INTERNAL AUDIT CHARTER AND TERMS OF REFERENCE



Similar documents
Internal Audit Standards

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

Public Sector Internal Audit Standards. Applying the IIA International Standards to the UK Public Sector

Effective Internal Audit in the Financial Services Sector

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

Standards for the Professional Practice of Internal Auditing

Public Sector Internal Audit Standards

Public Sector Internal Audit Standards. Applying the IIA International Standards to the UK Public Sector

What Every Director. How to get the most from your internal audit. Endorsed by

SECTION B DEFINITION, PURPOSE, INDEPENDENCE AND NATURE OF WORK OF INTERNAL AUDIT

Internal Audit Charter. Version 1 (7 November 2013)

BOARD OF EDUCATION OF BALTIMORE COUNTY OFFICE OF INTERNAL AUDIT - OPERATIONS MANUAL INTERNAL AUDIT OPERATIONS MANUAL

Internal Audit Charter

Audit, Risk and Compliance Committee Charter

INTERNAL AUDIT FRAMEWORK

Positioning the internal audit function within the Solvency II framework Key challenges. Ludovic Bardon Senior Manager Audit Deloitte Luxembourg

Audit and Risk Committee Charter. Knosys Limited ACN (Company)

Internal Auditing Guidelines

BRISBANE BRONCOS LIMITED AUDIT AND RISK MANAGEMENT CHARTER

MISSION STATEMENT OBJECTIVES IN ACCOMPLISHING OUR MISSION

EUROPEAN CONFEDERATION OF INSTITUTES OF INTERNAL AUDITING (IVZW)

PRACTICE ADVISORIES FOR INTERNAL AUDIT

INTERNAL AUDITING POLICIES AND PROCEDURES MANUAL

1. This bulletin, which contains the Charter of the Office of Internal Oversight Services (IOS) of

Statement of Guidance

A Guide to Corporate Governance for QFC Authorised Firms

AUDIT COMMITTEE TERMS OF REFERENCE

Internal Audit Terms of Reference

Internal Audit Division

How to gather and evaluate information

SAI GLOBAL LIMITED Risk Management Policy

GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES

INSURANCE ACT 2008 CORPORATE GOVERNANCE CODE OF PRACTICE FOR REGULATED INSURANCE ENTITIES

NEW ZEALAND INSTITUTE OF CHARTERED ACCOUNTANTS CODE OF ETHICS

SunTrust Banks, Inc. Audit Committee of the Board of Directors Charter

European Investment Bank. Charter for Internal Audit

FAIRCHILD SEMICONDUCTOR INTERNATIONAL, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS (As Amended through December 11, 2013)

Kesa Risk Universe Compliance Risks


NORFOLK STATE UNIVERSITY INTERNAL AUDIT CHARTER

Administrative Guidelines on the Internal Control Framework and Internal Audit Standards

Objective...1 Scope...1 Rationale...2

APES 320 Quality Control for Firms

PRACTICE GUIDE. Formulating and Expressing Internal Audit Opinions

The Institute of Internal Auditors 247 Maitland Avenue Altamonte Springs, FL USA

Advisory Guidelines of the Financial Supervisory Authority. Requirements regarding the arrangement of operational risk management

AUDIT COMMITTEE CHARTER

Internal Audit Quality Assessment Framework

INTERNAL AUDIT MANUAL

Compliance Policy ALCO recommended standard

Direct Line Insurance Group plc (the Company ) Board Risk Committee (the Committee ) Terms of Reference

Internal Audit Framework

Effective Internal Audit in the Financial. Services Sector. Non Executive Directors (NEDs) and the Management of Risk

AUDIT AND RISK ASSESSMENT COMMITTEE TERMS OF REFERENCE

IMMUNOTEC INC. AUDIT AND DISCLOSURE POLICY MANAGEMENT COMMITTEE CHARTER AND WHISTLEBLOWER POLICY

INTERNAL AUDITING S ROLE IN SECTIONS 302 AND 404

Audit, Business Risk and Compliance Committee charter

Appendix 14 CORPORATE GOVERNANCE CODE AND CORPORATE GOVERNANCE REPORT

FRAMEWORK FOR THE PREPARATION OF ACCOUNTS. Best Practice Guidance

Audit, Business Risk and Compliance Committee Charter Pact Group Holdings Ltd (Company)

AUDIT AND RISK MANAGEMENT COMMITTEE CHARTER

Annual Assessment of the External Auditor

Internal Audit Manual

The ADT Corporation. Audit Committee Charter. December 2014

Human Services Quality Framework. User Guide

CORPORATE GOVERNANCE GUIDELINES. (Adopted as of June 2, 2014)

Charter of the Audit Committee of the Board of Directors of Woodward, Inc.

