GUIDELINE ON RISK MANAGEMENT AND INTERNAL CONTROL PRINCIPLES AS WELL AS INTERNAL AUDIT FUNCTION OF INVESTMENT FIRMS

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "GUIDELINE ON RISK MANAGEMENT AND INTERNAL CONTROL PRINCIPLES AS WELL AS INTERNAL AUDIT FUNCTION OF INVESTMENT FIRMS"

Transcription

1 until further notice 1 (10) Applicable to investment firms GUIDELINE ON RISK MANAGEMENT AND INTERNAL CONTROL PRINCIPLES AS WELL AS INTERNAL AUDIT FUNCTION OF INVESTMENT FIRMS By virtue of section 4, point 2, of the Act on the Financial Supervision Authority, the Financial Supervision Authority issues the following guideline on risk management and internal control principles as well as internal audit function of investment firms and undertakings belonging to an investment firm's consolidation group. In this guideline, the Financial Supervision Authority issues recommendations for the implementation of risk management and other aspects of internal control in accordance with the provisions set out in Regulation Principles for reporting and communication are discussed in more detail than other principles since the Financial Supervision Authority has not issued a separate guideline on these principles. The provisions in this guideline concerning an investment firm shall also apply, where applicable, to an investment firm s consolidation group. Contents Page 1 Introduction Principles relating to management style and control culture Principles relating to identification, assessment, limitation and control of risks Principles relating to control activities and segregation of duties Principles relating to information and communication Monitoring operations and correcting deficiencies Tasks of internal audit Role of internal audit... 9

2 until further notice 2 (10) 1 Introduction Deficiencies in internal control have either been the central cause or a crucial factor in a number of corporate failures in the financial markets both in Finland and abroad. Thus, the Financial Supervision Authority has decided to issue a regulation and a guideline laying down principles relating to risk management and internal control. The above regulation and guideline document generally accepted principles that represent the common view of financial supervisors around the world. The Financial Supervision Authority has issued a separate regulation (issued on 1 June 1999) on risk management and other aspects of internal control in investment firms. In this guideline, the terms risk management and other aspects of internal control have the same meaning as in the regulation in question. Internal control is a set of procedures included in the operations of a business unit. These procedures are part of the management function of any investment firm. All personnel, however, need to be involved in internal control for it to be effective. Small organizations may find it difficult to abide by the following principles to the letter. In such cases, use of alternative control procedures can be considered. This approach requires a separate decision by the board of directors on the steering and control procedures that will be followed. 2 Principles relating to management style and control culture The investment firm must 1) determine the investment firm s business strategies, operating principles and organizational structure; ensure an appropriate allocation of responsibilities, reporting relations and decision-making powers; and see to it that risk management and other aspects of internal control cover all activities of the investment firm and are commensurate with the risks inherent in its different operations; The responsibility for overall risk management should be centralized within the organization of an investment firm. The aim is to ensure that the business operations of an investment firm and its consolidation group are monitored and the associated risks identified, so that senior management will be aware of the total impact of all risks that arise in the course of business operations on the performance and own funds of the investment firm and its consolidation group. If the business strategies and operating principles of a consolidation group are applicable to the group itself, an investment firm belonging

3 until further notice 3 (10) to this group must separately approve the business strategies and operating principles applicable to it. Superiors are responsible for ensuring that authorizations and responsibilities are put in writing. 2) establish quantitative and qualitative objectives for each field of operation and monitor their implementation; Decision-making and implementation of internal control must be documented in the minutes and appendices thereto. Internal control needs to be considered when establishing objectives and recognizing their attainment; further, it must be ensured that attainment of objectives does not encourage undesirable practices. To maintain confidence in and reputation of an investment firm and to protect it against criminal activity and malpractices, the investment firm must follow ethically acceptable principles when establishing objectives and procedures. An investment firm must pay attention to the quality of its customers, know its customers, observe good securities market practices, and comply with regulations concerning prevention of money laundering. 3) ensure that staff have the requisite skills and are suitable for their tasks and that they have access to the information required to perform their tasks. An investment firm must ensure that its staff are fully conscious of the internal control aspect of their tasks and undertake to comply with it. An investment firm must have procedures for preventing the hiring of unqualified or dishonest persons. When an investment firms contracts external services, the same care must be observed as when hiring new, permanent staff. This applies both to the provider of external services and those of its employees who, in the course of their duties, gain access to the investment firm s internal information. An investment firm cannot transfer the responsibility regarding internal control to the provider of external services. 3 Principles relating to identification, assessment, limitation and control of risks The investment firm must 4) ensure that the risks inherent in the investment firm s business are identified and assessed; Adequate risk management covers at least the following risks (but is not limited to these):

4 until further notice 4 (10) Credit risk refers to the possibility of default by a counterparty on its obligation to an investment firm. Market risk refers to the possibility of a loss resulting from adverse variation of market prices or their volatility. Market risks include interest rate risk, exchange rate risk, share price risk or other price risk (commodity price risk). An investment firm s financial risk is the risk that it may not be able to fulfil its payment obligations. Market liquidity risk is the risk that the investment firm may not be able to realize or cover its positions at the present market price due to a lack of market depth or a market disturbance. Operative risk is the risk of unexpected losses due to deficiencies in information or other systems or routines for internal control and checking. Legal risk is the risk of invalidity or nullity of a contract or lack of documentation. Strategic risk is the risk that the investment firm s chosen strategy may be incommensurate with its risk-bearing ability, technical resources or staff expertise. In this case, realization of the strategy may prove to be a mistake that results in financial losses. 5) approve the investment firm s risk-taking principles; establish policies for risk limitation and supervise compliance with such policies; Set defined procedures for limitation of risks and operational limits for quantifiable risks must be put in writing. Risk management systems incorporate decision-making procedures for engaging in new activities or introducing new products. All individuals involved are briefed, in respect of their own spheres of responsibility, of the risks associated with the new activity and the ways in which the risk management procedures for the new activity will be implemented. Compliance with risk limits and procedures is monitored on a continuous basis. When operational limits are exceeded or risk management procedures are not followed, the incident should be promptly reported and assessed. Clear follow-up procedures for violation are established. Risk management limits and procedures are reviewed periodically so that they correspond to adopted operational modes and the current market situation. 6) ensure that the investment firm has a risk control function that is independent of the risk-taking function.

