Share this article


​​Departmental Structure
The department has two key directorates: audit services and risk services

Audit Services
Audit services has four business units:

  • Special audit
  • Process audit services
  • Information system audit services
  • Forensic audit services
  • Special audit and process audit services
  • Special and process audit services offers expertise in risk assurance and performance management services to the City and its stakeholders.

It provides a professional, independent, objective assurance and consulting service that will assist management in identifying risks by examining, evaluating and reporting on the control environment, control activities and governance processes which might hinder them in achieving business objectives.

As an internal audit function it will ensure that adequate internal control systems are implemented within the organisation. Through its interventions it will establish a culture of responsibility and accountability for critical risks occurring throughout the organisation.

Information system audit services
As information technology (IT) is recognised as a fundamental tool to improve an organisation's operations and service delivery while reducing cost, streamlining processes and increasing efficiency, there is an increasing emphasis on the role of information systems audit within organisations.

Organisations are faced with having to make appropriate decisions to justify investments in IT assets, outsourcing decisions, use of consultants, migration to expensive architectures, information security concerns and so on.

IT internal audit performs both IT process and technology audits to ensure that the key controls satisfy management objectives.

Information systems audits have evolved from the audit of basic computer processes and technology to a much wider role that includes IT governance.

Forensic audit services
Forensic audit services are recognised both nationally and internationally as an important business unit within organisations to complement the broader criminal justice systems.

Within the City, forensic audit services form part of the internal audit services team, performing an assurance function, specifically focusing on promoting integrity standards and investigating incidents of fraud and corruption within the city.
Forensic audit services render professional forensic audit services to the city, its stakeholders and other clients to minimise fraud-related risks that hinder service delivery.

The audit procedure
  • Approach to an audit/risk assessment:
  • Identify and understand business objectives/risks
  • Establish areas of audit focus
  • Validate overall risk assessment with business unit
  • Assess alignment of objectives and risks
  • Align risk assessment and management prerogatives
  • Provide summary of risk assessment and plan for audit coverage
  • Reporting process to client/audit committee
  • Opening meeting with client at the commencement of audit to explain objectives and processes followed
  • Discussions of findings with client and obtaining their comments
  • Presentation of draft and final reports to clients
  • Compiling of risk 1 (high risk) findings on audit committee slides for presentation to committee
  • Attendance at the committee meetings to present findings​​