Manual of Policies and Procedures

A/3.3 Audit and Risk Management Committee

Contact Officer

Director, Governance and Legal Services

Approval Date

27/02/2017

Approval Authority

Council

Date of Next Review

01/12/2018

Modification History

Audit and Risk Management Committee is a Council committee established in accordance with Council Procedure 1 - Committees. Audit and Risk Management Committee is accountable to Council for fulfilling the following terms of reference.

Terms of reference

Audit and Risk Management Committee advises both Council and the Vice-Chancellor as accountable officer on the performance or discharge of functions and duties under the Financial Accountability Act 2009, the Financial and Performance Management Standard 2009 and the University's Assurance and Risk Management Services Charter (A/1.5).

Audit and Risk Management Committee's main functions are to:

  • assess and contribute to the audit process including evaluation and facilitation of the internal audit function
  • oversee financial and operational reporting
  • assess the adequacy and effectiveness of the University’s internal controls, including the risk management and compliance frameworks.

Specifically Audit and Risk Management Committee will undertake the following:

Internal Audit

Audit and Risk Management Committee:

  • approves the University's Assurance and Risk Management Services Charter
  • considers the development and implementation of systems and procedures to ensure the internal audit function operates efficiently, effectively and is consistent with The Institute of Internal Auditors - Definition of Internal Auditing, Code of Ethics and the International Standards for Professional Practice of Internal Auditing
  • reviews and approves
    • the Assurance and Risk Management Services strategic audit plan
    • on delegated authority of Council, the annual internal audit plan and all major changes to the plan
  • reports on the internal audit function in each annual report and participates in any review of the effectiveness of the internal audit function including the appointment and termination of the Director, Assurance and Risk Management Services
  • considers the way in which the internal audit function may be performed either by employees of the University or by external consultants or by a combination of both, and
  • considers all audit reports prepared by the internal audit function, and activity reports, and documents the consideration, action required and officers to whom the action is assigned and ensures follow-up action is performed by reviewing the outcome, directions or recommendations made.

Internal Control

Audit and Risk Management Committee:

  • evaluates management information systems, including the implementation and maintenance of internal controls (and including systems under development), and
  • considers the scope of internal and external auditors' review of internal control over financial reporting and obtains reports on significant findings and recommendations, together with management's responses.

External Audit

Audit and Risk Management Committee:

  • monitors the authorised auditors including:
    • consideration of the proposed external audit strategy, timeframe and fees for the year
    • review of the recommendations and comments in their reports
    • consideration of the relationship between the internal audit function, to ensure appropriate consultation to minimise unnecessary duplication of audit work and promote economy of audit activities.

Financial Statements

Audit and Risk Management Committee:

  • reviews all financial related reports to be made public, prior to release and submission to regulators
  • reviews and recommends the Annual Financial Statements to Council for approval
  • considers the impact of all significant accounting and audit policy changes, and
  • reviews annual financial statements and other reports of controlled entities to evaluate impacts on the University.

Risk

Audit and Risk Management Committee:

  • evaluates the adequacy and effectiveness of the University's risk management and compliance frameworks through quarterly reporting and advises Council on:
    • QUT's exposure to and management of significant business risks including health, safety and environment, and physical and virtual security
    • the management reporting and control systems used to monitor adherence to compliance with legislative requirements, contractual arrangements and QUT policy and procedures
    • QUT's business continuity plans
    • QUT's exposure to risks in relation to corruption and fraud
  • considers and monitors the standard of ethical conduct in areas such as conflict of interest.

General

Audit and Risk Management Committee:

  • considers any other matter consistent with its functions referred to it by Council, Council committees, the Vice-Chancellor or internal audit function
  • reviews the findings of any examinations by regulatory agencies, and any external audit or review observations, and
  • reviews the process for communicating the QUT Staff Code of Conduct to University staff and for monitoring compliance therewith.

Membership

  • Chancellor or external Council member nominated by the Chancellor
  • Four external members with expertise in accounting, finance, auditing, or risk management matters, nominated from or by Council (where an external member of Council has such expertise the appointment should be from Council, otherwise appointment of an external non-Council member with such expertise should be made by Council)

The Chair shall be nominated by the Chancellor from the other four members of the Committee.

A nominee of the Registrar is secretary.

The Vice-Chancellor, the Executive Director, Finance and Resource Planning, the Director, Assurance and Risk Management Services, and such other persons as determined by Audit and Risk Management Committee, shall have rights of audience and debate only.

Relationships

The internal audit function is part of both the Vice-Chancellor's and Council's accountability mechanisms (A/1.5 QUT Assurance and Risk Management Services Charter). The internal audit function reports to Audit and Risk Management Committee of Council to ensure the governing body's designated committee receives advice on significant audit issues. The Committee then ensures Council is advised by reporting on a regular basis.

The Committee will meet at least annually and alone with each of the stakeholders, including internal audit, external audit and management.

Tenure and frequency of meeting

Terms of office are detailed in section 6 of Council Procedure 1 - Committees.

Audit and Risk Management Committee normally meets in the cycle of meetings leading up to Council meetings, with an additional meeting in February to consider draft financial statements.

Reporting

Following each meeting, Audit and Risk Management Committee reports to the next meeting of Council.

Top

Modification History

Date

Sections

Source

Details

27.02.17 All Council Periodic review - no change in accordance with committee self-assessment review
03.12.14 All Council Periodic review - policy revised
12.03.14 All Council Revised terms of reference to remove delegation to approve financial statements and clarification of membership provisions
06.02.13 All Council Periodic review - no change required

17.12.10

All

Council

Periodic review - revised membership provisions

24.10.08

All

Governance Services

Renumbered and relocated to A/3.3 (formerly A/3.2.7)

24.10.08

All

Governance Services

Renumbered and relocated to A/3.3 (formerly A/3.2.7)

30.04.08

All

Council

Revised terms of reference of Audit and Risk Management Committee relating to internal controls

14.09.05

All

Council

Revised membership provisions of Audit and Risk Management Committee

21.07.04

All

Council

Revised committee title and terms of reference - Audit and Risk Management Committee

11.12.02

All

Council

Revised terms of reference - Audit Committee

10.04.02

All

Council

Revised terms of reference - Audit Committee

18.10.00

All

Council

Revised terms of reference

13.01.00

All

Chancellor

Revised membership provisions - Finance and Facilities Director replaced by Accounting and Business Services Director (rights of audience and debate only); Internal Audit Manager replaced by Efficiency and Audit Director (rights of audience and debate only)

10.12.97

All

Council

Revised terms of reference

Top