Internal Audit Mandate

Similar documents
Bank of Botswana Internal Audit Charter March 18, 2013 INTERNAL AUDIT CHARTER BANK OF BOTSWANA

This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.

Policies, Procedures and Guidelines

Report. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report

1. INTERNAL AUDIT CHARTER (PDF)

INTERNAL AUDIT CHARTER

Audit Committee Charter

GoldSRD Audit 101 Table of Contents & Resource Listing

AUDIT COMMITTEE CHARTER (updated as of August 2016)

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

NORFOLK SOUTHERN CORPORATION. Committee s Role and Purpose

The Audit Committee of the Supervisory Board of CB&I

CHARTER FEDERAL RESERVE BANK OF RICHMOND BOARD OF DIRECTORS AUDIT AND RISK COMMITTEE

CHARTER INTERNAL OVERSIGHT OFFICE (IOO)

Internal Audit Charter

AUDIT COMMITTEE CHARTER

(

MISSISSIPPI STATE UNIVERSITY INTERNAL AUDIT CHARTER

GRANITE CONSTRUCTION INCORPORATED AUDIT/COMPLIANCE COMMITTEE CHARTER

CLP HOLDINGS LIMITED

WELLS FARGO & COMPANY AUDIT AND EXAMINATION COMMITTEE CHARTER

Audit Committee Charter Amended September 3, Tyco International plc

CHARTER OF THE AUDIT COMMITTEE NATIONWIDE MUTUAL INSURANCE COMPANY NATIONWIDE MUTUAL FIRE INSURANCE COMPANY NATIONWIDE CORPORATION

Implementation Guides

The Red (Book) Rocks The Latest and Greatest Audit Standards

RISK AND AUDIT COMMITTEE TERMS OF REFERENCE

Indivior PLC. Terms of Reference of the Audit Committee. Adopted: November 5, 2014 Last Updated: September 22, 2016 Owner: Company Secretary

CITIZENS BANCORP CITIZENS BANK BOARD AUDIT COMMITTEE CHARTER

DAVITA INC. AUDIT COMMITTEE CHARTER

2012 IIA Standards Update

Bank of Botswana Internal Audit Charter March 22, 2010 INTERNAL AUDIT CHARTER BANK OF BOTSWANA

IBL LTD AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

GOVERNMENT OF YUKON POLICY 1.13 GENERAL ADMINISTRATION MANUAL

The Audit and Compliance Committee of Novartis AG

Charter of the Audit Committee of the Board of Directors of Novo Nordisk A/S. CVR no

BrightPath Early Leaning Inc. Audit Committee Charter

AUDIT COMMITTEE CHARTER REINSURANCE GROUP OF AMERICA, INCORPORATED. the audits of the Company s financial statements;

AUDITING. Auditing PAGE 1

Internal Audit Policy and Procedures Internal Audit Charter

(Adopted by the Board of Directors on 13 May 2009 and amended on 24 September 2009, 13 September 2012 and 27 November 2013)

AUDIT COMMITTEE CHARTER. Specifically, the Audit Committee is responsible for overseeing that:

SUN BIOMEDICAL LIMITED. Corporate Governance Policies. Audit Committee Charter

IoD Code of Practice for Directors

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF MULESOFT, INC.

Audit Committee Charter ISSUE DATE: 22 JUNE 2017 AUDIT COMMITTEE CHARTER. ISSUE DATE: 22 JUNE 2017 PAGE 01 OF 07

AUDIT COMMITTEE CHARTER

FIAT CHRYSLER AUTOMOBILES N.V. AUDIT COMMITTEE CHARTER

BOARD CHARTER TOURISM HOLDINGS LIMITED

PRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES

Alfa Financial Software Holdings PLC Terms of Reference of The Audit and Risk Committee of The Board of Directors of The Company

SOUTHERN CROWN RESOURCES LIMITED ACN (Company) CORPORATE GOVERNANCE PLAN

SUNEDISON, INC. AUDIT COMMITTEE CHARTER (Adopted October 29, 2008)

BOM/BSD 2/November 1994 BANK OF MAURITIUS. Guideline on Maintenance of Accounting and other Records and Internal Control Systems

