GENERAL ASSEMBLY OF NORTH CAROLINA
SESSION 2007
H D
HOUSE DRH30396-LH-211 (3/22)
|
Short Title: State Gov't Acctability/Internal Control Act. |
(Public) |
|
|
Sponsors: |
Representatives Underhill and Goforth (Primary Sponsors). |
|
|
Referred to: |
|
|
A BILL TO BE ENTITLED
AN ACT to enact the state governmental accountability and internal control act; to establish internal control standards for state government; to bolster state government internal audit activities; and to increase fiscal accountability within state government.
Whereas, the people of North Carolina entrust the oversight of public institutions to elected and appointed officials for the purpose of furthering the public interest; and
Whereas, the oversight of those public institutions requires an effective and efficient system of internal control providing reasonable assurance that the public's objectives are met; and
Whereas, ensuring such a system of internal control requires applicable statewide standards and specific assignment of related responsibilities; and
Whereas, for a system of internal control to continue to operate properly, responsibilities for and within the system must be clearly demarked; and
Whereas, recent reports of the State Auditor have highlighted the need to increase the presence of internal auditors within State institutions, and past scandals in the private sector have brought increased attention to the need for strong internal controls, effective oversight, and increased accountability within all organizations; Now, therefore,
The General Assembly of North Carolina enacts:
SECTION 1. The General Statutes are amended by adding a new Chapter to read:
"Chapter 143D.
"The State Governmental Accountability and Internal Control Act.
"Article 1.
"General Provisions.
"§ 143D‑1. Title.
This Chapter shall be known and may be cited as the 'State Governmental Accountability and Internal Control Act.'
"§ 143D‑2. Purpose.
The purpose of this Chapter is to ensure a strong and effective system of internal control within State government, to clearly indicate responsibilities related to that system of internal control, and to strengthen internal audit activities within State government. Therefore, it is the intent of the General Assembly in this Chapter to clearly establish responsibilities related to internal control within State government and to ensure that proper internal audit activities occur within State institutions.
"§ 143D‑3. Definitions.
The following definitions apply in this Chapter:
(1) Internal audit. – An independent, objective assurance and consulting activity designed to add value and improve an organization's operations. An internal audit helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
(2) Internal control. – An integral process, effected by an entity's governing body, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives related to the effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations.
(3) Principal executive officer. – Executive head of a State agency.
(4) Principal fiscal officer. – Chief fiscal officer of a State agency.
(5) State agency. – Any department, institution, board, commission, committee, division, bureau, officer, official, or any other entity for which the State has oversight responsibility, including, but not limited to, any university, mental or specialty hospital, community college, or clerk of court.
"Article 2.
"Internal Control Responsibilities.
"§ 143D‑6. Standards setting responsibilities.
The State Controller, in consultation with the State Auditor, shall establish comprehensive standards, policies, and procedures to ensure a strong and effective system of internal control within State government. These standards, policies, and procedures shall be made readily available to all State agencies, and the State Controller shall make appropriate education efforts to inform relevant State agency staffs of the standards, policies, procedures, and internal control best practices. These efforts shall include the development of training courses, manuals, and other information sources to promulgate internal control standards, policies, procedures, and best practices throughout all State agencies.
"§ 143D‑7. Agency management responsibilities.
The management of each State agency bears full responsibility for establishing and maintaining a proper system of internal control within that agency. Each principal executive officer and each principal fiscal officer shall annually certify, in a manner prescribed by the State Controller, that the agency has in place a proper system of internal control. The State Controller shall develop policies and procedures to direct agencies in their evaluation.
The management of each State agency also bears the responsibility periodically to submit accurate and complete financial information to the State Controller for compilation into North Carolina State government's various financial reports and other related financial information disseminated to the public. With the submission of such periodic reports to the State Controller, each agency's principal executive officer and each agency's principal fiscal officer shall certify, in a manner prescribed by the State Controller, to the accuracy and completeness of the financial information submitted.
"§ 143D‑8. Internet control documentation.
Each State agency shall maintain documentation, as prescribed by the State Controller, of the system of internal control within that agency. All internal control documentation shall be available upon request for examination by the State Controller and the State Auditor.
"Article 3.
"Internal Audit Activities.
"§ 143D‑11. Internal audit requirements.
Beginning July 1, 2008, and at least every biennium thereafter, each State agency without an internal audit function shall, in a manner prescribed by the State Controller, evaluate its need for an internal audit function and fully document the results of that evaluation. Each State agency shall submit that documentation to the State Controller who, in consultation with the State Auditor and the State Budget Officer, shall evaluate, with the State agency, the need for an internal audit function within that State agency. The evaluation shall be provided to the Joint Legislative Commission on Governmental Operations. The Governor shall give consideration to this evaluation when developing budget requirements. The Board of Governors of The University of North Carolina shall be responsible for the internal audit function within The University of North Carolina and its constituent institutions. The State Board of Community Colleges shall be responsible for the internal audit function of the Community Colleges System Office. The State Controller shall work with the Board of Governors of The University of North Carolina, the State Board of Community Colleges, and the Office of State Budget and Management to ensure that the internal audit function is adequately staffed to standards adopted by the State Controller.
When an internal audit function exists, the director of the internal audit function shall report to an appropriate level within the State agency and may be asked to consult directly with the State Controller or the Controller's designee regarding internal audit activities at the director's agency. The State Controller may require certification from the Board of Governors of The University of North Carolina and the State Board of Community Colleges that an independent internal audit function has been established and is functioning appropriately. In the event that a full‑time internal audit function is not necessary, or available, the State Controller, in consultation with the State Auditor, shall issue guidance to agencies regarding effective methods to ensure necessary internal audit functions.
All internal audit reports shall be made available to the State Controller and the State Auditor upon request.
"§ 143D‑12. Internal auditors.
An internal auditor shall provide independent reviews and analyses of various activities and programs that shall provide management with information to enhance accountability, integrity, and efficiency within the internal auditor's State agency. An internal auditor shall have access to any records, data, or other information of the State agency that the internal auditor believes necessary to carry out the internal auditor's duties.
"§ 143D‑13. Internal audit standards.
The State Controller shall, in consultation with the State Auditor, establish internal auditing standards, policies, and procedures for the conduct of internal audit activities within State government that shall conform to applicable and accepted professional internal auditing standards.
"§ 143D‑14. Internal audit work papers not public records.
An internal auditor shall maintain, for 10 years, a complete file of all audit reports and reports of other examinations, investigations, surveys, and reviews issued under the internal auditor's authority. Audit work papers and other evidence and related supportive material directly pertaining to the work of that auditor's activity shall be retained in accordance with Chapter 132 of the General Statutes. To promote cooperation and avoid unnecessary duplication of audit effort, audit work papers related to issued audit reports may be, unless otherwise prohibited by law, made available for inspection by duly authorized representatives of the State and federal governments in connection with a matter officially before them. Except as otherwise provided in this section, or upon subpoena issued by a duly authorized court or court official, audit work papers shall be kept confidential and shall not be open to examination or inspection under G.S. 132‑6. Audit reports shall be public records to the extent that they do not include information that, under State laws, is confidential and exempt from Chapter 132 of the General Statutes or would compromise the security systems of State agencies.
"§ 143D‑15. Statewide coordination.
The State Controller shall establish a mechanism for coordinating internal audit resources statewide. This mechanism shall include all of the following:
(1) Methods to accomplish proper peer review of internal audit functions within State government.
(2) Continuing professional education programs to ensure internal audit professionals remain highly qualified.
(3) Creation of opportunities for State internal audit professionals to discuss matters of professional concern.
(4) Dissemination of statewide internal audit standards, policies, and procedures.
"Article 4.
"Accountability.
"§ 143D‑20. Violations.
The State Controller, in consultation with the State Auditor, shall establish a mechanism to allow for the reporting and investigation of violations of the provisions of this Chapter. This mechanism shall encourage all State employees to become familiar with the provisions of this Chapter and to report any known violations.
"§ 143D‑21. Penalties.
A willful or continued failure of an employee paid from State funds or employed by a State agency to adhere to the requirements of this Chapter is sufficient cause for disciplinary action, up to and including dismissal of the employee."
SECTION 2. This act becomes effective January 1, 2008.