PUBLIC INTERNAL AUDIT CHARTER
SECTIONONE
General Provisions
Aim and scope of the Charter
ARTICLE 1 – The aim of this Charter is to establish the main principles of the internal audit unit Charters to be prepared by the relevant administrations with a view to regulating the principles and procedures concerning operation of internal audit unit and the responsibilities of internal auditors and head of administration regarding internal audit.
Internal audit unit Charters which will be issued based on this Charter shall be read and signed by internal auditor, in the course of taking office, and by head of administration, and shall be kept in internal audit unit.
Legal basis
ARTICLE 2 – This Charter has been prepared as per Article 13 of the By-Law on the Working Principles and Procedures for Internal Auditors.
Definitions
ARTICLE 3 – In this Charter;
a) “Law” refers to Public Financial Management and Financial Control Law No 5018.
b) “By-Law” refers to the By-Law on the Working Principles and Procedures for Internal Auditors.
c) “Charter” refers to this Charter.
ç) “Board” refers to the “Internal Audit Coordination Board,
d) “Head of public administration” refers to, Undersecretary in Ministries, the Minister in the Ministry of National Defence, the highest administrator in all other public administrations, the governor in special provincial administrations, and the mayor in municipalities.
e) “Internal audit” refers to independent, objective assurance and consultancy activity to add value and improve the public administration’s operations aiming to evaluate and guide economic, effective and efficient management of the resources
f) “Internal auditor” refers to the chief executive officer and certified internal auditors at all levels who are responsible for carrying out internal audit activities within the framework of this Charter and the relevant legislation.
g) “Internal audit unit” refers to the organization comprising of the chief executive officer, internal auditors, and other personnel as required.
SECTION TWO
Goal, Scope and Standards of Internal Audit
Goal of Internal Audit
ARTICLE 4 – Internal audit activity aims to ensure that the activities of public administrations are planned and executed in compliance with goals and policies, development plan, programs, strategic plans, performance programs and the legislation; the effective, economic and efficient utilization of the resources; reliability, integrity and timely availability of information.
The Scope of Internal Audit
ARTICLE 5 – All transactions and activities of public administrations are within the scope of internal audit. These audits are carried out with a systematic and disciplined approach by taking the risk level as basis and in compliance with audit standards.
Public internal audit standards and professional code of ethics
ARTICLE 6 – Internal audit activities shall be carried out according to the public internal audit standards and the code of ethics provided by the relevant legislation and the Board, and in case of uncertainty, international audit standards and codes of ethics will be taken into account.
SECTION THREE
The Internal Audit Unit and Internal Auditors
The structure of the internal audit unit
ARTICLE 7 – The internal audit unit, comprising of the chief audit executive, internal auditors and other personnel as required, shall function as a unit directly attached to the head of public administration.
Internal auditor’s independence
ARTICLE 8 – The internal audit function is independent of the daily operations of the administration. Internal auditors carry out their duties with complete independence within the scope of the relevant Law, By-Law and Charter. Internal auditors shall not be assigned any duties other than the internal audit activities set out in the relevant legislation.
The scope of the internal audit and audit implementations can not be intervened and the internal auditors can not be asked to change their opinions. That internal auditors carry out their tasks independently and in an uninfluenced manner is under the responsibility of chief audit executive and head of public administration.
Employees of the administration shall not intervene in the scope of internal audit activities, auditing techniques employed by internal auditors, or even suggest that internal auditors change any decisions they take. It is the responsibility of the chief audit executive and the head of public administration to ensure that internal auditors carry out their duties independently and without being exerted any influence.
The independence of internal audit shall be regularly assessed by the Board for quality assurance and development.
Impartiality of internal auditor
ARTICLE 9 – Internal auditors act on the basis of the principle of impartiality when carrying out their duties. During audit assignments, in order to reach the aims of the audit, internal auditors employ all auditing techniques required, collect all information and the documents needed, evaluate this information and documents so that any impartial auditor with sufficient knowledge and experience would reach the same results, and arrive at an opinion without any concessions from audit quality and without being affected by others’ views and suggestions.
In the event that they encounter a situation which might harm their independence and impartiality during the execution of their activities, internal auditors shall immediately communicate the situation to the chief audit executive in writing.
The chief audit executive shall consider any factors that might negatively influence internal auditors’ impartiality when assigning internal auditors.
For a period of one year, internal auditors assigned for the first time, and those transferred from administrative positions shall not carry out internal auditing activities related to their previous works that they were responsible for. Moreover, no audit can be made related to consulting or other similar activities before one year ends.