COLGATE-PALMOLIVE COMPANY AUDIT COMMITTEE CHARTER

Audit Committee Manual

NEW YORK LIFE INSURANCE COMPANY AUDIT COMMITTEE MISSION STATEMENT

COLLEGE OF PHYSICIANS AND SURGEONS OF ONTARIO GOVERNANCE PROCESS MANUAL

PPG INDUSTRIES, INC. AUDIT COMMITTEE CHARTER

CORPORATE GOVERNANCE KING III COMPLIANCE REGISTER 2017

NEWMARK GROUP, INC. AUDIT COMMITTEE CHARTER. (as of December 2017)

STATUTORY POWERS, DUTIES, ROLES AND RESPONSIBILITIES OF GOVERNORS

AUDIT COMMITTEE. each member must be financially literate (as determined by the Board);

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

Dexia Group Audit Charter

Strengthening Control and integrity: A Checklist for government Managers

King lll Principle Comments on application in 2016 Reference Chapter 1: Ethical leadership and corporate citizenship Principle 1.

OFFICE OF INTERNAL AUDIT AUDIT MANUAL

OFFICE OF INTERNAL AUDITS APPALACHIAN STATE UNIVERSITY AUDIT MANUAL

KING IV APPLICATION REGISTER. We do it better

CHARTER OF THE SONOMA COUNTY INTERNAL AUDIT FUNCTION JANUARY 15, 2013

IMMUNOGEN, INC. CORPORATE GOVERNANCE GUIDELINES OF THE BOARD OF DIRECTORS

Rolls-Royce s Board Governance

Rules of Procedure Supervisory Board Koninklijke Philips N.V.

Audit Committee Member Roles and Responsibilities

Audit Committee Charter

CORPORATE GOVERNANCE GUIDELINES

MINDEN BANCORP, INC. AUDIT COMMITTEE CHARTER

Internal Audit Appendix: IIA Standards

Changes To the Public Sector Internal Audit Standards April 2017

AMERICAN EXPRESS COMPANY AUDIT AND COMPLIANCE COMMITTEE CHARTER (as amended and restated as of September 26, 2017)

A. As member of the Board you along with the other Directors will be collectively responsible for meeting the objectives of the Board which include:

SIAAB Guidance #02 Internal Audit Independence- Interaction with Agency Head, Senior Staff and Placement Within the Organizational Structure

GROUP AUDIT COMMITTEE TERMS OF REFERENCE

INTERNATIONAL ORGANIZATION FOR MIGRATION. Keywords: internal audit, evaluation, investigation, inspection, monitoring, internal oversight

LEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE

OFFICE OF INTERNAL AUDITS APPALACHIAN STATE UNIVERSITY AUDIT MANUAL

AGS 10. Joint Audits AUDIT GUIDANCE STATEMENT

King lll Principle Comments on application in 2013 Reference in 2013 Integrated Report

TOYOTA FINANCIAL SERVICES (SOUTH AFRICA) LIMITED

Network Rail Limited (the Company ) Terms of Reference. for. The Audit and Risk Committee of the Board

Sub: -Appointment as Non-Executive Independent Director

CORPORATE GOVERNANCE GUIDELINES

Audit Committee of the Board of Directors Charter CNL HEALTHCARE PROPERTIES II, INC.

CORPORATE GOVERNANCE KING III COMPLIANCE

Medley Pharmaceuticals Limited

CODE OF ETHICS FOR CHIEF EXECUTIVE OFFICER AND SENIOR FINANCIAL OFFICERS UGI CORPORATION

DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015

How to plan an audit engagement

GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))

Transcription:

