This Internal Audit Charter is intended to define the role, responsibility and accountability of the Society s Internal Audit function.

Similar documents
1. Definition & Mission

Internal Audit Mandate

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)

Report. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report

This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.

GoldSRD Audit 101 Table of Contents & Resource Listing

SERBA DINAMIK GROUP BERHAD INTERNAL AUDIT CHARTER

Internal Audit Charter

Changes To the Public Sector Internal Audit Standards April 2017

Internal Audit Annual Assertion on Internal Auditing. for Financial Year

Bank of Botswana Internal Audit Charter March 18, 2013 INTERNAL AUDIT CHARTER BANK OF BOTSWANA

1. INTERNAL AUDIT CHARTER (PDF)

INTERNAL AUDIT CHARTER

How to plan an audit engagement

Internal Audit Charter. PT Astra International Tbk

(

Internal Audit Policy

AUDITING. Auditing PAGE 1

GOVERNMENT OF YUKON POLICY 1.13 GENERAL ADMINISTRATION MANUAL

Implementation Guides

PRACTICE GUIDE. Formulating and Expressing Internal Audit Opinions

MISSISSIPPI STATE UNIVERSITY INTERNAL AUDIT CHARTER

OFFICE OF INTERNAL AUDITS APPALACHIAN STATE UNIVERSITY AUDIT MANUAL

Policies, Procedures and Guidelines

The Red (Book) Rocks The Latest and Greatest Audit Standards

Dexia Group Audit Charter

WICOMICO COUNTY INTERNAL AUDIT MANUAL OFFICE OF THE INTERNAL AUDITOR

INTERNATIONAL ORGANIZATION FOR MIGRATION. Keywords: internal audit, evaluation, investigation, inspection, monitoring, internal oversight

KING REPORT ON GOVERNANCE FOR SOUTH AFRICA 2009 (KING III)

Internal Audit Policy and Procedures Internal Audit Charter

Alfa Financial Software Holdings PLC Terms of Reference of The Audit and Risk Committee of The Board of Directors of The Company

CHARTER OF THE SONOMA COUNTY INTERNAL AUDIT FUNCTION JANUARY 15, 2013

IoD Code of Practice for Directors

Audit and Risk Committee Charter

Caribbean Association of Audit Committee Members Inc. Independent Quality Assurance Assessment of the Internal Audit function

Thai Oil Public Company Limited. Internal Audit Charter

September Terms of Reference for the Office of the Auditor General

Defence Health Governance Structure

Audit Standards 6/23/2017. Outline. Let s Refresh. Changes to the IIA Standards

Audit Committee Charter

Implementation Guide 1000

Internal Audit Appendix: IIA Standards

OFFICE OF INTERNAL AUDITS APPALACHIAN STATE UNIVERSITY AUDIT MANUAL

COLLEGE OF PHYSICIANS AND SURGEONS OF ONTARIO GOVERNANCE PROCESS MANUAL

Bank of Botswana Internal Audit Charter March 22, 2010 INTERNAL AUDIT CHARTER BANK OF BOTSWANA

UPMC POLICY AND PROCEDURE MANUAL. Links to policies referenced within this policy can be found in Section V.

AUDIT COMMITTEE REPORTING: TRENDS & BEST PRACTICES Timothy Etoori Head of Internal Audit UGAFODE Microfinance

(Adopted by the Board of Directors on 13 May 2009 and amended on 24 September 2009, 13 September 2012 and 27 November 2013)

SIAAB Guidance #02 Internal Audit Independence- Interaction with Agency Head, Senior Staff and Placement Within the Organizational Structure

Internal Audit Service LOCH LOMOND & THE TROSSACHS NATIONAL PARK AUTHORITY INTERNAL AUDIT PLAN

Quality Assurance and Improvement Program

Standard on Assurance Engagements ASAE 3500 Performance Engagements

Internal Audit Performance

CORPORATE GOVERNANCE POLICY

Understanding internal audit

Human Resources Committee Charter

What We Will Cover Today

HSBC HOLDINGS PLC GROUP AUDIT COMMITTEE. Terms of Reference

King lll Principle Comments on application in 2013 Reference in 2013 Integrated Report

