Originally posted on 17 Dec 2013
More than a third of public sector organisations fear they do not have effective mechanisms in place to manage risk, which could leave them vulnerable to major financial and operational failures, research has revealed in an article in Public Finance on 16 December, here.
A poll of 93 heads of internal audit in both Whitehall and local government found that 42% in central government and 37% in councils rated their organisation’s awareness of risk as ‘in the early stages’, ‘in development’ or even ‘non-existent’.
The Chartered Institute of Internal Auditors, which undertook the survey, warned this lack of expertise could lead to service problems in a large proportion of the public sector. The report highlighted that effective internal audit could help tackle poor management, such as occurred at Mid Staffordshire NHS trust, and improve poor governance, which led to the botched West Coast mainline franchise award.
The institute stated it had worked with CIPFA and other internal audit standard setters in the public sector to launch the first internal audit standards to apply across the whole of the public sector earlier this year.
All of this may be small fry compared to the risk from poor cybersecurity measures which I wrote about on 16 December 2013: It’s time for professional firms to step up and tackle “the cybersecurity problem”, view here.