1. Constitution 1.1. As a vital component of good Corporate Governance, an in-house and centralised Internal Audit function has been established by the Mr Price Group Board of Directors. 1.2. This function is independent of all other organisational functions. Internal Audit shall provide independent and objective assurance and consulting services designed to add value and improve the Company s operations. It must help the Company to accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of governance, risk management and internal control systems and processes. 2. Independence The organizational status and independence of Internal Audit is essential as it facilitates objectivity and the application of impartial and unbiased judgement. It has therefore been established that: 2.1. The Head of Governance and Assurance shall serve in the role as Chief Audit Executive (CAE). 2.2. The CAE will report administratively to the Chief Financial Officer and functionally to the Audit and Compliance Committee (ACC). 2.3. The CAE has a standing invitation to attend meetings of the Executive Committee or other committees made up of a majority of senior executives, but is not a member of these committees in order to protect independence. 2.4. The CAE has unrestricted access to the Chairman of the Audit and Compliance Committee and the Chairman of the Board. 2.5. The ACC is responsible for overseeing Internal Audit, and in particular, the Committee shall: 2.5.1. In conjunction with the Board, be responsible for the appointment/ dismissal of the CAE; 2.5.2. In conjunction with the Chief Financial Officer, evaluate the performance of the CAE; and review and concur on the salary/ incentive reviews of the CAE; 2.5.3. In conjunction with the Chief Financial Officer, review the reasonableness of the salaries/ incentives of the Internal Audit Division; 2.5.4. Review the independence of Internal Audit, especially with respect to assurance audits conducted on the Governance and Risk Management areas within the direct control of the CAE. The ACC shall consider the need for external assurance on these areas, and shall approve these audits accordingly; 2.5.5. Review and approve the internal audit plan, mandate, objectives and goals, staffing and budget; 2.5.6. Ensure that Internal Audit is subject to a quality review, as and when the Committee determines it appropriate; 2.5.7. Consider and review with management and the internal auditors, significant findings during the year and management s responses thereto in relation to reliable reporting, risk management, corporate governance and adequate and effective internal control; 2.5.8. Ensure that the internal audit function has the necessary resources and access to information to enable it to execute its terms of reference and to perform its duties in accordance with the appropriate professional standards for internal auditors; 2.5.9. Review the co-operation and co-ordination between the internal and external audit suggested audit work plan with external auditors to avoid unnecessary duplication of work; 2.5.10. Review and elevate to the Board for resolution any significant differences of opinion between management and the internal audit function; 2.5.11. Consider and review any difficulties encountered in the course of the audits, including any restrictions on the scope of internal audit s work or access to required information; 2.5.12. Monitor the maintenance of proper and adequate accounting records; 2.5.13. Monitor the overall operational and financial reporting environment; 2.5.14. Consider any changes required in the planned scope of the internal audit coverage; 2.5.15. On a regular basis, meet separately with the CAE to discuss any matters that the Committee or internal audit believes should be discussed privately; and 2.5.16. Ensure that the CAE has unrestricted access to the Chairman of the Audit Committee and the Chairman of the Board. 3. Organisational structure 3.1. In the course of their duties, Internal Audit has full, free and unrestricted access to management, employees, any of the Company s financial and operational activities, physical locations and to all

information/ records considered necessary for the proper execution of internal audit's work, at the discretion of the CAE, subject to strict accountability for safekeeping and confidentiality thereof. 3.2. The CAE must confirm to the Board, at least annually, the organisational independence of Internal Audit. 3.3. Internal Audit has unrestricted access, in the presence of management, to Company assets. When necessary, special arrangements will be made for the examination of confidential or classified information. 3.4. The CAE and internal audit staff are not authorised to: Perform any operational duties for the Company; Initiate or approve any accounting transactions outside of Internal Audit; and Direct the activities of any associate not employed by Internal Audit, except to the extent that such associate has been appropriately assigned to assist the internal auditors. 3.5. Internal Audit may: Allocate resources, set frequencies, select subjects, determine scope of work and apply techniques required to accomplish audit objectives; and Obtain, as necessary, specific services from within or outside the Company. 3.6. Internal audit staff generally will not assume a role other than in an advisory capacity in the design, installation or operation of control procedures. Any staff transferred into Internal Audit from other departments should not provide assurance services for any aspects of their previous department s work until at least one year has elapsed. 3.7. The CAE is ultimately responsible for the work performed by all internal audit staff. This includes, but is not limited to, the establishment of the scope of activities to be carried out in the different departments, the tools and methodologies to be followed, procedures and standards, headcounts of the function in the different departments, required skills, educational levels, experience etc. for recruitment into the function, decisions on the possible outsourcing or co-sourcing of capacity. 4. Impairments to independence 4.1. The CAE must report to the CEO and ACC if independence or objectivity is impaired or appears to be impaired. Impairment to organizational independence and individual objectivity may include, but is not limited to, personal conflict of interest, scope limitations, restrictions on access to records, personnel, and properties, and resource limitations, such as funding. 4.2. Limitation of Scope Any attempted scope limitation by management must be reported, preferably in writing, to the CEO and to the ACC. The question of whether an action from management in fact constitutes a scope limitation is at the judgment of the CAE. Except in cases of suspected fraud, the CEO and the ACC may decide to accept a limitation of scope. In such instances, the CAE should evaluate from time to time whether the circumstances surrounding the scope limitation are still valid and whether the scope limitation needs to be reported again to the CEO and the ACC for their renewed consideration. 5. Responsibilities 5.1. Internal audit assurance and consulting is provided through applying the International Professional Practices Framework (IPPF), including the Code of Ethics of the Institute of Internal Auditors (IIA). 5.2. Internal audit provides assurance to the Company s stakeholders that the Company operates in a responsible manner by performing the following functions: Evaluating the Company s governance processes including ethics, especially the tone at the top ; Performing an objective assessment of the effectiveness of risk management and the internal control framework; Systematically analysing and evaluating business processes and associated controls; and Providing a source of information, as appropriate, regarding instances of fraud, corruption, unethical behaviour and irregularities.