5 until further notice 5 (10) The risk management function must be independent of the risk-taking function up to and including the remits of members of the board of directors. 4 Principles relating to control activities and segregation of duties The investment firm must 7) ensure that internal control measures are an integral part of the daily operations of the investment firm and that conflicting duties are appropriately segregated and the procedures for key operations documented in writing; Appropriate control measures that are integrated within operations are to be defined for all organizational levels. Control measures at different levels include the following: monitoring of operations and attainment of objectives specified by the board of directors appropriate control of operations in all units physical controls monitoring compliance with risk limits and deviations establishing procedures for approval and authorization which ensure that excesses of limits are reported to the next organizational level responsibility for checking, reconciliation and reporting of noncompliance must be at the appropriate organizational level. 8) ensure that the investment firm s staff do not handle, in their capacity as representatives of the investment firm, any business transactions of their own or concerning persons with whom they are closely related, or otherwise influence any decisions relating to such business transactions. ownerships and other interests and secondary occupations of management and staff should be investigated and registered to avoid potential conflicts of interest. Monitoring procedures for registered information should be established. 5 Principles relating to information and communication Accounting and information systems provide information concerning the business operations of an investment firm and markets needed for internal decision-making and internal control as well as for external purposes. Information provided by accounting system must give a true and fair view of all the investment firm s operations. Therefore, the investment firm must

6 until further notice 6 (10) 9) ensure that the investment firm maintains accounting and information systems that are adequate for decision-making and assessment of operations; Every transaction is recorded promptly and accurately with the correct time and date and sufficient detail. The audit trail must be complete starting from the original document. A written description of the investment firm s accounting systems must be prepared covering both manual and automated processes as well as internal control routines. Management and other personnel have prompt access to sufficient and appropriate information to properly perform their duties. Information must be relevant and sufficient for decision-making. Information is released to the authorities at appointed times without delay. Information provided for external use (annual accounts, supervisory reporting, etc) complies with the relevant statutes and regulations. Management must establish bi-directional communications channels within the organization. 10) ensure that the investment firm maintains IT systems that are adequate with regard to its activities and organized in an appropriate fashion. An investment firm needs to have the necessary expertise, organization and internal control procedures to maintain and process information in an electronic form. For internal control, this implies compliance with the principles identified below in points a k. These principles also apply in situations where data are handled in a decentralized manner, ie business units besides the IT department handle and process data. An investment firm should further ensure that their suppliers of IT systems and services apply similar principles. An investment firm must comply with the following principles in the pursuit of its own operations only to the extent that these principles apply to its operations. Thus, it is unnecessary, for example, for an investment firm to establish policies and standards for systems development when it only uses off-the-shelf software or systems commissioned jointly by several investment firms for which developmental standards are collectively defined. a) Approval by the board of directors of IT strategy and budget that accord with the investment firm s current and estimated future needs to ensure the integrity and support of the technical environment. b) Policies, standards, procedures and controls for the various spheres of IT activity should be defined so as to enable cooperation among business units and in-house providers of IT services. Operational models, standards, procedures and

7 until further notice 7 (10) controls should serve as a basis for management planning, control and evaluation of IT activities. c) User operations and technical operations should be kept separate. The IT department should carry responsibility for development and operation of computer systems; users should carry responsibility for correctness and accuracy of data they enter or otherwise handle. d) There should also be further segregation of systems development and computer operation responsibilities so that individuals performing tasks in either of these spheres can only access information in the other sphere through controlled standard procedures. e) The internal audit function should be capable of evaluating the adequacy and effectiveness of IT internal controls. f) The IT department should implement and provide on-going support of systems development and quality assurance procedures to ensure that systems perform the functions for which they were designed as well as oversee the production of standardized documentation to support current users and future development tasks. g) The procedures to be followed in acquisition or approval of software and hardware, as well as in procuring services from independent providers should be decided. There should further be means to evaluate that an acquisition or contracted service corresponds to the investment firm s needs and its established standards, and is backed by continued technical support. h) Information systems should incorporate controls and violation detection capabilities with full traceability so that it is possible to assure the legitimacy and correctness of input and output data and determine that the data were input or accessed by individuals with proper authorization. In the event of disturbances, it should be possible to fully restore processes without loss of transaction records in order to assure a complete audit trail. i) Authorizations for access to data and software as well as system administrator authorizations should be granted in accordance with consistent principles approved by management. Access to data and programmes must be restricted to authorized individuals through a variety of technical means (user IDs, passwords, etc). A system for tracing and dealing with unauthorized access attempts and violations should be in place. j) The risks of interruption and loss of access to IT systems due to eg fire, flood, electricity supply, must be minimized through appropriate physical security measures. Access to networks,

8 until further notice 8 (10) devices and sensitive materials (storage media, documentation, etc) must be restricted to authorized individuals. k) Plans to assure the continuity of vital operations under all circumstances should be in place. In the event of unexpected disturbances or downtime, it should be possible to re-establish normal operation within a reasonable time. Such continuity plans should be updated and tested at regular intervals. 6 Monitoring operations and correcting deficiencies Continuous monitoring of the investment firm s internal control in respect of its efficiency is necessary. Monitoring significant risk-taking must be an integral part of the investment firm s daily operations. Business operations also need to be regularly monitored. To this end, the investment firm must 11) ensure that the internal audit function is organized in an appropriate fashion and operates in accordance with good internal audit practice; It is recommended that an investment firm use the main precepts of professional standards for internal control, such as The Institute of Internal Auditors standards for good internal control procedures. 12) ensure that the board of directors are informed of material findings made by the internal audit function, the auditors and the authorities; Findings and the measures taken following these must be documented in and verifiable from board meeting minutes and appendices. 13) review internal control and the adequacy of risk management on a regular basis and always when operations expand into new markets; new products are introduced; there are or will be material changes in the operating environment; or businesses are reorganized; 14) establishing procedures to ensure that control systems are revised when deficiencies are detected. 6.1 Tasks of internal audit The internal audit function is an independent function within an organization that is directly subordinate to and supportive of senior management. The task of this function is to analyse and assess the adequacy and efficiency of internal control as well as the quality of control activities. An investment firm must organize its analysis function so as to ensure that tasks required in respect of internal control are carried out. Internal control activities must comply with good internal control practice.

9 until further notice 9 (10) If the size, activities and risk exposure of the investment firm do not justify the establishment of an independent internal audit function, the investment firm may prefer to use external, independent auditors rather than establish an internal audit function of its own. The investment firm's board of directors should decide on internal audit tasks, authority and responsibilities as well as on general principles to be observed in the planning of audits and reporting of findings. Although the objectives and tasks delegated to the internal audit functions may differ among investment firms, it is generally recognized that they include the following: Internal audit must analyse the reliability and integrity of financial and operative information as well as the means of identifying, measuring, classifying and reporting this information. Internal audit must analyse the methods of ensuring compliance with such operating principles, plans, procedures, and applicable legislation and regulations as are essential for operations and reporting, and must monitor compliance with these. Internal audit must analyse the methods of safeguarding assets and, where appropriate, ensuring their existence. Internal audit must analyse the cost-effectiveness and efficiency of use of resources. Internal audit must analyse both operative activities and projects to ensure that their results are in accordance with the objectives and aims and must investigate whether these are carried out according to plans. Internal audit must analyse/assess management of functionality of risk control systems. Given their importance in internal control, the management of an investment firm should ensure that the tasks listed above are performed. 6.2 Role of internal audit The internal audit function should apply the following general principles: Independence from all other functions to be audited. Unlimited access to all operations to ensure that auditing covers all aspects of an investment firm's activities. Dimensioning commensurate with the size and activities of the investment firm; internal audit staff must possess adequate qualifications and experience.

10 until further notice 10 (10) Standing within the organization to ensure the board of directors and an administrative body supervising the board of director s activities, if any, duly process audit reports and recommendations presented therein. For further information, please contact: Capital Markets Department

Guideline on risk management and other aspects of internal control in stock exchange

Guideline on risk management and other aspects of internal control in stock exchange until further notice 1 (11) Applicable to stock exchanges Guideline on risk management and other aspects of internal control in stock exchange By virtue of section 4, paragraph 2, of the Act on the Financial

More information

Guideline on risk management and other aspects of internal control in central securities depository

Guideline on risk management and other aspects of internal control in central securities depository until further notice 1 (11) Applicable to central securities depositories Guideline on risk management and other aspects of internal control in central securities depository By virtue of section 4, paragraph

More information

REGULATION ON RISK MANAGEMENT AND OTHER ASPECTS OF INTERNAL CONTROL IN INVESTMENT FIRMS

REGULATION ON RISK MANAGEMENT AND OTHER ASPECTS OF INTERNAL CONTROL IN INVESTMENT FIRMS until further notice 1 (5) Applicable to investment firms REGULATION ON RISK MANAGEMENT AND OTHER ASPECTS OF INTERNAL CONTROL IN INVESTMENT FIRMS By virtue of section 29, paragraph 2, of the Investment

More information

Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC)

Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC) Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC) 1 Introduction 1.1 Section 316 (4) of the International Business

More information

S t a n d a r d 4. 4 a. M a n a g e m e n t o f c r e d i t r i s k. Regulations and guidelines

S t a n d a r d 4. 4 a. M a n a g e m e n t o f c r e d i t r i s k. Regulations and guidelines S t a n d a r d 4. 4 a M a n a g e m e n t o f c r e d i t r i s k Regulations and guidelines THE FINANCIAL SUPERVISION AUTHORITY 4 Capital adequacy and risk management until further notice J. No. 1/120/2004

More information

Advisory Guidelines of the Financial Supervisory Authority. Requirements regarding the arrangement of operational risk management

Advisory Guidelines of the Financial Supervisory Authority. Requirements regarding the arrangement of operational risk management Advisory Guidelines of the Financial Supervisory Authority Requirements regarding the arrangement of operational risk management These Advisory Guidelines have established by resolution no. 63 of the Management

More information

GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES

GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES 20 th February, 2013 To Insurance Companies Reinsurance Companies GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES These guidelines on Risk Management and Internal

More information

Reserve Bank of Fiji Banking Supervision Policy Statement No. 19

Reserve Bank of Fiji Banking Supervision Policy Statement No. 19 Reserve Bank of Fiji Banking Supervision Policy Statement No. 19 NOTICE TO LICENSED FINANCIAL INSTITUTIONS UNDER THE BANKING ACT 1995 MINIMUM REQUIREMENTS FOR THE MANAGEMENT OF MARKET RISK FOR LICENSED

More information

III-11 Internal Audit in banks

III-11 Internal Audit in banks III-11 Internal Audit in banks Internal Audit in banks 1 Directive by virtue of section 15 of the State Ordinance on the Supervision of the Credit System on the Internal Audit in banking organizations.

More information

Supervisor of Banks: Proper Conduct of Banking Business (06/15) [2] Internal Audit Function Page 307-1. Internal Audit Function.

Supervisor of Banks: Proper Conduct of Banking Business (06/15) [2] Internal Audit Function Page 307-1. Internal Audit Function. Page 307-1 Contents Topic Paragraphs Pages in Directive General Remarks 1 4 2 5 Key Features of the Function 5 20 5 9 Duties of the Function 21 24 9 12 Charter 25 28 11 13 Scope of Activity 29 31 13 14

More information

Regulation for Establishing the Internal Control System of an Investment Management Company

Regulation for Establishing the Internal Control System of an Investment Management Company Unofficial translation Riga, 11 November 2011 Regulation No. 246 (Minutes No. 43 of the meeting of the Board of the Financial and Capital Market Commission, item 8) Regulation for Establishing the Internal

More information

Checklist. Standard for Medical Laboratory

Checklist. Standard for Medical Laboratory Checklist Standard for Medical Laboratory Name of hospital..name of Laboratory..... Name. Position / Title...... DD/MM/YY.Revision... 1. Organization and Management 1. Laboratory shall have the organizational

More information

6/8/2016 OVERVIEW. Page 1 of 9

6/8/2016 OVERVIEW. Page 1 of 9 OVERVIEW Attachment Supervisory Guidance for Assessing Risk Management at Supervised Institutions with Total Consolidated Assets Less than $50 Billion [Fotnote1 6/8/2016 Managing risks is fundamental to