Audit Committee report

James Cook University. Internal Audit Protocol

BOARD CHARTER TOURISM HOLDINGS LIMITED

IPPF Practice Guide. Internal Audit Opinions

CHARTER INTERNAL OVERSIGHT OFFICE (IOO)

SOUTHERN CROWN RESOURCES LIMITED ACN (Company) CORPORATE GOVERNANCE PLAN

Audit Committee Charter ISSUE DATE: 22 JUNE 2017 AUDIT COMMITTEE CHARTER. ISSUE DATE: 22 JUNE 2017 PAGE 01 OF 07

King lll Principle Comments on application in 2016 Reference Chapter 1: Ethical leadership and corporate citizenship Principle 1.

EKSO BIONICS HOLDINGS, INC. Corporate Governance Guidelines

Assessment of the Design Effectiveness of Entity Level Controls. Office of the Chief Audit Executive

TITLE 21 - AUDIT. Chapter 01. Audit Committee Chair... 2

AUTHORITY, ORGANIZATION AND PROFESSIONAL STANDARDS Internal Audit Charter Professional Standards and Ethics 9

AUDIT COMMITTEE CHARTER REINSURANCE GROUP OF AMERICA, INCORPORATED. the audits of the Company s financial statements;

Practice Advisory : Quality Assurance and Improvement Program

Financial Reporting Council BDO LLP AUDIT QUALITY INSPECTION

SARBANES-OXLEY INTERNAL CONTROL PROVISIONS: FILE NUMBER 4-511

OFFICE OF INTERNAL AUDIT AUDIT MANUAL

Terms of Reference CGIAR System Internal Audit Function

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

REPORT 2016/033 INTERNAL AUDIT DIVISION

Corporate Governance Statement John Bridgeman Limited

RISK AND AUDIT COMMITTEE TERMS OF REFERENCE

SEMPRA ENERGY. Corporate Governance Guidelines. As adopted by the Board of Directors of Sempra Energy and amended through December 15, 2017

Performance Auditing

Independent Validation of the Internal Auditing Self-Assessment

Ethical leadership and corporate citizenship. Applied. Applied. Applied. Company s ethics are managed effectively.

Annual Assessment of the External Auditor

Code of Ethics ISSAI 30 I N T O S A I

BOM/BSD 2/November 1994 BANK OF MAURITIUS. Guideline on Maintenance of Accounting and other Records and Internal Control Systems

THE AUDIT COMMITTEE HANDBOOK

Quality Sign off for Internal Audit Engagement. Name of Audit

Implementation Guide 2000

IBL LTD AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

System Council November 2017 paper

INTERNATIONAL STANDARD ON AUDITING 210 TERMS OF AUDIT ENGAGEMENTS CONTENTS

Implementation Guide 1300

INTERNATIONAL STANDARD

LIFELINE GOVERNANCE CHARTER

BERMAZ AUTO BERHAD (formerly known as Berjaya Auto Berhad) (Company No M) BOARD CHARTER

Implementation Guide 2050

CORPORATE GOVERNANCE KING III COMPLIANCE REGISTER 2017

Transcription:

Internal Audit Charter and Terms of Reference Introduction The Chartered Institute of Internal Auditors ( CIIA ) defines internal auditing as an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. This Internal Audit Charter is intended to define the role, responsibility and accountability of the Society s Internal Audit function. Role and Scope of Work The primary role of Internal Audit is to help the Board and Executive Management to protect the assets, reputation and sustainability of the organisation. It does this by assessing whether all significant risks are identified and appropriately reported by management and the Risk function to the Board and Executive Management; evaluating whether they are adequately controlled; and by challenging Executive Management to improve the effectiveness of governance, risk management and internal controls. The Internal Audit department is responsible for evaluating the adequacy and effectiveness of the system of risk management and internal controls operated within the Society (and within outsourced/ third party relationships) across all aspects of the Society s operations. This includes the provision of assurance and consulting services to systems and processes under development. Its responsibilities are defined and monitored by the Audit Committee, on behalf of the Board. Internal Audit do not provide services other than for Leeds Building Society and will not be involved in designing, selecting, implementing or operating specific internal controls. Assurance Services Assurance services will evaluate risk exposures relating to the Society s governance, operations and information systems with regard to the: Achievement of the Society s strategic objectives; Reliability and integrity of financial and operational information; Effectiveness and efficiency of operations and programmes; Safeguarding of assets; and Compliance with laws, regulations, policies, procedures and contracts. Consulting Services 1

The Chief Internal Auditor will consider accepting proposed consulting engagements based on the engagement's potential to improve management of risks, add value and improve the Society s operations. Accepted engagements will be included in the audit plan. In the provision of any assurance, the Chief Internal Auditor will decline the consulting engagement or obtain competent advice and assistance if the relevant skills are not available in-house for all or part of the engagement. Consultancy engagements will not impair the independence of the internal auditor. During consulting engagements, internal auditors must address risks consistent with the engagement's objectives and be alert to the existence of any other significant risks. Internal auditors should incorporate knowledge of risks gained from consulting engagements into their evaluation of the Society s risk management and control processes. Professionalism Internal Audit supports and where appropriate applies the CIIA s mandatory guidance including the Definition of Internal Auditing, the Code of Ethics, and the International Standards for the Professional Practice of Internal Auditing (Standards) in addition to the CIIA s Financial Services Code. In terms of conformance, the Internal Audit department will comply with the mandatory guidance as far as is practical, any areas of non-compliance will be reported to the Audit Committee. In addition, Internal Audit will adhere to the Society s relevant policies and procedures and the Internal Audit standard operating procedures manual. Members of the Internal Audit department are required to operate within the CIIA s Code of Ethics. The Code of Ethics is a statement of principles and expectations governing behaviour of individuals and organisations in the conduct of internal auditing. The principles and rules are divided under four headings: integrity, objectivity, confidentiality and competency. Authority Internal Audit, with strict accountability for confidentiality and safeguarding records and information, is authorised full, free, and unrestricted access to any and all of the Society s records, physical properties, and personnel pertinent to carrying out any engagement. All colleagues are requested to assist Internal Audit in fulfilling its roles and responsibilities. Internal Audit will also have free and unrestricted access to the Board. It is acknowledged that such access may be limited to the Chief Internal Auditor where the information is highly sensitive or confidential. Organisation and Accountability The Chief Internal Auditor will report functionally to the Chair of the Audit Committee and administratively (i.e. day to day operations) to the Chief Executive Officer. The Chair of the Audit Committee will set the objectives of the Chief Internal Auditor with input from the Chief Executive Officer. The full Terms of Reference for the Audit Committee are available on the Leeds Building Society website. The Chief Internal Auditor will communicate and interact directly with the Executive Committee, the Management Committee, the Board and the Audit Committee and between meetings, as appropriate. Independence and Objectivity Internal Audit is independent of the activities that it reviews to enable unbiased judgements essential to its proper conduct and to facilitate impartial advice to management. 2

Internal Audit will remain free from interference by any element in the Society, including matters of audit selection, scope, procedures, frequency, timing, or report content to permit maintenance of a necessary independent and objective mental attitude. Internal auditors will have no direct operational responsibility or authority over any of the activities audited. Accordingly, they will not implement internal controls, develop procedures, install systems, prepare records, own policy, or engage in any other activity that may impair the internal auditor s judgment. Internal auditors will refrain from assessing specific operations for which they were previously responsible. Objectivity is presumed to be impaired if an internal auditor provides assurance services for an activity for which the internal auditor had responsibility within the previous year. Members of the Internal Audit department may not provide consulting services relating to operations for which they had previous responsibilities. For specialist engagements, Internal Audit may invite subject matter experts, as guest auditors, from within the Society to support with assurance services. In any such case, objectivity will be upheld through adherence to the Internal Audit methodology and the quality assurance programme. If independence or objectivity is impaired in fact or appearance, the details of the impairment will be disclosed to appropriate parties. The nature of the disclosure will depend upon the impairment. Internal auditors will exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal auditors will make a balanced assessment of all the relevant circumstances and not be unduly influenced by their own interests or by others in forming judgments. Internal Audit will not place reliance on the work of second line assurance functions unless a thorough evaluation of the effectiveness of the function has taken place. Responsibility The scope of internal auditing encompasses, but is not limited to, the examination and evaluation of the adequacy and effectiveness of the Society s governance, risk management, and internal controls as well as the quality of performance in carrying out assigned responsibilities to achieve the Society s main objectives and ten year strategy. This includes: Evaluating risk exposure relating to achievement of strategic objectives; Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information; Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact; Evaluating the means of safeguarding assets and, as appropriate, verifying the existence of such assets; Evaluating operations or programmes to ascertain whether results are consistent with established objectives and goals and whether the operations or programmes are being carried out as planned; Evaluating the key risks associated with key corporate events; 3

