Guideline 10. Operational control

Submitted by Anonymous (not verified) on

If a social security institution has an internal actuarial department, a regular audit of its operations is to be conducted. If a social security institution employs an external actuarial provider, the parties agree on the ways the social security institution monitors the appropriateness of the external provider’s processes.

The quality of actuarial work, including the actuarial valuation, depends on the quality of internal processes of the internal actuarial department or external provider. As such, the social security institution should ensure that the appropriate operational controls are put in place.

Guideline code
ACT_01100
Mechanism
Mechanism
  • The social security institution may conduct the operational audit of the internal actuarial department either by using internal auditors or by hiring external auditors.
  • The operational audit should address, among other things, the following processes:
    • Data validation procedures;
    • Data protection procedures;
    • Internal peer review procedures;
    • Documentation procedures;
    • Data back-up and business continuity plans.
  • The social security institution may decide to send its own auditors to review an external provider’s processes. Alternatively, the social security institution may decide to rely on the results of an external provider’s internal audit and/or assurance review by a third party. In all cases, the rationale for the chosen approach should be documented. The chosen approach should be reviewed and reassessed on a regular basis.
  • Actuaries (both those internally employed and external providers) should cooperate with the operational audit and follow resulting recommendations as per Guideline 12.
Parent
A. Valuation of Social Security Schemes
Structure
Principles
  • The social security institution should create a written policy in respect of the operational audit of the actuarial department. In particular, this policy should specify the following:
    • The main objective of audits;
    • The frequency of audits;
    • The processes to be audited;
    • The responsibilities of auditors and the actuarial component of the process.
  • In the case of an external provider, the social security institution should specify as a part of the contract which external provider’s processes will be monitored by the social security institution and how.

Tags

Title HTML
Guideline 10. Operational control
Type
Guideline_1
Weight
14