Book traversal links for 11. Internal Audit Function
11. Internal Audit Function
The internal audit function must be responsible for the following matters, at a minimum: | |
1. | Establishing, implementing and maintaining an audit plan, setting out the audit work to be undertaken in the upcoming years, taking into account all activities and the Company's complete system of governance. The plan must be developed taking a risk-based approach in deciding its priorities and the audit plan must be presented to the Board for approval. Where necessary, the internal audit function may carry out audits which are not included in the audit plan. |
2. | Disclosing any adverse matters affecting the function's independence. |
3. | Disclosing any material findings, and the extent of management's compliance with agreed upon corrective measures. |
4. | Conducting risk-based audits to assess the Company's alignment with the Company's Risk Culture, Risk Appetite, Risk Profile and Risk Limits. |
5. | Assessing the Company's processes, policies and the documentation thereof on an entity and Group-wide basis and on an individual Subsidiary and business unit basis. |
6. | Assessing the employees' and business units' compliance with applicable Central Bank Laws, Regulations and internal controls. |
7. | Assessing the reliability of management information systems and processes. |
8. | Evaluating the methods of safeguarding Company and policyholder assets and, as appropriate, verifying the existence of such assets and the required level of segregation in respect of Company and policyholder assets; |
9. | Monitoring and evaluating the effectiveness of the Company's other Control Functions, particularly the Risk Management, actuarial and compliance functions. |
10. | Coordinating with the external auditors and, to the extent requested by the Board and consistent with applicable law, evaluating the quality of performance of the external auditors. |
11. | Issuing recommendations based on the result of work carried out in accordance with the audit plan and submit a written report on the findings and recommendations to the Board on at least an annual basis; |
12. | Verifying compliance of Senior Management with the decisions taken by the Board on the basis of those recommendations referred to in the internal audit report. |