More information

GUIDELINES FOR BUSINESS CONTINUITY IN WHOLESALE MARKETS AND SUPPORT SYSTEMS MARKET SUPERVISION OFFICE. October 2004

GUIDELINES FOR BUSINESS CONTINUITY IN WHOLESALE MARKETS AND SUPPORT SYSTEMS MARKET SUPERVISION OFFICE. October 2004 GUIDELINES FOR BUSINESS CONTINUITY IN WHOLESALE MARKETS AND SUPPORT SYSTEMS MARKET SUPERVISION OFFICE October 2004 1 1. Introduction Guaranteeing the efficiency and correct operation of money and financial

More information

Standard 4.1. Establishment and maintenance of internal control and risk management. Regulations and guidelines

Standard 4.1. Establishment and maintenance of internal control and risk management. Regulations and guidelines Standard 4.1 Establishment and maintenance of internal control and risk management Regulations and guidelines THE FINANCIAL SUPERVISION AUTHORITY 4 Capital adequacy and risk management until further notice

More information

RESERVE BANK OF VANUATU OPERATIONAL RISK MANAGEMENT

RESERVE BANK OF VANUATU OPERATIONAL RISK MANAGEMENT RESERVE BANK OF VANUATU DOMESTIC BANK PRUDENTIAL GUIDELINE NO 12 OPERATIONAL RISK MANAGEMENT 1. This Guideline outlines a set of principles that provide a framework for the effective management of operational

More information

PART I - PRELIMINARY...1 Objective...1 Applicability...2 Legal and Regulatory Provision...2

PART I - PRELIMINARY...1 Objective...1 Applicability...2 Legal and Regulatory Provision...2 PART I - PRELIMINARY...1 Objective...1 Applicability...2 Legal and Regulatory Provision...2 PART II POLICY REQUIREMENTS...3 Investment and Risk Management Policy...3 Monitoring and Control...5 Roles of

More information

STATEMENT AUDITING GUIDELINE GUIDANCE FOR INTERNAL AUDITORS

STATEMENT AUDITING GUIDELINE GUIDANCE FOR INTERNAL AUDITORS STATEMENT 3.283 AUDITING GUIDELINE GUIDANCE FOR INTERNAL AUDITORS (Issued October 1992; revised September 2004 (name change)) Statement 3.283 (September 04) Statement 3.283 (October 92) Introducton This

More information

GUIDELINES ON MINIMUM AUDIT STANDARDS FOR INTERNAL AUDITORS OF LABUAN INSURANCE AND INSURANCE-RELATED COMPANIES

GUIDELINES ON MINIMUM AUDIT STANDARDS FOR INTERNAL AUDITORS OF LABUAN INSURANCE AND INSURANCE-RELATED COMPANIES GUIDELINES ON MINIMUM AUDIT STANDARDS FOR INTERNAL AUDITORS OF LABUAN INSURANCE AND INSURANCE-RELATED COMPANIES Introduction 1. These Guidelines serve as a general guide for the internal auditors of Labuan

More information

RISK MANAGEMENT POLICY

RISK MANAGEMENT POLICY B A R R A M U N D I L I M I T E D RISK MANAGEMENT POLICY 22 August 2016 THE OBJECTIVES OF RISK MANAGEMENT Risk management is the systematic process of managing an organisation's risk exposures to achieve

More information

Statement of Guidance

Statement of Guidance Statement of Guidance Internal Audit - Banks 1. Statement of Objectives 1.1. To provide specific guidance on one aspect of the requirement imposed on licensees by Rule 1(A). 1.2. To provide a standard

More information

GUIDANCE FOR MANAGING THIRD-PARTY RISK

GUIDANCE FOR MANAGING THIRD-PARTY RISK GUIDANCE FOR MANAGING THIRD-PARTY RISK Introduction An institution s board of directors and senior management are ultimately responsible for managing activities conducted through third-party relationships,

More information

GUIDELINES ON THE MANAGEMENT OF MARKET RISK

GUIDELINES ON THE MANAGEMENT OF MARKET RISK SUPERVISORY AND REGULATORY GUIDELINES: PU62-0210S Market Risk Guidelines Issued: 3 rd December 2012 GUIDELINES ON THE MANAGEMENT OF MARKET RISK 1. INTRODUCTION 1.1. The Central Bank of The Bahamas ( the

More information

Monetary Authority of Singapore BOARD AND SENIOR MANAGEMENT

Monetary Authority of Singapore BOARD AND SENIOR MANAGEMENT Monetary Authority of Singapore BOARD AND SENIOR MANAGEMENT March 2013 Table of Contents 1 Introduction 1 1.1 Overview 1 1.2 Board Matters 2 1.3 Matters Relating to Senior Management 4 1.4 Reporting to

More information

System of Governance

System of Governance CEIOPS-DOC-29/09 CEIOPS Advice for Level 2 Implementing Measures on Solvency II: System of Governance (former Consultation Paper 33) October 2009 CEIOPS e.v. Westhafenplatz 1-60327 Frankfurt Germany Tel.

More information

CIRCULAR D197l4 TO CREDIT INSTITUTIONS

CIRCULAR D197l4 TO CREDIT INSTITUTIONS l UNOFFICIAL TRANSLATION 1 Brussels, 30 June 1997 CIRCULAR D197l4 TO CREDIT INSTITUTIONS Dear Madam, Dear Sir, In its circular dated 6 April 1987 to banks, private savings banks and companies governed

More information

Revised May 2007. Corporate Governance Guideline

Revised May 2007. Corporate Governance Guideline Revised May 2007 Corporate Governance Guideline Table of Contents 1. INTRODUCTION 1 2. PURPOSES OF GUIDELINE 1 3. APPLICATION AND SCOPE 2 4. DEFINITIONS OF KEY TERMS 2 5. FRAMEWORK USED BY CENTRAL BANK

More information

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Revised: October 2012 i Table of contents Attribute Standards... 3 1000 Purpose, Authority, and Responsibility...

