FPB PRESENTATION ON EXPENDITURE TRENDS AND AUDIT OUTCOMES 2013/14 Portfolio Committee: 21 October 2014 16/ 10/ 2014

EXPENDITURE TRENDS 2013/2014 4/23/2019

REVENUE 2013/14 R82.6m was received as a grant for the year ended 31 March 2014 as compared to R69.8m received in the previous financial year. R4.3m was generated from regulation fees as compared to R5.4m in the previous financial year. The regulation fees declined from the previous financial year due to a decrease in the number of materials submitted for classification. Overall income received for the year ended 31 March 2014, was R87.1m as compared to R75.7m received in the previous financial year.

EXPENDITURE 2013/14 Administrative staff costs of R36.1m was incurred for the current year. This total includes Classifiers’ fees of R3.8m paid during the financial year. General operating expenses of R45.4m excluding non cash items like depreciation expenses of R3.1m. The Board recorded a surplus of R5.4m for the year ended 31 March 2014 as compared to deficit of R R11.7m recorded in the previous’ financial year.

STATEMENT OF FINANCIAL PERFORMANCE DESCRIPTION 31 March 2014 (RANDS) 31 March 2013 REVENUE 87,114,245 75,731,762 GRANT SUBSIDY 82,675000 69,835,000 REGULATION FEES 4,368,047 5,458,106 OTHER INCOME 71,198 438,656 EXPENDITURE 81,680,550 87,489,878 PERSONNEL EXPENDITURE - Admin staff 32,301,489 28,477,440 - Classifiers 3,814,312 2,821,880 OTHER OPERATING EXPENDITURE 45,564,749 56,190,558 (DEFICIT)/ SURPLUS 5,433,695 (11,758,116)

AUDIT OUTCOMES AND AUDIT ACTION PLAN 4/23/2019

AUDIT REPORT 2013/14 The Film and Publication Board has again obtained an UNQUALIFIED AUDIT OPINION. Following non-compliance issues were highlighted on the Audit Report: Restatement of Annual Financial Statements. Material misstatements in the annual performance report submitted for audit. Material misstatements of accounts payables expenditure, which were subsequently corrected.

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place Accruals that relate to the prior period have not been reversed The financial statements are not prepared in line with the reporting framework due to the lack of understanding of the reporting framework. The financial statements are not thoroughly reviewed for completeness and accuracy by a senior person All transactions should be recognised in line with the requirements of the applicable standards. It is recommended that the basic principles of accounting be applied when transactions are recorded. Prior year accruals were corrected on the AFS, amended AFS and supporting journals will be submitted for review. Accrual accounts will be reviewed on monthly basis. Addressed All creditors accounts reconciled on monthly and quarterly basis. Understatement of payables Management did not have sufficient monitoring controls to ensure that Accounts Payables were accurately recorded in the financial Statements. The senior leadership should review all journals recorded in the financial statements against supporting documentation to prevent and detect errors. Correct PAYE amount was disclosed in the AFS, correcting journal will be submitted for audit. Management will ensure correcting journals are reviewed on monthly basis. All creditors accounts recorded on the general ledger and reviewed by the Finance Manager on monthly basis. 13 months' rent included in Trial Balance Management did not prepare regular, accurate and complete financial and performance reports that are supported and evidenced by reliable information. Rental expense was recognised in line with the requirements of the applicable standards; correct amount was disclosed in the revised financial statements. All recurring expense transactions recorded on the general ledger and reviewed by the Manager Finance.

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place Operating lease incorrectly disclosed Management did not have sufficient monitoring controls to ensure that operating lease liability was accurately disclosed in the financial Statements. The senior leadership should review the financial statements disclosures in order to ensure that disclosures are in line with amounts presented on the face of the financial statements and not misleading in any material respect. Also, disclosures should comply with GRAP 13 par 42(a). Operating Lease disclosure was corrected; amended AFS will be submitted for review. Management will review lease schedule used for lease disclosure. Addressed All operating lease transactions captured on the general ledger and reviewed by Finance Manager Finance lease liability incorrectly classified under operating lease liability. Management did not have sufficient monitoring controls to ensure that the disclosures were accurately made and not misleading in any material respect. The senior leadership should review the financial statements disclosures in order to ensure that disclosures are in line with amounts presented on the face of the financial statements and not misleading in any material respect. Also, disclosures should comply with GRAP Management will disclose all Finance leases under note 7 Quarterly financial statements disclosures reviewed by the CFO. Unrecorded liabilities Management did not prepare regular, accurate and complete financial and performance reports that are supported and evidenced by reliable information. It is recommended that senior personnel review the financial statements to ensure that they are accurate and complete Amount was corrected on the general ledger and correct amount was disclosed in the financial statements Liabilities accounts reviewed by the CFO.

