NRCS AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

Transcription

1 NRCS AUDIT AND RISK COMMITTEE TERMS OF REFERENCE POLICY REGARDING THE ROLE AND RESPONSIBILITIES OF THE AUDIT AND RISK COMMITTEE 1. INTRODUCTION The Audit and Risk Committee ( The Committee ) is constituted in terms of the requirements as prescribed by Treasury Regulations in terms of the Public Finance Management Act (Act 1 of 1999) and sound corporate governance practices. The Committee is established to assist the Board in discharging its duties relating to the safeguarding of assets, the operation of adequate systems, control processes and the preparation of accurate financial reporting and statements in compliance with all applicable legal requirements and accounting standards (King II Appendix V 2.1). The Committee should not perform any management functions or assume any management responsibilities. It provides a forum for discussing business risks, and control issues for developing relevant recommendations to the Board (Treasury Regulation Report and make recommendations to the accounting authority) (King II Appendix V 2.1). In addition, the Committee is responsible to review and assess the integrity of risk control systems and to ensure that risk policies and strategies are managed effectively. (KING II Appendix V 7.1) The membership, resources, responsibilities and authorities (composition, functions and operation) of the Committee to perform its role effectively, is stipulated in this charter (Treasury Regulation ) (King II, Section 5, 5.5) (King II Appendix V 2.1), which must be formally adopted and reviewed by the Board at least annually to ensure its relevance (Treasury Regulation ) (King II Section 5 5.5). NRCS Audit Commt ToR Page 1 of 14 Compile by: BA Khanyile Date: 30 Oct 2008 Snr Man Corporate Serv

2 2. STATUS The Committee has non-executive status in an advisory capacity to the Board. The Committee has no executive powers with regard to its findings and recommendations on any operational aspects of the management and control of NRCS. Its role is that of an independent monitor (Treasury Regulation ). The powers of the Committee shall not be limited in any way which would prevent it from properly performing its duties (King II Appendix V 2.8 the Committee is authorized to investigate any activity within its terms of reference). Furthermore, the Committee shall have the right to have access to records containing information needed to properly perform its duties and execute its powers in terms of this Charter. In dealing with risk matters, the Committee will be in a position to decide on the nature and extent of assurance required from external and internal audit. The Committee has direct and unobstructed lines of communication to the NRCS Board, the Executive Management and the External and Internal Auditors. 3. CONSTITUTION OF THE COMMITTEE 3.1 Membership of the Committee (Treasury Regulation ) (King II Section 5 5.5) The Committee comprises of three members of NRCS s Board elected to serve thereon, and two external members. The Board shall appoint a Chairperson from the non-executive members of the Committee and determine the period for which he or she shall hold office. The Chairperson of the Board shall not be eligible to be appointed as Chairperson of the Committee (King II Appendix V 2.2). Individuals holding the following office may from time to time be co- Opted to attend risk meetings: NRCS Audit Commt ToR Page 2 of 14 Compile by: BA Khanyile Date: 20 Jan 2009 Approved by NRCS IMC

3 Chief Executive Officer (CEO; Chief Financial Officer (CFO); Executive Member; Internal Auditor; Auditors. The Board shall have the power to, at any time; remove any members from the Committee and to fill any vacancies created by such removal (King II Appendix V 2.2). 3.2 Secretary A Board Secretariat (full time employee of the NRCS) has been appointed and attends all Board and Sub Committee Meetings and keeps minutes of these meetings. These shall be reviewed and approved by the members of the Committee (King II Appendix V 2.7). 4. RESPONSIBILITIES AND DUTIES OF THE COMMITTEE 4.1 Responsibilities and duties as related to Risk Management (KING II Appendix V 7.3). The Committee will: Review any legal matters that could have a significant impact on NRCS s business; Review the adequacy of the insurance cover; Review risk philosophy, strategy, policies and processes recommended by Executive Management and consider reports by Executive Management on implementation and communication to ensure incorporation into the culture of the NRCS; NRCS Audit Commt ToR Page 3 of 14 Compile by: BA Khanyile Date: 30 Oct 2008 Snr Man Corporate Serv

4 Monitor compliance with such policies, with the overall risk profile of the NRCS in mind; Review risk identification and measurement methodologies; Ensure that risk definitions together with risk policies, are formally reviewed on an annual basis; Review written reports, the adequacy and overall effectiveness of the Unit's/ Centres risk management functions, and reports on internal control and any recommendations, and confirm that appropriate action has been taken. Any significant control failings or weakness identified should be included in such recommendations as well as their potential impact; Review the acceptability of the risk profile as reported by Executive Management in conjunction with the overall risk appetite of the NRCS, taking into consideration all risk mitigation factors including (but not limited to) insurance, business continuity and disaster recovery planning, internal controls; Make recommendations to the Board to address serious risk issues; and Review the annual risk statement and other risk disclosures in the annual report. 4.2 The Committee must evaluate the performance of Auditor(s) and the external audit External Auditors The Committee will: Evaluate the independence (Treasury Regulation independence and objectivity) and effectiveness of the External Auditor(s) and NRCS Audit Commt ToR Page 4 of 14 Compile by: BA Khanyile Date: 20 Jan 2009 Approved by NRCS IMC

5 consider any non-audit services rendered by such auditors (King II Section ) as to whether this substantively impairs their independence (King II Appendix V 2.3 (i)); Discuss and review, with the External Auditor(s) before the audit commences, the Auditor(s) engagement letter, the terms, nature and scope (King II Section ) of the audit, the audit fee (King II Section Cost effectiveness), and to ensure co-ordination (where more than one audit firm is involved); Review overall audit role, to explore objectives, minimize duplication, discuss implications of new auditing standards and ensure that the external audit fee will sustain a proper audit and provide value for money (King II Appendix V 2.3 (xii); and Consider the rotation policy adopted by the external auditors, and whether there is any need to recommend that the audit partner or senior staff be changed because of the extent of time served on the audit engagement (King II Section ) External Audit The Committee will: Negotiate procedures, subject to agreement, beyond minimum statutory and professional duties there are certain minimum nonnegotiable procedures required from the External Auditors (King II Appendix V 2.3 (v)); Make suggestions as to problem areas that the audit can address (King II Appendix V 2.3 (viii)); Consider any accounting treatments, significant unusual transactions, or accounting judgments, that could be contentious (King II Appendix V 2.3. (ix)); Identify key matters arising in the current year s Management letter and satisfy itself that these are being properly followed up (King II NRCS Audit Commt ToR Page 5 of 14 Compile by: BA Khanyile Date: 30 Oct 2008 Snr Man Corporate Serv

6 Appendix V 2.3 (x)); Obtain assurance from the External Auditor(s) that adequate accounting records are being maintained (King II Appendix V 2.3 (xiv));and Review any accounting and auditing concerns identified as a result of external audits (Treasury Regulation (e)) (King II Section 5 5.7). 4.3 Internal control and internal audit An important role of the Committee will be to monitor and supervise the effective functioning of the internal audit (Treasury Regulation (b)) (King II Section 5 5.7), ensuring that the roles and functions of the external audit with internal audit are sufficiently clarified and co-coordinated to provide an objective overview of the operational effectiveness of NRCS s systems of internal control and reporting Internal Control will include (King II Appendix V 2.3): Reviewing the effectiveness of NRCS s systems of internal control (Treasury Regulation (a)) (King II Section 5 5.7), including internal financial control and business risk management and maintaining effective internal control systems (King II Appendix V 2.3); Reviewing accounting and auditing concerns identified as a result of internal audits (Treasury Regulation (e)) (King II Section 5 5.7); Receiving the activity reports and a summary of the department s main recommendations and management s plans for their implementation (King II Section 5 5.9); Reviewing the adequacy of corrective action taken by Management in response to significant internal audit findings (Treasury Regulation (g)) (King II Appendix V 2.3); NRCS Audit Commt ToR Page 6 of 14 Compile by: BA Khanyile Date: 20 Jan 2009 Approved by NRCS IMC

7 Reviewing significant matters reported by the internal audit function (Treasury Regulation (g)) (King II Appendix V 2.3); Reviewing significant differences of opinion between Management and the internal audit function (King II Appendix V 2.3) Internal Audit will include (King II, Appendix V 2.3): Reviewing the internal audit function s compliance with its mandate as approved by the Committee (King II Appendix V 2.3); Considering the appointment, dismissal or re-assignment of the Head of the Internal Audit function; (King II Appendix V 2.3) The Committee shall advise and review the appointment, replacement, re-assignment or dismissal of the Manager: NRCS Internal Audit Services (NIAS). Reviewing and approving the Internal Audit Charter, internal audit plans (3 year rolling strategic plan; annual audit coverage (Treasury Regulation (g)) (King II Section 5 5.9) and Internal Audit s conclusions with regard to internal control (King II Appendix V 2.3); Reviewing the objectives and the operations of the internal audit function (King II Appendix V 2.3); Assessing the adequacy of performance of the internal audit function (King II Appendix V 2.3), and the adequacy of available internal audit resources (King II Section 5 5.9) (King II Appendix V 2.3); and Reviewing the co-ordination between the internal and external audit functions (Treasury Regulation (g)) and coordinating the formal internal audit work plan with External Auditors to avoid duplication of work (King II Appendix V 2.3). NRCS Audit Commt ToR Page 7 of 14 Compile by: BA Khanyile Date: 30 Oct 2008 Snr Man Corporate Serv

