GIAA Annual Report and Accounts 2024-2025

Question 1

Performance report

Accepted Answer

Performance overview

This section tells you about our organisation - who we are, our mission, vision and values and our services. It also provides a summary of our performance over the year as we progress with our strategic objectives and our approach to managing the risks that could stand in the way of our success.

About the Government Internal Audit Agency

The Government Internal Audit Agency (GIAA) leads the internal audit function and profession across central government.

We provide internal audit services and support for the UK government. Our clients include ministerial departments and many non-ministerial departments, agencies, and public bodies. Our counter fraud and investigation service supports finance professionals across government in their role as stewards of public money. We also provide assurance for the management and payment of European Commission grants for several EU funded programmes. These programmes have run for several years with the majority closing in 2024-25; a small remainder will continue to be supported by the Agency until conclusion in 2025-26.

Welcome to our Annual Report and Accounts

After a decade operating at the heart of government, our focus on client delivery remains unwavering. The pace of change is fast, and we work closely with all our clients, enabling them to identify and manage risks to their service delivery.

Our assurance and insight support the delivery of effective and efficient public services across government. Our refreshed cross-government insight programme better anticipates client needs, while our pioneering work with artificial intelligence (AI) continues to gain international recognition, placing us at the forefront of audit technology.

GIAA is the UK’s largest non-commercial provider of internal audit services. This year we completed Lord Maude’s recommendation by finalising our agreements with the Foreign, Commonwealth and Development Office and HM Revenue and Customs for their affiliate membership with the Agency. Internal audit colleagues from both departments have begun to work with GIAA, enhancing the breadth of our cross-government insight and ensuring more effective use of government funds.

As our sphere of influence grows in one area, we end our involvement in another. UK participation in many EU programmes came to an end in 2024-25 and with this we have closed the majority of our EU assurance programmes.

This year also marked the significant milestone of our successful transition to a fully fee-funded business model. Throughout this period of change we have been impressed by the ‘can do’ attitude of our people, who have embraced more efficient and productive ways of working. Their commitment to recognising what works well, identifying improvements and embracing innovation has been crucial to our operational success.

The expertise of our people continues to attract attention across government, the UK and internationally. This year our counter fraud and investigation, and internal audit colleagues have celebrated numerous awards and commendations, and our data analytics specialists have showcased their expertise at events across the world.

We remain wholly committed to our mission of delivering ‘better insights, better outcomes’ for our clients. We would like to extend our sincere thanks to all our people whose hard work, commitment and dedication has brought our mission to life. Each person’s contribution makes us successful so that, as an Agency, we are able to deliver a far greater impact than the sum of our parts. Together, we are well-positioned to continue providing and improving assurance and insight across government, supporting our clients through the challenges and opportunities that lie ahead.

Harriet Aldridge, Chief Executive GIAA and Isobel Everett MBE, Chair, GIAA Board

Question 2

Our year at a glance

Accepted Answer

April 2024

HMRC and FCDO internal audit teams join GIAA as affiliate members - concluding our One GIA programme and completing Lord Maude’s recommendation for government internal audit.

May 2024

We launch our AI writing engine, to support more efficient and effective reporting-writing.

June 2024

Driving efficiency and quality through ‘the power of learning’ was the theme for our GIAA trainee and apprentice conference.

July 2024

In preparation for the UK General Election we shared our topical insight on Machinery of Government changes for government organisations.

August 2024

We launch our revised insights programme to share information, thought pieces and detailed case studies of excellence and best practice in risk control across government.

September 2024

We brought members of the Government Internal Audit Leadership Community together in person for the first time to share and discuss learnings and insights.

October 2024

We showcased GIAA’s work developing AI applications for internal audit at the Chartered Institute of Internal Audit conference.

November 2024

We brought internal audit senior leaders together across the wider public sector with the launch of our UK government internal audit leadership community.

December 2024

We presented our work on IT, AI and innovation for HM Treasury at their Innovation Day.

January 2025

We published our 2024 Insights Report and Chief Executive Opinion and Overview, sharing our analysis of strategic risk and control for the UK government for 2023-24.

February 2025

We launched our online Internal Audit Knowledge Hub to support, greater collaboration, discussion and development across the wider government internal audit community.

March 2025

We launch our first Internal Audit Function Strategy.

Our role identifying early warning signs across the public sector is highlighted in a report by the Committee on Standards in Public Life.

Question 3

Our year in numbers

Accepted Answer

For 2024-25…

we employed 471 people (full time equivalent)
who delivered 1500 audits for 15 government departments and 130 arm’s length bodies
our Insights team presented six full cross-government reports, nine opinion pieces and eight cross-government insights reports
we delivered three events for UK government audit and risk assurance committee (ARAC) members and two ARAC Chair network meetings

Our clients express high levels of satisfaction with our services…

we have a net promoter score of 8.22 out of 10 from senior civil servant clients who would recommend our internal audit services
our counter fraud and investigation services received an average satisfaction score of 9.11 out of 10

We continue to embrace the benefits of emerging technology…

79% of our people have used our bespoke artificial intelligence (AI) engines
19 organisations have either used or are currently using one or more of our artificial intelligence ‘Engines’

We value our people and their wellbeing…

425 people undertook mental health awareness sessions
we received the prestigious Mind Index Silver Award

Question 4

About us

Accepted Answer

Our mission

Our mission is that people provide objective insight so that central government can achieve better outcomes and value for money for the public – better insights, better outcomes.

Our Vision 2026

Our three year ‘Vision 2026’ was launched in 2023, following a comprehensive programme of engagement with internal and external stakeholders. Our vision is focused on raising the bar in all that we do, building on our progress and stretching ourselves to achieve more.

Our vision sets out that by 2026 we will be:

elevating our impact across government
empowering our people to thrive, develop and deliver
excelling in quality and professionalism
inspired by innovation
sustained on firm foundations

You can read our full vision document at:GIAA Vision 2026 - GOV.UK

Our strategy and plan

Our Strategy 2023-26 sets out how we will achieve our Vision 2026. For 2024-25 and every year of our strategy, we produce a one-year corporate plan that identifies the strategic priorities we will deliver during that 12-month period.

We review our strategy and corporate plan each year so that we maintain a sharp focus on achieving our priorities.

You can read our Strategy 2023-26 and Corporate Plan for 2024-25 using the following links:

Strategy 2023-26: Government Internal Audit Agency Strategy 2023-26 and Plan 2023-24 - GOV.UK
Corporate Plan 2024-25: Government Internal Audit Agency Corporate Plan 2024-25 - GOV.UK

Our values and behaviours

Our values and behaviours underpin everything we do. By living our values and embodying our behaviours every day, we will achieve our strategy and work towards realising our Vision 2026.

Values

Our GIAA values require us to be trustworthy, collaborative, principled, respectful and professional in all that we do.

Behaviours

We embody our values through our GIAA behaviours and that we are:

quality driven
client focused
visionary
(we act) in the public interest
honest
enabling
inclusive
responsible

Question 5

Our services

Accepted Answer

Internal audit activities

At GIAA we support our clients to understand, manage and deliver better services. The insights we provide support government to operate more efficiently and effectively, improving outcomes for service users and ensuring better use of public funds.

Our assurance services provide independent and objective assessment of the effectiveness of our clients’ governance, risk management and control arrangements. Our consulting services advise our clients on how to improve and develop governance, risk management and control arrangements for new or emerging areas of work, where there is significant change, or where there is no system of risk management or control framework to assure.

Our specialist internal audit services are an important part of elevating our quality and impact. Our specialist services include:

digital, data and technology
programme and project management
commercial and procurement
grants
team players
appreciative

Audit services for European Union funded programmes in the UK

On behalf of the UK government, we provide the European Commission with independent and impartial assurance in respect of several European Union-funded programmes in England and other parts of the UK. The final year for UK participation in many EU programmes was 2024-25.

Counter fraud and investigation services

Our counter fraud and investigation service is recognised as a centre of excellence. We provide high quality and cost-effective services for our clients to enhance their counter fraud response and ensure responsible stewardship of public funds. Our specialist counter fraud and investigation services include:

investigation
risk assessment
tailored counter fraud detection
whistleblowing and raising a concern
development of counter fraud campaigns
supporting our clients with the implementation of the requirements of the Functional Standard (GovS013 Counter Fraud)

Innovation and data analytics

Our work developing artificial intelligence (AI) places us at the forefront of this emerging technology and its use in internal audit. Our AI tools enable a person to read hundreds of documents at speed by summarising, collating, and analysing content. Using AI in this way means that insights and data can be extracted quickly, and trends spotted. Understanding these trends, creates greater opportunities for cross-government collaboration and learning. This creates potential for improved public services, ultimately providing better value for the taxpayer. We have also made some of these tools available to other government organisations to support their efficiency and productivity efforts.

Our organisational structure

GIAA is led by a Chief Executive, who is supported by our Executive Committee (ExCo) and our Board.

In 2024-25 our client base was 15 of the 17 main central government departments. These departments (shown in Figure 3 below) along with over 130 government arm’s length bodies are grouped into operational directorates to ensure the best outcomes for our clients. In turn, our operational directorates are supported by a small enabling function.

Our client base continues to grow and in 2024-25 we confirmed affiliate membership agreements with the Foreign, Commonwealth and Development Office ministerial department and HM Revenue and Customs organisation. With these two agreements in place we have consolidated our position to provide internal audit insight, assurance and guidance across all UK central government. Through our affiliate partnerships we have established clear ways to add even more value with greater opportunities for collaboration and sharing good practice and insight.

A full list of all clients is available on: GIAA client list - GOV.UK

Question 6

GIAA operating structure 2024-25

Accepted Answer

Our organisation operating structure is reviewed continuously, to ensure we are in the best place possible to deliver maximum impact and benefit for all our clients.

Over 2024-25 we carried out a detailed revision of our operating structure illustrated in Figure 3. This revision supports us to be in the best place possible to deliver high quality services for all our clients.

Our new operating structure was introduced on 1 April 2025. Our new structure enables GIAA to:

amalgamate internal audit and counter fraud and investigation client delivery under two delivery directors
invest in our specialisms alongside our data analytics team and resource managers
create a new cross-portfolio delivery team
introduce a new technical directorate to focus on cross-government insight, audit profession and practice and our leadership of the government internal audit function
enable our corporate services colleagues to better support our client facing teams

We employed 471 full time equivalent (FTE) people, with the majority working in client facing internal audit and counter fraud and investigation roles.

GIAA priority outcomes and areas of focus

The Performance Analysis section of our annual report (from page 18) outlines how we have performed against three priority areas of focus that are set out in our Corporate Plan 2024-25: our people, our quality and our financial position.

Managing our principal risks

As with all organisations, we face risks in the delivery of our strategy, corporate plan and core functions. We actively manage our strategic risks to make best use of public money, maximise our performance and achieve our objectives.

We have identified principal risks to the delivery of our strategic objectives. Details of these risks, including examples of the mitigating actions we have taken to address these are available from page 39 of the Performance Analysis section.

Going concern basis

Our financial statements have been prepared on a going concern basis in accordance with the Government Financial Reporting Manual. We operate as a going concern with our operating costs met through fee payments from our internal audit, counter fraud and investigation and European clients. In prior years, we were in receipt of Supply Funding from our sponsoring department HM Treasury that was provided to support the Agency to form and mature. We were also in receipt of monies for specific deliverables as part of our 2021 Spending Review settlement (SR21). From 2024-25 our Supply Funding was limited to legacy pension funding and a contribution to funding the Internal Audit Government Profession. Full details are available in our financial accounts on page 93. In anticipation of the reduction of our Supply Funding we developed and implemented a programme of efficiencies and smarter ways of working so that we break even and remain financially sustainable. These plans have been put in place as part of our Strategy 2023-26 and with priority actions set out in our corporate plan. Our 2025-26 Supply Funding will be of a similar value to the figure received in 2024-25.

Quality of our work

For 2024-25 our internal audit work and methodology was delivered in accordance with Public Sector Internal Audit Standards (PSIAS). This was the final year the Agency applied the PSIAS as the new Global Internal Audit Standards in the UK Public Sector (GIAS) were adopted from 1 April 2025.

We undertake regular internal quality assessments of our work with external assessments taking place every five years. Our last External Quality Assessment (EQA) was conducted in 2020-21, and we were rated as ‘Generally Conforms’, the highest possible rating. Our next EQA is scheduled for the final months of 2025-26 and will be based on the new GIAS. Similarly, we deliver our counter fraud and investigation services to clients in accordance with, and in support of, the Functional Standard for Counter Fraud (GovS013).

Continuous improvement and change

GIAA has an ambitious programme of continuous improvement and change that contributes to maintaining a fully sustainable operating model, efficient processes and more effective ways of working, so that our people can concentrate on delivering high quality products for our clients.

Our approach to change management is evidence-based, with measurable outcomes, ultimately underwriting GIAA’s mission of delivering ‘better insights, better outcomes’ for our clients. Many of our areas of focus for 2024-25 have been delivered through all parts of the Agency working closely with the organisational change team.

Question 7

Performance analysis

Accepted Answer

This section tells you how we monitor our performance and the progress we have made in delivering our strategy. We also provide an analysis of the risks that could affect the delivery of our strategy and some examples of actions we have taken to mitigate these risks during the year. Finally, we have included some additional performance Information, including information we hold in relation to sustainability, our impact on the environment and the actions we have taken or plan to take to minimise that impact.

Our performance analysis includes how we:

measure our performance against our areas of focus for our 2024-25 corporate plan
manage our performance and progress through a suite of key performance indicators

Our corporate plan sets out the strategic changes we need to make over the following financial year to meet our ambitions and fulfil clients’ expectations. Our 2024-25 corporate plan was orientated around 3 areas of focus: our people, our quality, our financial position.

We were deliberately ambitious with the deliverables within these areas of focus, accepting that some of the work would be carried over and completed the following year. Throughout the year, progress has been monitored by our Executive Committee and Board.

Performance against the corporate plan

The information in the following tables sets out our performance against the 2024-25 priorities together with a final column demonstrating how our progress contributes to our vision strands. Below each table there is a short narrative on our areas of focus for the following year, 2025-26.

Area of focus: our people

Our priorities for 2024-25:

To develop a workforce strategy to attract, recruit, train and retain our PEOPLE at all levels and in the best locations to ensure we have the capacity and capability we need today and in the future.

We will deliver…

From 1 January 2025, a workforce strategy and operational plan that aligns with our future vision of providing internal audit and counter fraud and investigation services to government.

The progress we have made…

Work is well underway with the development of our 10-year programme for strategic workforce change has been developed. This provides us with a clear plan for building, equipping and retaining a strong, experienced, and committed workforce that is focused on delivering services both now and in the future for our clients across government.

We will deliver…

A programme of training focused on leadership and management, as well as supporting our people to further develop their professional relationships with clients and market the full range of integrated GIAA services.

The progress we have made…

The firm foundations are in place for delivery of an in-depth line management upskilling and targeted leadership development programme. This is based on comprehensive research and best practice to ensure the best package will be delivered for our people during 2025-26.

We will deliver…

Improvement in the career pathways available within the Agency and opportunities for our people to develop skills and expertise across client portfolios.

The progress we have made…

The career pathways framework has been developed and will be launched in Summer 2025. This will meet the needs of our workforce by providing opportunities for our people to develop skills and expertise working across our client portfolios and within job families.

These areas of focus supports our vision of…

Excelling in QUALITY and Professionalism Empowering PEOPLE to thrive, develop and deliver Sustained on FIRM FOUNDATIONS.

What’s next for 2025-26?

We are committed to ensure our work continues to add impact, assurance and value. For 2025-26, we have put in place a new operating structure that will enable our Agency to be in the best place possible to deliver high quality services for all our internal audit and counter fraud and investigation clients.

The next twelve months will also see further development of our workforce strategy with redesigned job descriptions and people/matrix management frameworks, a revised learning and development programme and opportunities for more varied entry routes and career pathways throughout GIAA. This will ensure we continue to attract, recruit, train and retain the right people and we are in the best place possible to deliver ‘better insights, better outcomes’ for our clients.

External awards and commendations

The achievements of GIAA colleagues and teams and the impact of their work has been recognised by many external bodies.

2024 Audit and Risk Awards

Our client team for the Ministry of Justice were finalists in the Audit Team of the Year
Senior Audit Manager Gary Wilkin was a finalist in the diversity, equality and inclusion champion category, recognising our contribution to supporting greater inclusivity across the internal audit profession

Government Finance Function Awards

Audit Manager Jeff Smith won the Iain Rolland Memorial Award for his outstanding contribution to Internal Audit at the prestigious Government Finance Function Awards 2025

Government Counter Fraud Awards

Isabella Naylor and Maisie Wade were both nominated for Apprentice or Newcomer of the Year
Sandra Simms was nominated for Member of the Year

Tackling Economic Crime Awards

Our counter fraud and investigation team were shortlisted for the Outstanding Team Award
This team was also nominated as part of an Outstanding Partnership award for a joint investigation with their DWP Economic Serious Organised Crime counterparts and the Met Police
Maisie Wade was shortlisted in the Outstanding Young Professional category

Public Finance Awards

Our counter fraud and investigation team were shortlisted at the Public Finance Awards in the category of Outstanding Fraud Prevention Detection and Recovery

Area of focus: our quality

Our priorities for 2024-25:

To continuously improve the QUALITY and impact of our audit, counter fraud and investigation work in a way that drives efficiency and more insight from everything that we do.

We will deliver…

Cross-government insight, benchmarking and reference to best practice throughout our audit, counter fraud and investigation work.

The progress we have made…

We have refreshed, revised and increased the number of our cross government products.

For 2024-25, we presented six full cross-government reports, nine opinion pieces and eight insights reports to our clients.

We will deliver…

Completion of membership of the Agency by all government departments, and the continued onboarding of other targeted arm’s length bodies (One GIA).

The progress we have made…

GIAA now provides internal audit services and/or support for the UK government including all ministerial departments and many non-ministerial departments, agencies and public bodies.

We have introduced an affiliate arrangement to bring internal auditors across government together through closer working, building stronger professional relationships to enhance the service and insight for our respective clients.

We have completed and closed our One GIA programme.

We will deliver…

Further implementation of the Risk Control Framework across government, (in collaboration with the Government Risk Profession), to strengthen the management of risks and second line assurance.

The progress we have made…

The Risk Control Framework (RCF) was published in 2023 in collaboration with HM Treasury Officer of Accounts and Risk Centre of Excellence. The RCF is being integrated into our client annual opinions.

Alongside HM Treasury, we continue to promote adoption and use of the RCF into audit planning and reporting, recognising its importance to deliver consistency in judgements and the need for a framework to be compliant with audit standards.

We will deliver…

Launching and embedding simplified reporting products that take less time to produce and communicate outcomes in a more impactful way.

The progress we have made…

In line with the new Global Internal Audit Standards, we have refreshed our reporting products, and they were implemented from April 2025.

We will deliver…

Implementation of an action plan from our Internal Quality Assessment to ensure the Agency continues to maintain its ‘generally conforms’ rating in its External Quality Assessment in 2025-26.

The progress we have made…

We have completed a Readiness Review as part of our preparations for our External Quality Assessment (EQA) which will commence in autumn 2025.

Feedback from the review has been incorporated into our EQA action plan.

We will deliver…

A clearer articulation of a future audit delivery model for government through a vision and strategy for the whole of the government internal audit function.

