INTERNAL AUDIT CHARTER

This Internal Audit Charter sets out the purpose, authority, independence and responsibility of the Internal Audit and its position in the Company.

  1. Introduction

Internal Auditing is an independent and objective assurance and consulting activity that is guided by a philosophy of adding value to improve the operations of the Company. It assists the Company in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the organization’s governance, risk management, internal control.

  1. Mission

The Internal Audit team is entasked with providing assurance on the adequacy and effectiveness of the internal controls in place within the Company and its related risk management processes in reducing risk exposures to an acceptable level.

  1. Objectives

Internal Audit is an independent appraisal function established within the Company to examine and evaluate the effectiveness of the internal controls in operating its activities as a service organisation. The primary objective of the Internal Audit is to assist the Board, Audit Committee and the Management in the discharge of their oversight, management and operating responsibilities. Internal audits will furnish with analyses, recommendations, counsels and information concerning the activities reviewed to add value and improve the Company’s operations.

  1. Internal Audit Role

The internal audit activities are established by the Board of Directors and the Audit Committee and the internal audit activity’s responsibilities are defined by the Board as part of their oversight role.

The role and scope of the Internal Audit include, but not limited to the following:

  1. Reviewing and evaluating compliance with policies, plans, procedures, laws and regulations.
  2. Evaluating risk exposure relating to achievement of the Company’s strategic objectives.
  3. Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information.
  4. Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact on the Company.
  5. Evaluating the means of safeguarding assets and, as appropriate, verifying the existence of such assets.
  6. Evaluating the effectiveness and efficiency with which resources are employed.
  7. Evaluating operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned.
  8. Monitoring and evaluating governance processes.
  9. Monitoring and evaluating the effectiveness of the organization’s risk management processes.
  10. Evaluating the quality of performance of external auditors and the degree of coordination with internal audit.
  11. Performing consulting and advisory services related to governance, risk management and control as appropriate for the organization.
  12. Reporting periodically on the internal audit activity’s purpose, authority, responsibility, and performance relative to its plan.
  13. Reporting significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by the Board.
  14. Evaluating specific operations at the request of the Board or management, as appropriate.
  15. Assessing the reliability and integrity of information used to identify, measure, classify and report such information.
  16. Evaluating risk exposure relating to achievement of the organisation’s strategic objectives.
  17. assessing the adequacy and effectiveness of the system of risk management and internal controls operated within the Company.

  1. Professionalism

The internal audit activity will govern itself by adherence to The Institute of Internal Auditors’ mandatory guidance including the Definition of Internal Auditing, the Code of Ethics, and the International Standards for the Professional Practice of Internal Auditing (Standards). This mandatory guidance constitutes principles of the fundamental requirements for the professional practice of internal auditing and for evaluating the effectiveness of the internal audit activity’s performance.

The Institute of Internal Auditors’ Practice Advisories, Practice Guides, and Position Papers will also be adhered to as applicable to guide operations. In addition, the internal audit activity will adhere to the Company’s relevant policies and procedures and the internal audit activity’s standard operating procedures manual.

  1. Authority
    1. The internal audit is authorised with full and unrestricted access to all personnel, records, properties, and other information sources required to perform their duties. Document and other information provided to Internal Audit will be handled in the same prudent and confidential manner.
    2. The internal audit is free to appraise all plan, policies, procedures and activities.
    3. All employees are requested to assist the internal audit activity in fulfilling its roles and responsibilities.

  1. Organisation

The Head of Internal Audit will report functionally to the Audit & Risk Committee and administratively (i.e. day to day operations) to the Chief Executive Officer.

The Audit & Risk Committee will:

  1. Approve the internal audit charter.
  2. Approve the risk based internal audit plan.
  3. Approve the internal audit budget and resource plan.
  4. Receive communications from the Head of Internal Audit on the internal audit activity’s performance relative to its plan and other matters.
  5. Approve decisions regarding the appointment and removal of the Head of Internal Audit.
  6. Approve the remuneration of the Head of Internal Audit.
  7. Make appropriate inquiries of management and the Head of Internal Audit to determine whether there is inappropriate scope or resource limitations.
  8. The Head of Internal Audit will communicate and interact directly with the Audit & Risk Committee, including in executive sessions and between Audit & Risk Committee meetings as appropriate.

  1. Independence and Objectivity
    1. The Internal Audit shall be free from interference in determining the scope of internal auditing, performing work, and communicating results.
    2. Internal Audit will have no direct operational responsibility or authority over any of the activities audited. Accordingly, Internal Audit will not implement internal controls, develop procedures, install systems, prepare records, or engage in any other activity that may impair Internal Audit’s judgement.
    3. Internal Audit will exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined.
    4. Internal Audit will make a balanced assessment of all the relevant circumstances and not be unduly influenced by its own interests or by others in forming judgments.

 

  1. Internal Audit Plan
    1. At least annually, the Head of Internal Audit will submit to senior management and the Audit & Risk Committee an internal audit plan for review and approval. The internal audit plan will consist of a work schedule as well as budget and resource requirements for the next fiscal/calendar year. The Head of Internal Audit will communicate the impact of resource limitations and significant interim changes to senior management and the Audit & Risk Committee.
    2. The internal audit plan will be developed based on a prioritisation of the audit universe using a risk-based methodology, including input of senior management and the Audit & Risk Committee. The Head of Internal Audit will review and adjust the plan, as necessary, in response to changes in the organization’s business, risks, operations, programs, systems, and controls. Any significant deviation from the approved internal audit plan will be communicated to senior management and the Audit & Risk Committee through periodic activity reports.
    3. Any significant deviation from the approved internal audit plan will be communicated to senior management and the Audit & Risk Committee through periodic activity reports.

  1. Reporting and Monitoring
    1. A written report will be prepared and issued by the Head of Internal Audit or designee following the conclusion of each internal audit engagement and will be distributed as appropriate. Internal audit results will also be communicated to the Audit & Risk Committee.
    2. The internal audit activity will be responsible for appropriate follow-up on engagement findings and recommendations. All significant findings will remain in an open issues file until cleared.
    3. The Head of Internal Audit will periodically report to senior management and the Audit & Risk Committee on the internal audit activity’s purpose, authority, and responsibility, as well as performance relative to its plan. Reporting will also include significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by senior management and the Audit & Risk Committee.
    4. The internal audit report may include management’s response and corrective action taken or to be taken in regard to the specific findings and recommendations. Management’s response, whether included within the original audit report or provided thereafter (i.e. within thirty days) by management of the audited area should include a timetable for anticipated completion of action to be taken and an explanation for any corrective action that will not be implemented
    5. Management’s response, whether included within the original audit report or provided thereafter by management of the audited area should include a timetable for anticipated completion of action to be taken and an explanation for any corrective action that will not be implemented.
    6. The internal audit activity will be responsible for appropriate follow-up on engagement findings and recommendations. All significant findings will remain in an open issues file until cleared.

  1. Quality Assurance and improvement
    1. The internal audit activity will maintain a quality assurance and improvement program that covers all aspects of the internal audit activity. The program will include an evaluation of the internal audit activity’s conformance with the Definition of Internal Auditing and the Standards and an evaluation of whether internal auditors apply the Code of Ethics. The program also assesses the efficiency and effectiveness of the internal audit activity and identifies opportunities for improvement.
    2. The Head of Internal Audit will communicate to senior management and the Audit & Risk Committee on the internal audit activity’s quality assurance and improvement program, including results of ongoing internal assessments and external assessments conducted at least every five years.
    3. The internal audit activity will maintain a quality assurance and improvement programme that covers all aspects of the internal audit activity. The programme will include an evaluation of the internal audit activity’s conformance with the Definition of Internal Auditing and the Standards and an evaluation of whether internal auditors apply the Code of Ethics.

  1. Approval of The Audit Charter

The Company Audit Charter is endorsed by the Committee and approved by the Board of Directors in accordance with the resolution of the Directors made on 16 October 2019.

Bagaimana ingin mendapatkan maklumat mengenai servis kami? Sila tekan butang

PAUTAN

Utama

Hubungi Kami

Notis PDPA

TENTANG KAMI

Produk

Kepimpinan

WASIYYAH SHOPPE BERHAD

Wasiyyah Shoppe Berhad (651 471-T)

A-G-07, Dataran Cascade,

No. 13A, Jalan PJU 5/1,

Kota Damansara PJU 5,

47810 Petaling Jaya, Selangor. 

+603-7625 1123 / 1125

telewasiyyah@wasiyyahshoppe.com.my