5.3. The CAE has the responsibility to: 5.3.1. Develop a flexible risk-based internal audit annual plan, which is informed by Company strategies, key risks, input from the ACC and management; subject to ACC review and approval; 5.3.2. Implement the approved annual audit plan and any special tasks or projects requested by senior management and the members of the ACC; 5.3.3. Annually review the and present changes for ACC review and approval; 5.3.4. Recruit and maintain a professional audit staff with sufficient knowledge, skill, experience and professional certifications to meet the requirements of this Mandate; 5.3.5. Establish and maintain a quality assurance and improvement program that covers all aspects of Internal Audit; and to monitor its efficiency and effectiveness; 5.3.6. Establish policies and procedures to guide the Internal Audit activity; 5.3.7. Consider the scope of work of the external auditors and other assurance providers (risk management, compliance, security, legal, ethics, environment), as appropriate, and coordinate for the purpose of providing optimal audit coverage to the Company at a reasonable overall cost; and to minimise duplication of effort; 5.3.8. Report significant issues related to the processes for controlling the activities of the Company, including potential improvements to those processes; 5.3.9. Periodically provide information on the status and results of the annual audit plan and the sufficiency of the audit resources; 5.3.10. Keep the ACC informed of emerging trends and successful practices in internal auditing; 5.3.11. Provide a written assessment regarding the effectiveness of the system of internal controls and risk management to the Board. This enables the Board to report on the effectiveness of the system of internal controls in the integrated report; and 5.3.12. In accordance with the approved combined assurance approach, place reliance on the External Auditor to conduct a documented review of the key financial reporting controls in identified financial systems and processes every year (and provide any input necessary in this regard). 6. Nature and scope of the function The scope of Internal Audit work is to determine whether the Company s network of risk management, control, and governance processes, as designed and represented by management, is adequate and functioning effectively. The scope of possible activities that Internal Audit can engage in includes: 6.1. Evaluating whether controls are adequate, appropriate and correctly applied; and whether quality and continuous improvement are fostered in the organisation s control processes; 6.2. Evaluating the risk management and governance infrastructure, frameworks, processes and practices; 6.3. Reviewing the reliability and integrity of significant financial, managerial and operational information and the means used to identify, measure, classify and report such information; 6.4. Reviewing the systems established by management to ensure compliance with those policies, plans, procedures, laws and regulations which could have a significant impact on operations and reports, and determining whether the Company is in compliance; 6.5. Reviewing the means of safeguarding assets and, as appropriate, verifying the existence of assets; 6.6. Appraising the economy and efficiency with which resources are employed; 6.7. Evaluating the design, implementation, and effectiveness of the organisation s ethics-related objectives, programs, and activities. 6.8. Assessing whether the information technology governance of the organisation supports the organisation s strategies and objectives. 6.9. Reviewing operations or programmes to ascertain whether results are consistent with established objectives and goals and whether the operations or programmes are being carried out as planned; 6.10. Evaluating and assessing significant merging or consolidation of functions and new or changing services, processes, operations, and control processes that are coincidental with their development, implementation and/or expansion; 6.11. Contributing to the improvement of governance, risk management and control processes; 6.12. Investigation of significant irregularities and fraud, consideration of the potential for occurrence of fraud and evaluating how the organization manages fraud risk; and 6.13. Performing consulting services, beyond traditional assurance services, to assist management in meeting its objectives, examples may include facilitation; training; and advisory services. The knowledge of risks gained during consulting engagements will be incorporated into the evaluation of the organisation s risk universe.

