ASSURANCE Policy
Record ref: DOC18/17802
Local Land Services Assurance Framework
NUMBER 18/17802 VERSION 1
APPROVED BY Local Land Services Board APPROVAL DATE 14/12/2017
ISSUED BY Strategy, Performance and Governance EFFECTIVE DATE 14/12/2017
Policy Statement
The Local Land Services Board is committed to delivering a strong oversight function across the agency by adopting the “Three Line of Assurance Framework” (the Framework) as the method in which oversight of assurance activities is undertaken.
The framework establishes processes, authorities, accountabilities and relationships for LLS to manage an efficient and effective risk and control framework at statewide and local region level.
The objective of this Framework is to deliver a cohesive, coordinated approach to assurance oversight that effectively utilises risk and control resources, identify and manage significant risks and have a clear concise communication mechanism between the various stakeholder groups on their role and how they participate and contribute to the bigger picture.
Scope
This policy applies to all activities undertaken by employees of the NSW Local Land Services (LLS) including the LLS Chair, State Operations and LLS local boards:
I. Central Tablelands II. Central West
III. Greater Sydney IV. Hunter V. Murray VI. North Coast VII. North West VIII. Northern Tablelands IX. Riverina X. South East XI. Western
This policy also applies to any contracted staff and companies involved in providing assurance services to LLS.
Definitions
Employee Any person working in the Local Land Services NSW as permanent or contracted staff
Agency Agency refers to the NSW Local Land Service (LLS)
Local Land Services Assurance Framework�
Procedures
SPG Strategy, Performance and Governance Unit ARGC Audit, Risk and Governance Committee Internal Audit function Means either an ‘in-house’ internal audit service delivery model, ‘co-
sourced’ or an ‘out-sourced’ internal audit service delivery model. The service delivery model selected will provide assurance, independent from operational management, risk management, control and governance processes.
Charter Is a formal document that defines purpose, authority and responsibility; In this instance the Internal Audit Charter
Chief Audit Executive / Manager Governance and Assurance (CAE)
Refers to the head of the audit function (International Standards for the Professional Practice of Internal Auditing (IIA)).
Core Principles of the Assurance Framework
The assurance framework is based on the principles of public sector governance1 including:
• Accountability for decisions and having meaningful mechanisms in place to ensure the agency adheres to all applicable standards
• Transparency with defined roles and responsibilities and clear procedures for making decisions and exercising power
• Integrity by acting objectively, ethically and in the interests of the agency, and not misusing information acquired through a position of trust
• Stewardship by using every opportunity to enhance the value of the public assets and institutions that have been entrusted to care
• Efficiency ensuring the best use of resources to further the aims of the organisation, with a commitment to evidence-based strategies for improvement
• Leadership achieve an agency-wide commitment to good governance through leadership from the top
The assurance framework
The LLS Assurance Framework has three core components, as illustrated in the diagram overleaf:
1 Adapted from “Building Better Governance – Australian Public Service Commission 2007”
POLICY 2
Procedures
This framework provides a structure for the delivery of efficient oversight over operations and risks across the Agency, providing a State Wide Approach that can be applied and viewed at both Local Board and State Level.
The LLS Board Audit, Risk & Governance Committee are responsible for the oversight of the delivery of the assurance functions across LLS. External audit provides further independence and objective assurance services (which is a 3rd line assurance function).
Both State wide Framework owners and Local Board auditing of frameworks and processes within each Region is deemed a 2nd Line Management Assurance Function (regardless of whether an internal LLS staff member or external firm undertake the review or audit). Line Management are responsible for the implementation of governance, risk and control frameworks approved by the Board and Senior management together with managing risks at an operational level, as illustrated in the below accountabilities diagram:
3 POLICY
Procedures
3rd line of�Assurance:�
External Auditing bodies
1st line of
Assurance:
Line Management
Have primary responsibility to
implement governance, risk and control frameworks
approved by the Board and senior
management
Manage risk (within agreed risk appetite)
Measure and manage project and operational
performance
2nd line of
Assurance:
Framework owners
(at State and Local Level)/
Regional Boards
Design governance, risk and control
frameworks
Monitor adherence to framework
Provide timely, balanced information
Review framework application objectively
Offer independent oversight of 1st and
2nd lines
Framework Stewardship
The SPG Unit are the stewards of the Framework on behalf of the Board Audit Risk & Governance Committee and will provide state wide oversight to all three lines of assurance providing transparency to the Committee on the effectiveness of each line being executed in accordance with the requirements set out in this Policy.
Roles and responsibilities
LLS Board
1. LLS Board has the responsibility to assess the adequacy and suitability of the framework and provide final approval
2. LLS Board is responsible for delivering the framework by providing support and resources to the SPG Unit for implementation of the framework
3. LLS Board will also provide feedback and guidance where necessary in the process to support the implementation of the framework to the Board Audit, Risk & Governance Committee
Local Board (Chair/Members), General Managers, Supervisors and Officers
1. Local Boards will oversight the application of the framework at a regional level
2. General Managers will perform risk assessment on a regular basis and maintain risk registers regionally for all activities
POLICY 4
Procedures
3. General Managers of each business function will maintain effective internal controls and execute risk and control procedures on a day-to-day basis by delegating responsibilities to local managers
4. General Managers and local staff will actively seek to identify known and emerging risks/issues and reassess the existing control framework to address the risk
5. The SPG Unit, together with General Managers will create a mechanism to provide guidance and training on risk management processes to local staff and identify further training needs
6. Local Boards will oversight assurance activities to the operational units as 2nd line of Assurance
Strategy, Performance and Governance Unit (SPG) 1. Produce and maintain (with the assistance from each Regional GM) a state-wide register of all the
assurance functions across LLS (for access by all members of the SET and local Regional Boards) 2. Provide this register to the Board Audit, Risk & Governance Committee for oversighting and
ascertaining the adequacy of the level of coverage of activities across all 3 lines of assurance 3. Produce a draft holistic assurance program, acknowledging current activities across LLS, for
endorsement by the Audit, Risk & Governance Committee 4. Collate, utilising Regional GM input, a report on the status of all 2nd and 3rd line assurance
recommendations from all reports to the Board Audit, Risk & Governance Committee 5. Provide (with the assistance from the Regional GM) Region based reports to each Local Regional
Board for oversight 6. Identify and recommend to the Audit, Risk and Governance Committee and Regional Boards,
efficiency opportunities to deliver 2nd and 3rd line assurance functions across the State
Audit, Risk and Governance Committee (ARGC) 1. In accordance with the LLS Audit Committee Charter, the Audit, Risk and Governance
Committee shall oversee, in consultation with management (local and state-wide) and the internal auditors, the objectivity, adequacy and effectiveness of the accounting, financial and internal controls, including the LLS policies and procedures to assess, monitor and manage business risk, governance issues, and ethical and legal compliance programs and report to the Board
2. The Committee shall provide consultation to the management that controls are in place for unusual types of transactions and/or any potential transactions that may carry more than an acceptable degree of risk in accordance with this framework
3. The Committee shall review the overall effectiveness of new framework and provide feedback to the SPG Unit to improve the framework.
Procedures
Delegations
None
Legislation
None
Related policies
None
POLICY 5
Procedures
Other related documents
None.
Superseded documents
This policy replaces: None
Revision history
Version Date issued Notes By
1 14/02/2018 New policy Director Strategy Performance and Governance
Review date
14/12/2020, unless an earlier need is identified.
Contact
Contact the Strategy, Performance & Governance Unit in State Operations.
POLICY 6