Audit & Risk Committee
Committee Self-Assessment
Acknowledgement: This Audit & Risk Committee self-assessment tool was modified from one
originally designed by PricewaterhouseCoopers for the Institute of Internal Auditors Research
Foundation.
Please rate how you believe Treasury’s Audit & Risk Committee performs, where
1 = Very Poor and 7 = Excellent.
Please add a comment if you wish, but particularly if your rating of any aspect of
performance is below what you consider acceptable.
#
1. Committee structure and
Operating Context
1
The composition of the Treasury
Audit & Risk Committee is conducive
to both maintaining continuity and
ensuring a fresh perspective.
Rating
(1-7)
Comment
To achieve a balance, the Secretary
may establish an appropriate rotation
schedule.
2
The Treasury Audit & Risk
Committee is able to provide
independent advice without concern.
The ability of the Audit & Risk
Committee to exercise independent
judgement is vital.
3
The Treasury Audit & Risk
Committee has sufficient technical
expertise.
The Committee’s Charter, based on TPP
15-03, describes the expertise the
Committee should possess in aggregate
4
The Treasury Audit & