INTERNAL AUDIT CHARTER

Transcription

1 INTERNAL AUDIT CHARTER Internal Audit Charter Approved

2 Contents Page CAAB Mission, Vision 3 Internal Audit Structure 4 THE CHARTER Purpose 5 Role of Internal Audit 5 Responsibilities 5 Independence 7 Scope 8 Authority 9 Quality Assurance 10 Reporting 10 Accountability 11 Standards 11 Continuity and Impartiality 12 External Relationships 12 Amendments and Legal Status of the Charter 13 List of Abbreviations 14 Glossary 15 2

3 CIVIL AVIATION AUTHORITY OF BOTSWANA The organisation Civil Aviation Authority of Botswana (CAAB) was established by Civil Aviation Authority Act, Cap 71:04, to promote safe, regular, secure and efficient use and development of civil aviation in Botswana. CAAB Mission To provide efficient and effective aviation services to our customers through continuous development of the aviation industry in Botswana. CAAB Vision To be a world class provider of safe, secure and efficient aviation services. 3

4 INTERNAL AUDIT STRUCTURE The Internal Audit structure as per the organisational structure. Board Chief Executive Officer Manager Internal Audit Internal Auditor Internal Auditor 4

5 THE CHARTER 1. PURPOSE The purpose of this Charter is to set out the role, responsibility, status and authority of the Internal Audit Division, and to outline the scope of their work. The Charter therefore describes the framework within which the Internal Audit Division will operate to make positive contributions to the organisation. 2. ROLE OF INTERNAL AUDIT 2.1 The primary role of Internal Audit is to provide the Board and Management with an independent and objective evaluation on the adequacy and effectiveness of internal control systems set up by the management to run the respective Directorates efficiently. 2.2 Internal Audit assist the Authority in meeting its objectives by monitoring, examining, evaluating, reporting on and recommending improvements to the adequacy and effectiveness of risk management and governance processes. 2.3 Internal Audit reviews the accuracy, reliability, and integrity of financial and operational information and the means used to compile and report such information. 3. RESPONSIBILITIES 3.1 Management Management is responsible for: establishing, implementing, and maintaining effective and adequate internal control systems implementing and maintaining proper accounting systems, records and other management information suitable for running the respective Directorates identifying and mitigating risks that could prevent the achievement of business objectives the prevention and detection of fraud and other illegal acts proposing the areas of investigation by Internal Audit. 5

6 3.1.6 ensuring that Internal Audit has direct access to all staff reviewing internal audit reports within a period not exceeding two weeks and implementation of recommendations as considered appropriate ensuring that the Internal Audit Division has unrestricted access to records, properties and any other information relevant to the subject under review or investigation. 3.2 Internal Audit The Internal Audit has the responsibility to: formulate at the beginning of every financial year, the annual audit plan in consultation with the Finance and Audit Committee and Executive Management implement the annual audit plan including, as appropriate, any special tasks or projects requested by the Finance and Audit Committee, the Board, and the respective Directorates issue quarterly audit reports on results, recommendations and implementation status of audit recommendations of audited activities on a timely basis to the Finance and Audit Committee, the Board and the Management keep the Finance and Audit Committee informed of emerging trends and developments in the Internal Auditing profession and make recommendations for necessary revisions to the Internal Audit Charter and the Internal Audit Manual ensure that the Division complies with sound Internal Auditing principles and best practices and seeks guidance from the standards issued by the Institute of Internal Auditors and other relevant governing bodies facilitate the implementation of External Auditor s recommendations by respective Directorates 6

7 4. INDEPENDENCE Independence is essential for the effectiveness of the Internal Audit. In order to objectively perform the functions of the division, Internal Audit shall: 4.1 be functionally responsible to the Chairman of the Finance and Audit Committee and, for administrative purposes, the Division will report to the Chief Executive Officer. 4.3 at all times perform its work with honesty, diligence and due care, and shall not engage in acts that are discreditable to the profession of Internal Auditing nor to the organization. 4.4 neither have Executive nor Managerial powers and duties, except those relating to the management of the Internal Audit Division. 4.5 be independent from the day to day CAAB internal control processes. 4.6 not participate directly in the development, installation, planning, or reconstruction of an accounting system, data, records or by engaging in activities that normally would be reviewed by Internal Auditors. Thus, Internal Audit staff serve in an advisory capacity in the planning, development, implementation, and modification of computer-based and manual based systems, to ensure that: adequate controls are incorporated into the system system tests are performed at all appropriate stages of development and implementation system documentation is complete and accurate the intended purpose and objective of the system implementation or modification is achieved. The participation of the Internal Audit will however not be to the extent that will affect its independence; hence the audit trail or other controls will be transmitted through procedural and policy documents. 7