Monitoring and evaluating the processes and controls supporting strategic and operational decision making processes; Monitoring and evaluating the design and operating effectiveness of the governance structures and processes of the organisation; Monitoring and evaluating the effectiveness of the risk management processes; Assessing the risk and control culture of the organisation; Performing consulting and advisory services related to governance, risk management and control as appropriate; Evaluating specific operations at the request of the Audit Committee or management, as appropriate; Undertaking audit activity to review any post-mortem and lesson learned analysis following a significant event, including an assessment of the role of the first and second lines of defence as well as Internal Audit s own role; and Assessing and reporting on key business projects in accordance with agreed project methodology. Internal Audit Plan At least annually, the Chief Internal Auditor will submit to the Audit Committee an internal audit plan for review and approval. The internal audit plan will consist of a work schedule as well as resource requirements for the next calendar year. The Chief Internal Auditor will communicate the impact of any resource limitations and significant interim changes to senior management and the Audit Committee. The internal audit plan will be developed based on a prioritisation of the audit universe using a riskbased methodology, including business strategy and emerging and systemic risks. The Chief Internal Auditor will review and adjust the plan, as necessary, in response to changes in business, risks, operations, programmes, systems, and controls. Any significant deviation from the approved internal audit plan will be communicated to senior management and the Audit Committee through periodic reports. The Chief Internal Auditor will share information and co-ordinate activities with other internal and external providers of assurance and consulting services, including the external auditors, to ensure proper coverage and minimise duplication of effort. The Chief Internal Auditor may engage an external service provider for technical skills that will support the in-house team. Such services will be identified from the annual plan but remain flexible to meet any changing requirements. Clear Terms of Engagement and an appropriately skilled expert will be agreed ahead of any engagement activity. Reporting and Monitoring A written report will be prepared and issued by a member of the Internal Audit department following the conclusion of each internal audit engagement and will be distributed as appropriate. Internal Audit reports will also be communicated to the Audit Committee and external auditors. The audit report will be in the format of an action schedule that specifies the observations identified and any corrective action taken or to be taken, an action owner and a completion date. Any observations that have not been agreed will remain within the audit report with an explanation of 4

why it has not been accepted and will follow an escalation process through senior and executive management and ultimately the Audit Committee. Internal Audit will be responsible for appropriate follow-up on engagement observations and agreed actions. Actions that pass their agreed implementation date will be tracked and reported to management. The Chief Internal Auditor will periodically report to senior management and the Audit Committee on Internal Audit s performance relative to its plan and other key performance measures including the Internal Audit balanced scorecard. Reporting will also include significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by senior management and the Audit Committee. Approach In carrying out its role, Internal Audit will seek to: Work with management to add value through high quality analysis and pragmatic and cost effective solutions to control related matters; Identify areas of good practice and themes where lessons can be learned across the Society; Be risk focused; and Maintain a professional audit team (including through use of co-sourcing support) with sufficient skills, knowledge and experience. Quality Assurance and Improvement Programme In accordance with the direction of the Audit Committee, Internal Audit will maintain a quality assurance and improvement programme that covers all aspects of Internal Audit. The programme will include an evaluation of Internal Audit s conformance with the Definition of Internal Auditing and the Standards and an evaluation of whether internal auditors apply the Code of Ethics. The programme will also assess the efficiency and effectiveness of Internal Audit and identify opportunities for improvement. The Chief Internal Auditor will communicate to senior management and the Audit Committee on the Internal Audit function s quality assurance and improvement programme, including results of on-going internal assessments and external assessments conducted at least every five years. Approved by the Audit Committee 24 January 2018 5

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback