The financial and accounting rules and procedures in the CSO accord with relevant legislation and with the circulars and guidelines issued by the Department of Finance. Information is also available in the Public Financial Procedures publication.
Accounting Officer and Statement of Internal Financial Control
The Director General is also the Accounting Officer. As Accounting Officer he is personally responsible for the safeguarding of public funds and property under his control; for the regularity and propriety of all the transactions in each Appropriation Account bearing his signature; and for the efficiency and economy of administration in the CSO. The Director General is responsible for ensuring that an effective system of internal financial control is maintained and operated by the Office. Full details of the role and responsibilities can be found in the Memorandum for Accounting Officers (Finance Gov Doc) and in the Public Financial Procedures Booklet. Maintaining the system of internal financial controls is a continuous process and the system and its effectiveness are kept under ongoing review.
The Director General confirms that he has fulfilled his responsibilities in relation to the Service Management Agreement between the CSO and the National Shared Service Office annually in the Appropriation Accounts. The Accounting Officer of the Vote for Shared Services provides a letter of assurance that the appropriate controls are exercised in the provision of Human Resources Shared Services to the CSO.
Organisational Assurance, Audit and Scrutiny Functions
Role of Audit Committee
The CSO Audit Committee plays an important, independent and objective role in promoting best practice in the CSO through the provision of advice on the Office’s strategic processes for governance, risk management systems and internal controls and supports the operation and effectiveness of the internal audit function. The Audit Committee comprises a Chairperson and not less than three and not more than five other members appointed by the Director General. At least two members of the Audit Committee are external members. The Chairperson must be an external member and have right of access to the Director General. The internal members are from senior management grades of staff (Senior Statistician or Principal Officer level) and representative of different functions within the office.
The Audit Committee meets at least four times a year and has the authority to convene additional meetings as circumstances require. All committee members are expected to attend each meeting and the Comptroller & Auditor General, or his/her nominee, is invited to attend at least once a year. The Director General is invited to attend at least one Audit Committee meeting per year and the Audit Committee may invite others to attend meetings to provide specialist support. Meeting agendas are prepared and provided in advance to members by the Internal Audit Unit, along with appropriate briefing materials. Minutes are prepared and circulated to the Director General, Audit Committee members and to all other CSO Management Board members within ten working days of the date of the meeting.
The Audit Committee is independent and has its own Charter. The Committee reviews all Internal Audit Reports and also reviews and approves Internal Audit work plans – long term and annual. An annual report reviewing the Audit Committee’s operations is prepared for the Director General and submitted within 3 months following year end. This report includes an assessment on the work of the Internal Audit Unit, the supports provided to the Audit Committee and a self-assessment of the Audit Committee’s own effectiveness. The Chairman of the Audit Committee reports directly to the Director General.
Role of Internal Audit Unit
The Internal Audit Unit (IAU) in the CSO acts as an independent, objective assurance and consulting activity designed to add value and improve the office’s operations. The work of the unit helps the office accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. The unit facilitates the Director General and the Management Board in discharging their responsibilities, by organising independent reviews and audits of policies, procedures, practices and performance, in order to assess the adequacy and effectiveness of internal controls. The unit works under an Internal Audit Charter which describes the purpose, authority and principal responsibilities of the Internal Audit Section. The Internal Audit Standards publication defines the nature of internal auditing within central government; sets basic principles for carrying out internal audit in central government; establishes a framework for providing internal audit services, which add value to the organisation, leading to improved organisational processes and operations; and establishes the basis for the evaluation of internal audit performance and to drive improvement planning.)
The Head of Internal Audit reports:
directly to the Director General on activities of the CSO’s Internal Audit
to the Audit Committee
to Head of Division, Legal, Enforcement & Governance Division
Public Procurement
The CSO’s Procurement Policy (Office Notice 13/2020) sets out the regulatory and governance procedures that must be complied with before undertaking a procurement process on behalf of the CSO.
Procurement above relevant EU financial thresholds is subject to EU Procurement Directive (2014/24/EU), and S.I. No 284/16 (the "2016 Regulations" transposed into Irish Law) as well as the Remedies Directive (2007/66/EC) and the implementing Irish Regulations (S.I. No. 130 of 2010 and S.I. No. 192 of 2015). Procurement under EU financial thresholds is subject to national rules but must respect the general principles of EU law.
The Procurement Support Officer has an oversight role in providing assurance of compliance with public procurement regulations for all procurements above a threshold of €25,000.
Digital and ICT-related procurement must adhere to the provisions of Circular 14/21 in relation to approval and oversight of ICT-related expenditure and initiatives.
The end-to-end procurement cycle must comply with internal CSO Operational Policies as set out in Section 4.2 of the Procurement Policy.
Engagement with the Data Office is mandatory at the outset of a procurement process for all proposals involving the processing of personal data.
Engagement with the Digital Architecture and Cyber Security Division is mandatory at the outset of a procurement process for all proposals which require a technology solution/platform.
Current tender competitions
Details of current CSO tender competitions valued at over €25,000 are available on www.etenders.gov.ie.
Public contracts awarded
Details of contracts valued over €25,000 (ex VAT) awarded by the CSO are available here.
Purchase Orders
Details of Purchase Orders valued over €20,000 (incl. VAT) awarded by the CSO are available here.
Prompt Payments
Internal procedures have been put in place in order to comply with the Prompt Payment of Accounts Act, 1997 as amended by the European Communities (Late Payment in Commercial Transactions) (S.I. No. 580 of 2012). Prompt Payments Reports are posted on the CSO website.
Role of Internal Finance Unit
The Finance Unit provides a professional, efficient and confidential service that adheres to government regulations, conforms to current legislative practice and meets the requirements of internal and external customers. The finance unit has responsibility for the accounts payable and receipts functions including revenue compliance and DPER reporting. The role includes the preparation of monthly financial reports and the annual Appropriation Account. The finance unit provides a budgetary management function, engages with the estimates process and monitors actual spend against budget.
The financial and accounting rules and procedures in the CSO accord with relevant legislation and with the circulars and guidelines issued by the Department of Finance and in the Public Financial Procedures publication.
Risk Management
The Management Board has devolved responsibility for risk management to the Risk Board. The CSO adheres to a Risk Management Policy and operates a risk management framework which is the process by which risks are identified, analysed, assessed, managed, monitored and recorded. As part of this process a divisional risk management template is issued to Heads of Division twice a year, as part of the DAPs process. The template assists management in identifying, analysing, assessing and managing the possibility of any event occurring which could have a negative impact on the achievement of the Office’s objectives.
The completed template is discussed at the twice yearly DAPs process between individual Heads of Division and the Management Board (MB) and controls to mitigate risk are agreed. The completed templates lead to the development of individual directorate risk registers and informs the compilation of the Corporate Risk Register by the Risk Board to be reviewed by the MB.
Risk management is also built into the CSO’s project management processes and is overseen by the Project Oversight Board (POB). Risk management is considered and reviewed by the Audit Committee and the Internal Audit Unit. IT risks are reviewed by the Technology Board. Risks around quality and methodology are considered by the Quality Management, Support and Assurance Division and by the Methodology Division.The Corporate Risk Register (CRR) is a living document and is regularly reviewed by the Risk Board. Risk owners are interrogated on risks with mitigations identified by the board. Where needed, risks are escalated to the MB.
Corporate Compliance Framework
The Corporate Compliance Framework is outlined in Figure 4.1 below. It includes the Audit process both internal where the Internal Audit unit provides an independent opinion on the adequacy and compliance with internal controls; and the external audit process whereby the C&AG provides independent scrutiny of the effectiveness of the financial control environment.It includes the risk management process whereby risk is identified, assessed, evaluated and mitigated against, the risk management reporting template for all Heads of Division reviewed twice a year and the Directorate and Corporate Risk Registers. The Management Board has a considerable role to play in assurance as they receive and provide reports on performance and risk management to inform key decisions.The model includes details regarding international external assurance such as the Eurostat Peer Review process, external assurance via the C&AG auditing process, internal assurance in the form of and internal management.
Figure 4.1:
