(1) A covered entity shall have an Internal Audit Unite head of the Internal Audit Unit shall report administratively to the Principal Spending Officer and functionally to the Audit Committee of that covered entity.
(2) An Internal Auditor of the Internal Audit Unit of a covered entity shall
(a) appraise and report on the soundness and application of the system of controls operating in the covered entity;
(b) evaluate the effectiveness of the risk management and governance process of a covered entity and contribute to the improvement of that risk management and governance process;
(c) provide assurance on the efficiency, effectiveness and economy in the administration of the programmes and operations of a covered entity; and
(d) evaluate compliance of a covered entity with enactments, policies, standards, systems and procedures.
(3) The Internal Auditor of a covered entity shall, in consultation with the Principal Spending Officer of the respective covered entity and in accordance with guidelines issued by the Internal Audit Agency, prepare an annual audit work plan of the activities required to be performed by the Internal Auditor in a financial year which is determined by the risk assessment including the fiscal risk of that covered entity.
(4) The annual audit work plan, referred to under subsection (4), includes an appraisal and report on
(a) budget planning and implementation, and compliance with national goals and objectives;
(b) the development initiatives of the covered entity;
(c) procurement of goods, services and works;
(d) value for money on public expenditure;
(e) follow-ups on the agreed audit recommendations and required corrective actions;
(f) systems of government revenue collections for proper accountability; and
(g) proper, timely and effective use of Government financial information systems.
(5) The Internal Auditor of a covered entity shall, within thirty days after the beginning of the financial year, submit
(a) the annual audit work plan to the Principal Spending Officer of that covered entity and the Audit Committee established under section 86; and
(b) a copy of the annual audit work plan to the Internal Audit Agency.
(6) The Internal Auditor of a covered entity shall submit quarterly reports on the execution of the annual audit work plan to the Principal Spending Officer of the covered entity concerned, the Audit Committee, the Auditor-General and the Director-General of the Internal Audit Agency.
(7) The Internal Auditor of a covered entity shall, in the performance of functions under this Act,
(a) have access to information and property required to be audited; and
(b) be provided with any relevant explanation required by the Internal Auditor.
(8) The Internal Auditor of a covered entity shall report to the Principal Spending Officer concerned any incidents of suspected fraud or misuse of public funds.
(9) Where the Internal Auditor of a covered entity suspects that a Principal Spending Officer is involved in fraud or misuse of public funds, the Internal Auditor shall report the matter to the Director-General of the Internal Audit Agency who shall in consultation with the chairperson of the relevant Audit Committee initiate investigations into the matter.
(10) This section shall, so far as it relates to internal audit, be read and construed as one with the Internal Audit Agency Act, 2003 (Act 658)