Internal Audit Committee
| No. | Designation | Position |
|---|---|---|
| 1. | Ex-Addl. Secretary/Ex Director General/Ex-Chief Engineer of concerned MDA | Chairperson |
| 2. | A representative from the Finance Division (Not below the rank of Deputy Secretary) | Member |
| 3. | A representative from the Line Ministry (Not below the rank of Deputy Secretary) | Member |
| 4. | A retired officer from Comptroller and Auditor General (Director or above Grade) | Member |
| 5. | A representative from the Business Faculty of Public University (Not below the rank of Associate Professor) | Member |
Office Order of Internal Audit Committee
Responsibilities of Internal Audit Committee (IAC)
The Committee is accountable to the PAO for the exercise of its responsibilities. The Committee will at all times, recognize that the primary responsibility for the management of the MDA rests with the PAO.The committee will carry out the following responsibilities:
i. |
Financial Statements |
|
| a) | Review the appropriateness of accounting policies; | |
| b) | Review the appropriateness of assumptions made by management in preparing the financial statements; | |
| c) | Review the significant accounting and reporting issues, and understand their impact on the financial statements; | |
| d) | Review the annual financial statements, and consider whether they are complete and consistent with prescribed accounting and information known to Committee members; | |
| e) | Obtain assurance from the management with respect to the accuracy of the financial statements; | |
| f) | Review with management any significant issues identified; and | |
| g) | Review the annual report and consider the accuracy and completeness of the information. | |
ii. |
Risk Management |
|
| a) | Review the risk management framework for identifying, assessing, monitoring and managing significant risks; | |
| b) | Review the report of significant changes to the MDA’s risk register; | |
| c) | Review the report on the risk management culture of the MDA; | |
| d) | Liaise with management to ensure that there is a common understanding of the key risks to the MDA; | |
| e) | Review whether risk management is carried out in a manner that really benefits the MDA; | |
| f) | Assess and contribute to the audit planning processes relating to the risks of the MDA; | |
| g) | Review and recommend disclosures on matters of risk in the annual financial statements; | |
| h) | Review and recommend disclosures on matters of risk and risk management in the annual report; | |
| i) | Provide regular feedback to the PAO on the adequacy and effectiveness of risk management in the MDA, including recommendations for improvement; and | |
| j) | Satisfy itself that it has appropriately addressed the following areas: | |
|
financial reporting risks, including the risk of fraud; internal financial controls; and IT risks as they relate to financial reporting. |
||
iii. |
Internal Control |
|
| a) | Review the adequacy of the internal control system, including information technology security and control; | |
| b) | Understand the scope of internal and external auditors' review of internal control over financial reporting, and obtain reports on significant findings and recommendations, together with management's responses; | |
| c) | Review whether relevant policies and procedures are in place and up to date and whether they are complied with; and | |
| d) | Review whether the financial internal controls are operating efficiently, effectively and economically. | |
iv. |
Performance Management |
|
| a) | Review the MDA’s compliance with the performance management and reporting systems; | |
| b) | Review whether performance management systems reflect the MDA’s purpose and objectives; and | |
| c) | Review whether the performance reporting and information uses appropriate targets and benchmarks. | |
v. |
Internal Audit |
|
| a) | Review the Internal Audit Charter, budget, activities, staffing, skills and organizational structure of the Internal Audit; | |
| b) | Review and approve the Internal Audit plan, its scope and any major changes to it, ensuring that it covers the key risks and that there is appropriate coordination with the External Auditor (Auditor-General); | |
| c) | Review and concur on the appointment, replacement, or dismissal of the Head of Internal Audit (HIA); | |
| d) | Resolve any difficulties or unjustified restrictions or limitations on the scope of Internal Audit work; | |
| e) | Resolve any significant disagreements between auditors and management; | |
| f) | Review significant findings and recommendations by Internal Audit and Management responses thereof; | |
| g) | Review implementation of management actions based on Internal Audit recommendations; | |
| h) | Review the performance of the HIA; | |
| i) | Review the effectiveness of the Internal Audit function, including compliance with the Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing; and | |
| j) | Meet separately with the HIA to discuss any issues that the Committee or Internal Audit believes should be discussed privately. | |
vi. |
External Audit |
|
| a) | Review the findings and recommendations by external auditor and management responses thereof; | |
| b) | Review implementation of external auditor’s recommendations by management; | |
| c) | Ensure that the is proper coordination of audit efforts between internal and external auditors; and | |
| d) | Meet separately with the external auditors to discuss any matters that the committee or external auditors believe should be discussed privately. | |
vii. |
Compliance |
|
| a) | Review whether management has considered legal and compliance risks as part of the MDA’s risk assessments; | |
| b) | Review the effectiveness of the system for monitoring compliance with laws and regulations; | |
| c) | Review the findings of any examinations by regulatory agencies, and any auditor observations; | |
| d) | Review the process for communicating the code of conduct to the MDA’s personnel, and for monitoring compliance therewith; and | |
| e) | Obtain regular updates from management regarding compliance matters. | |
viii. |
Reporting Responsibilities |
|
| a) | Regularly report to the PAO about committee activities, issues, and related recommendations; | |
| b) | Report annually to the PAO, describing the committee's composition, responsibilities and how they were discharged, and any other information required, including approval of non-audit services; | |
| c) | Submit a summary of its activities for inclusion in the annual report; and | |
| d) | Review any other reports of the MDA issues that relate to committee responsibilities. | |
ix. |
Other Responsibilities |
|
| a) | Perform other activities related to this ToR as requested by the PAO. | |
| b) | Safeguard all the information supplied within the ambit of the law; | |
| c) | Investigate matters within its powers as identified in this ToR; and | |
| d) | Confirm annually that all responsibilities outlined in this ToR have been carried out. | |
Relevant Departments
Important Links
Emergency Hotline