8 4.4 Reviewing the Financial Statements The Committee is responsible for reviewing the financial statements and annual report, acting under the guidance of the External Auditors. The objective of the review is to ensure that disclosure is adequate and that fair presentation is achieved (Treasury Regulation (d) and King II Section 5 5.7). The Committee must review the adequacy, reliability and accuracy of financial information provided to management and other users of such information (Treasury Regulation (d)), including contingent liabilities, such as outstanding litigation. Such a review would entail: Evaluating the independence and effectiveness of the External Auditors and Internal Auditors; Controlling the overall operational and financial reporting environment; Safeguarding NRCS s assets against unauthorized use or disposal; and Directing and supervising investigations into matters within its scope, for example, evaluations of the effectiveness of NRCS s internal control, cases of employee fraud, misconduct or conflict of interest. The Committee must comment on its evaluation of the financial statements in the Annual Report (Treasury Regulation (c)). 4.5 Communicating with the Auditors The Committee is responsible for communicating with the Internal and External Auditors. In its overseeing role, the Committee should focus on: The changing business environments; Changing financial reporting requirements; NRCS Audit Commt ToR Page 8 of 14 Compile by: BA Khanyile Date: 20 Jan 2009 Approved by NRCS IMC

9 The findings from the annual audit and interim work, including comments on controls; and The proposed audit scopes, and approaches with respect to complex, high risks (Treasury Regulation Risk areas of the entity s operations) (King II Section The Committee should review the risk areas of the company s operations to be covered in the scope of the internal and external audits), and judgmental areas. The Committee should meet at least twice per year with the Internal and External Auditors to discuss these matters and to ensure that there are no unresolved issues of concern (Treasury Regulation The Committee must meet at least annually with the Auditor-General or the external auditor, whichever applicable, to ensure that there are no unresolved issues of concern) (King II Section ) (King II Appendix V 2.5). At least one of these meetings may exclude executive members of the Board to ensure free and open communication (King II Appendix V 2.8). In its review process and discussions with the Auditors, the Committee should ensure that the following matters are addressed: Auditors to report whether the scope of the audit was restricted by Management; Problems and reservations arising from the interim and final audits, and any material points raised in audit reports issued since previous meetings and Management s response thereto; The status of internal control and the results of the internal control matrix; Review of the organization s statement on internal control; Report back from Auditors on major weaknesses in internal control, as well as steps taken to rectify problem areas; NRCS Audit Commt ToR Page 9 of 14 Compile by: BA Khanyile Date: 30 Oct 2008 Snr Man Corporate Serv

10 The effectiveness of the internal audit function conducted as an extension of the external audit work. This would involve ensuring that there is proper co-ordination between the Internal and External Auditors and that the internal audit function is adequately resourced and has appropriate standing within the organization; Areas of significant disagreement between Management and the Auditors; Major findings of internal investigations and Management s response; Auditors report on incidents of fraud and/or irregularities and/or stock losses since the previous meeting; Steps taken to review the organization s IT procedures and controls at major installations; Areas where Management believe the costs of implementing additional or changed controls outweigh the risk of making no changes; and All qualifications noted on audit packs, irrespective of their nature, materiality or subsequent clearance, and the circumstances giving rise to the qualifications fully explained. 4.6 Ethical Code of Conduct A well-written and appropriate Code of Conduct, endorsed by the CEO, is a good communication device which alerts all employees to ethical standards and guidelines for acceptable behavior. Such standards promote ethical decision-making and may help resolve ethical dilemmas that arise. The Code should also promote an environment where open communication is expected and protected. The Committee will be responsible for the following regarding the Ethical Code of Conduct: NRCS Audit Commt ToR Page 10 of 14 Compile by: BA Khanyile Date: 20 Jan 2009 Approved by NRCS IMC

11 Monitoring the Ethical Conduct of the NRCS, its Executives and senior officials (King II Appendix V 2.3 Ethics (i)); Reviewing any statements of ethical standards or requirements for the NRCS and assisting in developing such standards and requirements (King II Appendix V 2.3 Ethics (ii)); Compliance with the requirements of the NRCS Act (King II 2.3 Ethics (iii)); Compliance with the laws and regulations (Treasury Regulation (f)) of any other applicable statute and of controlling bodies (King II Section 5 5.7) (King II Appendix V 2.3 Ethics (iv)); Identification of any violation of ethical conduct (King II Appendix V 2.3 Ethics (v)); and Environmental and social issues (King II Appendix V 2.3 Ethics (vi)). The Committee will also give recommendations on any potential conflict of interest or questionable situations of a material nature (King II Appendix V 2.3 Ethics). 4.7 Reporting and Accountability The chairperson of the Committee shall account to the Board for its activities and make recommendations to the Board concerning the adoption of the annual financial statements and any other matters arising from the above responsibilities (King II Appendix V 2.4). Should a report from Internal Audit (or any other source) to the Committee implicate any member of the Accounting Authority (NRCS Board) in fraud, corruption or gross negligence, the Chairperson of the Committee must promptly report this to the Executive Authority (the dti) and the Auditor- General (Treasury Regulation ). NRCS Audit Commt ToR Page 11 of 14 Compile by: BA Khanyile Date: 30 Oct 2008 Snr Man Corporate Serv

12 The Committee must communicate any concerns it deems necessary to the Executive Authority, the Auditor-General and if appropriate, the External Auditor (Treasury Regulation ). 4.8 Letter for Annual Report The Committee must prepare a letter for the inclusion in the Annual Report of the organization that describes the Committee s composition (King II Section ) and responsibilities, whether or not the Committee has adopted formal terms of reference and how they were discharged in terms of its reference (Treasury Regulation ) (King II Section ). The Committee must report on the effectiveness of internal controls in the Annual Report (Treasury Regulation (b)). 5. MEETING OF THE COMMITTEE Meetings of the Committee will be held as frequently as the Committee considers appropriate, but it will normally meet at least once quarterly. The Board or any member thereof, including members of the Committee, External Auditors, and the Head of Internal Audit may call for further meetings (King II Appendix V 2.6). Reasonable notice of meetings and the business to be conducted shall be given to the members of the Committee, the Chairperson of the Board, the CEO, Executive Managers responsible for finance, the Head of Internal Audit and the External Audit Partners to make proposals as necessary (King II Appendix V 2.6). ¹(Meetings to consider: the draft Annual Financial Statement and Report of Auditors; and Audit Scope System and controls and audit planning for the current Financial year respectively. NRCS Audit Commt ToR Page 12 of 14 Compile by: BA Khanyile Date: 20 Jan 2009 Approved by NRCS IMC

13 The CFO, Senior Audit Partner in charge of the External Audit and Head of Internal Audit shall be in attendance at meetings of the Committee and shall have unrestricted access to the Chairperson or any other member of the Committee as is required in relation to any matter falling within the remit of the Committee (King II Appendix V 2.6). In addition, the Executives specifically responsible for risk shall attend the meetings of the committee but shall not have a vote. The Chairperson, at his/her discretion, may invite other executives to attend and to be heard at meetings of the Committee (King II Appendix V 2.6). No attendee shall have a vote at meetings of the Committee (King II Appendix V 2.6). The minutes of all meetings of the Committee, or summaries thereof, shall be submitted to the Board at the immediate following Board meeting, the Agenda for each such Board Meeting shall provide an opportunity for the Chairperson of the Committee to report orally on any matters of importance as well as on the Committee s findings and recommendations (Treasury Regulation (a) Report and make recommendations to the accounting authority) (King II Section ) (King II Appendix V 2.6). 6. GENERAL The Committee has the right to initiate investigations regarding any matter within its powers (Treasury Regulation ) (King II Appendix V 2.8) that it may deem necessary and for this purpose it may take such independent professional advice as it considers necessary (King II Appendix V 2.10). The Committee must be provided with the resources it needs to investigate such matters and shall have full access to information (Treasury Regulation ) (King II Section ). The Committee must safeguard all information supplied to it within the ambit of the Law (Treasury Regulation ). NRCS Audit Commt ToR Page 13 of 14 Compile by: BA Khanyile Date: 30 Oct 2008 Snr Man Corporate Serv

14 These terms of reference may be amended as required, subject to the approval of the Board (King II Appendix V 2.10). The Committee s activities and effectiveness should be assessed periodically and reviewed by the Board (King II Section ). NRCS Audit Commt ToR Page 14 of 14 Compile by: BA Khanyile Date: 20 Jan 2009 Approved by NRCS IMC