The progress we have made…

The HM Government internal audit function strategy was developed and published in March 2025. This strategy sets out how, over the next three years, the internal audit function will develop the diverse set of skills it needs to meet the changing demands of government through the delivery of high-quality, cost-effective services.

These areas of focus supports our vision of…

Elevating our IMPACT across government.

Excelling in QUALITY and professionalism

Inspired by INNOVATION.

What’s next for 2025-26?

2025-26 marks the 10th year of operation for GIAA. We now provide internal audit services and/ or support across all the UK central government departments, and we will continue to engage with non-ministerial departments, agencies and public bodies who express an interest in our service and support.

Our unique position working across government provides the opportunity to grow our programme of cross-government insight for the benefit of our all our clients. Throughout 2025-26 we will continue with the expansion of our cross-government programme.

From 1 April 2025, GIAA adopted the Global Internal Audit Standards in the Public Sector, and this will be one part of our continuing preparations for our External Quality Assessment that is scheduled commence in autumn 2025.

Case study: Maximising efficient delivery: combining ‘three-in-one’ audit fieldwork

Auditors were scheduled to complete three audits in one part of our client’s organisation, where the testing and fieldwork for each audit would involve visiting several sites at a time when our client was working to capacity. Auditors were keen to ensure our testing would not adversely impact on their delivery. With client agreement, we planned to combine the testing for all three reviews to ensure we covered everything during each site visit. This gave us the benefit of streamlining our testing as well as reducing the impact on the client.

Our client makes payments to eligible clients. One of the reviews covered the process to ensure client entitlement, another covered the application of a framework for end-to end processing and the third looked at the management of staff capability. As part of the site selection process, we focussed on offices where we were able to cover all three reviews during testing. We also ensured all regions were covered (our client has national coverage) and allocated audit resource based in those regions to complete the testing to minimise travel and costs.

Each audit review had a clear and distinct objective requiring fieldwork interviews, findings and research to inform the outcome. By combining the fieldwork for all three audits into a single, streamlined operation, we were able to provide our client with exceptional value. Our ‘three-in-one’ approach eliminated repetition, captured all necessary data accurately and by using locally based auditors, we were able to help develop knowledge across the team.

Through our efficient and effective work, we not only delivered tangible benefits for our client but also offered invaluable insight across their entire operation. By working actively to combine fieldwork, the success of these audits demonstrates our commitment to maximising efficiency and providing exceptional value to our clients.

Case study: Lessons learnt - exposing a ‘Man-in-the-Middle’ bank mandate fraud

GIAA’s specialist Counter Fraud & Investigation team (CF&I) was tasked with investigating a mandate fraud involving a payment of over £60,000 to a fraudster’s bank account.

The investigation focused on communication between a government organisation and an external company applying for funds on behalf of a client. Following the return of an initial payment by the bank, updated bank details were provided to the government organisation, who subsequently processed a substantial payment.

The fraudulent activity was uncovered when the legitimate external company contacted the government organisation to report a delay in receiving their expected payment.

The investigation revealed that whilst the government organisation had procedures for managing bank account changes, these controls were inadequate. As a result, the government organisation had failed to spot two different fraudulent email addresses used in correspondence. There was no evidence found to suggest collusion between individuals in the government organisation and the fraudster, or any breaches of the Civil Service Code or internal policies.

It was concluded that an unknown fraudster, posing as a representative from the external company, compromised the email service connecting the two organisations and executed a ‘man in the middle’ cyber-attack. This attack involved the interception of communications between two parties to deceive them into taking a specific action. This resulted in the mandate fraud and a payment sent to an unknown recipient.

In addition to conducting investigations, CF&I provides post-investigation support to help government organisations enhance their counter-fraud measures to prevent future incidents. While the organisation had implemented some measures in response to the fraud, CF&I identified further opportunities to improve relevant processes and controls and is supporting the implementation of these improvements. In addition, we are using our cross-government insight to support the organisation with producing a fraud risk assessment.

Area of focus: our financial position

Our priorities for 2024-25:

Implementing our programme of transformation for operational delivery that will ensure we balance our long term FINANCIAL POSITION.

We will deliver…

An optimum organisational design model that drives efficiencies, productivity and quality, including a revised senior structure and greater line management spans of control.

The progress we have made…

A revised senior civil servant (SCS) organisational structure was developed in 2024-25 and launched on 1 April 2025. This will support our evolution by facilitating more insight sharing across teams and enabling continuous improvement in the quality of our work strengthening our delivery of better insights, better outcomes.

Work has taken place to embed greater clarity and consistency of job roles for colleagues working at SCS and delegated grades.

Our work to establish an optimum organisation design future-proofs us and ensures we are in the best position possible to respond to our clients’ organisational changes and wider cross-government evolution.

We will deliver…

More flexible deployment of our resources, informed by a resource management capability that allows us to meet client demand and smooth the delivery of our audit work more throughout the reporting year.

The progress we have made…

We introduced our bespoke resource management system to dynamically identify and allocate resources to meet demand across the Agency earlier and upstream. This has resulted in a positive shift towards smoothing delivery.

We will deliver…

The second year of our efficiencies programme leading to a reduction in our costs, increased productivity, more streamlined processes, and further income generation.

The progress we have made…

The second year of our efficiencies programme has yielded progress regarding system configuration to support efficient use; and we have implemented a new audit planning tool that drives efficiency and improved management information including a real-time operational workforce plan.

We will deliver…

Embedding of our artificial intelligence tools (the Writing, Risk and Insights Engines) that offer a return on that investment through increasing our productivity as well as the quality and value for money of our output.

The progress we have made…

Use of our artificial intelligence (AI) tools has increased as has the take-up and confidence of using AI to complement audit delivery. The tools continue to be enhanced and improved to increase functionality and optimise productivity. A programme of engagement has helped highlight the opportunities and aided understanding of the benefits for us and our clients for using AI to assist with internal audit delivery.

The percentage usage for each of our AI engines is now:

Writing engine – 72%
Risk engine – 59%
Insight engine – 64%

In total, 79% of our people have used at least one of our AI engines.

These areas of focus supports our vision of…

Excelling in QUALITY and professionalism Empowering PEOPLE to thrive, develop and deliver Inspired by INNOVATION Sustained on FIRM FOUNDATIONS.

What’s next for 2025-26?

Our AI tools continue to attract attention across government and further afield. Next year our data analytics team will continue to refine and develop our AI systems, including an engine to capture a client organisation’s changing risk profile.

We will continue to drive greater productivity through our resource management system. This system supports swifter allocation of people resources to meet client demand earlier. This benefits us by alleviating demand pressures later in the year and provides greater value for clients as they receive products earlier and can implement our recommendations sooner. Effective resource deployment also brings a further benefit, supporting our people to gain access to more varied client portfolios and wider career experience that provides our clients with greater insight. Our expansion of resource management over the next twelve months will bring even more opportunities for individual career development.

At the start of 2025-26 we ran a defined voluntary exit scheme (VES) to support our ongoing efficiencies programme, changing our ways of working to be increasingly automated and augmented where possible.

Case study: Enhancing Agility and Expertise: The Success of the Audit Response Team (ART)

Our Audit Response Team (ART) was established as one element of our strategic workforce plan. By creating an Agency-wide cadre of internal audit professionals it has been possible to respond to emerging resourcing issues, flexibly and far earlier. Beginning with a small pilot before wider deployment across GIAA, ART has quickly become a valuable asset in resolving resource challenges.

For individuals within the ART team, the opportunity to work across teams and government departments has proven to be a significant draw. This flexibility enables them to expand their career portfolio, develop new skills, and gain a deeper understanding of government operations. By adopting a matrix management structure, team members receive both line management support and task management guidance, allowing them to focus on delivering high-quality results efficiently.

The positive impact of ART extends beyond individual growth. We benefit from a more agile workforce, capable of responding quickly to changing demands and priorities. By deploying skilled professionals across different teams, we can enhance our expertise and provide a more comprehensive service to government clients. This collaborative approach fosters shared learning, leading to the continual development of auditors and the strengthening of knowledge across various government areas.

Over the last year our ART has grown to include over 50 internal audit professionals. The ART exemplifies the success of a flexible and collaborative approach to deploying people quickly to support teams. By prioritising agility and expertise, ART has not only benefited individuals within the team but has also contributed to the growth and effectiveness of the wider Agency and our government clients. The learning and expertise we gained through ART will be developed into an expanded Central Resource Team over the coming year. This will enable even greater sharing of insights, and more flexible resourcing across GIAA.

Case Study: Showcasing our ground-breaking work harnessing AI technology for internal audit

This year the GIAA showcased our work developing and applying AI technology for internal audit at the Chartered Institute of Internal Audit (CIIA) conference. Our Director of Innovation and Development, Iain McGregor, presented a session on the effective use of AI in internal audit, highlighting the innovative ways we apply AI to improve the efficiency and effectiveness of internal audit delivery. This was followed by our Chief Executive Harriet Aldridge setting out how we also lead the way with the development and delivery of the Environmental, Social and Governance agenda through internal audit, and our Data Analytics team expertly presented our AI engines for delegates, with real time demonstrations on our conference stand and answering technical questions.

The response to our presence at this prestigious conference was overwhelmingly positive. Internal auditors from across all sectors were astonished by our inventive application of AI. Our GIAA information stand was inundated with visitors eager to learn more about our AI engines and how they work. Auditors working in local authorities expressed interest in applying our writing and risk engines, and we even made a global impact, connecting with audit professionals from Korea, Norway, and Malta.

Attending the CIIA conference was just one aspect of our ongoing efforts to promote the potential of AI technology improving and enhancing internal audit delivery. Our data analytics team continues to respond to queries from across the UK government, UK public sector, and internationally, sharing our expertise and knowledge to support internal audit professionals and organisations optimise opportunities for more effective delivery.

Question 8

Performance against our key performance indicators

Accepted Answer

We monitor the progress of our strategy and corporate plan through a suite of key performance indicators (KPIs) that are reported to and considered by the Executive Committee. For 2024-25, these KPIs aligned to our corporate plan focus areas: our people, quality and financial position.

These measures, targets, performance in 2024-25 and comparison to the prior year are set out in the following tables.

Managing our performance: our people

Our people measures

Measure

Employee engagement index, as measured through the Civil Service People Survey

Target 2024-25

We continually seek to maintain and improve levels of engagement across our workforce

Performance 2023-24

People survey engagement score: 62%

Performance 2024-25

People survey engagement score: 59% (target not met)

Measure

Average working days lost to sickness per member of staff

Target 2024-25

We actively seek to reduce sickness absence rates

Performance 2023-24

7.53 days

Performance 2024-25

8.74 days (target not met)

Measure

Level of staff attrition in the financial year

Target 2024-25

Achieve a year-on-year reduction in controllable staff attrition

Performance 2023-24

14.3%

Performance 2024-25

14.1% (target marginally met)

Our people survey

The Civil Service People Survey is an important measure of our people’s experience of working for GIAA. This survey is carried out annually across government and we use our Agency survey results to monitor levels of engagement and identify where areas of additional focus might be needed. Our response rate for the 2024 people survey was 86% – significantly higher than the average Civil Service response rate of 61%.

Our overall engagement index score assesses the extent to which our employees are committed to our goals and values and are motivated to contribute to our success. In 2024, our overall engagement score dropped by three percentage points to 59%. The Civil Service-wide engagement score is 64%. The change in our engagement score was anticipated as we underwent a programme of transformation that was required to balance our long-term financial position. This transformation programme will continue through 2025-26.

People survey engagement index core themes

Our overall engagement index score is drawn from nine core themes. (‘My work’, Organisational objectives and purpose’, ‘My manager’, ‘My team’, ‘Learning and development’, ‘Inclusion and fair treatment’, ‘Resources and workload’, ‘Pay and benefits’, ‘Leadership managing change’).

Each theme measures a different dimension of employee experience which are known to have a strong relationship with engagement levels at work. For our 2024 survey the index core themes measured the following changes from the previous year:

Graph 1: Civil Service people survey engagement

We have considered the results of the survey and identified some areas of focus that have fed into our corporate plan priorities for 2025-26. These included further developing the leadership and line management capability of our people, a renewed focus on engaging people through change, and further developing the breadth of experience of our people by providing more opportunities to work across client teams.

Individual teams have also developed plans to take forward actions in response to their team specific survey results.

Reduce the average working days lost (AWDL) through sickness

We have seen an increase in the number of AWDL through sickness. We operate robust procedures for managing absence and we support our people through periods of long term or serious illness with compassion and empathy. We continue to monitor absence rates closely and manage accordingly.

The level of staff attrition

Our staff attrition has shown a slight decrease from the previous financial year.

Managing our performance: our quality

Our quality measures

Measure

Results of semi-structured interviews with clients

Target 2024-25

80% of respondents awarded a score of 8 or more (out of 10) on their overall experience of working with GIAA.

Performance 2023-24

70.0%

Performance 2024-25

76.7% (Target not met)

Measure

Results of client satisfaction questionnaires (CSQs)

Target 2024-25

80% of respondents awarded a score of 8 or more (out of 10)

Performance 2023-24

79.7%

Performance 2024-25

81.0% (Target marginally met)

Semi-structured interviews with senior client stakeholders

We periodically conduct stakeholder interviews to capture clients’ experiences of our services. These follow a semi-structured format that help us to identify areas for improvement.

We conducted 30 such interviews in 2024-25. When asked to score their overall experience of working with us, 76.7% of interviewees scored this as 8 or more (out of 10).

In addition, 90% of interviewees positively rated the impact that we had on their business and all interviewees were positive about how well we responded and engaged.

Net promoter score

A Net Promoter Score (NPS) is a metric used to measure client satisfaction and enthusiasm. It is calculated by asking clients to score us and our products on a scale from 0 (low) to 10 (high).

For 2024-25, our NPS was 8.2, and increased slightly from the previous year when our NPS 2023-24 of 7.9 out of 10. A NPS is the likelihood that a client would recommend our services to others. The graph below shows the variation in our NPS over the last four years.

Graph 2: GIAA’s net promoter score over time

A NPS is calculated across the categories that were assessed in our semi-structured interviews.

Engage, respond and consult: 29 responses averaging a score of 8.3
To what extent do our people demonstrate an effective understanding of your department/organisation and risks: 29 responses averaging a score of 8.1
Did our outputs and/or recommendations identify opportunities to the control environment and make a difference to you: 29 responses averaging a score of 7.6
Overall experience working with GIAA: 30 responses, averaging a score of 8.2

Graph 3: Average score by semi-structured interview category

Internal audit client satisfaction questionnaires (CSQs)

Individual questionnaire surveys are undertaken to gather feedback from clients. Once an engagement is complete, relevant client contacts are asked to complete a CSQ. This is a short online questionnaire that asks the clients to rate how satisfied they were with our delivery of the engagement (on a scale from 0 = poor to 10 = excellent) under five performance categories: planning, engagement procedures, reporting, outcomes and recommendations, and professionalism and an overall rating of their satisfaction.

In 2024-25, we received 1,004 completed questionnaires, down from 1,034 in 2023-24, with 81.0% of clients declaring themselves satisfied with scores of 8 or better out of 10, a slight improvement on 2023-24 with 79.7% of clients declaring themselves satisfied. The return rate for CSQs was 45% in 2024-25, down from 50% in 2023-24.

Counter fraud and investigation client satisfaction questionnaires (CSQs)

Our counter fraud and investigation (CF&I) service collaborates closely with our internal audit colleagues, providing services for our clients to enhance their counter fraud response and ensure responsible stewardship of public funds.

For 2024-25, our counter fraud and investigation team issued 219 CSQs and received a return rate of 43.8%.

These CSQs demonstrated we met our key performance indicator (KPI) of scoring ‘8/10 or higher with overall levels of satisfaction with our CF&I services’.

In total 88.5% of CSQ responses received met this KPI, and the overall average score achieved for this KPI was 9.11/10.

Cross-government insights

We have revised and expanded the number of cross-government insights we provide for our clients. This year we presented six cross-government reports, nine opinion pieces and eight government insights reports to our clients, with subjects including Supplier Resilience, Efficiencies and Maintaining efficient control and assurance. For 2023-24, three thematic reviews were produced. Whilst we have increased the number of products and developed new formats to support our clients’ needs, we recognise we still have more to do. Anecdotal feedback from senior client stakeholders affirms our commitment to developing and providing more innovative and proactive cross-government insight.

Case study: Maximising sponsorship effectiveness: a comprehensive review of government-ALB relationships

One of our 2024-25 Insights Reviews was an evaluation of government departments’ implementation of the ‘Sponsorship Code of Good Practice for Arm’s Length Bodies (ALBs)’. The Code provides guidelines for departments to follow when working with ALBs (independent organisations sponsored by ministerial departments and in receipt of government funding).

Our review was able to provide assurance that most government departments were adopting one of the sponsorship models set out in the Code and that departments were largely positive about their sponsorship relationships with ALBs. However, we also identified several areas for improvement, such as providing clarity on individual sponsorship roles and responsibilities, with departments maintaining good levels of communication with their ALBs and ensuring sufficient departmental-level oversight of the full ALB population.

To address these issues, our review recommended that departments use the Sponsorship Code routinely to assess their sponsorship arrangements and that they establish proportionate sponsorship arrangements. We also recommended that departments implement appropriate departmental level oversight that ensures senior management visibility of performance and risk across the ALB population.

The review evaluated departments’ adoption of the Sponsorship Code against four risks:

a lack of understanding of ALB roles and responsibilities
failure to establish a proportionate approach to assurance
failure to share skills and experience
lack of mutual investment in relationships

Based on these risks, the review supported departments to identify an assurance rating across these four risks, as well as an overall opinion of the effectiveness of their implementation of the Sponsorship Code.

Overall, our review identified a total of 53 recommendations across departments. It highlighted the need for Cabinet Office oversight along with the appropriate departmental-level oversight to ensure that sponsorship arrangements were effective and in line with the Sponsorship Code. It also noted the importance of providing adequate support to departmental sponsor teams, particularly in areas such as finance, HR and commercial.

By implementing the Insights review’s recommendations, departments could improve their sponsorship arrangements and deliver better outcomes for the UK government. This would ensure that ALBs play their intended role in providing independent advice and delivering services on behalf of the government.

Case study: Building effective assurance mapping

This case study illustrates how our Insights team were able to apply their cross-government knowledge and internal audit expertise to support a UK government organisation implement effective assurance mapping.

Assurance mapping is a structured approach to help an organisation identify, assess, and document the sources of assurance they put in place to manage the significant risks to their, operational processes, or objectives. This consolidated view gives an organisation oversight that risks are being managed effectively, there are no gaps, and that assurance activity is proportionate. Assurance mapping by government organisations supports better use of public funds.

The challenge

Our client was developing an assurance framework to:

provide visibility of statute, regulation and the government directives for each business area
support business areas to map sources of assurance against their key business processes
identify gaps or areas of weakness in their assurance framework

Our solution

Our Insights team drew on their knowledge working across government organisations to guide our client through the assurance mapping process. Working as a business partner, the team provided real time expert advice, with independent scrutiny and challenge as the team developed a practical assurance map that captured essential data. This information was transformed into an innovative dashboard, enabling senior leaders to review assurance efficiently and effectively so risk and controls could be challenged and explored with confidence.

Benefits achieved

This assurance mapping process delivered four significant benefits:

improved reporting for accounting officers
enhanced risk management and coordination of assurance providers
more efficient allocation of resources
greater confidence in service delivery effectiveness

The assurance map and innovative approach developed with our role as a ‘critical friend’ supporting our client, has received some excellent feedback from key stakeholders in government.

Head of the Risk Profession for the UK government, Clive Martin, commented,

The approach stands out for its technical coherence, integration of different elements such as the Risk Control Framework and the smart way in which you have liaised with the business. It’s among the best I have seen in the public sector.

Managing our performance: our financial position

Our financial measures

Measure

Total spend on third-party contractors

Target 2024-25

Achieve a year-on-year reduction in our use of third party contractors

Performance 2023-24

6% reduction in spend compared to prior year

Performance 2024-25

35% reduction in spend compared to prior year (Exceeded target)

Measure

Expenditure and forecast against budget

Target 2024-25

Year-end position to be within 1% of mid-year forecast

Performance 2023-24

2% underspend at year end compared to mid-year forecast

Performance 2024-25

4% underspend at year end compared to mid-year forecast (Target not met)

GIAA is primarily funded through the fees we charge our clients for internal audit, counter fraud and investigation and assurance services. We agree the level of services required for each of our clients, setting out the full detail of our services in a Memoranda of Understanding and confirming an appropriate fee.

In 2024-25, we also received £2.1m of funding from HM Treasury, for legacy pension funding and a contribution to funding the Internal Audit Government Profession. HM Treasury funding has reduced materially from 2023-24 (£6.1m) when the Agency received the final HM Treasury funding that enabled the Agency to ‘form and mature’. The previous years’ funding also included monies for specific deliverables as part of our 2021 Spending Review settlement (SR21). We had always anticipated this decrease in funding and put in place a robust plan to ensure our long-term financial sustainability.

We are held to account by HM Treasury on our year-end position being within 1% tolerance against our mid-year forecast. Our year-end financial position for 2024-25 was a surplus of £1.3m versus the £0.5m deficit we were forecasting at the mid-year point. This surplus and movement is a consequence of:

staffing forecast changes linked to supply and demand
underspend on shared services including IT charges from HM Treasury

For 2024-25, we made significant changes to our ways of working, including putting in place measures to improve the consistency of our workforce productivity across the year rather than face a spike in demand for quarters three and four, and to progress our work using AI and technology to support more efficient and effective ways of working. This has enabled us to achieve a 35% reduction in total spend on third party contractors.

Further information about our operating costs and expenditure is provided in the Parliamentary Accountability and Audit Report (from page 81) and in the Financial Statements.

Key issues and risks

As with all organisations, we face risks in the delivery of our strategy and core functions. We actively manage our principal risks to make best use of public money, maximise our performance and achieve our objectives.

Outlined below are our principal risks, some examples of the actions we took to address those risks in 2024-25, and the assessment of the risk on 31 March 2025. These principal risks speak to an overriding primary risk that we fail to demonstrate the added value that we bring to government as a provider of internal audit and counter fraud services. The Board has committed to maintaining these principal risks into the next financial year as they continue to speak to our primary areas of concern and focus.

Principal risk

Embedding change. Key objective - ensuring we successfully transform the way we operate to deliver efficient services that offer value for money.

Activities to manage the risk

Creation of a specialist organisational change team to support a range of continuous improvement and change programmes. This provides a structured approach with additional focus on stakeholder engagement.

Trend

Stable trend. We recognise where we are in the change curve and have a number of changes nearing completion which will boost morale and confidence in the strategic direction.

Principal risk

Audit delivery, quality and impact. Key objective - delivering timely and high-quality services to our clients through continuous improvement.

Activities to manage the risk

Preparation for the External Quality Assessment (EQA) with a focus on compliance with our methodology. The audit delivery programme was brought forward to ensure our clients received assurances throughout the year. Our programme of cross-government insights was extended to a broader range of topics and a different product offer.

Trend

Stable trend. The EQA readiness review confirmed that our methodology was compliant with the new Global Internal Audit Standards but recognised more work was required to ensure the methodology is consistently followed. A robust workplan is in place to drive consistency and quality of our work.

Principal risk

Managing our financial position. Key objective - securing our long-term financial position within a challenging fiscal environment.

Activities to manage the risk

Continued with our efficiencies programme with a focus on time savings in the audit planning process and the use of our audit management system. Continued the roll out of our resource management system to aid in the flexible deployment of our people to meet business needs.

Trend

Increasing trend. In our first year of being fully fee funded (with the exception of some legacy Supply Funding) we have remained cautious in our approach to financial management to ensure that we continue to operate within our financial envelope. Following the delivery of the 2024-25 budget, we anticipate that the likelihood of this risk will decrease in coming years.

Principal risk

Skilled people. Key objective - improving the capability of our people to meet our clients’ expectations and requirements.

Activities to manage the risk

Development of a 10-year strategic workforce plan to address our current and future resourcing needs, aligned to client demands. This has included development of a Heads of Internal Audit rotation process, review of SCS and delegated grades, and development of an internal audit competency framework.

Trend

Stable trend. A number of critical initiatives will be taken forward in the next year to support the strategic workforce plan such as line management and leadership development and a refreshed learning and development offer. The progress made this year has been the foundation for the next stage of these initiatives.

Principal risk

Information governance. Key objective - securely managing the data and information we hold in line with legal and regulatory requirements.

Activities to manage the risk

Close working with the Government Security Centre who have provided expert advice throughout the year.

Creation of the Information, Data and Records Management programme to address legacy issues with the storage of management of the information we hold.

Trend

Stable trend. There have been no significant incidents, however given the nature of our work and how we operate across organisational boundaries, we have a minimalist appetite for control issues in this area. We recognise the complexity of the work involved here and its overlaps with wider security requirements.

More information about how GIAA undertakes its risks management activity can be found in the Governance Statement.

Question 9

Additional performance information

Accepted Answer

Public Sector Equality Duty

In carrying out our functions, we are required by the Public Sector Equality Duty (PSED) to have due regard to and achieve the objectives set out in the Equality Act 2010 to:

eliminate discrimination, harassment, victimisation, and any other conduct that is prohibited by or under the Equality Act 2010
improve equality of opportunity between persons who share a relevant protected characteristic and persons who do not share it
foster good relations between persons who share a relevant protected characteristic and persons who do not share it

Our Equality Report on progress made towards delivering our equality objectives in 2023-24 is available on our website (gov.uk/government/collections/public-sector-equality-duty reports). Our report for 2024-25 will be published in 2026. The report provides aggregated information relating to our employees, and a benchmark that enables us to measure progress and identify priority areas for further research and action.

We have made a number of improvements across GIAA to raise peoples’ awareness and understanding of their role in ensuring compliance with PSED including updating our intranet page with refreshed information, improving the usability of our equality impact assessment form and introducing a route to monitor and record PSED compliance.

Human rights

We are keen to ensure we are inclusive and accessible in all we do. We are committed to upholding the key human rights that intersect with employment relationships through workplace policies and practices. These are developed in collaboration with our workforce and official consultation channels to maintain the principles of dignity, fairness, respect and equality.

Our recruitment and wider employment policies are fully compliant with the Human Rights Act and the Equality Act 2010. We adhere to the Civil Service recruitment principles when attracting and recruiting staff, and we are a Disability Confident Employer. We continue this throughout our employee lifecycle, ensuring our policies and processes are inclusive and employees have the appropriate voice via multiple staff-led diversity networks and forums.

Anti-bribery and corruption

We are committed to upholding the highest standards of honesty and integrity in all our activities, and take the risk of fraud, bribery and corruption seriously, in line with our risk appetite. We have structures in place for the effective management of these threats.

Our people are required to complete mandatory training (provided by Civil Service Learning) on counter fraud, bribery and corruption. We have refreshed our strategy and policy for countering fraud, bribery and corruption in the past year and this is published on our intranet. These documents set out our expectations in terms of roles and responsibilities and what processes should be followed to report any concerns regarding fraud, bribery and corruption.

As internal auditors employed in the public sector, our colleagues conform to expectations outlined in the Ethics and Professionalism domain of the Global Internal Audit Standards when undertaking audit work. This states the principles and expectations governing behaviours and conducts and is underlined with the principles of integrity, objectivity, confidentiality and competency. Certified members of professional auditing bodies are required to annually complete ethics training to maintain their certificate to practice. Across our business, our people also belong to other professions e.g., counter fraud, finance, commercial, HR, all of which centre the importance of ethical behaviours.

Community and charity work

We recognise the benefits that community and charity work by our people can bring to the wider community and applaud our people for their individual and team efforts. Subject to operational requirements, we support our people who wish to undertake community or charity activities by providing five days per annum of paid special leave for volunteering activities.

Our people networks also provide a community and support for colleagues with a shared protected characteristic or common interest. These inclusive groups are run by volunteers for members and allies alike.

Question 10

Sustainability report

Accepted Answer

The government has set out its long-term environmental and climate change ambitions, including the legal requirement to achieve net zero carbon emissions by 2050 (gov.uk/ government/publications/net-zero-strategy). Meeting climate change targets will need a significant transformation and we are committed to following best practice as a sustainable and responsible organisation, both in our capacity as an employer and as the primary provider of internal audit services to government.

In 2017, the Task Force on Climate-related Financial Disclosures (TCFD) published eleven recommendations for how organisations should disclose on their approach to climate change. The recommendations were structured around four thematic areas that represent core elements of how organisations operate: governance, strategy, risk management and metrics and targets.

This report brings together available information regarding sustainability against the headline targets set for government entities. It has been prepared in accordance with HM Treasury’s TCFD-aligned disclosure application guidance, which interprets and adapts the framework for the UK public sector. We have complied with the TCFD recommendations and disclosures for governance and risk management. We have however been unable to meet the recommended disclosures for metrics and targets due to the unreliability of the data provided by premises landlords. We intend to make disclosures for strategy in future reporting periods in line with the central government implementation timetable.

Our approach

Governance

The Board has ultimate responsibility for the consideration of, and response to, climate change and other environmental issues. We set out a commitment to develop our offices within the GIAA Strategy 2023-26, such that they would be ‘modern, smart and green’. The structure of our estate and the development of our estate’s strategy were key features of our annual business plans, with updates on activity reported to the Board at regular intervals.

The Audit and Risk Assurance Committee (ARAC) has a delegated responsibility from the Board for reviewing the management of risks. Throughout 2024-25, ARAC has continued to receive updates on the issues and opportunities from climate change, and through their role, have provided assurance to the Accounting Officer and the Board on the robustness of the approach.

The executive team is responsible for managing climate-related risks and opportunities on a day-to-day basis. The Business Committee, a sub-committee of the Executive Committee, holds responsibility for assessing our organisational progress on sustainability and throughout the year has received reports on arising climate-related issues and initiatives.

A focus this year has been on embedding sustainability considerations in our decision making. This has included additional sustainability questions in relevant tenders where appropriate and updating the template for committee papers to require the impact on the environment to be considered in any new proposals. Further information on our governance arrangements is set out in the Governance Statement.

Risk management

Managing risk is integral to the successful operation of our business. We operate an integrated risk management framework that is a core component of our governance and leadership. Consideration of climate related issues and opportunities within our risk management framework ensures that potential climate impacts are considered in our strategic planning and decision-making processes.

Identification, assessment and management: We held risk identification workshops to build a whole organisation view of the issues and opportunities from climate change. This considered physical risks, such as extreme weather events, as well as transition risks, such as policy changes. The results of this were discussed with the ARAC which helped develop our primary risks areas. The likelihood and impact of the risks materialising were assessed using the established risk scoring matrix. The identified risks are now incorporated into the newly developed corporate risk register, such that they are considered alongside other cross-organisational risks allowing us to prioritise and address these risks in conjunction with other business risks.

Risk mitigation strategies: We recognise the potential negative impact of climate change on our operations and are developing mitigation strategies to ensure we can minimise disruptions from climate events. A primary focus is also the impact that we can have on other government entities through our role as the primary provider of audit services to central government. Expert briefings have been provided to auditors and work is underway to develop an assurance offer to clients on carbon reporting and climate risk management assurance.

Further information on our risk management is set out in the Governance Statement.

Metrics and targets

There are three types of emissions included in the scope of public sector emissions reporting:

Scope 1: emissions from fuel burnt in boilers or engines owned or controlled by the organisation
Scope 2: emissions from electricity or heating purchased from suppliers
Scope 3: other indirect emissions, such as emissions arising from business travel

As we occupy shared buildings and do not have any fleet vehicles, we have no scope 1 emissions to report. We are a minority tenant in the shared buildings and have no direct control over our water, energy and land use or our waste management.

We therefore do not collect this data or measure/report on our performance for scope 2 emissions. The key metrics we use to measure and manage our climate-related risks and opportunities therefore relates to our scope 3 emissions, i.e. from our business travel and use of consumables.

To review our progress in this area, we consider our performance over three financial years. We recognise that our performance during this period may not be representative of usual business, due to the impact of the Covid-19 pandemic. We are working to establish a more accurate baseline position to compare our performance against.

Greenhouse gas emissions

Table 4: Scope 3: business travel

	2022-23	2023-24	2024-25
Domestic travel (tonnes CO²e)
Air	4.81	5.79	3.71
Rail/ underground/ tram	45.43	46.36	50.57
Car (personal vehicle)	10.46	9.60	7.54
Hire car	8.02	8.34	5.69
TOTAL domestic travel	68.72	70.09	67.51
International travel (tonnes CO²e)
Air	1.54	2.31	1.80
Rail/ underground/ tram	0.02	-	-
TOTAL international travel	1.56	2.31	1.80
TOTAL business travel	70.28	72.40	69.31
CO2e tonnes per FTE	0.15	0.15	0.15
Expenditure on official business travel (£000s)	543	711	637
Expenditure (£000s) per FTE	1.19	1.50	1.35
Distance travelled – domestic flights (km)	35,691	22,336	12,541
Distance travelled – international flights (km)	15,794	14,458	9,836

There has been no material change to our overall greenhouse gas emissions or our emissions from domestic business travel. Therefore, we are not on track to meet the headline or applicable sub target for the headline commitment ‘Mitigating climate change: working towards Net Zero by 2050’ from the Greening Government Commitments.

Our scope 3 emissions for business travel are predominately driven by domestic rail travel. Domestic air travel is primarily for our colleagues travelling to or from our office in Glasgow. International air travel conducted by our colleagues is limited. Of our international flights in 2023-24 and 2024-25, all were short-haul and economy. In 2022-23, 30% (4,682km) were short-haul, 70% (11,112km) was long-haul and all were economy.

We introduced this year a sustainable travel hierarchy, encouraging colleagues to consider public transport first and to choose more sustainable options for business travel. The revised travel policy also introduced tighter controls on the booking for air travel.

We do not own any vehicles. All vehicles are hired from a supplier via a Crown Commercial Services framework contract. In 2024-25, we hired 81 vehicles. Of these, 2.5% were Ultra-Low Emission vehicles. No Zero Emission vehicles were hired. We are seeking to increase this proportion through our travel policies and practices.

Minimising waste and promoting resource efficiency

Waste

Table 5: Total ICT waste recycled, reused and recovered (externally)

	2022-23	2023-24	2024-25
Total waste (tonnes)	1.47	2.21	6.55

Our IT and digital services are provided by HM Treasury. The network is cloud based, with no on-premises data centres. Our ICT facilitates hybrid and remote working via the use of external networks and mobile tethering. The equipment, which is provided by HM Treasury has accredited green credentials.

ICT waste is re-used or recycled responsibly in line with regulations. HM Treasury uses an IT Lifecycle Management contract, which meets a number of external environmental accreditations. The increase in ICT waste in 2024-25 relates to a programme of technology refresh to support newer versions of the operating system and due to site closures. All ICT waste generated is either reused, recycled or recovered, and none of the ICT waste has been disposed.

We avoid single-use plastic in our offices, encouraging our people to bring in their own glasses and cups instead. Within our London office we have reused furniture from another government department.

Paper consumption

There has been little change in the reams of A4 paper purchased – 51 reams in 2024-25, compared to 52 in 2023-24. We have reduced the number of printers in our 10 Victoria Street office and have found that our people have become more accustomed to using electronic versions of documents that they would have printed previously.

Sustainable procurement

We predominantly procure goods and services through dedicated Crown Commercial Service frameworks, which include standardised contract terms that are aligned with the Greening Government Commitments. Whilst there are no standard contract terms or schedules specifically relating to sustainability, we are required to include a social value question in a tender pack which carries at least 10% of the total awarded mark during any procurement exercise.

One example of a social value theme that has been used is ‘fighting climate change’ which requires the bidder to demonstrate effective stewardship of the environment. This involves an understanding of additional environmental benefits in the performance of the contract, including working towards net zero greenhouse gas emissions and detailing any actions taken to reduce environmental impact whilst carrying out the contract.

We have also included sustainability considerations into our business case templates where approval to spend is required. Colleagues are encouraged to consider the impact on the environment of their proposal and to outline what options they have considered to minimise the impact.

Ongoing focus

We recognise that as sub tenants in the office space we occupy, we are limited in what is achievable and practical for us to influence in terms of energy use or waste management. We are therefore committed to addressing the environmental impacts where we have greater control over our actions.

Our estates, security, sustainability and health, safety and wellbeing strategy (2025-30) has a strategic pillar focused on ‘a greener estate that embraces technology’. Our delivery plan aims to focus on regional centres in well-located modern offices that embrace technology, that will in turn reduce unnecessary travel and improve our carbon footprint.

Our priorities going forward include:

continuing to develop our capabilities to deliver impactful services to our clients on sustainability and environmental issues
working closely with our landlords and the Government Property Agency as part of the development of our new estates strategy to deliver on their social and sustainability commitments
continuing to embed sustainability further into our decision-making processes, ensuring we consider the impact of our spending decisions
rolling out our new sustainable travel hierarchy to support our people to consider the environmental impact when arranging business travel and encouraging green commuting
continuing to work with GREEN, our staff-led network, to become a more sustainable workplace

Harriet Aldridge,

Chief Executive and Accounting Officer,

14 July 2025

Question 11

Corporate governance report

Accepted Answer

This section explains the composition and organisation of the governance structures at GIAA, and how these arrangements support the achievement of our objectives and our compliance with corporate governance norms and codes.

Directors’ report

Introduction

GIAA is led by Harriet Aldridge, the Chief Executive and Accounting Officer. The Chief Executive is responsible for the leadership and management of GIAA and is accountable to the HM Treasury Permanent Secretary and Principal Accounting Officer.

The Chief Executive is supported by an advisory Board, chaired by a Non-Executive Chair and attended by both Non-Executive and Executive members.

NOTE: Biographies of all Board members are available on Government Internal Audit Agency - GOV.UK

Register of interests

GIAA maintains a register of interests for Board members which is published on our website (gov.uk/government/publications/giaa-board-members-register-of-declaredinterests-202425). No directorships or other significant interests, which may have caused a conflict with their Board responsibilities, were held by any Board members.

There was one personal data related incident which required onward reporting to the Information Commissioner’s Office (ICO). The ICO were satisfied with the remedial actions taken and closed the case without any further investigation.

Auditors

Our financial statements are audited by the Comptroller and Auditor General, with a notional audit fee of £129k (2023-24: £125k). There are no other services provided by the National Audit Office (NAO) and no auditor remuneration for non-audit work.

Question 12

Statement of Accounting Officer’s responsibilities

Accepted Answer

Under section 7(2) of the Government Resources and Accounts Act 2000, HM Treasury has directed us to prepare for each financial year, a statement of accounts in the form and on the basis set out in the Accounts Direction.

The accounts are prepared on an accruals basis and must give a true and fair view of the state of affairs of the GIAA, and of its income and expenditure, Statement of Financial Position, and cash flows for the financial year.

In preparing the accounts, the Accounting Officer is required to comply with the requirements of the Government Financial Reporting Manual and in particular to:

observe the Accounts Direction issued by HM Treasury, including the relevant accounting and disclosure requirements, and apply suitable accounting policies on a consistent basis
make judgements and estimates on a reasonable basis
state whether applicable accounting standards as set out in the Government Financial Reporting Manual have been followed, and disclose and explain any material departures in the Financial Statements
prepare the Financial Statements on a going concern basis
confirm that the annual report and accounts as a whole is fair, balanced and understandable, and take personal responsibility for the annual report and accounts and the judgments required for determining that it is fair, balanced and understandable.

The Principal Accounting Officer for HM Treasury has designated the GIAA’s Chief Executive as the GIAA’s Accounting Officer. The responsibilities of an Accounting Officer, including responsibility for the propriety and regularity of the public finances for which the Accounting Officer is answerable, for keeping proper records and for safeguarding our assets, are set out in Managing Public Money published by the HM Treasury.

As the Accounting Officer, I have taken all the steps that I ought to have taken to make myself aware of any relevant audit information and to establish that GIAA’s auditors are aware of that information. So far as I am aware, there is no relevant audit information of which the auditors are unaware.

Question 13

Governance statement

Accepted Answer

As the Accounting Officer for GIAA, I acknowledge my responsibilities for ensuring that there is a sound system of governance, risk management and internal control that supports our aims and objectives and operates in accordance with the responsibilities laid out by HM Treasury in Managing Public Money.

This governance statement explains how I have discharged these responsibilities during the year. It describes the main features of our governance, risk management and control arrangements, and how I have gained assurance on the effectiveness of our arrangements in 2024-25.

The Risk Control Framework was introduced in 2023 to support accounting officers on the internal control requirements contained in a range of government codes and standards. We have structured our governance statement through the four pillars of the Risk Control Framework, so that we can comment on the comprehensiveness of the control related activity in these areas, and how this forms to create our overall control environment.

The Risk Control Framework is underpinned by effective operation of the three lines model. The governance statement explains how we have utilised our enterprise risk management approach and assurance map to consider the comprehensiveness of our governance, risk and internal control environment.

Governance and management framework

In this section, we outline how our governance framework complies with the expected standards of conduct and requirements of efficiency and transparency in delivery. Governance within GIAA. The top-level governance structure for GIAA as of 31 March 2025 is depicted below.

GIAA Board

The Board provides advice, scrutiny and challenge to the Chief Executive and executive team. The Board also supports the Accounting Officer in discharging her obligations as set out in the HM Treasury’s Managing Public Money publication.

The Board draws on the experience of its members to provide advice, support, and challenge on GIAA’s strategy, performance, and risk management, including progress with its objectives and priorities.

The Board Operating Framework, which includes the terms of reference for our Board governance bodies can be read atGIAA Board Operating Framework - GOV.UK.

During 2024-25 the Board met formally six times, with additional away day gatherings, and considered a range of issues, including:

Client relationships and impact: including discussions on the importance of client engagement, stakeholder management and findings from the cross-government insights work, with the mindset of achieving ‘Better Insights, Better Outcomes’. The Board met with client representatives and heard from them the value they receive from GIAA’s services
Strategy implementation: the Board has discussed progress against our three year strategy to 2026, formation of the next strategy and reviewed the progress with delivering the 2024-25 Corporate Plan People: our people are vital to the delivery of our services, and throughout the year the Board has discussed the implications of change on our people and how best to ensure they are supported and encouraged to thrive, develop and deliver
Current performance: received the latest position on organisational performance, finance, and risk management, and discussed and endorsed any remedial actions
Enablers: in 2024-25 discussions were held on proposals to address the future operating model for GIAA and the initiatives to deliver efficiency and productivity
External Quality Assessment (EQA): the Board received regular updates on assurance processes that confirm our products were of a sufficient quality and preparations for the EQA, due to be held in 2025-26
Risk management: including refreshed principal risks and considering the acceptable level of risk appetite for GIAA
Future of internal audit: including updates on preparing to implement the new global internal audit standards and the evolution of internal audit in government

To support Non-Executive members in their roles, additional sessions were held between meetings to provide them with further background detail in advance of Board meetings. Monthly written updates were also provided on salient matters to keep them appraised of relevant business.

The Board has two committees which hold delegated responsibility from the Board.

Audit and Risk Assurance Committee (ARAC)

The ARAC assures the Accounting Officer and the Board on governance, risk management and internal controls. The Committee also provides assurance on the integrity of the financial statements and the Annual Report and Accounts.

In 2024-25 the ARAC was chaired by Clare Minchington, with the other members being Ady Dike (Non-Executive Director) and Angela van der Lem (Non-Executive Committee Member). Following Angela’s departure in September 2024, Ed Clift joined the ARAC as a member from December 2024, following an expression of interest campaign open to senior civil servants from the Government Finance Function. The Non-Executive member position is for the ARAC only, and the member is not a director of the Board.

The Chief Executive, Chief Operating Officer, Head of Internal Audit, Head of Governance, Head of Finance and Commercial and representatives from our HM Treasury Sponsor Division and the National Audit Office also attend each meeting. Other executive directors and managers attended as required by the Committee.

The Committee met four times during 2024-25 during which the key areas of discussion were:

internal and external audit plans and progress against those plans, including progress made in implementing audit recommendations
the management of risks to GIAA, with deep dives held into particular risk topics
assurance arrangements, including the assurance map and how this was informed by the results and findings from assurance activities
regular reporting on the effectiveness of key controls as well as incidents of fraud, security breaches and whistleblowing incidents
scrutiny and review of the annual report and accounts and draft governance statement

Remuneration Committee (RemCo)

The Remuneration Committee (RemCo) supports the Accounting Officer and the Board in the discharge of their responsibilities in relation to the performance management and remuneration of Directors, and the succession planning for senior leadership positions.

In 2024-25, the RemCo was chaired by Jonathan Chapman, with the other members being Isobel Everett and Clare Minchington (Non-Executive Directors). The Chief Executive, Chief Operating Officer and Deputy Director People & Culture also attended each meeting. An independent human resources representative joined the RemCo for the year-end discussions on performance and talent, to ensure consistency with the wider Civil Service HR best practice.

The Committee met three times in 2024-25 and over the course of the year considered the following issues and provided advice to the Accounting Officer:

performance and talent assessments for senior civil servants at Pay Band 2 and 3, including nominations for in-year bonuses
proposed changes to the structure of the executive and leadership team
succession planning and development of senior talent

Attendance by directors at governance meetings

Table 6: Directors’ and Members attendance at Governance meetings in 2024-25

	Board	ARAC	RemCo
Non-executive
Jonathan Chapman	6/6		3/3
Ady Dike	5/6	4/4
Isobel Everett	6/6		3/3
Clare Minchington	6/6	4/4	3/3
Andrew Cartner	5/6
Angela van der Lem¹		2/2
Ed Clift²		1/1
Executive
Harriet Aldridge	6/6	4/4	3/3
Alison Hamer³	6/6	4/4	3/3
Aneil Jhumat⁴	2/6
Iain McGregor	6/6

Angela van der Lem’s term as the ARAC Non-Executive member ended in September 2024
Ed Clift’s term of office as the ARAC Non-Executive member commenced from December 2024
Alison Hamer attends RemCo as an attendee to provide independent and objective advice and does not attend the whole, or parts of the meeting where her own performance or that of her immediate peers is discussed.
Due to a period of ill health, Aneil Jhumat was absent for part of the financial year

Executive governance

The Executive Committee (ExCo) is the top-level decision-making governance body within GIAA. Chaired by the Chief Executive, it has executive responsibility for our overall operational, corporate and financial management, agrees and implements new strategy and policy, and has oversight of operational delivery including the management of risks.

ExCo is supported by three sub-committees: Quality Committee, People Committee, and Business Committee, which are chaired by members of ExCo. The Quality Committee was paused in order to place focus on our preparations for the External Quality Assessment (EQA) through the establishment of an EQA working group. Broader quality matters outside the direct EQA preparations were routinely considered by ExCo whilst the Quality Committee was paused. The sub-committees support the work of the ExCo by overseeing specific responsibilities of business and provides assurance to ExCo.

Arm’s length body responsibilities

As an arm’s length body of HM Treasury, we have a Framework Document with our sponsor department (available on gov.uk/government/publications/government-internal-audit-agencyframework-agreement-2023), which sets out the basis of our operating partnership. The current Framework Document was agreed in 2023 and is next due for review in 2026. We continue to operate in accordance with the Framework Document and this year clarified our working arrangements with HM Treasury.

Changes within the reporting period

During 2024-25 the following substantive changes were made to the governance structure:

the Board Operating Framework was updated to include requirements of Board members regarding lobbying and speaking in a private capacity and the appointment arrangements for the ARAC Non-Executive member
the Audit and Risk Assurance Committee terms of reference were revised to clarify its responsibilities for the quality of internal audit services and its role in scrutinising the declarations for outside interests made by senior civil servants

Governance and management effectiveness

The effectiveness of our assurance arrangements in this area has been demonstrated throughout the year through the following initiatives:

an internal assessment of the effectiveness of the Board, completed by members and attendees, with the findings reported to and discussed by the Board. This assessment considered the progress the Board had made following the externally facilitated Board Effectiveness Review conducted in 2023-24
an internal assessment of the effectiveness of the ARAC, following the model from the HM Treasury ARAC Handbook. The findings were reported to and discussed by the ARAC
annual reports presented to the Board and Accounting Officer from the two Board subcommittees which confirmed the effective discharge of their responsibilities in 2024-25
annual performance reviews for Non-Executive members, themes of which feed into our Board member development plans and our succession planning
invited and received comments and feedback from members and attendees at the end of each meeting to collectively review the meeting’s effectiveness
a self-assessment of our compliance with the HM Corporate Governance in Central Government Departments: Code of Practice
a self-assessment of our compliance with the requirements outlined in our Framework document with our sponsor.

The Board effectiveness review concluded that the Board continues to operate effectively, with recommendations discussed at the March 2025 meeting. The Board committed to maintaining and sustaining the behaviours and good practice from the past 12 months that indicated an improvement since last year. These included maintaining tight controls on topics for Board consideration; to continue to use appropriate opportunities to bring external expertise or client perspective into discussions; and to continue to enable constructive exchange of different perspectives.

The ARAC effectiveness review concluded that the Committee had continued to operate effectively. The review identified clear areas of strength in relation to membership, induction and training, administration, role and remit, and the role of the Chair. In response to specific areas of development identified, ARAC committed to implement an annual session to evaluate the performance of internal and external audit.

The Corporate Governance in Central Government Departments: Code of Practice applies primarily to ministerial departments. Our governance departs slightly from the model envisaged in this Code in that given the small size of the organisation, we feel it adds a useful element of independence and objectivity for the Remuneration Committee to confirm the levels of awards and talent and performance markings that the Chief Executive proposes for SCS Pay Band 2 (i.e. Directors) and to consider the level of award and talent and performance marking for the Chief Executive. This departure aside, we consider that we are compliant with the key principles established in the Code.

Roles and accountabilities

In this section, we outline how our roles and accountabilities are defined and assigned to people with appropriate seniority, skills and experience.

Responsibilities and authorities

We use the annual objective setting process to cascade clear priorities, roles and responsibilities to people at all grades. The Coach and Focus system supports quarterly progress reviews against these objectives and an opportunity to discuss our people’s skill levels and development needs. We have a comprehensive training package available to our people making use of Civil Service materials as well as professional and role relevant training. Over the past year, we have enhanced our corporate induction programme to ensure new starters are set up to succeed.

Our people are clear on their level of authority and responsibility through a process of delegations. The Corporate Governance Manual outlines the process for delegation and the Finance Manual specifies the financial delegation framework. Annual delegation letters are issued to senior leaders, who reply to confirm their acceptance of the terms.

The annual management assurance exercise provides assurance to the Chief Executive that Directors are adhering to their delegated responsibilities. Throughout the year, the Chief Executive holds monthly directorate review meetings where she meets with executive directors to review performance and to delve into specific topics. This provides in-time assurance on the director’s execution of their delegated responsibilities.

Managing outside interests and business appointments. We have a clear policy and process in place for managing and reviewing outside interests in accordance with the requirements under the Civil Service Management Code (section 4.3). All employees are required to complete a declaration regarding any potential conflicts when they commence employment and then to review their declaration at a minimum annually. Any interests that give rise to a perceived, potential or actual conflict are reviewed by a senior leader to ensure that actions have been put into place to mitigate or remove any potential conflicts.

In line with the Civil Service expectations for the declaration and management of outside interests, our ARAC has considered the declarations of our senior civil servants and provided assurance on the management of interests’ process in GIAA.

No Senior Civil Servant (SCS) employed by GIAA has declared any paid or otherwise remunerated secondary employment that falls under the Civil Service declaration and management of outside interests. Details of the secondary employment of our senior civil servants is published on our website Government Internal Audit Agency: senior civil servants’ secondary employment - GOV.UK.

We also have a clear policy in place that adheres to the Cabinet Office guidelines in respect of the business appointment rules for civil servants who leave the Crown Service. We do not have any special advisers. Our leavers procedure requires confirmation from existing employees that business appointment rules have been considered.

In 2024-25 there were three exits from the Senior Civil Service and no business appointment rules (BAR) applications were submitted.

In compliance with BAR, we are transparent in the advice given to individual applications for senior staff. Advice regarding specific business appointments has been published on GOV.UK Business appointment rules - GOV.UK.

Strategy, planning and reporting

In this section, we outline how we ensure risks to strategy and business objectives are visible and mitigated effectively. We are currently refreshing our strategy to cover the period 2025 to 2029, outlining our ambitions to deliver better insights that support government to achieve better outcomes.

Risk management

Risk management is an integral part of our internal control framework as it assists us in identifying, monitoring and acting on the risks to achieving our long-term strategic aims, ensuring that we balance risk and innovation.

Our risk management policy ensures consistency in our approach and promotes a culture of ownership of risks. By adopting an enterprise risk management approach, our risk management practices are systematic, proactive and integrated. Our risk hierarchy includes principal risks (risks which could affect our ability to deliver on our purpose), corporate risks (cross-organisational risks which require executive action to mitigate) and operational risks (directorate or programme level). We demonstrate the connection between our principal risks, risk categories and corporate risks through a risk universe diagram.

We apply the ‘three lines’ model to our risk management practices, ensuring that there is effective management and oversight of our current and emerging risks, with active cascade of information to support decision making. This is reflected in our assurance map, where we consider the design and effectiveness of our assurances.

The Board has overall accountability for risk management, with responsibility for agreeing our principal risk profile and establishing the risk appetite for the Agency. Updates on our principal risks are provided to the Board on a bi-annual basis. The Board is supported by the ARAC in this responsibility.

Updates are provided to each ARAC meeting (i.e. quarterly) on the evolving risk profile, as well as on other relevant risk and assurance activities. ARAC provides scrutiny over the management of risks, to satisfy itself that risks are being identified, that mitigation strategies and appropriate levels of assurance are in place. The Committee holds regular deep dives to review and challenge the management of specific risk areas.

ExCo is responsible for maintaining sound risk management and internal control policies and systems, and for day-to-day management of risks in GIAA. ExCo reviews the risk profile on a quarterly basis to consider the level of residual risk that they are prepared to tolerate, discuss the mitigating actions, and collectively agree the approach to be taken to manage the risks.

Risk management is co-ordinated by the Governance team who lead on second line assurance for our risks, with a network of risk champions who collate risks at directorate level. Executive Directors provide assurance to the Accounting Officer on the management of risk in their directorates through the management assurance exercise. Functional leads own the corporate risks for their area of responsibility and provide assurance on the ongoing management of the controls and further mitigating actions. Principal risks are owned by ExCo; details of these risks can be found in the performance analysis section.

Risk is managed across our activities ensuring that risks to the delivery of our strategy are being managed within risk appetite. Risks are assessed according to a matrix of impact and likelihood, on a five-point scale, with established tolerance thresholds aligned to risk appetite categories to signify whether a risk is operating within its specified appetite level. Where it exceeds this, remedial action is taken, where possible and cost-effective, to reduce either likelihood or impact.

We have reviewed the requirements of the HM Government publication ‘The Orange Book’ five principles for the identification, evaluation, and control of risks and confirm that we comply with these expectations.

This system of risk management has been in place for the 2024-25 financial year, during which we have continued to improve and strengthen our risk management. Specific developments included:

introduction of an enterprise risk management framework
assessment of our risk maturity using risk management principles and categorisations from The Orange Book to assess the current maturity position and identify areas for improvement
revision of the Risk Management Policy to ensure a consistent approach to risk management across the organisation
introduction of a risk escalation process to ensure colleagues from across the organisation can bring to attention any emerging risks
introduction of a new section to committee paper templates to encourage authors to consider the risks and opportunities of their proposals, as well as how the proposal aligns with the risk appetite set by the Board
recruited additional expertise to increase our risk and assurance presence and support embedding of risk management culture and behaviours

Effectiveness of the risk management and governance framework

The Accounting Officer has responsibility for reviewing the effectiveness of the system of internal control in GIAA, which has been in place throughout this reporting period. Her review is informed by a range of available sources, including the work of internal audit and senior managers with functional responsibilities.

We have a framework of procedures and controls which cover financial and non-financial processes. This framework is regularly reviewed to ensure that it complies with all current requirements and is tested as part of the internal audit work programme.

The Accounting Officer holds responsibility for the stewardship of public funds, subject to limits delegated by the Principal Accounting Officer and outlined in the Framework Document. Pay and non-pay budgets are delegated to executive directors with financial delegations specified in the Finance Manual and confirmed to budget holders in their annual delegation letters. Financial performance is reviewed monthly by Directors and by ExCo.

ARAC is responsible for assessing the comprehensiveness of the assurances provided. They receive quarterly reports on the operation of the governance, risk management and the control environment, which helps inform their assurance to the Accounting Officer. The Board receives an update from the chair of the ARAC after each meeting to support the Board’s oversight of the standard of corporate governance and the management of risk.

ExCo reviews and monitors progress with strategic plans and management of risks on a regular basis. Reports are routinely provided to the Board on progress with delivering against priorities and the control in place to mitigate principal risks.

The assurance map provides a holistic review of the risk and control environment in GIAA. Its structure is informed by the Risk Control Framework and considers our risk profile, business processes and operations. We will continue to embed and mature this approach in 2025-26, supported by an integrated approach to second and third-line assurance arrangements to bring together all significant planned assurance activity to ensure our arrangements are effective, minimise gaps and avoid duplication.

Management assurance

A key aspect of our assurance arrangements is the management assurance exercise which is an annual attestation to assure the accounting officer on the effectiveness of controls across the core business areas. This comprises three elements:

director self-assessment against a set of standards that cover their responsibilities in running a directorate
self-assessment by functional leads on their compliance with government requirements
assessment of our compliance with the Government Functional Standards

Review sessions are held with the accounting officer to help identify where we need to target interventions to improve our internal control framework.

The thematic areas identified for improvement or for further embedding from this year’s exercise were:

the quality and timeliness of the assurances received from third parties
proportionality in our approach to risk management and assurance, and being pragmatic about what is within or outside of our control
clarification of the responsibilities between directorates and enabling services in specific areas

The results of this exercise are reported to the ARAC, inform the assessments within the assurance map and inform the conclusions reached in this governance statement. We will evolve this exercise further in 2025-26 to bring in further second line reviews to strengthen the assurance to the accounting officer.

Assurances from HM Treasury

We receive several services under a Memorandum of Understanding with Treasury Group Shared Services (TGSS). These cover aspects of human resource management, IT, financial operations, contract management and security services.

Appropriate assurances regarding the effectiveness of controls in these areas were received from HM Treasury, with no issues of concern raised.

Internal audit and annual Head of Internal Audit opinion

One of our main sources of independent assurance comes from the activities of the internal audit service provided by a team from within GIAA. Internal audit has an important role in the governance framework of GIAA through provision of assurance to management, the Accounting Officer and the ARAC, along with identifying practical recommendations to reduce risk exposure across GIAA. The internal audit function operated to Public Sector Internal Audit Standards, with a Head of Internal Audit appointed from within the Agency.

In 2024-25, the Head of Internal Audit provided a ‘moderate’ opinion on the framework of governance, risk management and control within GIAA. The culture of non-compliance was central to the opinion. Whilst it was noted that compliance with audit systems and methodology had improved, there was more action required in advance of the EQA and compliance with policies and procedures had been raised in several audits. It was acknowledged that the materiality of these issues was lower than the issues identified in the prior year.

Standards, policies and procedures

In this section, we outline how decisions are made and implemented in accordance with our strategy and governance framework and wider government policy and regulation.

Our governance and control framework is supported by appropriate policies, procedures and guidance for our people, which all colleagues are expected to comply with. The policies and procedures are subject to proportionate checks, supported by second and third-line assurance activity as appropriate.

Functional standards

Government departments and agencies are required to adhere to functional standards which benchmark corporate delivery in key thematic areas such as project delivery, security, HR, and finance. The standards provide a basis for assurance, risk management and capability improvement and support an improved and consistent way of working across government departments.

Of the fourteen current standards, eleven are applicable to us. Each functional lead has assessed their own functional area against the applicable standards during the year. We are complying with, or working towards compliance for, the functional standards applicable to our role and services. Functional standards are an essential part of our assurance framework, and we have detailed actions in place to address any identified gaps.

We will continue to engage with the functions as they evolve their standards and implement continuous improvement assessment frameworks.

Fraud, bribery and whistleblowing

We continue to build and strengthen our approach to countering fraud. This year we published an updated Counter Fraud, Bribery and Corruption three-year strategy, along with an annual plan that tracks our progress in delivering the strategic objectives. We regularly report to our sponsor department on our progress against the annual actions. We have also updated our Counter Fraud, Bribery and Corruption Policy and Fraud Response Plan and shared this with our people. To assess the effectiveness of these plans, we conducted a fraud awareness survey and led a series of sessions to raise awareness of reporting routes and possible internal fraud risks in GIAA.

We are compliant with the Government’s Functional Standard for Counter Fraud (GovS013). The ARAC receives quarterly reports on counter fraud matters, including fraud and error reporting.

The Business Committee is responsible for providing assurance on the controls and counter measures at GIAA, supported by the Deputy Director for Counter Fraud & Investigation, who is a member of this committee. The Chair is the Chief Operating Officer who is the accountable officer at Board level.

In 2024-25, there were no allegations of fraud received or investigated (2023-24: zero). We strengthened our approach to countering fraud in 2024-25 with sampling exercises focused on areas of high potential risk. Whilst these resulted in no fraud allegations or investigations, they helped identify where we could further enhance our controls. These sampling exercises will form a core part of our second line assurance arrangements in 2025-26.

It is important that all our people can raise concerns about the standards of service we provide or the behaviour of our people. Our Raising a Concern (including whistleblowing) Policy is available to our people on our intranet and sets out the steps to take to raise concerns about behaviours and practices at GIAA. The policy is supported by detailed guidance on the procedures to follow when raising these concerns.

As of 2024-25, no internal whistleblowing cases were reported (2023-24: zero). ARAC is informed of any cases of whistleblowing in GIAA and monitors our whistleblowing processes to ensure they are effective.

Health and safety

We are committed to protecting the safety and security of all our people. We follow and apply standards, advice and guidance from the Health and Safety Executive.

Details regarding accidents are routinely reported to our ARAC, along with lessons learnt from reports and details of the planned control improvements. Our Health & Safety Committee (reporting to the People Committee) is now well established and meets quarterly with a good cross-agency representation.

Considerable steps have been taken to improve health, safety and wellbeing across the Agency, including developments in assessments of risks and increasing awareness and education on management of these risks and personal responsibilities to keep our people safe, promoting a positive health and safety culture throughout the Agency.

We actively promote mental wellbeing and as such provided mental health awareness sessions to colleagues and line managers, alongside behaviours matter training focusing on culture. Our employee assistance programme has provided wellbeing information and counselling sessions as appropriate.

Information and data security

We take seriously our responsibilities for security and data protection and have a number of controls in place to ensure sensitive or personal information is appropriately protected.

Our Senior Information Risk Owner (SIRO) holds responsibility for ensuring that information risk is effectively managed across the organisation. They are a member of the executive team and a Board member. They work closely with the Data Protection Officer and the nominated Information Asset Owners to ensure data and information assets are managed in compliance with our legal, statutory and organisational requirements. The SIRO also chairs the Business Committee which meets quarterly and maintains oversight of data protection, information security and records management.

Information management and security measures continue to be reviewed and enhanced to improve the way we transmit, store, and manage information. We receive assurance on the effectiveness of these controls through the annual Cabinet Office Departmental Security Health Check, self-assessment against the Government Functional Standard GovS007: Security and the GovAssure scheme.

Correspondence

Ministerial directions

There have been no ministerial directions given in 2024-25.

Official and Parliamentary correspondence

During 2024-25, we received 33 requests under the Freedom of Information Act 2000 (2023-24: 34). Of these, 100% received a response within the statutory deadline, and four requests were the subject of internal review. We received two Parliamentary Questions and no MPs’ and Peers’ correspondence cases during this period.

External complaints

We are committed to providing a professional, fair, and efficient service and aim to resolve complaints and continuously learn and improve from these. We have a formal two-stage complaints process. We make every effort to resolve a complaint satisfactorily at the first stage, but if we cannot, the complaint will be reviewed by a GIAA senior leader uninvolved in the matter. Following the completion of the two stages, a complainant may take the matter to the Parliamentary and Health Services Ombudsman.

In 2024-25 we handled seven complaints under this process (2023-24: seven); three of which progressed to stage two. The Parliamentary and Health Services Ombudsman received no complaints about GIAA for 2024-25 (2023-24: zero).

Overall assessment of the control environment

It is the view of the Accounting Officer that there is a sound system of controls throughout our risk management and governance system which has operated effectively throughout this reporting period with no significant weaknesses.

Where any issues in systems and processes have been identified, there are plans in place to address them which are proportionate to our risk profile. These improvements are primarily focused on embedding our controls and receiving satisfactory assurances from third parties, such that we can be satisfied the controls are operating effectively.

This assessment is informed and supported by:

the evidence provided in the production of this Governance Statement
the results and findings from the management assurance exercise, including compliance with the relevant government functional standards
the annual report from the Audit and Risk Assurance Committee
the independent assurances and annual opinion from the Head of Internal Audit
the findings and conclusions reached by external audit.

Question 14

Remuneration and staff report

Accepted Answer

Remuneration report

Service contracts

The Constitutional Reform and Governance Act 2010 requires Civil Service appointments to be made on merit based on fair and open competition. The Recruitment Principles published by the Civil Service Commission specify the circumstances when appointments may be made otherwise.

As at 31 March 2025, all executive Board members hold appointments which are open ended. Early termination, other than for misconduct, would result in the individual receiving compensation as set out in the Civil Service Compensation Scheme.

Remuneration policy

Senior Civil Service (SCS) pay and conditions are not delegated to individual departments. The SCS is a corporate resource, employed with a common framework of terms and conditions.

Recommendations on SCS remuneration are provided by the Senior Salaries Review Body (SSRB) in an annual report to the Prime Minister. Further information about the work of the SSRB and copies of their annual reports can be found on the SSRB website: Senior Salaries Review Body - GOV.UK

The government’s response to the recommendations of the SSRB is communicated to departments and organisations by the Cabinet Office. The remuneration of GIAA’s senior civil servants is determined by our Remuneration Committee in accordance with this central guidance.

Senior management remuneration (including salary) and pension entitlements

The following sections provide details of the remuneration and pension interests of the most senior management (i.e. executive Board members) of GIAA.

Executive Board members’ remuneration

The table below, details the elements making up the total remuneration for executive Board members of GIAA. Further information about each of the separate elements is detailed later in this section.

Accrued pension benefits included in this table for any individual affected by the Public Service Pensions Remedy have been calculated based on their inclusion in the legacy scheme for the period between 1 April 2015 and 31 March 2022, following the McCloud judgment. The Public Service Pensions Remedy applies to individuals that were members, or eligible to be members, of a public service pension scheme on 31 March 2012 and were members of a public service pension scheme between 1 April 2015 and 31 March 2022. The basis for the calculation reflects the legal position that impacted members have been rolled back into the relevant legacy scheme for the remedy period and that this will apply unless the member actively exercises their entitlement on retirement to decide instead to receive benefits calculated under the terms of the Alpha scheme for the period from 1 April 2015 to 31 March 2022.
For 2023-24 this represented part year 4 December 2023 – 31 March 2024, and as a new joiner to the Civil Service, was on probation for this period and not eligible for a bonus.

Salary

Salary includes gross salary, taxable benefits, and any allowance to the extent that it is subject to UK taxation. This report is based on accrued payments made by GIAA and thus recorded in these accounts.

Benefits in kind

The monetary value of benefits in kind covers any benefit provided by GIAA and treated by HM Revenue and Customs as a taxable emolument. The estimated monetary value of benefits in kind which relate solely to the provision of interest free loans for the purchase of season tickets for home to office is not included in Table 7. None of the executive Board members received any benefits in kind which require disclosure in Table 7.

Performance bonus

Bonuses for the Senior Civil Service are based on performance levels attained and are made as part of the appraisal process under central guidance. Bonuses can be awarded at the end of year (reflecting the previous year’s work) or for performance in-year. We confirmed that 18 non-consolidated performance-related bonus payments should be paid to our SCS for the 2024-25 appraisal year (compared to 21 awards in 2023-24). This included 10 end of performance year bonuses for ‘Exceeding’ and ‘High Performing’ (compared to 12 in 2023-24).

Pay multiples (this information is subject to audit)

Reporting bodies are required to disclose the relationship between the remuneration of the highest-paid executive in their organisation and the median remuneration of the organisation’s workforce. For these purposes, the remuneration value includes base salary, allowances, non-consolidated performance-related pay, and benefits-in-kind. It does not include severance payments, employer pension contributions and the cash equivalent transfer value of pension.

The remuneration, including salary, allowances, and bonus, of the highest-paid executive in GIAA in the financial year 2024-25 was in the band £190-195,000 (2023-24: £175-180,000). Using the band midpoints, the percentage change in salary and allowances was 8.5%. The highest paid executive received a bonus of £0-5,000 in 2024-25 and no bonus in 2023-24 (see footnote 2, Table 7).

The average percentage salary and allowances change from the previous financial year in respect of all Agency employees is a 6.9% increase and a 23.2% decrease for bonuses. The salary increase is largely attributable to the 5% pay award for staff in the delegated grades and SCS. The bonus change is largely due to the £1,500 fixed payment for delegated grades which was made in 2023-24.

Table 8: Ratios between the highest-paid executive and the 25th percentile, median and 75th percentile

Year	25th percentile pay ratio	Median pay ratio	75th percentile pay ratio
2024-25	4.03	3.40	2.97
2023-24	3.94	3.47	2.87

Table 9: Pay and benefits figures for the 25th percentile, median and 75th percentile

	2024-25 total	2024-25 salary component	2023-24 total	2023-24 salary component
25th Percentile	£47,745	£47,145	£45,025	£44,900
Median	£56,594	£56,344	£51,150	£49,271
75th Percentile	£64,765	£63,228	£61,847	£59,727

The median pay figure in 2024-25 was £56,594 (2023-24 £51,150), of which £56,344 (2023-24 £49,271) was the salary and allowances component. Pay ratios increase at the 25th and 75th percentiles as a result of the highest paid executive receiving a bonus in 2024-25 and not prior year. The median pay ratio reduced as the median pay figure increased proportionately more than the highest paid executive.

In 2024-25 no employee received remuneration more than the highest paid director (2023-24: zero). Remuneration in GIAA ranged from £29,925 to £185-190,000 (2023-24: £25,000 to £175-180,000).

In 2024-25 the Civil Service pay remit for delegated grades enabled departments to make average pay awards of up to 5%.

Consolidated awards

The SCS annual pay award decision was made by our Remuneration Committee in line with the government’s response to the SSRB recommendations. This Committee was attended by GIAA’s Chief Executive, the Chief Operating Officer and GIAA’s Deputy Director, People and Culture.

The annual pay award for delegated grades was made in line with the Civil Service pay remit.

Pension entitlements for each Executive Board member

The table below, details the pension entitlements for each Executive Board member. Further information about each of the separate elements is detailed later in this section.

Table 10: Pension entitlements for Executive Board members (this information is subject to audit)

The value of pension benefits accrued during the year is calculated as (the real increase in pension multiplied by 20) plus (the real increase in any lump sum) less (the contributions made by the individual). The real increases exclude increases due to inflation or any increase or decreases due to a transfer of pension rights.

Cash Equivalent Transfer Values

A Cash Equivalent Transfer Value (CETV) is the actuarially assessed capitalised value of the pension scheme benefits accrued by a member at a particular point in time. The benefits valued are the member’s accrued benefits and any contingent spouse’s pension payable from the scheme. A CETV is a payment made by a pension scheme or arrangement to secure pension benefits in another pension scheme or arrangement when the member leaves a scheme and chooses to transfer the benefits accrued in their former scheme. The pension figures shown relate to the benefits that the individual has accrued as a consequence of their total membership of the pension scheme, not just their service in a senior capacity to which disclosure applies.

The figures include the value of any pension benefit in another scheme or arrangement which the member has transferred to the Civil Service pension arrangements. They also include any additional pension benefit accrued to the member as a result of their buying additional pension benefits at their own cost.

CETVs are worked out in accordance with The Occupational Pension Schemes (Transfer Values) (Amendment) Regulations 2008 and do not take account of any actual or potential reduction to benefits resulting from Lifetime Allowance Tax which may be due when pension benefits are taken.

Real increase in CETV

This reflects the increase in CETV that is funded by the employer. It does not include the increase in accrued pension due to inflation, contributions paid by the employee (including the value of any benefits transferred from another pension scheme or arrangement) and uses common market valuation factors for the start and end of the period.

Civil Service Pensions

Pension benefits are provided through the Civil Service pension arrangements. Before 1 April 2015, the only scheme was the Principal Civil Service Pension Scheme (PCSPS), which is divided into a few different sections – classic, premium, and classic plus provide benefits on a final salary basis, whilst Nuvos provides benefits on a career average basis. From 1 April 2015 a new pension scheme for civil servants was introduced – the Civil Servants and Others Pension Scheme or Alpha, which provides benefits on a career average basis. All newly appointed civil servants, and the majority of those already in service, joined the new scheme.

The PCSPS and Alpha are unfunded statutory schemes. Employees and employers make contributions (employee contributions range between 4.6% and 8.05%, depending on salary). The balance of the cost of benefits in payment is met by monies voted by Parliament each year. Pensions in payment are increased annually in line with the Pensions Increase legislation. Instead of the defined benefit arrangements, employees may opt for a defined contribution pension with an employer contribution, the partnership pension account.

In Alpha, pension builds up at a rate of 2.32% of pensionable earnings each year, and the total amount accrued is adjusted annually in line with a rate set by HM Treasury. Members may opt to give up (commute) pension for a lump sum up to the limits set by the Finance Act 2004. All members who switched to Alpha from the PCSPS had their PCSPS benefits ‘banked’, with those with earlier benefits in one of the final salary sections of the PCSPS having those benefits based on their final salary when they leave Alpha.

The accrued pensions shown in this report are the pension the member is entitled to receive when they reach normal pension age, or immediately on ceasing to be an active member of the scheme if they are already at or over normal pension age. Normal pension age is 60 for members of classic, premium, and classic plus, 65 for members of Nuvos, and the higher of 65 or State Pension Age for members of Alpha. The pension figures in this report show pension earned in PCSPS or Alpha – as appropriate. Where a member has benefits in both the PCSPS and Alpha, the figures show the combined value of their benefits in the two schemes but note that the constituent parts of that pension may be payable from different ages.

When the government introduced new public service pension schemes in 2015, there were transitional arrangements which treated existing scheme members differently based on their age. Older members of the PCSPS remained in that scheme, rather than moving to alpha. In 2018, the Court of Appeal found that the transitional arrangements in the public service pension schemes unlawfully discriminated against younger members (the “McCloud judgment”).

As a result, steps are being taken to remedy those 2015 reforms, making the pension scheme provisions fair to all members. The public service pensions remedy is made up of two parts. The first part closed the PCSPS on 31 March 2022, with all active members becoming members of Alpha from 1 April 2022. The second part removes the age discrimination for the remedy period, between 1 April 2015 and 31 March 2022, by moving the membership of eligible members during this period back into the PCSPS on 1 October 2023.

The accrued pension benefits, Cash Equivalent Transfer Value and single total figure of remuneration reported for any individual affected by the Public Service Pensions Remedy have been calculated based on their inclusion in the PCSPS for the period between 1 April 2015 and 31 March 2022, following the McCloud judgment. The Public Service Pensions Remedy applies to individuals that were members, or eligible to be members, of a public service pension scheme on 31 March 2012 and were members of a public service pension scheme between 1 April 2015 and 31 March 2022. The basis for the calculation reflects the legal position that impacted members have been rolled back into the PCSPS for the remedy period and that this will apply unless the member actively exercises their entitlement on retirement to decide instead to receive benefits calculated under the terms of the Alpha scheme for the period from 1 April 2015 to 31 March 2022.

The partnership pension account is an occupational defined contribution pension arrangement which is part of the Legal & General Mastertrust. The employer makes a basic contribution of between 8% and 14.75% (depending on the age of the member). The employee does not have to contribute but, where they do make contributions, the employer will match these up to a limit of 3% of pensionable salary (in addition to the employer’s basic contribution). Employers also contribute a further 0.5% of pensionable salary to cover the cost of centrally provided risk benefit cover (death in service and ill health retirement).

Further details about the Civil Service pension arrangements can be found at the website Civil Service Pensions / Home - Civil Service Pension Scheme

Staff costs

The PCSPS and the Civil Servant and Other Pension Scheme (CSOPS) – known as “Alpha” – are unfunded multi-employer defined benefit schemes. GIAA is unable to identify its share of the underlying assets and liabilities in either scheme.

The scheme actuary valued the Civil Service pension arrangements as at 31 March 2020. You can find details in the resource accounts of the Cabinet Office: Civil Service Superannuation. For 2024-25, employers’ contributions of £7,325k (2023-24: £7,001k) were payable by GIAA to the Civil Service Pension arrangements at 28.97%; (2023-24: one of four rates in the range 26.6% to 30.3%) of pensionable earnings, based on salary bands.

The Scheme Actuary reviews employer contributions usually every 4 years following a full scheme valuation. The contribution rates are set to meet the cost of the benefits accruing during 2024-25 to be paid when the member retires and not the benefits paid during this period to existing pensioners.

Employees can opt to open a partnership pension account, a stakeholder pension with an employer contribution. Employers’ contributions of £55k in 2024-25 (2023-24: £55k) were paid to one or more of the panel of three appointed stakeholder pension providers Employer contributions are age-related and range from 8% to 14.75% of pensionable earnings.

Employers also match employee contributions up to 3% of pensionable earnings. In addition, employer contributions of £2k (0.5% of pensionable pay from 1 October 2015) in 2024-25 (2023-24: £2k) were payable to the Civil Service Pension arrangements to cover the cost of the future provision of lump sum benefits on death in service or ill health retirement of these employees.

Contributions due to the partnership pension providers at the balance sheet date were £14k (2023-24: £11k). Contributions pre-paid at that date were £nil (2023-24: £nil).

Non-Executive Board members’ remuneration

As at 31 March 2025, we had four Non-Executive Board members, and one Non-Executive independent member of the ARAC. Table 11, below, details the total remuneration for each of our paid Non-Executive Board members during 2024-25. Our HM Treasury Sponsor, Andrew Cartner, also has a Non-Executive role on our Board which is not remunerated by GIAA as he is a member of the Civil Service. The Non-Executive independent member of ARAC, Ed Clift, is also a member of the Civil Service and is not remunerated by GIAA.

Table 11: Agency Board Non-Executive members’ remuneration (this information is subject to audit)

Name	Role	Total Remuneration £000 2024-25	Total Remuneration £000 2023-24
Isobel Everett	Non-Executive Director and Chair	20-25	20-25
Ady Dike	Non-Executive Director	15-20	15-20
Clare Minchington	Non-Executive Director	15-20	15-20
Jonathan Chapman¹	Non-Executive Director	15-20	0-5 (15-20 FYE)

Note: FYE means Full Year Equivalent 1. For 2023-24 this represented part year 8 January – 31 March 2024.

Reporting of Civil Service and other compensation schemes – exit packages

Table 12: Exit Packages (this information is subject to audit)

Note: Redundancy and other departure costs have been paid in accordance with the provisions of the Civil Service Compensation Scheme, a statutory scheme made under the Superannuation Act 1972. Exit costs are accounted for in full in the year of departure.

Question 15

Staff report

Accepted Answer

Agency composition – staff numbers and costs

Our average FTE composition in 2024-25 is shown in Tables 13 and 14 below.

Including the Chief Executive, we employed 27.6 SCS (FTE) as at 31st March 2025 – 1 at Pay Band 3, 7 at Pay Band 2 and 19.6 at Pay Band 1 (of which 3.5 were on temporary promotion from delegated grade 6). Our complement of SCS posts is primarily driven by the needs of our clients in terms of managing the delivery of the agreed internal audit programmes.

Table 13: Agency composition by Full Time Equivalent (FTE) (this information is subject to audit)

	2024-25	2024-25	2023-24	2023-24
Category	Number (FTE)	Cost (£000)	Number (FTE)	Cost (£000)
Staff with a permanent UK employment contract	468	36,910	487	36,807
Other staff engaged on the objectives of the entity (consisting of interim and temporary workers)	3	132	3	314
Total	471	37,042	490	37,121

Note: FTE numbers rounded to nearest whole FTE and are an average for the year, not the figure from the end of the financial year as reported earlier in the performance report. See Note 2 of the Financial Statements for further information on staff costs.

Table 14: Agency composition by percentage in grade is split by declared gender, Black Asian Minority Ethnic (BAME) and disability.

	2024-25	2024-25	2024-25	2024-25	2023-24	2023-24	2023-24	2023-24
Grade	Male	Female	BAME	Disabled	Male	Female	BAME	Disabled
SCS	52%	48%	7%	10%	55%	45%	6%	6%
SCS and Grade 6	55%	45%	8%	10%	53%	47%	9%	9%
Agency total	46%	54%	21%	9%	47%	53%	21%	10%

Diversity and Inclusion

GIAA is committed to the principles of equality, diversity and inclusion (EDI), and aim to ensure that nobody receives less favourable treatment on the basis of age, disability, gender, gender affirming surgery, marriage and civil partnership, religion or belief, race, pregnancy, or sexual orientation.

We have achieved several goals to promote diversity and inclusion within the organisation.

We have implemented a Progression Sponsorship Scheme (pilot) which was offered to our ethnic minority colleagues as a means of positive action to address under representation at senior grades. Our senior leaders attended an ‘EDI Champions Programme’ where they developed a deeper understanding of diversity and inclusion issues. We continue to participate in Catapult which is a Civil Service-wide scheme, led by the Ministry of Justice (MOJ) with the aim to make a difference to social inclusion and mobility.

We continue to ensure compliance with the Public Sector Equality Duty (PSED) and have published our Equality Objectives and latest Equality report on Public Sector Equality Duty report 2023/24 - GOV.UK.

We are taking a proactive approach to embed the principles of PSED across all business areas at GIAA, ensuring all employees are aware of their role and responsibilities. We have improved monitoring of Equality Impact Assessments (EIA) and incorporated prompts into committee paper templates to ensure quality is considered in all people proposals.

We also recognise that having a diverse talent pool enables us to provide the best possible services to our clients and is a key theme of improving our diversity outcomes in recruitment.

We require our managers and interview panel members to complete diversity and inclusion training which includes Equality and Inclusion Essentials and Inclusion in the Workplace. We encourage applications from disabled people and participate in the Disability Confident scheme which enables us to ensure a guaranteed interview to all disabled applicants who apply under the scheme and who meet the minimum criteria for a role. We work with specialist recruiters to ensure that our roles are promoted in a way which appeals equally to people with different backgrounds and abilities. We are proud to have achieved Level 3: Disability Confident Leader status.

We make workplace adjustments to help when people join us or to help people who become disabled during their employment to stay in their current role or find a suitable alternative. In the workplace we are committed to tackle the issues surrounding Discrimination, Bullying and Harassment (DBH) and delivered Agency wide ‘Behaviours Matter’ sessions to raise awareness on how to raise a concern and to build confidence to speak up. As part of our commitment, we launched ‘Cultivating Psychological Safety’ to focus on building a safe environment where people can be themselves and speak up if they witness or experience inappropriate behaviour.

We are committed to transparent reporting and our gender pay gap is published as part of HM Treasury’s Gender Pay Gap Report; the 2024 report can be found on: HM Treasury’s Gender Pay Gap Report 2023 to 2024 - GOV.UK. We have reviewed our action plan to align with the 2024 report and will continue to address any imbalances to show progression.

We have active people networks for Disability, LGBT+, Women, Faith, ethnic minority backgrounds, flexible working, and menopause. They are there to support colleagues and allies but also link into the organisation.

Sickness absence

The average number of working days lost to sickness absence during 2024-25 increased to 8.74 (2023-24: 7.53 days). We continued to develop robust sickness absence management protocols and casework support. We have a Health, Safety and Wellbeing Strategy and wellbeing plan in place, including Employee Assistance Programme support, resilience workshops, stress management training. Our MIND Workplace Wellbeing Index action plan is specifically tailored to mental health and wellbeing and has been fully implemented, with monitoring of absence rates and the reasons behind them. Senior management continue to monitor the trends in our sickness data to identify and implement further interventions that may be required.

Staff turnover percentage

We monitor staff turnover closely and have seen a slight reduction since 2023-24 (annual staff turnover percentages noted below). Exit survey data shows that the most frequent reasons for employees leaving the Agency are retirement, perceived lack of career advancement, pay and line management support. We continue to consider our overall benefits offering for our people and will be implementing a number of initiatives to address people management and career pathways.

Our focus will also be on retention as part of the People and Culture Strategy. Listed below are the staff turnover percentages from the last three years. Performance in this area is closely monitored by senior management.

2024-25: 14.1%
2023-24: 14.3%
2022-23: 14.2%

Staff engagement scores

We achieved a response rate of 86% in the most recent Civil Service People Survey which is a 1% increase from 2023 and our overall engagement index score was 59%, a drop of 3% from 2023.

Consultants and contingent labour

We use contingent labour for several purposes:

to provide project management support to supplement short term development activities
to meet generalist and specialist audit requirements
to temporarily fill resource gaps in our teams

The accounts cover the second year of the Delivery Partner contracts with six suppliers from the Crown Commercial Services (CCS) Audit and Assurance Framework. This contract commenced on 30 March 2023 and expires on 30 March 2026. Core audit services including generalist and specialisms such as HR, Commercial, Finance and Project Management are covered by Deloitte, EY, KPMG, Mazars, PWC and RSM. Digital, Data and Technology are covered by Deloitte, EY, KPMG and RSM.

These contracts give us the flexibility to meet peaks in demand, cover resource gaps and to deploy specialist skills when needed to work alongside our own people. Our Internal Audit Resources costs in 2024-25 decreased from 2023-24 as we have delivered more of the work on internal audit plans through our own staff.

Table 15: Consultants and contingent labour

Category	2024-25 £000	2023-24 £000
GIAA specialist audit contractors: internal audit resources	4,380	6,955
General framework contract: consultancy and advice	251	121
Total contractor resource	4,631	7,076

In line with the Review of Tax Arrangements of Public Sector Appointees published by the Chief Secretary to the Treasury on 23 May 2012, we are required to publish the following details for all off-payroll arrangements as of 31 March 2025, where the individual is paid more than £245 per day and the engagement has lasted for longer than six months.

This is shown in Table 16 below.

Table 16: Highly paid off-payroll worker engagements as at 31 March 2025, earning £245 per day or greater

Number (No.) of existing engagements as of 31 March 2025	2024-25	2023-24
Of which, no. that existed:
Less than one year	-	1
For between 1 and 2 years	-	-
For between 2 and 3 years	-	-
For between 3 and 4 years	-	-
For more than 4 years	-	-

Table 17: All highly paid off-payroll workers engaged at any point during the year ended 31 March 2025, earning £245 per day or greater

No. of temporary off-payroll workers engaged during the year ended 31 March 2025	2024-25	2023-24
Of which:
Not subject to off-payroll legislation	-	-
Subject to off-payroll legislation and determined as in scope of IR35	-	-
Subject to off-payroll legislation and determined as out-of scope of IR35	-	4
No. of engagements reassessed for compliance or assurance purposes during the year	-	-
No. of engagements reassessed for compliance or assurance purposes during the year	-	-
Of which:
No. of engagements that saw a change to IR35 status following review	-	-

Table 18: Off-Payroll engagements of Board members and senior officials with significant financial responsibilities, between 1 April 2024 and 31 March 2025

	2024-25	2023-24
Number of off-payroll engagements of Board members, and/or, senior officials with significant financial responsibility, during the financial year.	-	-
Total number of individuals on the payroll and off-payroll that have been deemed “Board members and/or, senior officials with significant financial responsibility” during the
financial year.	8	12

Facility time for trade union representatives

We recognise three trades unions for the purposes of collective bargaining, consultation and to provide representation and support to individual employees. There are six local trades union representatives within GIAA who are eligible to record facility time within agreed guidelines, totalling no more than 0.1% of our pay bill.

Table 19: Relevant union officials

Number of employees who were relevant union officials during the relevant period	Full time equivalent employee (FTE) number
6	6

Table 20: Percentage of time spent on facility time

Percentage of time	Number of employees (FTE)
0	1
1-50%	5
50-100%	0

Table 21: Percentage of pay bill spent on facility time

	Figures
Total cost of facility time	£12k
Total Pay Bill 2024-25 (does not include off-payroll costs of contracted interim and temporary workers)	£36,601k
Provide the percentage of the total pay bill spent on facility time, calculated as: (total cost of facility time ÷ total pay bill) x 100	0.03%

Table 22: Paid trade union activities

Paid Trade Union activities	£0
Time spent on paid trade union activities as a percentage of total paid facility time hours calculated as: (total hours spent on paid trade union activities by relevant union officials during the relevant period ÷ total paid facility time hours) x 100	0%

Question 16

Parliamentary accountability and audit report

Accepted Answer

Financial performance

This section provides a summary of our financial performance during the year, focusing on the income we have received from our clients, the continued investment by our parent department – HM Treasury, and how we have spent those resources during the year in the delivery of our internal audit, counter fraud and investigation and assurance services.

Summary

Our net expenditure position was a £1,334k surplus when Supply Funding from HM Treasury is considered. Our total income was £46,685k, Supply Funding received £2,107k and total expenditure £47,458k.

Income

GIAA is primarily funded through the fees we charge our clients for internal audit, counter fraud and investigation and assurance services. We agree the level of audit and counter fraud services required by each of our clients, setting out the full detail of our services in a Memorandum of Understanding and agreeing an appropriate fee. In relation to client-facing activities, we generated revenue of £46,446k (2023-24: £45,167k) from our clients and received a further £235k in grant funding (2023-24: £27k). We also received funding from HM Treasury (£2,107k) for undertaking internal audit policy work on HM Treasury’s behalf.

Our total operating income for the year was £46,685k (2023-24: £45,201k).

Expenditure

Our total operating expenditure this year was £47,456k (2023-24: £49,934k), consisting of staff costs of £36,733k (2023-24: £36,925k), purchase of goods and services of £10,295k (2023-24: £12,687k), depreciation and impairment charges of £338k (2023-24: £324k) and a provision of £90k (2023-24: provision release £2k).

Contractor spend was reduced in 2024-25 - £4,631k (2023-24: £7,076k).

Permanent staff costs of £36,910k (2023-24: £36,807k) directly relate to the employment of our auditors, counter fraud investigators and other assurance professionals, the internal audit profession function and corporate services. More information on our staff numbers and costs can be found in the remuneration and staff report above and in Note 2 of the Notes to the Accounts.

We engaged several firms under our internal audit framework to deliver specialist and generalist audit services to our clients on our behalf. Of the £4,631k contractor spend referred to above, £4,380k (2023-24: £6,955k) relates to work engaged under this framework. We spent £251k on specialist advice (2023-24: £121k) including legal advice from the Government Legal Department, advice on our senior management structure and developing an internal audit competency framework. We additionally employed contingent labour totalling £21k (2023-24: £199k) to fill temporary gaps, in our corporate teams.

We incurred £637k (2023-24: £711k) in travel and subsistence costs, the majority of which were directly related to audit, counter fraud and investigation and assurance services delivered to our clients and reimbursed through fees paid to GIAA.

We also incurred a number of charges for support services from other government departments totalling £3,728k (2023-24: £3,390k) for services including transactional finance, human resources, payroll and information and communication technology services received from our parent department, HM Treasury, and office rent. To support the strategic objective of recruiting and retaining high calibre staff, we invested £36k (2023-24: £176k), £304k (2023-24: £422k) and £311k (2023-24: £400k) in recruitment, training and staff support and related costs respectively. Expenditure in these areas reduced compared to 2023-24 due to specific activity in 2023-24 including recruitment of a new CEO, training relating to a new performance management process and completing the MIND Workplace Wellbeing Index.

The net operating expenditure was £771k and net expenditure £773k (2023-24: £4,929k) after £2k finance expenses (£7k 2023-24) were taken into account. The movement in the net expenditure relates to increased income which has been recognised and reduced expenditure, particularly on contractors.

The difference was met by HM Treasury Supply Funding, which totalled £2,107k (2023-24: £6,070k) including authorised spending of £350k (2023-24: £350k) to support the internal audit policy function (included in expenditure). This position is set out in Note 6 to the accounts.

As a result, we ended the year with an overall surplus of £1,334k. In accordance with government accounting rules, the corresponding funding for this work is recorded as a movement in the General Fund, rather than as income.

The balance on the General Fund of £6,406k (2022-23: £4,943k) represents the balance of our operating activities and HM Treasury funding.

Financial position

Our balance sheet consists of receivables of £12,608k (2023-24: £14,547k), non-current assets of £346k (2023-24: £579k) payables of £5,918k (2023-24: £9,695k), a provision of £90k (2023-24: a release of £2k) and lease liabilities of £540k (2023-24: £488k). Assets and liabilities reflect the adoption of IFRS16 in 2022-23.

Our strategy is to use existing arrangements with our clients in other parts of government to meet most of our accommodation requirements, and with our parent department to meet most of our ICT needs. As such, we do not own any property, plant, and equipment.

Receivables primarily consist of amounts due from our clients, with £11,612k (2023-24: £12,960k) relating to amounts invoiced but not paid at 31 March, and £933k (2023-24: £1,495k) relating to services delivered in 2024-25 but not invoiced until the new financial year. Included in trade and other payables and accruals, totalling £5,918k (2023-24: £9,695k), are advance receipts from clients of £82k (2023-24: £7k). The value of untaken holiday leave at 31 March 2024 was £911k (2023-24: £1,014k).

GIAA does not hold its own bank account, but shares an account with our parent department, HM Treasury – this mechanism provides us with working capital which allows us to pay people and suppliers while waiting for clients to pay our invoices. As a result, we owed HM Treasury £814k (2023-24: £4,032k) which is the difference between the cash received from clients and expenditure funded by HM Treasury during the year. The difference between years is a result of a reduced receivable balance at year end due to issuing invoices earlier and a reduced net expenditure figure.

Parliamentary accountability disclosures

The following parliamentary accountability disclosures are made in accordance with relevant guidance issued by HM Treasury.

Fees and charges (this information is subject to audit)

GIAA is largely funded through the fees we charge clients for internal audit, counter fraud and investigation and assurance services. Our fees are set in accordance with ‘Managing Public Money’ to recover the full costs of service provision using a charging model that we have developed. HM Treasury’s Supply Funding partially subsidises our costs and subsequent charge-out rates for clients. When taken in to account, the deficit of £771k is a surplus of £1,334k.

Table 23: Fees and charges

Remote contingent liabilities (this information is subject to audit)

We do not have any remote contingent liabilities that are required to be disclosed under parliamentary reporting requirements. We have disclosed a contingent liability for a voluntary exit scheme under IAS 37, with further information included in Note 13 to the Financial Statements.

Regularity of expenditure (this information is subject to audit)

Our expenditure relates to routine administration costs such as employment costs and the purchase of goods and services, and as such does not require any further specific legislation.

We do not undertake any specific policy or service that requires parliamentary approval for bespoke legislation and incurred no expenditure during the year that relies on the sole authority of a Supply and Appropriation Act.

Losses and special payments (this information is subject to audit)

GIAA recorded no losses in 2024-25 (2023-24: 4). We have not made any gifts during the year.

Long-term expenditure trends

2024-25 was our tenth year of operation. The Ministry of Defence Internal Audit team joining on 1 April 2023 significantly changed our income and expenditure bases from prior years. Our income and expenditure stabilised in 2024-25 as demonstrated in our financial statements and the graph below which shows the last five years’ expenditure within the Agency that also reflects the impact in 2024-25 of reduced HMT Supply Funding and corresponding expenditure.

Notes regarding expenditure:

2022-23: Expenditure increases in new spending review period (starts 22-23): OneGIA project, Innovation, Cross Government insights accompanied by increased Supply Funding.

2023-24: Expenditure increases following Ministry of Defence internal audit team joining.

2024-25: HMT Supply Funding and corresponding expenditure reduce.

Harriet Aldridge

Chief Executive and Accounting Officer

14 July 2025

Question 17

The Certificate and Report of the Comptroller and Auditor General to the House of Commons

Accepted Answer

Opinion on financial statements

I certify that I have audited the financial statements of the Government Internal Audit Agency for the year ended 31 March 2025 under the Government Resources and Accounts Act 2000.

The financial statements comprise the Government Internal Audit Agency’s

Statement of Financial Position as at 31 March 2025;
Statement of Comprehensive Net Expenditure, Statement of Cash Flows and Statement of Changes in Taxpayers’ Equity for the year then ended; and
the related notes including the significant accounting policies.

The financial reporting framework that has been applied in the preparation of the financial statements is applicable law and UK adopted international accounting standards.

In my opinion, the financial statements:

give a true and fair view of the state of the Government Internal Audit Agency’s affairs as at 31 March 2025 and its net expenditure for the year then ended; and
have been properly prepared in accordance with the Government Resources and Accounts Act 2000 and HM Treasury directions issued thereunder.

Opinion on regularity

In my opinion, in all material respects, the income and expenditure recorded in the financial statements have been applied to the purposes intended by Parliament and the financial transactions recorded in the financial statements conform to the authorities which govern them.

Basis for opinions

I conducted my audit in accordance with International Standards on Auditing (UK) (ISAs UK), applicable law and Practice Note 10 Audit of Financial Statements and Regularity of Public Sector Bodies in the United Kingdom (2024). My responsibilities under those standards are further described in the Auditor’s responsibilities for the audit of the financial statements section of my certificate.

Those standards require me and my staff to comply with the Financial Reporting Council’s Revised Ethical Standard 2024. I am independent of the Government Internal Audit Agency in accordance with the ethical requirements that are relevant to my audit of the financial statements in the UK. My staff and I have fulfilled our other ethical responsibilities in accordance with these requirements.

I believe that the audit evidence I have obtained is sufficient and appropriate to provide a basis for my opinion.

Conclusions relating to going concern

In auditing the financial statements, I have concluded that the Government Internal Audit Agency’s use of the going concern basis of accounting in the preparation of the financial statements is appropriate.

Based on the work I have performed, I have not identified any material uncertainties relating to events or conditions that, individually or collectively, may cast significant doubt on the Government Internal Audit Agency’s ability to continue as a going concern for a period of at least twelve months from when the financial statements are authorised for issue.

My responsibilities and the responsibilities of the Accounting Officer with respect to going concern are described in the relevant sections of this certificate.

Other information

The other information comprises information included in the Annual Report but does not include the financial statements and my auditor’s certificate and report thereon. The Accounting Officer is responsible for the other information.

My opinion on the financial statements does not cover the other information and, except to the extent otherwise explicitly stated in my certificate, I do not express any form of assurance conclusion thereon.

My responsibility is to read the other information and, in doing so, consider whether the other information is materially inconsistent with the financial statements or my knowledge obtained in the audit, or appears to be materially misstated.

If I identify such material inconsistencies or apparent material misstatements, I am required to determine whether this gives rise to a material misstatement in the financial statements themselves. If, based on the work I have performed, I conclude that there is a material misstatement of this other information, I am required to report that fact. I have nothing to report in this regard.

Opinion on other matters

In my opinion the part of the Remuneration and Staff Report to be audited has been properly prepared in accordance with HM Treasury directions issued under the Government Resources and Accounts Act 2000.

In my opinion, based on the work undertaken in the course of the audit:

the parts of the Accountability Report subject to audit have been properly prepared in accordance with HM Treasury directions issued under the Government Resources and Accounts Act 2000;
the information given in the Performance and Accountability Reports for the financial year for which the financial statements are prepared is consistent with the financial statements and is in accordance with the applicable legal requirements.

Matters on which I report by exception

In the light of the knowledge and understanding of the Government Internal Audit Agency and its environment obtained in the course of the audit, I have not identified material misstatements in the Performance and Accountability Reports.

I have nothing to report in respect of the following matters which I report to you if, in my opinion:

adequate accounting records have not been kept by the Government Internal Audit Agency or returns adequate for my audit have not been received from branches not visited by my staff; or
I have not received all of the information and explanations I require for my audit; or
the financial statements and the parts of the Accountability Report subject to audit are not in agreement with the accounting records and returns; or
certain disclosures of remuneration specified by HM Treasury’s Government Financial Reporting Manual have not been made or parts of the Remuneration and Staff Report to be audited is not in agreement with the accounting records and returns; or
the Governance Statement does not reflect compliance with HM Treasury’s guidance.

Responsibilities of the Accounting Officer for the financial statements

As explained more fully in the Statement of Accounting Officer’s Responsibilities, the Chief Executive as Accounting Officer is responsible for:

maintaining proper accounting records;
providing the C&AG with access to all information of which management is aware that is relevant to the preparation of the financial statements such as records, documentation and other matters;
providing the C&AG with additional information and explanations needed for his audit;
providing the C&AG with unrestricted access to persons within the Government Internal Audit Agency from whom the auditor determines it necessary to obtain audit evidence; ensuring such internal controls are in place as deemed necessary to enable the preparation of financial statements to be free from material misstatement, whether due to fraud or error;
preparing financial statements which give a true and fair view and are in accordance with HM Treasury directions issued under the Government Resources and Accounts Act 2000;
preparing the annual report, which includes the Remuneration and Staff Report, in accordance with HM Treasury directions issued under the Government Resources and Accounts Act 2000; and
assessing the Government Internal Audit Agency’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the Accounting Officer either intends to liquidate the entity or to cease operations, or has no realistic alternative but to do so.

Auditor’s responsibilities for the audit of the financial statements

My responsibility is to audit, certify and report on the financial statements in accordance with the Government Resources and Accounts Act 2000.

My objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue a certificate that includes my opinion. Reasonable assurance is a high level of assurance but is not a guarantee that an audit conducted in accordance with ISAs (UK) will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements.

Extent to which the audit was considered capable of detecting non-compliance with laws and regulations, including fraud

I design procedures in line with my responsibilities, outlined above, to detect material misstatements in respect of non-compliance with laws and regulations, including fraud. The extent to which my procedures are capable of detecting non-compliance with laws and regulations, including fraud is detailed below.

Identifying and assessing potential risks related to non-compliance with laws and regulations, including fraud In identifying and assessing risks of material misstatement in respect of non-compliance with laws and regulations, including fraud, I:

considered the nature of the sector, control environment and operational performance including the design of the Government Internal Audit Agency’s accounting policies
inquired of management, Government Internal Audit Agency’s head of internal audit and those charged with governance, including obtaining and reviewing supporting documentation relating to the Government Internal Audit Agency’s policies and procedures on:
- identifying, evaluating and complying with laws and regulations;
- detecting and responding to the risks of fraud; and
- the internal controls established to mitigate risks related to fraud or non-compliance with laws and regulations including the Government Internal Audit Agency’s controls relating to the Government Internal Audit Agency’s compliance with the Government Resources and Accounts Act 2000 and Managing Public Money
inquired of management, Government Internal Audit Agency’s head of internal audit and those charged with governance whether:
- they were aware of any instances of non-compliance with laws and regulations;
- they had knowledge of any actual, suspected, or alleged fraud,
discussed with the engagement team regarding how and where fraud might occur in the financial statements and any potential indicators of fraud.

As a result of these procedures, I considered the opportunities and incentives that may exist within the Government Internal Audit Agency for fraud and identified the greatest potential for fraud in the following areas: revenue recognition, posting of unusual journals, complex transactions and bias in management estimates. In common with all audits under ISAs (UK), I am required to perform specific procedures to respond to the risk of management override.

I obtained an understanding of the Government Internal Audit Agency’s framework of authority and other legal and regulatory frameworks in which the Government Internal Audit Agency operates. I focused on those laws and regulations that had a direct effect on material amounts and disclosures in the financial statements or that had a fundamental effect on the operations of the Government Internal Audit Agency. The key laws and regulations I considered in this context included Government Resources and Accounts Act 2000, Managing Public Money, employment law, pensions legislation and tax legislation.

Audit response to identified risk

To respond to the identified risks resulting from the above procedures:

I reviewed the financial statement disclosures and testing to supporting documentation to assess compliance with provisions of relevant laws and regulations described above as having direct effect on the financial statements;

I enquired of management and the Audit and Risk Committee concerning actual and potential litigation and claims;
I reviewed minutes of meetings of those charged with governance and the Board; and internal audit reports;
I addressed the risk of fraud through management override of controls by testing the appropriateness of journal entries and other adjustments; assessing whether the judgements on estimates are indicative of a potential bias; and evaluating the business rationale of any significant transactions that are unusual or outside the normal course of business; and
I communicated relevant identified laws and regulations and potential risks of fraud to all engagement team members including and remained alert to any indications of fraud or non-compliance with laws and regulations throughout the audit.

A further description of my responsibilities for the audit of the financial statements is located on the Financial Reporting Council’s website at: Auditor’s Responsibilities for the Audit. This description forms part of my certificate.

Other auditor’s responsibilities

I am required to obtain sufficient appropriate audit evidence to give reasonable assurance that the expenditure and income recorded in the financial statements have been applied to the purposes intended by Parliament and the financial transactions recorded in the financial statements conform to the authorities which govern them.

I communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control I identify during my audit.

Question 18

Financial statements

Accepted Answer

Statement of Comprehensive Net Expenditure for the year ended 31 March 2025

	Note	Year to 31 March 2025 (£000)	Year to 31 March 2024 (£000)
Income from sales of services	5,6	(46,446)	(45,167)
Other operating income		(239)	(34)
Total operating income		(46,685)	(45,201)
Staff costs	2	36,733	36,925
Purchase of goods and services	3	10,295	12,687
Depreciation and impairment charges	4	338	324
Provision expense	10	90	(2)
Total operating expenditure		47,456	49,934
Net operating expenditure for the year		771	4,733
Cost of MOD annual leave balances transferred on 1 April 2023		-	189
Finance expense		2	7
Net expenditure for the year		773	4,929

Statement of Financial Position as at 31 March 2025

	Note	Year to 31 March 2025 (£000)	Year to 31 March 2024 (£000)
Non-current assets
Intangible assets		112	98
Right of use assets	11.3	234	481
Total non-current assets		346	579
Current assets
Trade and other receivables	7	12,608	14,547
Total current assets		12,608	14,547
Total assets		12,954	15,126
Current liabilities
Trade and other payables	9	(5,918)	(9,695)
Provisions	10	(3)	-
Lease liabilities		(530)	(325)
Total current liabilities		(6.451)	(10,020)
Non-current liabilities
Provisions	10	(87)
Lease liabilities	11.4	(10)	(163)
Total non-current liabilities		(97)	(163)
Total liabilities		(6,548)	(10,183)
Total assets less total liabilities		6,406	4,943
Taxpayers’ equity
General Fund		6,406	4,943

Harriet Aldridge

Chief Executive and Accounting Officer

14 July 2025

Statement of Cash Flows for the year to March 2025

	Note	Year to 31 March 2025 (£000)	Year to 31 March 2024 (£000)
Cash flows from operating activities
Net operating expenditure		(771)	(4,733)
Adjustments for non-cash transactions		428	322
(Increase) / Decrease in payables from transfer by absorption	9	-	(189)
(Increase)/Decrease in trade and other receivables	7	1,940	(2,565)
Increase/(Decrease) in trade and other payables	9	(3,580)	1,487
Use of provisions	10	-	(143)
Notional expenditure: auditor remuneration		129	125
Net cash outflow from operating activities		(1,854)	(5,696)
Cash flows from investing activities
Purchase of intangible assets		(26)	(45)
Net cash outflow from investing activities		(26)	(45)
Cash flows from financing activities
From the Consolidated Fund (Supply) – current year		2,107	6,070
Repayment of leasing liabilities	11.5	(225)	(322)
Interest payments on lease liabilities	11.5	(2)	(7)
Net cash flows from financing activities		1,880	5,741
Net increase/(decrease) in cash and cash equivalents		-	-
Cash and cash equivalents at the beginning of the year		-	-
Cash and cash equivalents at the end of the year		-	-

Statement of Changes in Taxpayers’ Equity

	General Fund £000	Taxpayers’ equity £000
Balance at 1 April 2024	4,943	4,943
Net parliamentary funding	2,107	2,107
Notional charges: Auditors Remuneration	129	129
Comprehensive net expenditure for the year	(773)	(773)
Balance at 31 March 2025	6,406	6,406
Balance at 1 April 2023	3,677	3,677
Net parliamentary funding	6,070	6,070
Notional charges: Auditors Remuneration	125	125
Comprehensive net expenditure for the year	(4,929)	(4,929)
Balance at 31 March 2024	4,943	4,943

Question 19

Notes to the accounts

Accepted Answer

Note 1 – Accounting policies

1.1 Basis of preparation

The annual set of financial statements for the Government Internal Audit Agency (GIAA) is prepared in accordance with the Government’s Financial Reporting Manual (FReM) and under the Accounts Direction issued by HM Treasury. The accounting policies contained in the FReM apply International Accounting Standards as adapted or interpreted for the public sector context.

Where the FReM permits a choice of accounting policies, those that are judged the most appropriate to the circumstances of the GIAA, for the purpose of giving a true and fair view, have been selected. The accounting policies adopted by the GIAA are applied consistently in dealing with all items that are considered material to the accounts and these are described below.

GIAA is domiciled in the United Kingdom and its principal place of business is at 10 Victoria Street London, with offices throughout the country as explained in Note 11.2. The presentational and functional currency is pound sterling.

GIAA as a trading entity has prepared its Financial Statements on a going concern basis as we expect to continue to keep trading in future years. This assessment is supported by a stable client and income base, and with funding in place from HM Treasury for the following financial year (2025-26).

1.2 Standards issued but not yet effective

There are no IFRS or IFRIC interpretations not yet effective that would be expected to have a material impact on the Agency. IFRS 17 – Insurance contracts will be implemented on 1 April 2025. GIAA has negligible insurance contracts so does not see any material impact because of this change. IFRS 18 Presentation and Disclosure in Financial statements will replace IAS 1 Presentation of Financial Statements and is effective for annual reporting periods beginning on or after 1 January 2027 in the private sector. The Public Sector implementation date is not yet confirmed. The impact of IFRS 18 on the Public Sector is still being assessed.

1.3 Accounting convention

These accounts have been prepared on an accruals basis, under the historical cost convention, modified to account for certain financial instruments to fair value, as determined by the relevant accounting standards.

1.4 Income

All GIAA income is accounted for in line with IFRS 15: Revenue from Contracts with Customers, which came into effect on 1 January 2018 and became effective during 2018- 19. The core principle of IFRS 15 is that an entity recognises revenue to reflect the transfer of promised goods or services to clients in an amount that indicates the consideration to which the entity expects to be entitled in exchange for those goods or services. Revenue is recognised using a five-step model: identification of the contract with the client, identification of the performance obligations within the contract, determination of the transaction price, allocation of the price to the performance obligations, then recognition of revenue as the performance obligations are fulfilled.

Our performance obligation is to provide an internal audit service to clients external to the GIAA (central government departments, agencies and arm’s length bodies). This service includes audit, counter fraud and investigation and assurance services, an annual audit opinion, consultancy and advice on meeting future challenges and conforming with ethics and governance standards, as well as management of the overall programme of work. GIAA’s contract with clients sets out this performance obligation and specifies that the service is delivered throughout the year, with the clients receiving the benefit of the work throughout the year. For most clients, a fixed fee is agreed with the client based on an agreed plan of work for the year and the estimated inputs required to deliver this service. For a small number of clients, the fee is charged on a time and materials basis. Income is recognised throughout the year as the service is delivered and the client receives and consumes the benefits of GIAA’s work. Income is recognised based on the inputs delivering the service. At the end of the year for fixed fee clients, where the overall plan of work has not been delivered, the income recognised is based on the inputs that have been provided as a proportion of the total inputs expected for full delivery of the service. For time and materials clients, income is recognised based on the inputs used up to 31 March.

This service is provided on a full-cost basis, with charge-out rates set in accordance with HM Treasury’s guidance on fees and charges set out in Managing Public Money to achieve full cost recovery of chargeable services. HM Treasury’s Supply Funding is included in the charge-out calculations and contributes to GIAA’s cost recovery.

1.5 Value Added Tax

GIAA is not separately registered for Value Added Tax (VAT) and VAT collected or paid is accounted for centrally by HM Treasury as our parent department. Irrecoverable VAT is charged to the relevant expenditure category in the statements of comprehensive net expenditure. Where output tax is charged or input tax is recoverable, the amounts are stated net of VAT.

1.6 Employee benefits

Early retirement costs

No early retirement costs were paid during the accounting period.

Other employee benefits

This includes the value of untaken holiday leave at the financial year-end, which is recognised on an accruals basis.

1.7 Pensions

GIAA operates several retirement benefits plans for its employees, including defined benefit plans, defined contribution plans and post-retirement healthcare benefits.

Defined benefit schemes

Pension benefits are provided through Civil Service pension arrangements as detailed in the Remuneration Report.

GIAA recognises the expected costs of future pension liabilities on a systematic and rational basis over the period during which it benefits from employees’ service by payment to Civil Service Pension schemes of amounts calculated on an accruing basis. Liability for payment of future benefits is a charge on the scheme.

Defined contribution schemes

A defined contribution plan is a pension arrangement where the employer pays fixed contributions into a separate fund. The costs for the defined contribution schemes are recognised as an expense in the Statement of Comprehensive Net Expenditure as incurred. For defined contribution plans, the employer has no further payment obligations once the contributions have been paid. The contributions are recognised as an employee benefit expense when they are due. Prepaid contributions are recognised as an asset to the extent that a cash refund or a reduction in the future payments is available.

1.8 Financial instruments

As the cash requirements of GIAA are primarily met from income from clients (government departments, agencies and arm’s length bodies) and a limited amount through the Parliamentary Estimates process, financial instruments play a more limited role in creating risk than would apply to a non-public sector body of a similar size. Most financial instruments relate to contracts to buy non-financial items in line with our expected purchase and usage requirements and we are therefore exposed to little credit, liquidity or market risk.

The requirements of IFRS 9: Financial Instruments have been considered; however, as per the FReM, as an executive agency, GIAA’s balances with its parent department and those with government bodies unless in default are excluded from the requirement for impairments. Financial instruments held arise from day-to-day operations and include trade and other receivables (note 7) and trade and other payables (note 9). In accordance with IFRS 9 Financial Instruments, financial assets and financial liabilities are initially recognised at fair value and are subsequently measured at amortised cost.

Trade and other receivables

All GIAA’s trade and other receivables are with other government bodies and are therefore excluded from the requirement for impairments unless in default.

Trade Payables

GIAA recognises Trade Payables at the point the liability can be reliably measured – typically the presentation for payment of an invoice – and measures them at amortised cost.

1.9 Notional charges

Certain costs are charged on a notional basis and included in the accounts. The only notional cost for 2024-2025 is external auditor remuneration. Notional costs are recorded in the Statement of Comprehensive Net Expenditure, as an adjustment on the Statement of Cash Flows from net expenditure and recorded as a movement on the General Fund.

1.10 Segmental reporting

Under HM Treasury guidance in the FReM, GIAA is expected to meet the requirements of IFRS 8 to report information concerning operating segments where the criteria under IFRS 8 are met. GIAA audit work for clients is classified in one operating segment. GIAA manages its assets and liabilities at the entity level and therefore the distribution of assets and liabilities to programmes and administration is not disclosed.

1.11 Accounting estimates and judgements

The preparation of financial statements requires management to make judgements, estimates and assumptions about the reported amounts of assets, liabilities, income, and expenditure that are not readily apparent from other sources. The estimates and associated assumptions are based on historical experience and other factors that are considered to be relevant.

Actual results may differ from these estimates. The estimates and underlying assumptions are reviewed on an ongoing basis. Revisions to accounting estimates are recognised in the period in which the estimate is revised and in any future period affected.

Income Recognition

In calculating income for audit services, we make judgements as to the stage of completion of our services and/or work:

for fixed fee clients, we evaluate the service delivered at 31 March and the inputs required to complete the service thereafter. The income recognised in year and the deferred income is based on the fixed fee, the proportion of total inputs in year and those required to complete the service after 31 March. GIAA invoices fixed fee clients on a quarterly basis, with the final invoice issued at the end of March. Where the full fee is not recognised, an adjustment is made to receivables. Accrued income is recorded where more income has been earned than has been invoiced at year end
time and material clients are charged for the work that has been done on their audit plan up to 31 March. This would include all time charged to the client by GIAA staff, the contractor costs attributable to that client and any Travel and Subsistence undertaken on the clients audits. GIAA is applying the Practical expedient of IFRS15 for these clients as income is recognised based on performance to 31 March. Any work which has not been invoiced at 31 March is recorded as accrued income.

Estimates are made on the remaining costs to be incurred in completing contracts and includes a provision for foreseen recoverable amounts. This estimate informs the income figure where the income for a fixed fee client is the agreed fee less the work to complete the contract in the following financial year plus the income earned in completing the prior year’s contract. Where more income has been earned than has been invoiced at year end, the figure is included as accrued income.

1.12 Supply Funding

GIAA accounts for Supply Funding in line with the FReM, credited to the General Fund in the Statement of Changes in Taxpayers Equity. The balance of the General Fund represents the balance of our operating activities and HM Treasury funding. Supply Funding is shown in the Statement of Cash Flows as a cash flow from Financing Activities.

1.13 Leases

GIAA recognises right-of-use assets at an amount equal to the initial lease liability, whereby the initial lease liability has been calculated based on the present value of future cash flows for each lease over the applicable lease term determined in accordance with IFRS16. GIAA has used cost as a proxy for fair value in its measurement. The non-lease elements of these contracts (e.g. utility costs) have been excluded.

GIAA has used the interest rate promulgated in Public Expenditure System papers as the incremental borrowing rate. For leases that commence or are remeasured in the 2022 calendar year, this rate is 0.95%. For leases modified in 2023, the rate is 3.51% and this is the rate applied for the modified lease in Birmingham. For leases modified in 2025, the rate is 4.81% and this is the rate applied for the modified lease in London. See Note 11 for further detail on the leases and the modifications. GIAA has not identified any leases under IFRS 16 where the underlying asset is of low value nor where the lease period is for 12 months or less.

1.14 Business Combinations

On 1 April 2023, the Internal Audit function of Ministry of Defence transferred to GIAA. GIAA has treated this as a Transfer by Absorption in its accounts. The staff who transferred had untaken annual leave which was recognised as a liability upon transfer. There have been no transfers in 2024-25.

Question 20

Note 2 - Staff costs

Accepted Answer

	Year to 31 March 2025 Permanent Staff (£000)	Year to 31 March 2025 Other Staff (£000)	Year to 31 March 2025 Total (£000)	Year to 31 March 2024 Permanent Staff (£000)	Year to 31 March 2024 Other Staff (£000)	Year to 31 March 2024 Total (£000)
Salaries including allowances	26,465	116	26,581	26,722	283	27,005
Social security costs	3,074	5	3,079	3,049	9	3,058
Other pension costs	7,371	11	7,382	7,036	22	7,058
Total staff costs	36,910	132	37,042	36,807	314	37,121
Less recoveries from outward secondments	(309)	-	(309)	(196)	-	(196)
Net cost	36,601	132	36,733	36,611	314	36,925

The average number of permanent FTE employed during the year was 468 (2023-24: 486.8).

Question 21

Note 3 – Purchase of goods and services

Accepted Answer

3.1 Analysis of total goods and services purchased

	Year to 31 March 2025 (£000)	Year to 31 March 2024 (£000)
Contractor costs	4,631	7,076
Support services from other government departments	3,728	3,390
Travel and subsistence costs	637	711
IT and telecommunications costs	469	378
Training costs	304	422
Auditor’s remuneration	129	125
Staff support and staff related costs	311	400
Recruitment costs	36	176
Office costs	50	9
Total goods and services	10,295	12,687

Our contractor costs decreased from 2023-24 as we have delivered more of the work on internal audit plans through our own staff.

Question 22

Note 4 – Depreciation and impairment charges

Accepted Answer

	Year to 31 March 2025 Permanent Staff (£000)	Year to 31 March 2025 Other Staff (£000)	Year to 31 March 2025 Total (£000)	Year to 31 March 2024 Permanent Staff (£000)	Year to 31 March 2024 Other Staff (£000)	Year to 31 March 2024 Total (£000)
Salaries including allowances	26,465	116	26,581	26,722	283	27,005
Social security costs	3,074	5	3,079	3,049	9	3,058
Other pension costs	7,371	11	7,382	7,036	22	7,058
Total staff costs	36,910	132	37,042	36,807	314	37,121
Less recoveries from outward secondments	(309)	-	(309)	(196)	-	(196)
Net cost	36,601	132	36,733	36,611	314	36,925

The introduction of IFRS16, the accounting standard for leases, in April 2022 created a Right of Use of Asset for GIAA relating to leases for office space in London and Birmingham with those assets being depreciated over the term of their lease. See Note 11 for further detail on IFRS16.

The creation and further development of Intangible Assets has led to an amortisation charge. The intangible assets are being amortised over a ten-year useful life.

Question 23

Note 5 - Income

Accepted Answer

Income for the period of £46,685k relates entirely to audit, counter fraud and investigation and assurance services fee income with the exception of £235k for Grants and £4k other income (2023-24: £45,167 attributable to audit, counter fraud and investigation and assurance services income, £27k for Grants and £7k other income). Of the £46,446k fee income £1,299k of the total income relates to 2023/24 contracts where the contract wasn’t completed at 31 March 2024.

Question 24

Note 6 – Income and expenditure by type of work

Accepted Answer

	Year to 31 March 2025 Permanent Staff (£000)	Year to 31 March 2025 Other Staff (£000)	Year to 31 March 2025 Total (£000)	Year to 31 March 2024 Permanent Staff (£000)	Year to 31 March 2024 Other Staff (£000)	Year to 31 March 2024 Total (£000)
Salaries including allowances	26,465	116	26,581	26,722	283	27,005
Social security costs	3,074	5	3,079	3,049	9	3,058
Other pension costs	7,371	11	7,382	7,036	22	7,058
Total staff costs	36,910	132	37,042	36,807	314	37,121
Less recoveries from outward secondments	(309)	-	(309)	(196)	-	(196)
Net cost	36,601	132	36,733	36,611	314	36,925

Question 25

Note 7 – Receivables

Accepted Answer

	Year to 31 March 2025 Permanent Staff (£000)	Year to 31 March 2025 Other Staff (£000)	Year to 31 March 2025 Total (£000)	Year to 31 March 2024 Permanent Staff (£000)	Year to 31 March 2024 Other Staff (£000)	Year to 31 March 2024 Total (£000)
Salaries including allowances	26,465	116	26,581	26,722	283	27,005
Social security costs	3,074	5	3,079	3,049	9	3,058
Other pension costs	7,371	11	7,382	7,036	22	7,058
Total staff costs	36,910	132	37,042	36,807	314	37,121
Less recoveries from outward secondments	(309)	-	(309)	(196)	-	(196)
Net cost	36,601	132	36,733	36,611	314	36,925

Question 26

Note 8 – Cash

Accepted Answer

GIAA shares a bank account with HM Treasury and therefore does not hold cash. Cash transactions are made by HM Treasury on behalf of GIAA through the year. The statement of cash flow therefore represents the movements in GIAA’s cash in HM Treasury’s consolidated cash flow which relate to GIAA.

Question 27

Note 9 – Payables and other current liabilities

Accepted Answer

	Year to 31 March 2025 Permanent Staff (£000)	Year to 31 March 2025 Other Staff (£000)	Year to 31 March 2025 Total (£000)	Year to 31 March 2024 Permanent Staff (£000)	Year to 31 March 2024 Other Staff (£000)	Year to 31 March 2024 Total (£000)
Salaries including allowances	26,465	116	26,581	26,722	283	27,005
Social security costs	3,074	5	3,079	3,049	9	3,058
Other pension costs	7,371	11	7,382	7,036	22	7,058
Total staff costs	36,910	132	37,042	36,807	314	37,121
Less recoveries from outward secondments	(309)	-	(309)	(196)	-	(196)
Net cost	36,601	132	36,733	36,611	314	36,925

The Amounts due to HM Treasury figure has reduced due to a smaller receivables balance, compared to 31 March 2024 with more of our year end invoices issued and paid before 31 March.

Included within the accrual value is the value of untaken leave of staff at the end of the year (£911k in 2024-25; £1,014k in 2023-24). On 1 April 2023 £189k of untaken leave was transferred with the MOD staff who joined GIAA on that date.

The year-on-year payables movement on the cashflow statement is £197k lower than the difference between the balances above due to the unpaid invoices for London that were included as payables rather than lease liabilities in the 2023-24 accounts. This is also noted in the lease liability movement in note 11.4.

Question 28

Note 10 – Provisions for liabilities

Accepted Answer

We have a provision in our 2024-25 accounts of £90k relating to dilapidations for the offices we use in Reading and Bristol and the office we left in Nottingham in January 2025. We expect to settle the £3k provision for Nottingham in 2025-26, the £24k provision for Bristol in 2026-27 and the £63k provision for Reading in 2029-30.

In 2022-23, GIAA recorded a provision of £145k relating to the Tax and National Insurance contributions due to HMRC for Staff Reward vouchers. GIAA staff have received vouchers through our Reward and Recognition scheme. These contributions date back to 2018-19. This was settled in the period to 31 March 2024.

	Dilapidations provision	Total
Balance at 1 April 2024	-	-
Provided in the year	90	90
Provisions not required written back	-	-
Provisions utilised in the year	-	-
Balance at 31 March 2025	90	90

	Tax and NI contributions provision (£000)	Total (£000)
Balance at 1 April 2023	145	145
Provided in the year	-	-
Provisions not required written back	(2)	(2)
Provisions utilised in the year	(143)	(143)
Balance at 31 March 2024	-	-

Question 29

Note 11 – Commitments and leases

Accepted Answer

11.1 Capital and other financial commitments

GIAA has not entered into any capital commitments or any non-cancellable contracts.

11.2 Commitments under operating leases

GIAA has a recharge arrangement with HM Treasury for several support services including ICT running costs and transactional services for HR and finance. As at 31 March 2024, these arrangements were based on an annual recharge to GIAA from HM Treasury. The arrangements are subject to an annual review and as the GIAA expands, longer term arrangements will be sought which may result in operational leases. However, current arrangements are not in scope of IFRS16 as they do not convey a right of control.

GIAA moved into its main office site (10 Victoria Street, London) in November 2018 and has space in a new site in Birmingham from July 2021 (23 Stephenson Street). These premises are leased from the Government Property Agency. IFRS 16 Lease Accounting applies in respect of these lease arrangements and has been applied from 1 April 2022. These leases gave rise to a Right of Use asset and a Lease Liability under IFRS16 of £913k. On 1 April 2022, GIAA expanded its office space in London which gave rise to a further Right of Use asset and Lease liability of £296k (total £1,209k). GIAA’s accounting policy for implementing the standard is set out in Note 1.13. For the sites where we have lease arrangements, we use the end date of the lease in the prescribed term as the end date of the lease. In 2024-25 we have agreed to extend the length of the lease in London from August 2025 to November 2025 which has resulted in an increase of £80k to the Right of Use Asset and Lease Liability. The Birmingham lease was recalculated in 2023-24 following a modification to the lease with GIAA occupying a smaller space. This resulted in a £68k reduction in the Right of Use Asset and Lease Liability.

Further to these locations, GIAA staff use office space provided by our client departments to discharge their duties. GIAA pay rent for eight of these locations but have concluded that these agreements do not constitute leases as GIAA does not have the right to direct use of the office space in these locations. In locations where GIAA does not pay rent for the use of office space, we have considered whether such arrangements give rise to peppercorn leases, but due to the nature of the occupation by GIAA staff in these sites, we have concluded that they do not come within the scope of IFRS 16 and do not therefore need to be disclosed. This is consistent with prior year assessments.

11.3 Right of use assets

	Buildings £000	Total £000
Cost or valuation
At 1 April 2024	1,141	1,141
Remeasurement – existing leases	80	80
At 31 March 2025	1,221	1,221
Depreciation
At 1 April 2024	(660)	(660)
Depreciated charged in year	(327)	(327)
At 31 March 2025	(987)	(987)
NBV at 31 March 2024	481	481
NBV at 31 March 2025	234	234

11.4 Obligations under leases

Obligations under leases for the following periods comprise:	Year to 31 March 2025 (£000)	Year to 31 March 2024 (£000)
Buildings
Not later than one year	550	329
Later than one year and not later than five years	10	164
Later than five years	-	-
Less interest element	(20)	(5)
Present value of obligations	540	488

Unpaid invoices for London in 2023-24 (£197k) were included as Payables rather than Lease Liabilities in the 2023-24 accounts, and the lease modification for London referred to in 11.2 explain the increase to the value of obligations between 31 March 2024 and 31 March 2025. The 2024-25 rent for London was unpaid at 31 March 2025 as discussions with GPA regarding the rental value concluded at the end of March 2025.

11.5 Cash outflow for leases

	Year to 31 March 2025 (£000)	Year to 31 March 2024 (£000)
Total cash outflow for leases	227	329

£227k represents the lease payments made for the three leases noted in 11.2 which is presented in the SoCF as the repayment of the lease liability and the interest implied in that lease.

Question 30

Note 12 – Related party transactions

Accepted Answer

HM Treasury is the sponsoring department of the GIAA and as such is regarded as a related party. GIAA acquires services from HM Treasury including the provision of ICT support, accommodation and other support services. Additionally, GIAA provides internal audit services to HM Treasury and some of its agencies and arm’s length bodies.

GIAA has had a number of transactions with other government departments and other central government bodies associated with its provision of internal audit services. The ten largest of these in terms of income earned (inclusive of the department and their arm’s length bodies) are below:

Department for Work and Pensions
Ministry of Defence
Department for Transport
Ministry of Justice
Department for Environment, Food and Rural Affairs
Home Office
Department of Health and Social Care
Ministry for Housing, Communities and Local Government
Department for Education
Department for Science, Innovation and Technology

Board member remuneration is disclosed in the Remuneration Report which forms part of the annual statement of accounts. No Board member or senior manager has undertaken any other material transactions with GIAA in the 12 months to 31 March 2025.

Question 31

Note 13 – Contingent liabilities

Accepted Answer

As at 31 March 2025 we have a contingent liability for a voluntary exit scheme for which the necessary approvals were in place at the reporting date but the scheme had not been communicated. This was subsequently communicated on 28 April and launched on 6 May 2025. We estimate the cost of the contingent liability to be between £500k-£750k. The uncertainty in relation to the contingent liability relates to the number of staff who exit under the scheme. We expect that the liability will be settled during 2025-26 with staff exiting by the end of September 2025 and receiving the main settlement then. There will be an adjustment to the settlement of the liability later in the financial year to take account of the 2025-26 Pay Award.

Question 32

Note 14 – Events after the reporting period

Accepted Answer

There were no significant events occurring after the reporting period, other than the launch of the voluntary exit scheme on 6 May 2025 as referred to in Note 13.

The Accounting Officer authorised these financial statements for issue on 14 July 2025.

	Year to 31 March 2025 Internal Audit Customers (£000)	Year to 31 March 2025 Supply funded: IA Policy (£000)	Year to 31 March 2025 Total Per SOCNE (£000)	Year to 31 March 2024 Internal Audit Customers (£000)	Year to 31 March 2024 Supply funded: IA Policy (£000)	Year to 31 March 2024 Total Per SOCNE (£000)
Audit fee income
Fixed fee clients	(45,670)	-	(45,670)	(43,116)	-	(43,116)
Time and materials clients	(776)	-	(776)	(2,051)	-	(2,051)
Total audit fee income	(46,446)	-	(46,446)	(45,167)	-	(45,167)
Grant income	(235)	-	(235)	(27)	-	(27)
Other income	(4)	-	(4)	(7)	-	(7)
Total income (46,685)	-	(46,685)	(45,201)	-	(45,201)
Expenditure	47,106	350	47,456	49,584	350	49,934
Net operating expenditure for the year	421	350	771	4,383	350	4,733
Finance expense	2	-	2	7	-	7
Cost of MOD annual leave balances transferred on 1 April 2024	-	-	-	189	-	189
Comprehensive net expenditure for the year	423	350	773	4,579	350	4,929

Amounts falling due within one year	Year to 31 March 2025 (£000)	Year to 31 March 2024 (£000)
Amounts due to HM Treasury	814	4,032
Accruals	3,425	3,691
Trade and other payables (including Tax & Social Security)	1,597	1,965
Deferred income	82	7
Total falling due within one year	5,918	9,695

	Year to 31 March 2025 (£000)	Year to 31 March 2024 (£000)
Depreciation on Right of Use Assets	327	317
Amortisation	11	7
Total depreciation and impairment	338	324

Amounts falling due within one year	Year to 31 March 2025 (£000)	Year to 31 March 2024 (£000)
Trade receivables	11,612	12,960
Prepayments	66	91
Accrued income	933	1,495
Staff loans and other receivables	(3)	1
Total falling due within one year	12,608	14,547

Cookies on GOV.UK

Performance report

Performance overview

About the Government Internal Audit Agency

Welcome to our Annual Report and Accounts

Harriet Aldridge, Chief Executive GIAA and Isobel Everett MBE, Chair, GIAA Board

Our year at a glance

April 2024

May 2024

June 2024

July 2024

August 2024

September 2024

October 2024

November 2024

December 2024

January 2025

February 2025

March 2025

Our year in numbers

For 2024-25…

Our clients express high levels of satisfaction with our services…

We continue to embrace the benefits of emerging technology…

We value our people and their wellbeing…

About us

Our mission

Our Vision 2026

Our strategy and plan

Our values and behaviours

Values

Behaviours

Our services

Internal audit activities

Audit services for European Union funded programmes in the UK

Counter fraud and investigation services

Innovation and data analytics

Our organisational structure

GIAA operating structure 2024-25

GIAA priority outcomes and areas of focus

Managing our principal risks

Going concern basis

Quality of our work

Continuous improvement and change

Performance analysis

Performance against the corporate plan

Area of focus: our people

Our priorities for 2024-25:

We will deliver…

The progress we have made…

We will deliver…

The progress we have made…

We will deliver…

The progress we have made…

These areas of focus supports our vision of…

What’s next for 2025-26?

External awards and commendations

2024 Audit and Risk Awards

Government Finance Function Awards

Government Counter Fraud Awards

Tackling Economic Crime Awards

Public Finance Awards

Area of focus: our quality

Our priorities for 2024-25:

We will deliver…

The progress we have made…

We will deliver…

The progress we have made…

We will deliver…

The progress we have made…

We will deliver…

The progress we have made…

We will deliver…

The progress we have made…

We will deliver…

The progress we have made…

These areas of focus supports our vision of…

What’s next for 2025-26?

Case study: Maximising efficient delivery: combining ‘three-in-one’ audit fieldwork

Case study: Lessons learnt - exposing a ‘Man-in-the-Middle’ bank mandate fraud

Area of focus: our financial position