More information

On the Setting of the Standards and Practice Standards for. Management Assessment and Audit concerning Internal

On the Setting of the Standards and Practice Standards for. Management Assessment and Audit concerning Internal (Provisional translation) On the Setting of the Standards and Practice Standards for Management Assessment and Audit concerning Internal Control Over Financial Reporting (Council Opinions) Released on

More information

RISK MANAGEMENT AND COMPLIANCE

RISK MANAGEMENT AND COMPLIANCE RISK MANAGEMENT AND COMPLIANCE Contents 1. Risk management system... 2 1.1 Legislation... 2 1.2 Guidance... 3 1.3 Risk management policy... 4 1.4 Risk management process... 4 1.5 Risk register... 8 1.6

More information

High level principles for risk management

High level principles for risk management 16 February 2010 High level principles for risk management Background and introduction 1. In their declaration of 15 November 2008, the G-20 leaders stated that regulators should develop enhanced guidance

More information

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012 GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental

More information

BARRAMUNDI L IMITED RISK MANAGEMENT POLICY

BARRAMUNDI L IMITED RISK MANAGEMENT POLICY BARRAMUNDI L IMITED RISK MANAGEMENT POLICY Last updated: 25 August 2014 THE OBJECTIVES OF RISK MANAGEMENT Risk management is the systematic process of managing an organisation's risk exposures to achieve

More information

EURIBOR - CODE OF OBLIGATIONS OF PANEL BANKS

EURIBOR - CODE OF OBLIGATIONS OF PANEL BANKS D2725D-2013 EURIBOR - CODE OF OBLIGATIONS OF PANEL BANKS Version: 1 October 2013 1. Objectives The European Money Markets Institute EMMI previously known as Euribor-EBF, as Administrator for the Euribor

More information

OCC 98-3 OCC BULLETIN

OCC 98-3 OCC BULLETIN To: Chief Executive Officers and Chief Information Officers of all National Banks, General Managers of Federal Branches and Agencies, Deputy Comptrollers, Department and Division Heads, and Examining Personnel

More information

Statement of Guidance

Statement of Guidance Statement of Guidance Internal Audit Unrestricted Trust Companies 1. Statement of Objectives 1.1. To provide specific guidance on Internal Audit Functions as called for in section 3.6 of the Statement

More information

Control Environment and Organizational Structure

Control Environment and Organizational Structure The term control environment refers to an entity s corporate culture, showing how much the entity s leaders value ethical behavior and internal control. The key element in a favorable control environment

More information

University of Sunderland Business Assurance Information Security Policy

University of Sunderland Business Assurance Information Security Policy University of Sunderland Business Assurance Information Security Policy Document Classification: Public Policy Reference Central Register Policy Reference Faculty / Service IG 003 Policy Owner Assistant

More information

APPENDIX A NCUA S CAMEL RATING SYSTEM (CAMEL) 1

APPENDIX A NCUA S CAMEL RATING SYSTEM (CAMEL) 1 APPENDIX A NCUA S CAMEL RATING SYSTEM (CAMEL) 1 The CAMEL rating system is based upon an evaluation of five critical elements of a credit union's operations: Capital Adequacy, Asset Quality, Management,

More information

Chapter 3: Design and Assessment of Project Financial Management Systems

Chapter 3: Design and Assessment of Project Financial Management Systems Chapter 3: Design and Assessment of Project Financial Management Systems INTRODUCTION This chapter deals with financial management issues arising early in the project cycle. Chapter 2 discussed the review

More information

Internal Audit Standard. Introduction Laws and other regulatory and legal documents associated with the Standard Provisions of the Standard

Internal Audit Standard. Introduction Laws and other regulatory and legal documents associated with the Standard Provisions of the Standard Internal Audit Standard Table of contents Introduction Laws and other regulatory and legal documents associated with the Standard Provisions of the Standard 1. General principles of internal audit of banks

More information

BANQUE DU LIBAN. Intermediate Circular No 254 Addressed to Banks and Financial Institutions

BANQUE DU LIBAN. Intermediate Circular No 254 Addressed to Banks and Financial Institutions BANQUE DU LIBAN Intermediate Circular No 254 Addressed to Banks and Financial Institutions Attached is a copy of Intermediate Decision No 10707 of April 21, 2011 amending Basic Decision No 7737 of December

More information

Development, Acquisition, Implementation, and Maintenance of Application Systems

Development, Acquisition, Implementation, and Maintenance of Application Systems Development, Acquisition, Implementation, and Maintenance of Application Systems Part of a series of notes to help Centers review their own Center internal management processes from the point of view of

More information

Principles for An. Effective Risk Appetite Framework

Principles for An. Effective Risk Appetite Framework Principles for An Effective Risk Appetite Framework 18 November 2013 Table of Contents Page I. Introduction... 1 II. Key definitions... 2 III. Principles... 3 1. Risk appetite framework... 3 1.1 An effective

More information

Statement of Guidance: Outsourcing All Regulated Entities

Statement of Guidance: Outsourcing All Regulated Entities Statement of Guidance: Outsourcing All Regulated Entities 1. STATEMENT OF OBJECTIVES 1.1. 1.2. 1.3. 1.4. This Statement of Guidance ( Guidance ) is intended to provide guidance to regulated entities on

More information

Operational Risk Publication Date: May 2015. 1. Operational Risk... 3

Operational Risk Publication Date: May 2015. 1. Operational Risk... 3 OPERATIONAL RISK Contents 1. Operational Risk... 3 1.1 Legislation... 3 1.2 Guidance... 3 1.3 Risk management process... 4 1.4 Risk register... 7 1.5 EBA Guidelines on the Security of Internet Payments...