Powers of the internal auditor
ARTICLE 10 – The internal auditor has the following powers when fulfilling his/her duties, as set out in Article 16 of the By-Law:
a) Requesting the submission of all kinds of information and documents including electronic documents relating to the subject of audit and that of cash, valuable documents and other assets.
b) Seeking the assistance of the employees of the audited unit as a requirement of the internal audit activities, and requesting information orally and in writing.
c) Benefiting from the tools, equipment and other facilities required by the audit activity.
d) Informing the head of public administration of any attitudes, behaviour or actions preventing the audit.
Duties of internal auditors
ARTICLE 11 – Internal auditors fulfil the following duties which are set out in Article 15 of the By-Law:
a) Evaluating the management and control structures of public administrations on the basis of objective risk analyses.
b) Assessing the effective, economic and efficient use of resources and making relevant suggestions
c) Carrying out ex-post legal compliance audits
d) Auditing and evaluating the compliance of the administration’s expenditures, its decisions and savings relating to financial procedures with the goals and policies, the development plan, programmes, strategic plans, and performance programmes.
e) Performing systems audits on financial management and control processes
f) In line with audit results, making suggestions and following-up
g) Duly notifying the highest official of the relevant administration when a situation is discovered during or as a result of the audit, that requires the commencement of an investigation
h) Auditing the accuracy of the information produced by the public administration
i) Helping identify performance indicators when the head of public administration deems as necessary, and evaluating the practicability of the performance indicators which have been identified.
j) Informing the head of public administration of any findings relating to situations involving crime.
Responsibilities of the internal auditor
ARTICLE 12 – The internal auditor, when fulfilling his/her duties, shall comply with the following conditions as set out in Article 17 of the By-Law:
a) Acting in line with the legislation, the audit standards that have been determined, and the code of ethics.
b) Continuously improving his/her professional expertise and skills.
c) Informing the internal audit unit of any occasions where his/her powers and capacity are inadequate.
d) Informing the internal audit unit of any situations that prevents impartial and independent performance of the assignment
e) Using evidence as basis for audit reports and be impartial in their assessment
f) Protecting the confidentiality of information obtained during audit
SECTION FOUR
Internal Audit Activities
Internal audit strategy
ARTICLE 13 – The Board shall issue the internal audit strategy document every three years, which shall determine the general strategy of internal audit regarding three years period and constitute a basis for the plannings and programmings of internal audit units.
Risk- oriented auditing
ARTICLE 14 – Internal audit shall be carried out within the framework of the risk-oriented internal audit plan and programme prepared on the basis of the risks that the organization is subject to.
In risk evaluation, the principles and procedures determined by the Board shall be respected.
Risks defined by the management are placed under a thorough risk analysis by the internal audit unit. As a result of this analysis, risks shall be listed by determining their rates and significance levels. As a result of this analysis performed by the internal audit unit on risks that may affect the goals, activities and assets of the organization, internal audit plan and implementation programs shall be prepared by starting from highest risk areas and subjects.
New units and activities, restructuring projects, and significant changes in organization structure and human resources shall be the primary components of audit programmes since they may involve high risk.
During the preparation of programmes, issues that the head of public administration deems as priority areas involving risks shall be considered.
ARTICLE 15 – The internal audit plan shall be prepared according to Article 39 of the By-Law.
The internal audit plan shall be prepared for three-year periods, considering the internal audit strategy document prepared by the Board and the suggestions of unit managers, and cover the scope of audits, the areas and subjects to be audited, the work force required and other resources so that the plan can be implemented in an efficient, economic and effective manner. The plan shall be revised and when required, modified annually considering the results of risk evaluation.
ARTICLE 16 – The internal audit programme shall be prepared according to Article 40 of the By-Law.
Through prioritizing most risky areas and topics and taking into account the cost of audit, an internal audit program that is in line with the internal audit plan shall be prepared by meeting with managers and when necessary, with other employees. In the internal audit programs which shall be prepared for one year period, the areas and topics to be audited are set out in a time schedule by indicating the names of internal auditors and audit supervisors. The internal audit programme shall be presented to the positive opinion of the head of public administration.
The regulations of the Board shall be taken as basis when preparing the internal audit plan and programme.
ARTICLE 17 – Assignments made after the internal audit programme is approved by the head of public administration shall be notified to internal auditors considering the timing in the programme.