KUMBA IRON ORE LIMITED (Registration number 2005/015852/06) ( Kumba or the Company )

Infratil Limited - Board Charter. 1. Interpretation. 1.1 In this Charter:

UNIVERSITY BOARD SKILLS REVIEW MATRIX Page 1 of 5

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Macquarie Group Limited Board Charter

Explanation where the company has partially applied or not applied King III principles

Financial Management Framework >> Overview Diagram

SEASON PACIFIC HOLDINGS LIMITED 雲 裳 衣 控 股 有 限 公 司 * (the Company )

Hunter Hall International Limited

Fundamental Principles of Public-Sector Auditing

M-Aud. Comptroller of the Currency Administrator of National Banks. Internal and External Audits. Comptroller s Handbook. April 2003.

Coventry Resources Inc. Corporate Governance Statement (current as at 30 June 2015)

Solvency Assessment and Management: Pillar II Sub Committee Governance Task Group Discussion Document 81 (v 3)

Internal Audit Practice Guide

GUIDANCE FOR MANAGING THIRD-PARTY RISK

Corporate Governance Statement

RGB International Bhd. ( K) (Incorporated in Malaysia) BOARD CHARTER

Tabcorp Holdings Limited

INTERNATIONAL STANDARD ON AUDITING 220 QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

Solvency II Detailed guidance notes

INTERNATIONAL STANDARD ON AUDITING 610 USING THE WORK OF INTERNAL AUDITORS CONTENTS

Internal Audit and Advisory Services DRAFT

Data Analysis: The Cornerstone of Effective Internal Auditing. A CaseWare Analytics Research Report

Board means the Board of Directors of each of Scentre Group Limited, Scentre Management Limited, RE1 Limited and RE2 Limited.

SMARTONE TELECOMMUNICATIONS HOLDINGS LIMITED

Audit, Business Risk and Compliance Committee Charter

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement

CHARTER OF THE BOARD OF DIRECTORS

Transcription:

INTERNAL AUDIT CHARTER AND TERMS OF REFERENCE CHARTERED INSTITUTE OF INTERNAL AUDIT DEFINITION OF INTERNAL AUDIT Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. ROLE AND SCOPE OF WORK The primary role of Internal Audit is to help the Board and Executive Management to protect the assets, reputation and sustainability of the organisation. It does this by assessing whether all significant risks are identified and appropriately reported by management and the Risk function to the Board and Executive Management: assessing whether they are adequately controlled; and by challenging Executive Management to improve the effectiveness of governance, risk management and internal controls. The Internal Audit department is responsible for evaluating the adequacy and effectiveness of the system of risk management and internal controls operated within the Society (and within outsourced/third party relationships) across all aspects of the Society s operations. This incorporates the provision of assurance and of consulting services to systems and processes under development. Its responsibilities are defined and monitored by the Audit Committee, on behalf of the Board. Internal Audit do not provide services other than for Leeds Building Society and will not be involved in designing, selecting and implementing or operating specific internal controls measures. Assurance Services Assurance services will evaluate risk exposures relating to the Society s governance, operations and information systems having regard to the: - achievement of the Society s strategic objectives; - reliability and integrity of financial and operational information; - effectiveness and efficiency of operations and programmes; - safeguarding of assets; and - compliance with laws, regulations, policies, procedures and contracts. Consulting Services The Chief Internal Audit Officer will consider accepting proposed consulting engagements based on the engagement's potential to improve management of risks, add value and improve the Society s operations. Accepted engagements will be included in the plan. In the provision of any assurance, the Chief Internal Audit Officer will decline the consulting engagement or obtain competent advice and assistance if the relevant skills are not available in-house for all or part of the engagement. During consulting engagements, internal auditors must address risk consistent with the engagement's objectives and be alert to the existence of any other significant risks.

Internal auditors should incorporate knowledge of risks gained from consulting engagements into their evaluation of the Society s risk management and control processes. PROFESSIONALISM Internal Audit supports and where appropriate applies the Institute of Internal Auditors' mandatory guidance including the Definition of Internal Auditing, the Code of Ethics, and the International Standards for the Professional Practice of Internal Auditing (Standards). In terms of conformance, the Internal Audit department will comply with the mandatory guidance as far as is practical, any areas of non-compliance will be reported to the Audit Committee. In addition, the internal audit activity will adhere to the Society s relevant policies and procedures and the internal audit activity's standard operating procedures manual. Members of the Internal Audit department are required to operate within The Institute's Code of Ethics. The Code of Ethics is a statement of principles and expectations governing behaviour of individuals and organisations in the conduct of internal auditing. The principles and rules are divided under four headings: integrity, objectivity, confidentiality and competency. AUTHORITY The internal audit activity, with strict accountability for confidentiality and safeguarding records and information, is authorised full, free, and unrestricted access to any and all of the Society s records, physical properties, and personnel pertinent to carrying out any engagement. All employees are requested to assist the internal audit activity in fulfilling its roles and responsibilities. The internal audit activity will also have free and unrestricted access to the Board. It is acknowledged that such access may be limited to the Chief Internal Audit Officer where the information is highly sensitive or confidential. ORGANISATION The Chief Internal Audit Officer will report functionally to the Chairman of the Audit Committee and administratively (i.e. day to day operations) to the Chief Executive Officer. The Chairman of the Audit Committee will set the objectives of, appraise and recommend the remuneration of the Chief Internal Audit Officer. The Audit Committee will: Approve the internal audit charter on an annual basis. Approve the risk based risk assessment and annual internal audit plan. Approve the internal audit annual budget and resource plan. Receive the Strategy and Business Plan for Internal Audit. Receive the gap analysis of departmental operations against The International Standards for the Professional Practice of Internal Auditing Receive communications from the Chief Internal Audit Officer on the internal audit activity s performance relative to its plan and other matters.

Evaluate the performance of Internal Audit. Oversee and approve the quality assurance and improvement programme for Internal Audit. Make appropriate inquiries of management and the Chief Internal Audit Officer to determine whether there is inappropriate scope or resource limitations. Appoint and remove the Chief Internal Audit Officer. The Chief Internal Audit Officer will communicate and interact directly with the Executive Committee, the Management Committee, the Board and the Audit Committee and between meetings, as appropriate. INDEPENDENCE AND OBJECTIVITY Internal Audit is independent of the activities which it reviews to enable unbiased judgements essential to its proper conduct and to facilitate impartial advice to management. Internal audit has free and unrestricted access to the Board. The internal audit activity will remain free from interference by any element in the Society, including matters of audit selection, scope, procedures, frequency, timing, or report content to permit maintenance of a necessary independent and objective mental attitude. Internal auditors will have no direct operational responsibility or authority over any of the activities audited. Accordingly, they will not implement internal controls, develop procedures, install systems, prepare records, or engage in any other activity that may impair internal auditor s judgment. Internal auditors will refrain from assessing specific operations for which they were previously responsible. Objectivity is presumed to be impaired if an internal auditor provides assurance services for an activity for which the internal auditor had responsibility within the previous year. Members of the Internal Audit department may not provide consulting services relating to operations for which they had previous responsibilities. If independence or objectivity is impaired in fact or appearance, the details of the impairment will be disclosed to appropriate parties. The nature of the disclosure will depend upon the impairment. Internal auditors will exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal auditors will make a balanced assessment of all the relevant circumstances and not be unduly influenced by their own interests or by others in forming judgments. The Chief Internal Audit Officer will confirm to the Audit Committee, at least annually, the organisational independence of the internal audit activity. If management holds a view which differs to that of Internal Audit, they have the opportunity to present such views to the Audit Committee.

Internal Audit will not place reliance on the work of second line assurance functions unless a thorough evaluation of the effectiveness of the function has taken place. RESPONSIBILITY The scope of internal auditing encompasses, but is not limited to, the examination and evaluation of the adequacy and effectiveness of the Society s governance, risk management, and internal controls as well as the quality of performance in carrying out assigned responsibilities to achieve the Society s main objectives and 10 year strategy. This includes: Evaluating risk exposure relating to achievement of strategic objectives. Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information. Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact. Evaluating the means of safeguarding assets and, as appropriate, verifying the existence of such assets. Evaluating operations or programmes to ascertain whether results are consistent with established objectives and goals and whether the operations or programmes are being carried out as planned. Evaluating the key risks associated with key corporate events. Monitoring and evaluating the processes and controls supporting strategic and operational decision making processes. Monitoring and evaluating the design and operating effectiveness of the governance structures and processes of the organisation. Monitoring and evaluating the effectiveness of the risk management processes; Assessing the risk and control culture of the organisation. Evaluating the quality of performance of external auditors and the degree of coordination with internal audit. Performing consulting and advisory services related to governance, risk management and control as appropriate. Evaluating specific operations at the request of the Audit Committee or management, as appropriate. INTERNAL AUDIT PLAN At least annually, the Chief Internal Audit Officer will submit to the Audit Committee an internal audit plan for review and approval. The internal audit plan will consist of a work schedule as well as budget and resource requirements for the next calendar year. The Chief Internal Audit Officer will communicate the impact of any resource limitations and significant interim changes to senior management and the Audit Committee.

The internal audit plan will be developed based on a prioritisation of the audit universe using a risk-based methodology, including business strategy and emerging and systemic risks. The Chief Internal Audit Officer will review and adjust the plan, as necessary, in response to changes in business, risks, operations, programmes, systems, and controls. Any significant deviation from the approved internal audit plan will be communicated to senior management and the Audit Committee through periodic reports. The Chief Internal Audit Officer will share information and co-ordinate activities with other internal and external providers of assurance and consulting services, including the external auditors, to ensure proper coverage and minimise duplication of effort. The Chief Internal Audit Officer may engage an external service provider for technical skills that will support the in-house team. Such services will be identified from the annual plan but remain flexible to meet any changing requirements. Clear Terms of Engagement and an appropriately skilled expert will be agreed ahead of any engagement activity. REPORTING AND MONITORING A written report will be prepared and issued by a member of the internal audit department following the conclusion of each internal audit engagement and will be distributed as appropriate. Internal audit results will also be communicated to the Audit Committee. The internal audit report will include management s response and an action schedule that specifies the findings and recommendations together with corrective action taken or to be taken, an action owner and a completion date. Any actions that have not been agreed will remain within the audit report with an explanation why it has not been accepted and will follow an escalation process through senior and executive management and ultimately the Audit Committee. The internal audit activity will be responsible for appropriate follow-up on engagement findings and recommendations. Findings that pass their agreed implementation date will be followed up until satisfactorily completed. The Chief Internal Audit Officer will periodically report to senior management and the Audit Committee on the internal audit activity s purpose, authority, and responsibility, as well as performance relative to its plan and other key performance measures. Reporting will also include significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by senior management and the Audit Committee. At least annually, an assessment of the overall effectiveness of the governance, risk and control framework will also be provided to the Audit Committee and subsequently to the Board. APPROACH In carrying out its role, Internal Audit will seek to: Work with management to add value through high quality analysis and pragmatic and cost effective solutions to control related matters;

Identify areas of good practice and themes where lessons can be learned across the Society; Be risk focussed; Maintain a professional audit team (including through use of co-sourcing support) with sufficient skills, knowledge and experience. QUALITY ASSURANCE AND IMPROVEMENT PROGRAMME In accordance with the direction of the Audit Committee, the internal audit activity will maintain a quality assurance and improvement programme that covers all aspects of the internal audit activity. The programme will include an evaluation of the internal audit activity s conformance with the Definition of Internal Auditing and the Standards and an evaluation of whether internal auditors apply the Code of Ethics. The programme will also assess the efficiency and effectiveness of the internal audit activity and identify opportunities for improvement. The Chief Internal Audit Officer will communicate to senior management and the Audit Committee on the internal audit activity s quality assurance and improvement programme, including results of on-going internal assessments and external assessments conducted at least every five years. Approved: September 2013 Version: 1.0 September 2013

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information