More information

Advisory Guidelines of the Financial Supervision Authority. Requirements for Organising the Business Continuity Process of Supervised Entities

Advisory Guidelines of the Financial Supervision Authority. Requirements for Organising the Business Continuity Process of Supervised Entities Advisory Guidelines of the Financial Supervision Authority Requirements for Organising the Business Continuity Process of Supervised Entities These advisory guidelines were established by Resolution No

More information

Examination Process Management Review November 4, 2002

Examination Process Management Review November 4, 2002 1 Examination Process Management Review November 4, 2002 Evaluating the quality and effectiveness of management is a major examination step. This examination step is aimed more at the future than the current

More information

REGULATION N. 20 OF 26 MARCH 2008. (Only the Italian version is authentic)

REGULATION N. 20 OF 26 MARCH 2008. (Only the Italian version is authentic) REGULATION N. 20 OF 26 MARCH 2008 (Only the Italian version is authentic) REGULATION CONCERNING INTERNAL CONTROLS, RISK MANAGEMENT, COMPLIANCE AND THE OUTSOURCING OF ACTIVITIES OF INSURANCE UNDERTAKINGS,

More information

CAYMAN ISLANDS. Supplement No. 5 published with Gazette No. 19 dated 14 September, STATEMENT OF GUIDANCE: OUTSOURCING REGULATED ENTITIES

CAYMAN ISLANDS. Supplement No. 5 published with Gazette No. 19 dated 14 September, STATEMENT OF GUIDANCE: OUTSOURCING REGULATED ENTITIES CAYMAN ISLANDS Supplement No. 5 published with Gazette No. 19 dated 14 September, 2015. STATEMENT OF GUIDANCE: OUTSOURCING REGULATED ENTITIES Statement of Guidance: Outsourcing Regulated Entities 1. STATEMENT

More information

Central Bank of Ireland Guidelines on Preparing for Solvency II System of Governance

Central Bank of Ireland Guidelines on Preparing for Solvency II System of Governance 2013 Central Bank of Ireland Guidelines on Preparing for Solvency II System of Governance Contents 1 Context... 1 2 General... 2 3 Guidelines on the System of Governance... 3 3.1 Section I General Provisions...

More information

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Introduction to the International Standards Internal auditing is conducted in diverse legal and cultural environments;

More information

General Computer Controls

General Computer Controls 1 General Computer Controls Governmental Unit: University of Mississippi Financial Statement Date: June 30, 2007 Prepared by: Robin Miller and Kathy Gates Date: 6/29/2007 Description of computer systems

More information

FOREIGN EXCHANGE RISK MANAGEMENT

FOREIGN EXCHANGE RISK MANAGEMENT STANDARDS OF SOUND BUSINESS PRACTICES FOREIGN EXCHANGE RISK MANAGEMENT 2005 The. All rights reserved Foreign Exchange Risk Management Page 2 FOREIGN EXCHANGE RISK MANAGEMENT A. PURPOSE This document sets

More information

INSURANCE ACT 2008 CORPORATE GOVERNANCE CODE OF PRACTICE FOR REGULATED INSURANCE ENTITIES

INSURANCE ACT 2008 CORPORATE GOVERNANCE CODE OF PRACTICE FOR REGULATED INSURANCE ENTITIES SD 0880/10 INSURANCE ACT 2008 CORPORATE GOVERNANCE CODE OF PRACTICE FOR REGULATED INSURANCE ENTITIES Laid before Tynwald 16 November 2010 Coming into operation 1 October 2010 The Supervisor, after consulting

More information

QA Procedure Page 1 Appendix A

QA Procedure Page 1 Appendix A *Changes from the previous QASE noted by "yellow" highlight of block Evaluation Summary Company: Prepared By: Section Element Manual Audit OK Objective Evidence 2.1 Objective of Quality Assurance Program

More information

Reserve Bank of Fiji Insurance Supervision Policy Statement No. 8 MINIMUM REQUIREMENTS FOR RISK MANAGEMENT FRAMEWORKS OF LICENSED INSURERS IN FIJI

Reserve Bank of Fiji Insurance Supervision Policy Statement No. 8 MINIMUM REQUIREMENTS FOR RISK MANAGEMENT FRAMEWORKS OF LICENSED INSURERS IN FIJI Reserve Bank of Fiji Insurance Supervision Policy Statement No. 8 NOTICE TO INSURANCE COMPANIES LICENSED UNDER THE INSURANCE ACT 1998 MINIMUM REQUIREMENTS FOR RISK MANAGEMENT FRAMEWORKS OF LICENSED INSURERS

More information

operated by it (as the case requires).

operated by it (as the case requires). 1 Definitions In this document: ASX Board Chair CEO CFO Company Secretary Corporations Act Director means ASX Limited ACN 008 624 691 or the securities exchange operated by it (as the case requires). means

More information

ISO 9001:2015 Internal Audit Checklist

ISO 9001:2015 Internal Audit Checklist Page 1 of 14 Client: Date: Client ID: Auditor Audit Report Key - SAT: Satisfactory; OBS: Observation; NC: Nonconformance; N/A: Not Applicable at this time Clause Requirement Comply Auditor Notes / Evidence

More information

Newcastle University Information Security Procedures Version 3

Newcastle University Information Security Procedures Version 3 Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations

More information

Regulations of the Audit and Compliance Committee of Gamesa Corporación Tecnológica, S.A.

Regulations of the Audit and Compliance Committee of Gamesa Corporación Tecnológica, S.A. Regulations of the Audit and Compliance Committee of Gamesa Corporación Tecnológica, S.A. (Consolidated text approved by the Board of Directors on March 24, 2015) INDEX CHAPTER I. INTRODUCTION... 3 Article

More information

ISO 27001 Controls and Objectives

ISO 27001 Controls and Objectives ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements

More information

RESERVE BANK OF ZIMBABWE

RESERVE BANK OF ZIMBABWE RESERVE BANK OF ZIMBABWE BANK LICENSING, SUPERVISION & SURVEILLANCE Guideline No. 02-2004/BSD MINIMUM INTERNAL AUDIT STANDARDS IN BANKING INSTITUTIONS TABLE OF CONTENTS Page No. 1. Preliminary 3 2. Introduction

More information

Accounting Systems: Complying with FAR Requirements. John S. Sroka, CPA Acquisition Cost/Price Analyst

Accounting Systems: Complying with FAR Requirements. John S. Sroka, CPA Acquisition Cost/Price Analyst Accounting Systems: Complying with FAR Requirements John S. Sroka, CPA Acquisition Cost/Price Analyst Background Information FAR Requirements FAR Part 9: Contractor Qualifications FAR Part 16: Cost-reimbursement

More information

Insurance Guidance Note No. 14 System of Governance - Insurance Transition to Governance Requirements established under the Solvency II Directive

Insurance Guidance Note No. 14 System of Governance - Insurance Transition to Governance Requirements established under the Solvency II Directive Insurance Guidance Note No. 14 Transition to Governance Requirements established under the Solvency II Directive Date of Paper : 31 December 2013 Version Number : V1.00 Table of Contents General governance

More information

Operational Risk Management Policy

Operational Risk Management Policy Operational Risk Management Policy Operational Risk Definition A bank, including a development bank, is influenced by the developments of the external environment in which it is called to operate, as well

More information

CHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT

CHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT CHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT 1 Scope of Internal Audit 1.1 Terms of Reference 1.1.1 Do terms of reference: (a) establish the responsibilities and objectives

More information

NOTICE 158 OF 2014 FINANCIAL SERVICES BOARD REGISTRAR OF LONG-TERM INSURANCE AND SHORT-TERM INSURANCE

NOTICE 158 OF 2014 FINANCIAL SERVICES BOARD REGISTRAR OF LONG-TERM INSURANCE AND SHORT-TERM INSURANCE STAATSKOERANT, 19 DESEMBER 2014 No. 38357 3 BOARD NOTICE NOTICE 158 OF 2014 FINANCIAL SERVICES BOARD REGISTRAR OF LONG-TERM INSURANCE AND SHORT-TERM INSURANCE LONG-TERM INSURANCE ACT, 1998 (ACT NO. 52

More information

Any business relationship between a bank and another entity, by contract or otherwise

Any business relationship between a bank and another entity, by contract or otherwise An Overview for Bank Directors Managing the Third Party Relationship Patrick Neuman Boardman & Clark LLP Madison, Wisconsin Any business relationship between a bank and another entity, by contract or otherwise

More information

BANKING UNIT BANKING RULES OUTSOURCING BY CREDIT INSTITUTIONS AUTHORISED UNDER THE BANKING ACT 1994

BANKING UNIT BANKING RULES OUTSOURCING BY CREDIT INSTITUTIONS AUTHORISED UNDER THE BANKING ACT 1994 BANKING UNIT BANKING RULES OUTSOURCING BY CREDIT INSTITUTIONS AUTHORISED UNDER THE BANKING ACT 1994 Ref: BR/14/2009 OUTSOURCING BY CREDIT INSTITUTIONS AUTHORISED UNDER THE BANKING ACT 1994 INTRODUCTION

More information

DNV GL Assessment Checklist ISO 9001:2015

DNV GL Assessment Checklist ISO 9001:2015 DNV GL Assessment Checklist ISO 9001:2015 Rev 0 - December 2015 4 Context of the Organization No. Question Proc. Ref. Comments 4.1 Understanding the Organization and its context 1 Has the organization

More information

ISO27001 Controls and Objectives

ISO27001 Controls and Objectives Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the

More information

FRAMEWORK FOR INTERNAL CONTROL SYSTEMS IN BANKING ORGANISATIONS (September 1998)

FRAMEWORK FOR INTERNAL CONTROL SYSTEMS IN BANKING ORGANISATIONS (September 1998) FRAMEWORK FOR INTERNAL CONTROL SYSTEMS IN BANKING ORGANISATIONS (September 1998) INTRODUCTION 1. As part of its on-going efforts to address bank supervisory issues and enhance supervision through guidance

More information

Solvency Assessment and Management: Pillar II Sub Committee Governance Task Group Discussion Document 81 (v 3)

Solvency Assessment and Management: Pillar II Sub Committee Governance Task Group Discussion Document 81 (v 3) Solvency Assessment and Management: Pillar II Sub Committee Governance Task Group Discussion Document 81 (v 3) Governance, Risk Management, and Internal Controls INTERIM REQUIREMENTS CONTENTS 1. INTRODUCTION

More information

STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK May 18, 2012

STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK May 18, 2012 THOMAS P. DiNAPOLI COMPTROLLER STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK 12236 May 18, 2012 STEVEN J. HANCOX DEPUTY COMPTROLLER DIVISION OF LOCAL GOVERNMENT AND

More information

Guideline. Corporate Governance. Category: Sound Business and Financial Practices. I. Purpose and Scope of the Guideline. Date: January 2013

Guideline. Corporate Governance. Category: Sound Business and Financial Practices. I. Purpose and Scope of the Guideline. Date: January 2013 Guideline Subject: Category: Sound Business and Financial Practices Date: January 2013 I. Purpose and Scope of the Guideline The purpose of this guideline is to communicate OSFI s expectations with respect

More information

Internal Control - Integrated Framework

Internal Control - Integrated Framework Internal Control - Integrated Framework Executive Summary Senior executives have long sought ways to better control the enterprises they run. Internal controls are put in place to keep the company on course

More information

Audit, Risk Management and Compliance Committee Charter

Audit, Risk Management and Compliance Committee Charter Audit, Risk Management and Compliance Committee Charter Woolworths Limited Adopted by the Board on 27 August 2013 page 1 1 Introduction This Charter sets out the responsibilities, structure and composition

More information

FUND MANAGER CODE OF CONDUCT

FUND MANAGER CODE OF CONDUCT FUND MANAGER CODE OF CONDUCT First Edition pursuant to the Securities and Futures Ordinance (Cap. 571) April 2003 Securities and Futures Commission Hong Kong TABLE OF CONTENTS Page INTRODUCTION 1 I. ORGANISATION

More information

Guideline on good pharmacovigilance practices (GVP)

Guideline on good pharmacovigilance practices (GVP) 1 2 20 February 2012 EMA/541760/2011 3 4 Guideline on good pharmacovigilance practices (GVP) Module I Pharmacovigilance systems and their quality systems Draft finalised by the Agency in collaboration

More information

COMPLIANCE CHARTER GROUP

COMPLIANCE CHARTER GROUP COMPLIANCE CHARTER GROUP This Charter sets out the first fundamental principles of the compliance function in the DEXIA Group. Its principal aims are to formalise its objectives and its tasks as well as

More information

Strategic Planning and Organizational Structure Standard

Strategic Planning and Organizational Structure Standard Table of contents Strategic Planning and Organizational Structure Standard 1. General provisions Grounds for application of the Standard Provisions of the Standard 2. Contents of the Standard 3. Corporate

More information

2015-16 Internal Control Questionnaire and Assessment

2015-16 Internal Control Questionnaire and Assessment Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 9, 2015 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org TABLE

More information

Clearing and Settlement Procedures. New Zealand Clearing Limited. Clearing and Settlement Procedures

Clearing and Settlement Procedures. New Zealand Clearing Limited. Clearing and Settlement Procedures Clearing and Settlement Procedures New Zealand Clearing Limited Clearing and Settlement Procedures 30 November 2011 Contents Section A: Interpretation and Construction 6 Section 1: Introduction and General

More information

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement Understanding the Entity and Its Environment 1667 AU Section 314 Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement (Supersedes SAS No. 55.) Source: SAS No. 109.

More information

FMCF certification checklist 2014-15 (incorporating the detailed procedures) 2014-15 certification period. Updated May 2015

FMCF certification checklist 2014-15 (incorporating the detailed procedures) 2014-15 certification period. Updated May 2015 FMCF certification checklist 2014-15 (incorporating the detailed procedures) 2014-15 certification period Updated May 2015 The Secretary Department of Treasury and Finance 1 Treasury Place Melbourne Victoria

More information

Guidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français.

Guidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français. Guidance Note: Corporate Governance - Board of Directors March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance

More information

GUIDELINES ON COMPLIANCE FUNCTION FOR FUND MANAGEMENT COMPANIES

GUIDELINES ON COMPLIANCE FUNCTION FOR FUND MANAGEMENT COMPANIES GUIDELINES ON COMPLIANCE FUNCTION FOR FUND MANAGEMENT COMPANIES Issued: 15 March 2005 Revised: 25 April 2014 1 P a g e List of Revision Revision Effective Date 1 st Revision 23 May 2011 2 nd Revision 16

More information

GAO. Standards for Internal Control in the Federal Government. Internal Control. United States General Accounting Office.

GAO. Standards for Internal Control in the Federal Government. Internal Control. United States General Accounting Office. GAO United States General Accounting Office Internal Control November 1999 Standards for Internal Control in the Federal Government GAO/AIMD-00-21.3.1 Foreword Federal policymakers and program managers

More information

Outsourcing Risk Guidance Note for Banks

Outsourcing Risk Guidance Note for Banks Outsourcing Risk Guidance Note for Banks Part 1: Definitions Guideline 1 For the purposes of these guidelines, the following is meant by: a) outsourcing: an authorised entity s use of a third party (the

More information

Sound Practices for the Management of Operational Risk

Sound Practices for the Management of Operational Risk 1 Sound Practices for the Management of Operational Risk Authority 1.1 Section 316 (4) of the International Business Corporations Act (IBC Act) requires the Commission to take any necessary action required

More information

Key functions in the system of governance Responsibilities, interfaces and outsourcing under Solvency II

Key functions in the system of governance Responsibilities, interfaces and outsourcing under Solvency II Responsibilities, interfaces and outsourcing under Solvency II Author Lars Moormann Contact solvency solutions@munichre.com January 2013 2013 Münchener Rückversicherungs Gesellschaft Königinstrasse 107,

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Company Quality Manual Document No. QM Rev 0. 0 John Rickey Initial Release. Controlled Copy Stamp. authorized signature

Company Quality Manual Document No. QM Rev 0. 0 John Rickey Initial Release. Controlled Copy Stamp. authorized signature Far West Technology, Inc. ISO 9001 Quality Manual Document No.: QM Revision: 0 Issue Date: 27 August 1997 Approval Signatures President/CEO Executive Vice President Vice President/CFO Change Record Rev

More information

Internal Code of Conduct on Matters Relating to the Stock Market and Policy on the Use of Relevant Information

Internal Code of Conduct on Matters Relating to the Stock Market and Policy on the Use of Relevant Information Internal Code of Conduct on Matters Relating to the Stock Market and Policy on the Use of Relevant Information 1. Objective This "Internal Code of Conduct on Matters Relating to the Stock Market and Policy

More information

Effective Internal Audit in the Financial Services Sector

Effective Internal Audit in the Financial Services Sector Effective Internal Audit in the Financial Services Sector Recommendations from the Committee on Internal Audit Guidance for Financial Services: How They Relate to the Global Institute of Internal Auditors

More information

SUPERVISION GUIDELINE NO. 9 ISSUED UNDER THE AUTHORITY OF THE FINANCIAL INSTITUTIONS ACT 1995 (NO. 1 OF 1995) RISK MANAGEMENT

SUPERVISION GUIDELINE NO. 9 ISSUED UNDER THE AUTHORITY OF THE FINANCIAL INSTITUTIONS ACT 1995 (NO. 1 OF 1995) RISK MANAGEMENT SUPERVISION GUIDELINE NO. 9 ISSUED UNDER THE AUTHORITY OF THE FINANCIAL INSTITUTIONS ACT 1995 (NO. 1 OF 1995) RISK MANAGEMENT Bank of Guyana July 1, 2009 TABLE OF CONTENTS 1.0 Introduction 2.0 Management

More information

ISO/IEC 17025 QUALITY MANUAL

ISO/IEC 17025 QUALITY MANUAL 1800 NW 169 th Pl, Beaverton, OR 97006 Revision F Date: 9/18/06 PAGE 1 OF 18 TABLE OF CONTENTS Quality Manual Section Applicable ISO/IEC 17025:2005 clause(s) Page Quality Policy 4.2.2 3 Introduction 4

More information

General IT Controls Audit Program

General IT Controls Audit Program Contributed February 5, 2002 by Paul P Shotter General IT Controls Audit Program Purpose / Scope Perform a General Controls review of Information Technology (IT). The reviews

More information

CODE OF PRACTICE. Safety Management. Occupational Safety and Health Branch Labour Department CODE OF PRACTICE ON SAFETY MANAGEMENT 1

CODE OF PRACTICE. Safety Management. Occupational Safety and Health Branch Labour Department CODE OF PRACTICE ON SAFETY MANAGEMENT 1 CODE OF PRACTICE On Safety Management Occupational Safety and Health Branch Labour Department CODE OF PRACTICE ON SAFETY MANAGEMENT 1 This Code of Practice is prepared by the Occupational Safety and Health

More information