ARTICLE 18 – The preparatory period of audit units is called the “Preliminary Study”. During a preliminary study, an internal auditor shall analyse and investigate the subject that he/she is assigned to work on and determine the goal and scope of the audit. He/she shall also identify the process, methods, and means to be employed such as meetings, interviews, questionnaires, on-the-spot observations, etc., and determine and evaluate the current risks and controls.
ARTICLE 19 – During the preliminary study, the internal auditor holds an opening meeting to be attended by the manager and the relevant personnel of the unit where the planned internal audit activity will be carried out.
During the opening meeting, the internal auditor shall discuss the following with the manager of the relevant unit and other personnel; the aim and scope of the audit, the methods to be used during the audit, the estimated duration of the audit, staff members who should assist the auditor during the audit, what is expected of the employees, the administration’s expectations of the audit, and how the audit results shall be reported. Moreover, in the event that it is required by the audited unit, the scope of the consultancy activity shall be discussed.
The work plan
ARTICLE 20 – Preliminary work shall be completed upon individual work plan which indicates all audit steps and the methods to be used. The work plan prepared according to the conclusions of the discussions with the manager of the relevant unit and other personnel includes;
a) The goals and objectives of the audit
b) The scope of the audit,
c) The methods to be used during the audit for collecting, analysing and evaluating data
ç) The estimated duration of the audit
After the preparation of the work plan, the audit shall be initiated and carried out in line with the work plan.
ARTICLE 21 – Internal auditors shall carry out the auditing activities by also benefiting from audit manuals. Internal auditors are responsible for collecting, analysing and evaluating adequate and reliable information and documents relating to subjects determined in risk and control evaluations in order to reach the audit aims defined in the annual audit plans and individual audit plans. Tests to be applied during the audit shall be designed in a way to enable evaluations on the sufficiency of internal control practices as well and focus primarily on the most risky areas. All the tests that have been made shall be documented by the “Working papers” where the methods followed, the documents analysed, observations made, meeting held and other steps taken shall be specified.
The closing meeting
ARTICLE 22 – Audit activities and the draft report shall be discussed during a closing meeting with the participation of relevant officials from the unit which has been audited. During this meeting, whether there has been any specific situation left outside the scope of evaluation or not shall be determined and if any, the opposite opinions of the managers of the unit which has been audited shall be included in meeting minutes.
Reporting
ARTICLE 23 – Audit reports shall be prepared within the framework of the principles defined by the Board in a manner that they include goal and scope pertaining to work as well as applicable results, responsibilities and the measures to be taken by the audited entities. Reports shall set out the minimum goal, scope and results of the audit and the auditor’s views. The expressions in the report shall be complete, accurate, clear, understandable, brief and constructive.
Internal auditor submits audit report to the manager of the unit which has been audited to be replied in a specific period. The manager of the unit replies and sends the report to the internal auditor by taking the opinions of the staff and concerned people, if needed.
In the case of a conflict between the internal auditor and the head of the audited unit in terms of the significance and level of the risks involved, the internal auditor shall attach his/her evaluation on this matter to the report.
In the event that the internal auditor and the head of the audited unit are of the same opinion with regard to the significance and the level of the risks, they shall agree on taking the relevant measures within a reasonable period of time.
Internal auditor shall enclose the responses of the administration and the summary to the audit report and submit it to the head of administration. Following the evaluation of the reports by the head of administration, the reports shall be submitted to the units mentioned in the report for due action.
The disagreements between the internal auditor and the administration shall be resolved by the head of administration. In the event that there is a disagreement between the head of administration and the internal auditor, the case shall be evaluated by the Board in order to facilitate the resolution of the disagreement.
Follow-up of audit results
ARTICLE 24 – Recommendations made and corrective procedures suggested by an internal auditor as a result of an internal auditing activity shall be put into practice in the period given in the report. If the recommendation or corrective measure to be taken will take a certain period of time, this shall be stated in the response to the audit report and the relevant unit shall communicate the developments to the internal audit unit in the form of six-months periods at least.
Working papers
ARTICLE 25 – All the activities carried out during an audit such as the preparation made for an audit, risk and control evaluations, tests made, information, evidence and results achieved at the end of such tests, and reporting and monitoring activities shall be documented with working papers.
These working papers shall be used in order to follow up the audit results and for evaluations within the scope of quality assurance and quality development.
Consulting and similar activities
ARTICLE 26 – Consulting and similar activities are services rendered in order to add value to, facilitate, improve and guide administrative activities which involve opinions concerning executive subjects, training, analysis, evaluation, the definition of performance indicators, project assignments, etc., without undertaking any administrative responsibilities.
