The bill amends the Administrative Code of 1929 by introducing ARTICLE XXVIII-J, which establishes a comprehensive framework for internal auditing within Commonwealth agencies. This new article outlines the purpose of internal auditing, emphasizing the need for independent analyses and recommendations to enhance the effectiveness of internal control policies and procedures. It defines essential terms related to auditing and mandates that each agency implement a structured internal auditing program, which includes an annual audit plan, periodic audits of major systems, and the appointment of a qualified internal auditor. The internal auditor is required to report directly to the agency administrator and is responsible for developing audit plans, conducting audits, and preparing audit reports.

In addition to these provisions, the bill enhances oversight and accountability by empowering the Auditor General to coordinate training and technical assistance for internal auditors, with reimbursement for associated costs through interagency cooperation contracts. It also establishes a formal risk assessment process for Commonwealth agencies, requiring them to conduct annual risk assessments and submit reports to the Auditor General. The Auditor General will evaluate these reports to identify agencies with significant risks and recommend audits as necessary. Furthermore, Commonwealth agencies are mandated to publish their audit plans and annual reports on their websites, ensuring transparency regarding identified weaknesses and actions taken to address them. The act is set to take effect 60 days after its passage.

Statutes/Laws affected:
Printer's No. 2630 (Nov 19, 2025): P.L.177, No.175