8 5. SCOPE 5.1 The Internal Audit Division is responsible for determining the scope of its work and for recommending action to be taken on audit findings. The scope of Internal Audit work includes but is not limited to the review of risk management procedures, internal control systems, information systems etc. Internal Audit work also involves the periodic testing of transactions, special investigations, appraisal of the regulatory requirements and measures put in place to help prevent and detect fraud. 5.2 To fulfil its duties and responsibilities the Internal Audit Division shall: review and assess risks which are likely to impact CAAB operations; assess the reliability and integrity of systems and operations that produce information; review the accuracy and reliability of CAAB financial and operational information review the adequacy and effectiveness of internal controls established to ensure compliance with security of financial and management information, policies, plans, procedures, and Authority objectives; review operations or programmes to ascertain whether results are consistent with established objectives and goals and whether the operations or programmes are being carried out as planned; review the means of safeguarding assets, and as and when appropriate verify the existence of assets; review established systems and propose improvements where necessary; review Information Technology(IT) systems to ensure that the necessary IT controls are in place; review the promotion of economy, efficiency and effectiveness of overall management and use of resources. 8

9 follow up on audit reports recommendations to ensure that remedial action is taken; carry out, issue audit reports with recommendations on ad hoc appraisals, investigations or reviews as requested by the Management; and, assist management in the identification of the main fraud risks facing the Directorates, and in the implementation of appropriate controls that would minimise those risks. 5.3 Notwithstanding the above, the Internal Audit process does not relieve Directors of their responsibility for the maintenance of and improvement of internal controls in their respective areas. It is responsibility of the management to ensure that resources are applied in a proper manner and to the activities they are intended for. 6. AUTHORITY The Internal Audit staff in carrying out their duties and responsibilities, shall be authorised to: 6.1 have full and unrestricted access to all the CAAB departments, divisions, offices, activities, records, properties, personnel, and information, which it considers to be necessary to fulfil its function. 6.2 determine the scope of work and apply the techniques required to accomplish audit objectives. 6.3 obtain the necessary assistance from personnel in various divisions/offices of the CAAB and its branches when it perform its audits. 6.4 obtain assistance of specialists/professionals where considered necessary from within or outside the CAAB. 6.5 have discussions with employees of the CAAB at any reasonable time. 6.6 have and full direct access to the Finance and Audit Committee. All information gained by Audit staff in the course of their audit work remains confidential and is not to be used or conveyed for purposes outside their scope of approved responsibilities. 9

10 7. QUALITY ASSURANCE The Head of Internal Audit will maintain a process of review of the Internal Audit Division to provide reasonable assurance that its work conforms with relevant standards and to the requirements of this Charter. The Head of Internal Audit will ensure that: 7.1 the Internal Audit Division is subject to an independent review as and when required. This review will be carried out by an independent professional, e.g. a practicing chartered accountant. 7.2 internal audit work is undertaken with proficiency and due professional care. 7.3 all audit assignments are properly supervised and where required, on the job training will be provided. 7.4 the Internal Audit Staff undertake continuing professional development and maintain membership in relevant professional bodies. 7.5 where appropriate, encourage Internal Audit staff to further their studies. 8. REPORTING The primary purpose of internal audit reports is to provide management with an opinion on the adequacy and effectiveness of the internal control system and to inform management of significant audit findings, conclusions and recommendations. 8.1 The aim of every internal audit report is to: prompt management to implement recommendations leading to improvement in performance and control; and, provide a formal record of matters arising from internal audit assignments, and where appropriate, of agreements reached with management. 8.2 Internal Audit shall produce clear, constructive and concise reports based on sufficient, relevant and reliable evidence. 8.3 Internal Audit shall meet with respective Directorates to discuss the audit findings during and at the completion of fieldwork for each 10