7. Relations with other assurance providers An attitude of co-operation, coordination and collaboration will be applied in dealings with other assurance providers. 7.1. Combined Assurance Internal Audit will facilitate the compilation of the annual combined assurance plan, and will engage with all designated assurance owners and obtain details of planned assurance activities, appointment of assurance partners and scope and frequency of planned assurance activities. The proposed combined assurance plan must be submitted to the ACC on an annual basis for approval. Internal audit will make an independent assessment of the adequacy of the combined assurance approach adopted by the company. This assessment includes the adequacy of risks covered by the different assurance providers and the reliability of the assurance provided. 7.2. Relationship with Management It is the philosophy of Internal Audit to establish an on-going partnership with management and to conduct audits in a constructive manner. A spirit of participative teamwork between the auditor and those being audited will be fostered. Management will be furnished with reports setting forth independent and objective analyses, appraisals, recommendations and pertinent comments concerning the activities audited. 7.3. Relationship with External Auditors Internal audit activities will be coordinated with the external auditors to ensure: The duplication of effort and expense on routine phases of audit work is minimised; Optimal audit coverage of key risk areas is obtained; Weaknesses identified by the external auditors are taken into account in the internal audit plan, and vice versa; There is an exchange of information, audit work papers (including systems documentation), management letters; The forming of joint teams, where appropriate; and Internal audit performs certain (financial and IT) audit work to support the external audit process. 8. Internal audit reporting protocol 8.1. Detailed Internal Audit Reports A detailed internal audit report will be generated at the end of every audit assignment. This could include the audit objective, scope, opinion, executive summary, detailed findings and recommendations, management responses and agreed action. The detailed report will be discussed and agreed with the responsible management teams, and disputes and inappropriate management responses will be resolved prior to the report being released for final distribution. Audit reports are company-confidential and therefore have limited distribution. They may not be reproduced or transmitted to others without the express permission of the CAE. 8.2. Reporting to the Service Division Board The Governance and Assurance Division is required to report key Internal Audit, Risk Management, Legal and Compliance and Company Secretariat matters at the quarterly service division board meetings. The Service Division Board meeting is chaired by the CAE and attended by the CEO, CFO, Group Supply Chain Director, and Divisional MD s. The following reports will be included in the report to the Service Division Board: Minutes of the previous meeting; An Action List detailing the status of previously reported significant issues. (The issues remain on the Action List until they are reported as resolved, or are waived after general agreement by the members of the meeting); A Summary of Significant Findings (including Fraud Hotline), recommendations and related management action; A Summary of Losses/ Irregularities (as furnished by the divisional finance departments); Status/ achievement of the annual work plan and progress on the strategy (bi-annually); and Proposed plan, resources, budget and mandates (annually) for information.

8.3. Reporting to the ACC The following reports will be distributed to the ACC members and invitees at least one week prior to the meeting: A Summary of Significant Audit Findings (including fraud hotline), recommendations and related management action; A Summary of Losses/ Irregularities (as furnished by the divisional finance departments); Minutes of the Governance and Assurance Service Division Board meeting and Action List detailing the status of previously reported significant issues; Status/ achievement of the annual internal audit plan (bi-annually); Proposed internal audit plan, resources, budget and mandate (annually) for approval; and Written assessment of internal controls, risk management and governance processes (annually). 9. Approval of this Mandate Approved this 8 th day of November 2016. S Moodley SI Bird D Naidoo Head of Governance and Assurance Chief Executive Officer Chairman Mr Price Group Mr Price Group Audit and Compliance Committee Mr Price Group

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback