Appendix 15

Specimen internal
Overall rating and summary of findings Overview
Satisfactory The vast majority
Represents an assessment of a control environment of internal audits
that is satisfactory and supports meeting carried out during

audit report
management’s objectives. the period received
a ‘pass’ grade and
there were no ‘high
Adequate with opportunity for further development –
Medium priority for management to address Represents an priority’ observations.
However, there were
assessment of an adequate control environment that broadly
a small number of
supports management’s objectives but has further opportunities
‘medium priority’
for development. and ‘low priority’
observations which
are discussed in
more detail below.
Unsatisfactory – High priority for management to Overall, the control
address environment is in
A high number of control deficiencies or business issues where good order and
the potential financial, operational or reputation risk exposure to management are
XYZ is significant and management should address these issues working to resolve
immediately. the issues identified
during the audits.

Performance improvement opportunities (‘PIOs’) High Priority

Observations
Status High Medium Low Total No high priority
Priority Priority Priority observations were
noted.
New PIOs 0

Accepted PIOs 0

Governance, Code & Ethics Finance

& Commercial
Procurement
People Quality
Information Systems

0 5 10 15 20 25 30

Pass Low Priority Medium Priority High Priority

Overview
A summary of the control environment and process improvement opportunities identified
as part of this internal audit is provided below:
Area Compliance/Good Practice Process improvement/ efficiency
opportunity

Governance,
Conduct and
Ethics

Finance and
Commercial

Etc.

Detailed findings
This section summarises in the form of performance improvement observations (PIOs) the
issues arising from this review that we believe require action. PIOs are rated using the
scale in the legend below:

Priority rating for performance improvement observations raised

HIGH: Issues referring to
important matters that are
fundamental to XYZ’s system of
internal control. We believe that
the matters observed might cause a
business objective not to be met or
leave a risk unmitigated and need
to be addressed as
a matter of urgency.
MEDIUM: Issues referring mainly LOW: Issues arising that
to matters that have an important would, if corrected,
effect on XYZ’s controls, but do improve XYZ’s internal
not require immediate action. A control in general,
business but are not vital to the
objective may still be met in full or in overall system of
part or a risk adequately mitigated, internal control.
but the weakness represents a
significant deficiency in the system.
No Priority Issue Risk Performance Management Responsibility/
Improvement Response Date
Observation

Governance, Conduct and Ethics

1 LOW

Finance and Commercial

2 HIGH

MEDIUM

Etc.

3
Appendix: Scope of work and audit approach

Objective Issues/controls being reviewed Internal audit approach