Internal Audit


Arun District Council has a professional, independent and objective internal audit service. This represents a key element in the Council’s ability to meet the requirement of the Accounts and Audit Regulations 2015 that the Council delivers good governance and reviews the effectiveness of the arrangements in place. The definition of internal auditing, adopted by both the Chartered Institute of Internal Auditors UK (IIA) and the Chartered Institute of Public Finance & Accountancy (CIPFA) is:

“Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations.  It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.”

The Council’s Internal Audit section is required to operate in compliance with CIPFA’s Public Sector Internal Audit Standards (PSIAS), which encompass the mandatory elements of the IIA’s International Professional Practices Framework (IPPF).

Internal Audit reports to both Council senior management and to Members, via the Audit and Governance Committee (A&GC). The Committee approves the section’s Audit Plans and receives update reports at its quarterly meetings.

2021/2022 -  Internal Audit Plan 21_22.pdf [pdf] 265KB
2020/2021 -  Internal Audit Plan 20_21.pdf [pdf] 266KB
2019/2020 -  Internal Audit Plan 19_20.pdf [pdf] 492KB

In accordance with the standards, Internal Audit

You can contact Internal Audit by telephoning 01903 737561 or 01903 737559, or emailing 


Associated information

The following are linked to the work of Internal Audit (click to skip to appropriate section):

Corporate Governance
External Audit
General Data Protection Regulation – ‘Lawful Basis’
Money Laundering
Risk Management



The Council's published Constitution includes:

  • Terms of Reference for the Audit and Governance Committee (p74)
  • Financial Procedure Rules (p172)
  • Standing Orders For Purchasing, Procurement, Contracts & Disposals (p184)


Corporate governance

This is defined by CIPFA/SOLACE as:

“How the local government bodies ensue that they are doing the right things, in the right way, for the right people, in a timely, inclusive, open, honest and accountable manner. It comprises the systems and processes, and cultures and values, by which local government bodies are directed and controlled and through which they account to, engage with and, where appropriate, lead their communities.”

The Council has a Local Code of Corporate Governance 2020.pdf [pdf] 443KB  which is updated annually. The Council is also required to prepare an Annual Governance Statement to support its published accounts. 


External audit

The Council is subject to annual review by its appointed external auditors. This review will primarily focus on the Councils annual Statement of Accounts, but will also consider key controls in financial systems and the work undertaken by Internal Audit. The Council's current external auditors are Ernst & Young LLP



The following Council documents are related to fraud:

Further information can be found on our Fraud page. 


General Data Protection Regulation – ‘Lawful Basis’

The ‘lawful basis’ for the use of personal data by external audit (currently Ernst & Young LLP) and internal audit (currently a Council-employed on-site team) is contained in the following:-

  • Local Audit & Accountability Act 2014  (LAAA)
  • Accounts & Audit Regulations 2015  (Regulations)

Further information is contained in:  Lawful Basis.pdf [pdf] 66KB


Money laundering

The Council has a published Money Laundering Policy.pdf [pdf] 43K which is available to all staff. 


Risk management

This may defined as:

"The management of integrated or holistic business risk in a manner consistent with the virtues of economy, efficiency and effectiveness.  In essence, it is about making the most of opportunities (making the right decisions) and about achieving objectives once those decisions are made.  The latter is achieved through controlling, transferring and living with risks."

The following key documents have been approved by the Council's senior management and Audit & Governance Committee.



The Council has a published whistleblowing policy 2019.pdf [pdf] 337KB .  The policy is primarily aimed at staff, however, members of the public and contractors etc. may also wish to raise concerns using the contact information provided.