policy for the NSW Public Sector (TPP 15-03) and the Guidance on Shared Arrangements and Subcommittees for Audit and Risk Committees (TPP 16-02):