Internal Audit is independent of the activities which it audits to ensure the unbiased judgements essential to its proper conduct and impartial advice to management.
To maintain objectivity and independence, Internal Auditors shall have no direct operational responsibilities or authority over any of the activities they review. Additionally, they shall not develop nor install systems or procedures, prepare records, or engage in any other activity which would normally be audited or which may impair their ability to maintain their independence.
The Divisional Director, Internal Audit has a direct reporting line to the Chairman of the Audit Committee, meets at least once per year in a ‘private’ session with the Audit Committee and has regular meetings with the Chief Executive. Additionally, regular meetings are also held with the Group Finance & Operations Director, Group Secretary and Chief Risk Officer. The Divisional Director, Internal Audit also has the right of access to the Chairman at all times.
The Divisional Director, Internal Audit, although a member of the Executive Committee (ExCo), does not have any voting rights or decision making authority.
Where the tenure of the Divisional Director Internal Audit exceeds seven years, the Audit Committee discuss annually the Chair's assessment of the Divisional Director Internal Audit's independence and objectivity.
An External Quality Assessment of Internal Audit is conducted every three years.
The purpose of the Internal Audit Department is to:
Internal Audit has unrestricted access to all activities undertaken by the Society, in order to review, appraise and report on:-
Internal Audit staff have the full authority of the Audit Committee, the Board and the Chief Executive when carrying out their duties. The Department has the right of unrestricted access to records, IT systems, documents, properties, staff and directors in all areas of the Society’s operations. This right of access shall be exercised reasonably at all times and may be restricted to the Divisional Director, Internal Audit in matters of extreme confidentiality. Access restrictions and lack of co-operation by staff or directors that affect the scope of any review will be reported to the Audit Committee.
The Divisional Director, Internal Audit is responsible for:-
The Divisional Director, Internal Audit is accountable to the Audit Committee for:-
providing regular assessments of the adequacy and effectiveness of the Society’s systems of risk management and internal control, based on the work of Internal Audit, and separately, an assessment of the risk management culture within all areas reviewed as appropriate;
reporting significant control issues and potential recommendations for improving risk management and control processes;
providing periodically, information on the status and results of the annual audit plan and the sufficiency of Internal Audit resources; and
reviewing, updating and presenting this Charter to the Audit Committee on an annual basis
Any breaches of the Society systems of control or other issues that cannot be resolved with Management will be reported to the Chairman of the Audit Committee.