Internal Audit Terms of Reference



Similar documents
Charter of the Compliance and Operational Risk Management Office (CORMO)

HIGHFIELD RESOURCES LIMITED AUDIT, BUSINESS RISK & COMPLIANCE COMMITTEE CHARTER

2.2 Reviewing the company s internal financial controls and the company s internal control and risk management systems;

Echo Entertainment Group Limited (ABN ) Risk and Compliance Committee Terms of Reference

Audit Committee. Directors Report. Gary Hughes Chairman, Audit Committee. Gary Hughes Chairman, Audit Committee

Effective Internal Audit in the Financial Services Sector

INTERNAL AUDIT CHARTER AND TERMS OF REFERENCE

Audit, Risk Management and Compliance Committee Charter

A Guide to Corporate Governance for QFC Authorised Firms

Audit and Risk Committee Charter. Knosys Limited ACN (Company)

Audit, Business Risk and Compliance Committee Charter

Audit, Business Risk and Compliance Committee charter

Tabcorp Holdings Limited

Audit, Business Risk and Compliance Committee Charter Pact Group Holdings Ltd (Company)

Audit, Business Risk and Compliance Committee Charter. Spotless Group Holdings Limited ACN

Internal Audit Charter

Audit and Risk Committee Charter. 1. Membership of the Committee. 2. Administrative matters

Audit, Business Risk and Compliance Committee Charter

FINANCIAL ASSESSMENT CRITERIA (The Assessment Criteria should be read in conjunction with OSFI s Supervisory Framework)

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

Charter of the Audit Committee of the Board of Directors of Woodward, Inc.

Internal Audit Division

Audit, Risk and Compliance Committee Charter

AUDIT COMMITTEE CHARTER

Internal Audit Charter. Version 1 (7 November 2013)

Application of King III Corporate Governance Principles

Hunter Hall International Limited

Risk & Compliance Committee Charter. HCF Life Insurance Company Pty Limited (ACN ) (the Company )

Application of King III Corporate Governance Principles

HALOZYME THERAPEUTICS, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS ORGANIZATION AND MEMBERSHIP REQUIREMENTS

Risk & Compliance Committee Charter. HCF Life Insurance Company Pty Ltd (ACN ) (the Company )

GENERAL MILLS, INC. AUDIT COMMITTEE CHARTER

RISK MANAGEMENT AND COMPLIANCE

Macquarie Group Limited Board Charter

Positioning the internal audit function within the Solvency II framework Key challenges. Ludovic Bardon Senior Manager Audit Deloitte Luxembourg

SAI GLOBAL LIMITED Risk Management Policy

Aegon Global Compliance

HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE

Risk Management Policy

Exponent, Inc. Charter of the Audit Committee of the Board of Directors (as amended through December 10, 2015)

Internal Audit Standards

NORTHERN TRUST CORPORATION BUSINESS RISK COMMITTEE CHARTER

Charter of the Audit Committee of the Board of Directors of Novo Nordisk A/S

AMERICAN AIRLINES GROUP INC. AUDIT COMMITTEE CHARTER

CORPORATE GOVERNANCE THEMATIC REVIEW of Authorised Firms in the Dubai International Financial Centre (DIFC)

Following up recommendations/management actions

BRISBANE BRONCOS LIMITED AUDIT AND RISK MANAGEMENT CHARTER

IT Governance Charter

GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES

Internal Auditing Guidelines

FIRST REPUBLIC BANK DIRECTORS ENTERPRISE RISK MANAGEMENT COMMITTEE CHARTER

CVS HEALTH CORPORATION A Delaware corporation (the Company ) Audit Committee Charter Amended as of September 24, 2014

AMTRUST FINANCIAL SERVICES, INC. AUDIT COMMITTEE CHARTER

Charity Audit Committee performance evaluation Self assessment checklist. October 2014

Code of Corporate Governance

What Every Director. How to get the most from your internal audit. Endorsed by

Board Risk & Compliance Committee Charter

Agenda Item: 7.6 Prepared by: Mark Majek, Kathy Thomas, Deborah Bell, Tamara Cowen and Jaye Stepp Meeting Date: October 2014

AUDIT AND NON-AUDIT SERVICES SUPPLIED BY AUDIT FIRMS

Introduction from Chairman Chairman Role Profile Charter of Expectations Deputy Chairman Role Profile... 7

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF GLOBAL MEDICAL REIT INC. ADOPTED AS OF JUNE 13, 2016

AUDIT COMMITTEE BEST PRACTICES CHECKLIST

KEYSIGHT TECHNOLOGIES, INC. AUDIT AND FINANCE COMMITTEE CHARTER

JERNIGAN CAPITAL, INC. CORPORATE GOVERNANCE GUIDELINES

Notion VTec Berhad (Company No D) Board Charter

Compliance Policy AGL Energy Limited

AUDIT AND RISK MANAGEMENT COMMITTEE CHARTER

COUPONS.COM INCORPORATED CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Rolls Royce s Corporate Governance ADOPTED BY RESOLUTION OF THE BOARD OF ROLLS ROYCE HOLDINGS PLC ON 16 JANUARY 2015

Board of Directors Meeting 12/04/2010. Operational Risk Management Charter

Financial Management Framework >> Overview Diagram

AUDIT COMMITTEE TERMS OF REFERENCE

WIX.COM LTD. (THE COMPANY ) AUDIT COMMITTEE CHARTER

Board Charter. HCF Life Insurance Company Pty Ltd (ACN ) (the Company )

SECTION B DEFINITION, PURPOSE, INDEPENDENCE AND NATURE OF WORK OF INTERNAL AUDIT

Sears Hometown and Outlet Stores, Inc. Audit Committee of the Board of Directors Charter

Contract Management Guideline

PRACTICE ADVISORIES FOR INTERNAL AUDIT

Risk Management Committee (Committee) Terms of Reference

SALESFORCE.COM, INC. CHARTER OF THE AUDIT AND FINANCE COMMITTEE OF THE BOARD OF DIRECTORS. (Revised September 11, 2012)

Kesa Risk Universe Compliance Risks

INSURANCE ACT 2008 CORPORATE GOVERNANCE CODE OF PRACTICE FOR REGULATED INSURANCE ENTITIES

CORPORATE GOVERNANCE GUIDELINES OF THE BOARD OF DIRECTORS OF ARTVENTIVE MEDICAL GROUP, INC.

KING III COMPLIANCE REGISTER 2015

Proposed guidance for firms outsourcing to the cloud and other third-party IT services

AUDIT AND RISK ASSESSMENT COMMITTEE TERMS OF REFERENCE

Effective Internal Audit in the Financial. Services Sector. Non Executive Directors (NEDs) and the Management of Risk

THE CHARTERED INSURANCE INSTITUTE. Advanced Diploma in Financial Planning. Unit AF6 Senior management and supervision SPECIAL NOTICES

CORPORATE GOVERNANCE GUIDELINES

Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC)

Transcription:

Internal Audit Terms of Reference Introduction 1. The Internal Audit Terms of Reference (ToR) describes the framework within which the Internal Audit Service is delivered. It is intended to act as a guide for directors and staff throughout the business and is also publicly available on the UKAR website. Definition of Internal Auditing 2. Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation s operations. It helps an organisation achieve its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes (Definition of Internal Auditing, Chartered Institute of Internal Auditors, 2012). Objective of Internal Audit 3. The primary role of Internal Audit is to help the Board and Executive Management to protect the assets, reputation and sustainability of the organisation. 4. Internal Audit s key objective is to provide reliable, valued and timely assessment to the Board and Executive Management on the effectiveness of the system of internal controls mitigating current and evolving key risks and in so doing assist the Group to enhance the effectiveness of the risk management culture within the organisation. 5. Internal Audit s work also helps the Board and Executive Management assess whether the organisation s processes and actions are in line with its values, ethics, risk appetite and other policies. Responsibilities for Internal Control 6. The Directors of the UK Asset Resolution Group ( UKAR ) (comprising Bradford & Bingley plc ( B&B ) and NRAM plc ("NRAM") have a statutory responsibility to ensure that there are adequate systems of control, inspection and reporting. 7. The Executive and Management are charged by the UKAR Board with the responsibility for maintaining adequate systems of control and reviewing the effectiveness of those controls. 8. Internal Audit provides independent, objective assurance to the Board through the Audit Committee and the Executive. This helps to ensure that adequate, effective and sustainable control processes are in operation to manage all material risks across the Group and contributes to the continuous improvement of the risk management and control process. Page 1 of 5

Scope of the Internal Audit Service 9. Internal Audit s scope is unrestricted. All the business activities of UKAR are included in the scope of Internal Audit s responsibility. This includes those of UKAR, B&B and NRAM, including those outsourced to third parties, and they are subject to regular and appropriate Internal Audit review in accordance with Internal Audit s risk based Audit Plan derived from the Audit Needs Assessment. Reporting 10. Internal Audit produces a formal, Annual Opinion on the adequacy, effectiveness and sustainability of the control processes to the Audit Committee for submission to the Board. This also supports Turnbull requirements. 11. To provide this Opinion, Internal Audit: 11.1 Determines Audit Needs by reference to the Group s Strategic Objectives and Business Plans; 11.2 Identifies and assesses the risks around those processes which operate to achieve the objectives; 11.3 Evaluates the adequacy, effectiveness and sustainability of controls, both financial and non-financial, around those points in the processes which, were they to fail, would have a material impact on the Group; 11.4 Reviews the adequacy and effectiveness of the control processes in place covering significant change projects and, based on an assessment of risk, reviews the adequacy of the underlying control framework being implemented; 11.5 Reviews the appropriateness of Management action in relation to risks where the current mitigation controls are considered to be inadequate; 11.6 Considers the controls in place to mitigate risks of poor customer outcomes; and 11.7 Considers Management s reporting on the risk management and control culture of the organisation. As with all risk types, assessment of internal controls to mitigate fraud risk are included within Internal Audit's scope. Therefore, Internal Audit procedures are designed with fraud risk in mind, but should not be relied upon to detect fraud; it is Management s responsibility to design systems of control to prevent and detect fraud. Page 2 of 5

12. Internal Audit prepares an Annual Audit Plan that is approved by the Audit Committee. This Plan is flexible in so far as it is updated to reflect any changes to the organisation s risk profile during the year, and any resultant amendments to the Plan are formally approved by the Audit Committee on a quarterly basis. 13. During the year, Internal Audit reports on a monthly basis to the Board (via the Chief Executive Officer s Report) and quarterly to the Audit Committee on the operation of the control processes and Management s progress in addressing issues identified. All outstanding issues and their status are reported to the Executive Risk Committee. In addition, every month Internal Audit reports the progress of all Management actions to the individual Directors responsible for resolution via the Monthly Control Report. 14. Quarterly reports to the Audit Committee are drawn from the results of individual audits in the period. Internal Audit reports the issues emerging from, and the findings of, each audit to relevant Management and obtains their commitment to undertake appropriate remedial action. Co-ordination with other assurance / oversight providers 15. Internal Audit s role and functions are distinct from external regulating authorities and other assurance and oversight providers. However, Internal Audit will work with other such organisations to ensure that assurance from both internal and external resources is provided in the most cost-effective manner and helps to ensure that the Board and Executive are provided with a comprehensive assessment of the overall control environment. 16. Types of co-ordination might include: 16.1 Consulting External Audit, Compliance and Operational Risk with preparing the annual Internal Audit Plan; 16.2 Providing Final Internal Audit Reports to External Audit and Compliance; and 16.3 Providing access to Internal Audit files and working papers. Consulting work 17. Internal Audit acts as a point of reference for risk and control issues, providing ad hoc advice to Management and carrying out special reviews and investigations where appropriate. Advice will only be provided where it does not impact on the required independence of the Audit function. Access 18. Internal Audit derives its authority from the Board and Audit Committee who enable them to have unrestricted access to all records, systems, documents, property and staff as required in the performance of its work. Page 3 of 5

Independence and Objectivity 19. Internal Audit remains independent of the activities that it audits to ensure objective judgement. 20. The Head of Internal Audit proactively prevents impairments to Internal Audit s independence and objectivity by: 20.1 Ensuring the Internal Audit team takes no responsibility for the design and implementation or operation of controls; 20.2 Audit team members attending, but not being a member of, Executive meetings; 20.3 Not auditing operations that Internal Audit have been responsible for in the prior 12 months; and 20.4 Addressing personal conflicts of interest that might arise through using alternative team members. 21. Any events that arise during the delivery of audits which might impair independence or objectivity such as scope limitation, restrictions on access to records or staff, or resource limitations will be reported to the Audit Committee Chairman and subsequently the Audit Committee. 22. The Head of Internal Audit has a direct reporting line to the Chairman of the Audit Committee and recourse directly to the Chief Executive Officer. 23. The appointment or termination of the appointment of the Head of Internal Audit must be approved by the Audit Committee and the FCA under the Approved Person Regime. 24. On an annual basis, within the Internal Audit Annual Opinion, the Head of Internal Audit will confirm the ongoing independence and objectivity of the Internal Audit Service. Internal Audit Strategy and Resourcing 25. The Internal Audit Strategy and Resourcing proposal is submitted to the Audit Committee for approval every three years. The Internal Audit Service is currently provided by a seconded Head of Internal Audit supported by outsourced resources. The Head of Internal Audit is responsible for providing adequate oversight of the outsourced resources. Standards 26. Internal Audit adheres to International Standards on Internal Auditing and to standards of best professional practice as published by the major accountancy bodies, Chartered Institute of Internal Auditors and the Information Systems Audit & Control Association. Internal Audit also adheres to the Page 4 of 5

recommendations set out by the Committee on Internal Audit Guidance for Financial Services (July 2013) as appropriate to the UKAR Group. 27. At least annually, an independent Quality Risk Management function overseen by a suitably qualified professional reviews the work of Internal Audit and provides a report to the Internal Audit Steering Committee which is chaired by the Chief Executive Officer. This report provides assurance that the Internal Audit function is adhering to the International Standards on Auditing and to standards of best professional practice as published by the major accountancy bodies and Chartered Institute of Internal Auditors. Results of Quality assessments are also presented to the Audit Committee on an appropriate basis. 28. In line with good practice, the Audit Committee will consider the need for an independent external review of the Internal Audit service every five years. The outcome of the review will be reported to Audit Committee. End Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information