Western Health establishes a three-year internal audit plan covering a range of areas to be audited.

The internal audit function does not audit clinical areas.

Western Health has set a budget in terms of days of work at 200 days per annum including administration time.

Whilst the audit plan varies over time the following are mandatory to be included in every three years program:

• Payroll
• Information Technology Controls including Cyber Security
• HSV compliance
• FMCF compliance
• Billing including MBS billing
• Cashflow
• OH&S
• Fraud Risk
• Incident Management

A range of other items in response to issues of the day will be added to the program as it is developed.

The Internal Audit function reports to the Audit and Risk Board Sub-Committee which meets once each quarter and the IA representatives will be asked to attend all Audit and Risk Committee meetings.

The potential internal auditor must be able to meet the critical criteria requirements of the tender to qualify.

The length of the agreement is 3 years