HDA Annual Report

ANNUAL REPORT 2023/24

The Internal Audit identified and reported that management should continuously revisit its control environment and ensure that controls implemented are adequate to address weaknesses identified within the financial performance (financial management) area. The Committee noted that the Performance Information (Performance against Objectives) review remains consistent with the previous year and there are adequate and efficient management controls. Management’s focus should be on ensuring the full achievement of targets planned each quarter. The Committee also acknowledges the internal auditors’ ability to complete the audit coverage for the 2023/24 financial period as planned. The Committee is therefore of the opinion that Internal Audit is effective, independent, and provides objective assurance and consulting activities that were designed to add value and improve the organisation’s operations. Through Internal Audit, the Committee endeavours to drive combined assurance to ensure an effective coordinated approach is applied in obtaining assurance that risks are being managed effectively. Risk Management The Committee has embedded in its terms of reference (the Charter) the responsibility to provide oversight and monitor the effectiveness of Enterprise-wide Risk Management within the Agency. The Agency’s risk management function is responsible for the establishment and maintenance of an effective system of risk management, the prevention and detection of fraud and internal controls. The Agency remains agile towards the mitigation of its strategic and operational risks. The Committee obtained assurance on the overall system of risk management and provided oversight and monitoring on:

• •

Risk Management Policy and Framework. Strategic and operational risk assessment results. Risk appetite and tolerance framework. Business Continuity Policy and Framework.

• • • • • • •

Business Continuity Plan.

Significance and materiality framework.

Fraud risk management. Risk financing (insurance).

Quarterly risk management and fraud prevention reports.

During the year under review, the Agency’s risk management system was independently assessed to ascertain the risk maturity status. The Agency scored Level 4 of the integrated risk maturity on the 5-tier maturity scale, which is above the public sector norm of Level 3. Due to a rigorous risk management process, the Agency maintained improved performance and risk-based decision making. Therefore, the Committee confirms that the overall system of risk management is effective. Fraud and Corruption A toll-free whistleblowing hotline operated by an independent service provider remains operational. Service providers, members of the public and employees are encouraged to report any suspected corrupt, fraudulent, criminal or unethical practices. All reported incidents have been captured in the Fraud and Corruption Database and preliminary assessments conducted. All the cases reported in the 2023/24 financial year were effectively closed. The Committee is satisfied that management has effectively implemented the fraud prevention plan and initiatives to prevent, mitigate and reduce fraud and corruption through the following:

•

Robust

anti-fraud,

corruption

and

whistleblowing policy Fraud risk assessments

• • • •

Ethics training and awareness

Investigation of reported disclosures

Consequence management

64