Home

Financial Statements

Statement on Internal Control

Statement on Internal Control

Responsibility for System of Internal Control

On behalf of the Board of Directors of the Irish Museum of Modern Art, I acknowledge our responsibility for ensuring that an effective system of internal control is maintained and operated. This responsibility takes account of the requirements of the Code of Practice for the Governance of State Bodies (2016).

 

Purpose of the System of Internal Control

A system of internal control cannot eliminate risk, rather it is designed to make assessments of the risk environment and to manage risk at levels it deems appropriate. The system can only provide reasonable and not absolute assurance that assets are safeguarded, transactions authorised and properly recorded, and that material errors or irregularities are either prevented or would be detected in a timely period.

The system of internal control, which accords with guidance issued by the Department of Public Expenditure and Reform has been in place in IMMA for the year ended 31 December 2021 and up to the date of approval of the financial statements.

 

Capacity to Handle Risk

IMMA has a Finance, Audit & Risk Committee (FARC) comprising five members at year end with financial and audit expertise. Four of the five members are also board members. The FARC met five times in 2021.

IMMA has established an internal audit function which conducts a programme of work agreed with the FARC. The Internal Auditor is an external consultant with expertise in Risk Management and Business Process. The programme of work is set by the FARC and the Internal Auditor reports to the Chair of the Committee.

The FARC has developed a risk policy that sets out its risk appetite, the risk management processes in place and details the roles and responsibilities of staff in relation to risk. The policy has been issued to all staff who are expected to work within IMMA’s risk management policies, to alert management on emerging risks and control weaknesses and assume responsibility for risks and controls within their own area of work.

 

Risk and Control Environment

IMMA has implemented a risk management system which identifies and reports key risks and the management action being taken to address and, to the extent possible, to mitigate those risks.

A risk register is in place that identifies the key risks facing IMMA and these have been identified, evaluated and graded according to their significance. The register is reviewed and updated by the FARC on a quarterly basis. The outcome of these assessments is used to plan and allocate resources to ensure risks are managed to an acceptable level.

The Finance, Audit and Risk Committee undertakes an Annual Review of the Risk Environment including an appraisal of reports from the Internal Auditor, Risk Statements from functional units and the Risk Register.

The risk register details the controls and actions needed to mitigate risks and responsibility for operation of controls assigned to specific staff. I confirm that a control environment containing the following elements is in place:

  • procedures for all key business processes have been documented;
  • financial responsibilities have been assigned at management level with corresponding accountability;
  • there is an appropriate budgeting system with an annual budget that is kept under review by senior management;
  • there are systems aiming at ensuring the security of the information and communication technology systems; and
  • there are systems in place to safeguard the assets of IMMA.

 

On-going Monitoring and Review

Formal procedures have been established for monitoring control processes and control deficiencies are communicated to those responsible for taking corrective action and to management and the Board, where relevant, in a timely way. I confirm that the following ongoing monitoring systems are in place:

  • key risks and related controls have been identified and processes have been put in place to monitor the operation of those key controls and report any identified deficiencies;
  • reporting arrangements have been established at all levels where responsibility for financial management has been assigned, and
  • there are regular reviews by senior management of periodic and annual performance and financial reports that indicate performance against budgets/forecasts.

 

Procurement

I confirm that IMMA has procedures in place to ensure compliance with current procurement rules and guidelines and that during 2021 IMMA complied with those procedures.

 

Annual Review of Controls

I confirm that IMMA has procedures to monitor the effectiveness of its risk management and control procedures. IMMA’s monitoring and review of the effectiveness of the system of internal control is informed by the work of the internal and external auditors, the Finance, Audit and Risk Committee which oversees their work, and the senior management within IMMA responsible for the development and maintenance of the internal control framework.

I confirm that the Board conducted an annual review of the effectiveness of the internal controls for 2021 on 14th March 2022.

 

Internal Control Issues

Covid-19 – The on-going coronavirus pandemic led to the galleries and grounds of IMMA being closed for the early months of 2021. The closures had a severe impact on IMMA’s commercial revenue with the cancellation of concerts and loss of retail and café income. The losses were mitigated by a reduction in operating costs. The pandemic has the potential to disrupt commercial activities and the Board, together with the Finance, Audit & Risk Committee, continues to monitor developments.

David Harvey
Director

19th May 2022

Directors and Other Information
Directors Report