Consulting activities are carried out as either written or unwritten services including special and urgent cases.
a) Written Consulting Services are activities based on an identified business programme, which involve a formal and written process and result.
b) Unwritten Consulting Services are activities which involve opinions, suggestions, etc. that are communicated orally, and not a written process or result.
Principles for performing consulting and similar activities
ARTICLE 27 – The following issues in relation to the consulting and similar activities to be carried out by internal auditors shall be considered:
a) The scope of the activity shall be based on a clearly defined business programme
b) The activity shall not affect the independence and impartiality of the internal auditor
c) The duration of the activity shall be identified by the chief audit executive and shall not prevent the certificate marking of the internal auditor, or cause interruptions during the current or future auditing assignments.
d) Both the chief audit executive and the internal auditor shall act with due diligence to make sure that the same auditor does not perform an audit of the consulting and other similar activities within one year.
e) The internal auditor shall communicate the results of the activities to the relevant authorities.
Internal auditor shall not have any executive responsibility regarding consulting and similar activities. The responsibility regarding the implementation rests with the management.
SECTION FIVE
Management and Development of Internal Audit Resources
ARTICLE 28 – The chief audit executive is responsible for the management of the resources required for internal audit. The unit manager manages the budget of the internal audit unit and provides all resources including personnel with qualifications needed for audits.
Grading in internal auditing
ARTICLE 29 – Grading in internal auditing shall be made on the basis of the provisions of Article 22 of the By-Law. For grading, the results of the evaluation made within the scope of the quality assurance and development programme shall also be taken into consideration.
The public internal auditor certificate is graded upon the proposal of the internal audit unit and with the approval of the head of public administration, taking into consideration the level of seniority and cadre conditions as well as the internal auditor’s competences, professional knowledge and his/her representative capability. The internal audit unit carries out its evaluations in line with the By-Laws of the Board, on the basis of the activities carried out by internal auditors, their attendance to in-service training events, their achievements and records.
Public internal auditor certificate grades are considered for determining the personal rights of internal auditors and their career planning.
In the event that grading is not made although the seniority level and cadre conditions are defined, the internal auditor concerned and the Board shall be notified of the justification in writing.
Assignment according to the grade of certificate
ARTICLE 30 – The chief audit executive categorizes internal audit activities by their subjects and processes. It is recommended that the audit areas of internal auditors are changed every three years.
Auditors shall be assigned on the basis of their work experience, seniority and internal audit certificate grades.
In the event that there are sufficient number of internal auditors at certificate degree within this framework it is essential that,
An auditor at A-1 certificate level shall be assigned for compliance audits and financial audits,
An auditor at A-2 certificate level shall be assigned for performance audits,
An auditor at A-3 certificate level shall be assigned for systems audits,
An auditor at A-4 certificate level shall be assigned for audit supervision and monitoring activities.
Information technology audits shall be performed in line with the principles defined by the Board. The consulting activity may be performed by auditors at any certificate level according to the scope of consulting.
Provided that the auditing activity to be carried out covers more than one area or the size of the scope of duty requires more than one auditor to work, audits may be performed by a group of auditors with different levels of certificates.
Improvement of professional competence
ARTICLE 31 – Head of public administration and the chief audit executive shall create the appropriate environment to enable internal auditors to improve their professional skills which are stated in Articles 31 and 32.
Therefore, besides assistance to build their knowledge, skills and qualifications set out in the By-Law, internal auditors shall also be provided with all required opportunities to attend all kinds of training programmes, conferences, seminars, etc. relating to internal audit.
Quality Assurance in Internal Audit
ARTICLE 32 – A quality assurance and development programme shall be established in order to ensure that internal audit activities are evaluated with all their aspects, and carried out in line with public internal audit standards and professional code of ethics.
Within the quality assurance and development programme, the following shall be reviewed and evaluated:
a) The compliance of internal auditing activities with the relevant legislation, public internal audit standards and professional code of ethics,
b) The extent to which the internal auditing activities support institutional development and improvement
c) Whether internal auditors benefit from the best internal audit practices or not,
ç) Activities carried out in due diligence and for professional development.
Quality assurance and development activities consist of;
a) The continuous internal evaluations carried out within the scope of internal supervision activities,
b) Annual internal evaluations attached to the unit’s activity reports
c) External evaluations organized by the Board every five years
Evaluation results performed within the framework of quality assurance and development programmes shall be submitted to the head of administration and published in annual accountability report.
In order to increase the efficiency of internal audit, auditing activities may be evaluated by using questionnaires in the units that have been audited.
SECTION SIX
Other Issues
ARTICLE 33 – Internal audit activities do not eliminate responsibilities of the management relating to the establishment, implementation and development of risk management, control and management processes in their field of duty.
The head of public administration shall be responsible for ensuring all kinds of contribution specified in the relevant legislation to obtain the maximum benefit expected from internal audit activities.
Responsibility of employees
ARTICLE 34- During the execution of internal audit activities, any kind of information, other resources necessary for the audit and documents requested by internal auditors shall be directly submitted to the internal auditor for examination.
ARTICLE 35 – The internal auditor shall fulfil internal audit duties by use of information, skills and equipment to identify evidence for corruption. When an internal auditor reaches an evidence of corruption or irregularity during an audit task, he/she shall promptly transfer his/her findings and the evidences to the head of public administration by means of chief audit executive.
The internal auditors asses the capacity of existing control system regarding the prevention of corruption and irregularity.
Relationship with the Internal Audit Coordination Board
ARTICLE 36 – During internal audit activities, the standards, principles and procedures identified by the Board shall be followed.
Cooperation with the Board shall be required in areas such as; ensuring the continuity of the functional independence of the internal audit system, information exchange, resolution of disagreements, dissemination of good practices, monitoring of the implementation of Board decisions, etc.
Relationships with the external audit unit and other audit units
ARTICLE 37- The chief audit executive shall cooperate with the external audit unit within the framework of the policies identified by the Board in areas such as; the planning and coordination of audits, the prevention of duplicate audits, increasing the efficiency in audits, common training opportunities, mutual ability to access information relating to audit activities. etc.
The relationship between the Internal Audit Unit and the SAI shall be in accordance with the parameters set out below:
a) Communication and coordination between the SAI and the Internal Audit Unit shall be provided by the Chief Audit Executive;
b) Working papers of the Internal Audit Unit, because of the possibility of the sensitivity and restrictiveness of their contents, should only be made available to the SAI if the request is made specifically by the Auditor General him/herself;
c) Ownership of reports is issued by the Internal Audit Unit to Head of Public Administration rests with Head of Public Administration and requests by the SAI to obtain access to such reports should be directly addressed to Head of Public Administration;
The chief audit executive shall establish the required cooperation with other audit units which carry out inspections, investigations and similar activities, in line with the principles identified by the Board.
Prohibition on taking another duty and reassignment as internal auditors
ARTICLE 38 –No other duty, out of his/her primary duty can be assigned or commissioned to the internal auditor. Internal auditors shall not be appointed in for someone to another duty. Positive opinion of the chief audit executive is required for the reassignments of those who have internal auditor certificate.
Internal audit activities abroad
ARTICLE 39 – The internal audits of the activities of the institutions that are carried out abroad shall be performed according to the principles and procedures identified by the Board.
Training abroad and academic studies
ARTICLE 40 – Internal auditors shall be enables to attend post graduate studies and internship abroad or in the native country with the aim of following professional and scientific developments and improving their skills. Approval of the head of administration is required for master in the country.
The relevant principles shall be determined by the Board.
Identity Document
ARTICLE 41 –Internal auditors shall be provided with identity documents bearing their title and powers. In ministries, the identity documents shall be signed by the minister and the head of public administration, and in other administrations, by the head of public administration.
Communication, correspondence and filing
ARTICLE 42 – Internal auditors shall directly correspond in subjects concerned with their duties.
Internal auditors shall save in their own files one copy of all the reports they issue, the progress schedules, business schedules, travelling allowance notices for temporary assignments and letters together with their attachments, besides letters sent by the internal audit unit.
Incoming and outgoing letters shall be recorded in the Document Registry Book. Documents may also be followed electronically by the use of the customized computer programmes.
When corresponding with the internal audit unit and other units, internal auditors shall insert “Certificate Numbers” in front of the numbers they are going to assign to the letters.
Revision of the Charters
Enforcement
ARTICLE 44 – This Charter shall enter into force upon its publication whereas internal audit unit Charters that will be issued based on this Charter shall enter into force after they are signed by the internal auditor and the head of administration.
Execution
ARTICLE 45 –This Charter shall be executed by the Board whereas internal audit unit Charters that will be issued based on this Charter shall be executed by heads of administrations.
Türkçe 
English
