- The purpose of GIA is to provide independent, objective assurance to the Nedbank Group Limited Board of Directors via the Group Audit Committee that the governance processes, management of risk and systems of internal control are adequate and effective to mitigate the risks (in line with GIA Internal Audit Methodology), both current and emerging, that threaten the achievement of the Group’s strategy and key objectives, and in so doing help improve the internal control and risk culture of the Group.
- GIA receives its authority from the Group Audit Committee (GAC), which is a committee of the Board of Nedbank Group Limited established to, among other things, review the work of Internal Audit of Nedbank Group Limited and its subsidiaries (the "Group").
OBJECTIVE AND SCOPE OF WORK OF GIA
The objective and scope of work of GIA is to determine whether the Group’s systems of internal controls, risk management and governance, as designed and operated by management, are adequate and effective.
The scope of GIA’s work is determined by a risk-based approach and so the key risks facing the Group, including subsidiaries, and the requirements of the GAC, subsidiary Audit Committees and the Group and subsidiary Executive Committees. This should include alignment to business strategic priorities.
ACCOUNTABILITY OF THE HEAD OF AUDIT
The Head of Audit, in the discharge of his/her duties, shall be accountable, inter alia, to the Nedbank Group CIA/ Customer Executive to:
- Support the periodic assessments of the outcomes of internal audit work to appropriate governing bodies, including the GAC, Board Risk Committee, Executive IT Committee (EITCO) and Group IT Committee (GITCO);
- Report on the overall effectiveness of the governance, risk and internal control framework of the Group;
- Comply with regulatory and corporate governance expectations of internal audit functions;
- Report significant issues related to the processes for controlling the activities of the Group, including potential improvements to those processes;
- Report periodically on the progress of the audit plan delivery
- Maintain and report on whether GIA has sufficient professional audit staff with knowledge, skills, experience and professional qualifications to meet the requirements of the GIA Charter and audit plan;
- Have in place a robust process to follow-up management’s agreed actions to address issues raised by GIA;
- Accountable for the delivery and measurable performance of their respective portfolio, including audit plan delivery;
- Apply judgement to provide an overall audit opinion on the system of internal financial controls of the Group;
- Provide insights from the outcomes of internal audit work to appropriate governing bodies;
- Maintain an open and constructive relationship as a Trusted Advisor with senior internal and external stakeholders including Institute of Internal Audit, SARB, External Audit and Business Executives;
- Implement effective and efficient audit processes to ensure that audit processes are optimized and comply with the relevant governance expectations of internal audit functions;
- Develop and maintain relationships with business and key stakeholders in order to ensure robustness and completeness of audit coverage and contribute at an insight generator/trusted advisor to business to enhance assurance provided of the control environment;
- Contribute to the development of a 12-month rolling audit plan using a risk-based methodology, taking into consideration specific business strategic focus areas, regulatory requirements pertaining to internal audit, as well as including any risks or control concerns identified by management, the GAC and the Board;
- Submit the 12-month rolling audit plan to the GIA Customer Executive: CIB, RBB & Wealth, Card, Payments and Shared Services for review and approval prior to the commencement of a calendar year;
- Deliver and report on the rolling risk-based internal audit plan;
- Allocate audit resources in accordance with the risk profile for the responsible clusters and ensure the effective and efficient use of these resources in accordance with approved budgets;
- Have a robust process in place to follow-up and report on management’s progress in implementing agreed actions to address issues identified by GIA; and
- Maintain an open and constructive relationship with the CIA, GIA Customer Executive: CIB, RBB & Wealth, Card, Payments and Shared Services, Business executives, and key stakeholders by providing value added services and sharing information.