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place Commitments have been overstated Management did not have sufficient monitoring controls to ensure that commitments are accurately disclosed. The senior leadership should review the financial statements disclosures in order to ensure that disclosures are in line with amounts presented on the face of the financial statements and not misleading in any material respect. Further, management should frequently, at least on monthly basis, make comparison and reconciliation between amounts in the general ledger and commitment schedule Correct commitment amount was disclosed, amended AFS will be submitted for review. Accuracy and Completeness of commitment register will be review on monthly basis Addressed Commitments register prepared on monthly basis and reviewed by the Manager Finance. Salaries and wages with a debit balance classified under accounts payables Management did not have sufficient monitoring controls to ensure that trade and other payables are correctly valued as at the end of the financial year. The senior leadership should review salaries and wages account no. 9250. Frequent comparison and reconciliation of the salaries and wages expense and liability account should be made. Follow- up should be made on any inexplicable differences found. Amounts were corrected on the General Ledger; amended AFS will be submitted for review. Management will ensure that all liability accounts are reviewed on monthly basis. Salaries accounts reconciled on monthly basis and reviewed by the Finance Manager

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place The straight lining of the lease was incorrect Management did not prepare regular, accurate and complete financial and performance reports that are supported and evidenced by reliable information. It is recommended that the requirement of GRAP 13 be adhered to when calculating the straightlining of the lease. It is further recommended that there should be a review process by senior management of the calculations performed. Straight-lining of the operating lease for the building was corrected on the AFS, amended AFS and supporting journals will be submitted for review. Management will ensure that correct amortisation schedule is used for straight-lining Addressed All lease transactions captured on the general ledger and reviewed by Finance Manager Netting off of debtor's balances The age analysis for both debtors and creditors should be reviewed by a senior person Each debtor's balance should be assessed individually, and individual balances should be reclassified to Trade Payable Management will ensure the age analysis is reviewed correctly on monthly basis All debtors balances reconciled on monthly basis and reviewed by the Manager Finance.

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place Creditors with debit balances were not reclassified The financial statements and other information to be included in the annual report are not thoroughly reviewed for completeness and accuracy. All creditors who have debit balances at year end should be reclassified to trade receivables. Management will ensure all debit balances as per the creditor’s age analysis are reclassified as debtors. Creditor’s age analysis will be reviewed regularly to ensure accuracy and completeness of creditors balances. Addressed All creditors accounts recorded on the general ledger and reviewed by the Finance Manager on monthly basis. Creditors with debit balance were reclassified. Income received in advance recognised as revenue Management did not prepare regular, accurate and complete financial and performance reports that are supported and evidenced by reliable information. The requirements of GRAP should be adhered to. We recommend that when money is received, it should be recorded as a liability, being income received in advance and then the revenue can then be recognised as and when the services are rendered. Revenue List of all certificates issued during the financial year was prepared; this amount will be disclosed as revenue in the financial statements. This list will be submitted for audit review. Liabilities Management will ensure revenue for certificates not yet issued is disclosed as income received in advance Revenue reconciled to registrations reports and all discrepancies discussed with the Manager: Client Support

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place Reasons for variances between planned target and actual achievements not disclosed Management did not thoroughly review the performance report to ensure that it is presented in line with the National Treasury’s guide for the preparation of annual reports. It is recommended that the requirements of the National Treasury be adhered to and reasons for variances should be included in the performance report. Information requested was included in the row under Challenges and Action plan We have since in included the words ‘reason for variances next to Action plan for completeness and compliance purposes. Addressed Template for reporting has since been amended. Monthly and quarterly reporting on performance done. Evidence files reviewed and retained Reasons for variances provided Divisional reports are currectly being checked by Executives Non-compliance with Instruction Note Lack of review and monitor of compliance with applicable laws and regulations It is recommended that the names of the bidders must be published on the website and evidence should be kept by the auditee. This is as a result of an oversight. This fact is supported by the fact that the names of bidders for other tenders were published on the website as required. Names of all bidders published on the FPB website.

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place Fixed Assets Register incomplete Management did not prepare regular, accurate and complete financial and performance reports that are supported and evidenced by reliable information. All new additions for the period should be listed on the fixed asset register to ensure that the register is complete (irrespective of whether depreciation is applicable for the period or not). An additional column should be added into the fixed asset register that clearly shows which assets have been disposed, written off or donated during the financial period. Management will ensure assets are included in the assets register, updated assets register will be submitted for audit review. Management will ensure monthly reconciliations are accurate and complete. Addressed Fixed assets reconciled on monthly basis and reviewed by the Finance Manager. Assets verified on quarterly basis and inventory lists updated where necessary. Useful lives of fixed assets not reassessed Lack of review and monitor of compliance with applicable laws and regulations. Management does not exercise oversight responsibility over reporting and compliance with the requirements of GRAP. Management should ensure that useful lives of assets are assessed at the end of each financial year Management agree with the finding, useful live was not performed due to the fact that all assets listed above where identified for disposal during the next financial year. A list of assets identified will be submitted for review. Useful live for all assets reviewed on monthly basis and will be reassessed at year end.

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place IT Governance Management has not prioritised steering committee meeting as stipulated in the ToR The requirements the offsite tape storage facility was misaligned with the requirements of the backup solution, resulting in delays in the supply change process in appointing the offsite storage partner. The IT Steering Committee should begin meeting on a regularly scheduled basis to ensure that IT activities including the governance of IT are in line with the entity’s strategies and objectives. Management should assess the offsite storage requirements and finalise the supply chain process for the appointment of a service provider. The TOR of the ITSC will be revised to consider the inclusion of additional objectives, the current composition of the ITSC, nomination of the external members to the ITSC, performance monitoring of the ITSC and the overall monitoring of IT performance. A current vendor (The Document Warehouse) is utilised by FPB operations for offsite storage. IT Management are in the process of finalising service contracts to utilise this this vendor for additional offsite storage service. Partially addressed TOR have been revised. Recommended additions to objectives have been included. Remuneration of members have also been included. Considerations is being given for the formation of the ITSC and performance monitoring will be a standing agenda item

Proposal to increase bandwidth was approved. AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place Security management The information security standards policies and processes have not been designed and implemented within the FPB. This is due to the current IT Security Management capability and maturity level at FPB. IT should conduct an exercise to: Develop, approve and adopt security configuration standards for each network configurable item; Develop, approve and adopt a formal monitoring and resolution processes for information security. Management agree with the findings and the Internal Control Deficiency. The Information Security Policy will be utilised to develop the Information Security Framework and the Information Security Operational Plan. Information security monitoring process will be developed and implemented as part of this plan. As an interim process, management will implement monitoring processes on high risk areas. Not Addressed Proposal to increase bandwidth was approved. Proposal tabled to increase the bandwidth capacity in order to allow for security policies to be configured for designated networks Implementation date: 31 March 2015

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place IT service continuity The Corporate Governance framework requirement for ensuring continuity of operations in the event of a business disruption has not yet been fully implemented. The policies and procedures for executing IT back-ups, restoration testing and back-up monitoring have not been fully developed and implemented. This is due to the current IT Service Management capability and maturity level at FPB. Management should initiate a program to ensure that Business Continuity Management is aligned to business requirements and periodic training and testing of the BCP/DRP is conducted. Furthermore, management should: Develop, adopt and implement an back-up strategy that ; and • Ensure that evidence supporting the implementation of the back-up strategy is retained for an appropriate period. Management agree with the finding and the Internal Control Deficiency. As part of the BCM process, an initiative will be launched to ensure the current Business Continuity Plans are revised and the deliverables as specified in current plan will be developed. As part of the initiative, the BC Plan will be tested to ensure the plan is effective in meeting the business requirements in the event of a business interruption. Management will consider implementing an IT Service Management Framework. As part of the initiative, a back-up strategy will be developed, adopted and implemented. Partially addressed Replication of internal systems to the DR site has been completed. Our systems are backed up daily DR rehearsal has been scheduled for 20-Oct-2014

AUDIT ACTION PLAN Audit Finding Root Cause Recommendations Management Response & Implementation date Current Status Controls in place User access control User Management policies, processes and procedures have not been formalised and current processes are not yet fully complied to and monitored. This is due to the current IT User Management capability and maturity level at FPB. Management should develop, approve and implement user management processes, which should at minimum include the process to create/modify/delete users and review of user accounts on a periodic basis. The processes should also be applied to the Operating System and Financial applications environment. Management will develop and implement formal user management processes on all systems (Financial Systems, Operational Systems) and at the operating system level Addressed User Access procedure has been developed and approved. The invoice was not stamped to confirm receipts of service Compliance with entity policies and procedures is not properly reviewed and monitored. It is recommended that the invoices should be stamped as evidence of approval of the goods or services received to ensure that the expenditure incurred is valid and was authorised. There are internal controls in place to monitor this process, management will ensure staff comply and adhere to these controls implemented All invoices paid during the current financial year recorded on the general ledger and stamped as evidence of approval and confirmation that the goods were received or services rendered.

THANK YOU