11 internal audit assignment. A formal written report shall be presented to the Directorate as soon as possible thereafter. 8.4 Before issuing a final report, a draft report will be issued to the Directorate for confirmation of factual accuracy. Where the Directorate disagrees with the factual content of the draft audit report, Internal Audit shall review the situation and if need be, reference shall be made to the matter discussed in the final audit report. 8.5 The Internal Audit will ensure that reports are sent to the Director(s), who have direct responsibility for the activity being audited and who have the authority to take action on the internal audit recommendations. 8.6 Internal audit reports are confidential documents, therefore their distribution will be restricted to the Board, Finance and Audit Committee, Executive Management, and the External Auditors. 8.7 No audit report will be altered once finalised. 9. ACCOUNTABILITY The Internal Audit Division when discharging its duties, shall be accountable to the Board through the Finance and Audit Committee to: 9.1 Submit a report with recommendations on the assessment of the adequacy and effectiveness of the CAAB processes for controlling CAAB activities on an annual basis. 9.2 Submit a report with recommendations on the assessment of risk management processes in all the areas of CAAB operations on an annual basis; 9.3 Report significant issues related to the processes for controlling the activities of the CAAB together with the recommendations for improvements to those processes on a quarterly basis; and, 9.4 Provide information on the status and the results of the annual audit plan on a quarterly basis. 10. STANDARDS The Internal Audit Division shall at all times comply with best professional practices and standards such as: 11

12 10.1 International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA); 10.2 International Standards on Auditing (ISA); and, 10.3 All the relevant CAAB procedural manuals and policies. 11. CONTINUITY AND IMPARTIALITY 11.1 The Internal Audit Division within the CAAB shall be a permanent function The Internal Audit Division shall be objective and impartial in performing its assignments Internal Audit staff shall at all times have an impartial, and unbiased attitude and shall avoid any conflict of interest. To this end, assignments within the Internal Audit Division shall be periodically rotated Internal Auditors recruited internally may not audit activities or functions they previously performed for a period of one year (i.e. they will not be allowed to audit work previously performed by them for a period of one year) Internal Audit staff shall not be involved in selecting or implementing internal control measures. However, the Internal Audit Division may make recommendations for strengthening internal controls and can also give opinions on specific matters related to internal control procedures, as per the request of Executive Management. 12. EXTERNAL RELATIONSHIPS The Internal Audit Division shall maintain regular formal and informal dialogue with other organisations to promote growth of the CAAB Internal Audit Division. In particular, the Division will: 12.1 Liaise with the External Auditors to ensure that audit programmes are complementary; 12.2 Coordinate internal audit work with that of External Auditors to ensure proper coverage and to minimise duplication of effort; 12

13 12.3 Benchmark with similar organisations to ensure that the CAAB Internal Audit Division keeps abreast with new developments and best practices; and, 12.4 Comply with Standards, Code of Conduct and Ethics that are promulgated from time to time by the relevant professional bodies such as IIA, ISA, and ACCA etc. 13. AMENDMENTS AND LEGAL STATUS OF THE CHARTER 13.1 The Head of Internal Audit is responsible for the regular review of the Internal Audit Charter Amendments to this Charter are subject to the approval by the Board, after review by the Finance and Audit Committee No amendment or addition to this Charter is legitimate unless authorised by the Board This Internal Audit Charter was considered and approved by a resolution of the Board on this day of CHAIRPERSON Date CHAIRPERSON FIN.& AUDIT COMMITTEE Date CHIEF EXECUTIVE OFFICER Date 13

14 LIST OF ABBREVIATIONS CAAB IIA ISA ACCA Civil Aviation Authority Of Botswana Institute Of Internal Auditors International Standards On Auditing Association Of Chartered Certified Accountants 14

15 GLOSSARY Add value Value is provided by improving opportunity to achieve organisational objectives, identifying and implementing operational improvements, and reducing risk exposure through assurance and audit services. Assurance Services An objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes. Internal Audit Charter A formal document that sets out the purpose, authority and responsibilities of the Internal Audit function. Consulting Services Advisory services of which the nature and scope are agreed with the client. Such services are intended to add value and improve on organisation s risk management and control processes without the Internal Auditor assuming management responsibility. Governance Processes and structures implemented by the Board to inform, direct manage, and monitor the activities of the organisation towards the achievement of its objectives. Independence The freedom from conditions that impair objectivity. Internal Auditing (IIA) Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations. It helps the organisation accomplish its objectives by bringing a systematic, disciplined approach to the evaluation and improvement of the effectiveness of governance, risk management and control processes. Objectivity An unbiased mental attitude that allows Internal Auditors to perform their engagements in such a manner that no significant quality compromises are made. Risk The possibility of an event occurring that will have an impact on the achievement of objectives. Risk Management A process to identify, assess, manage, control and mitigate the effects of potential events that may negatively affect the activities of the CAAB, to provide reasonable assurance regarding the achievement of the organisation s objectives. 15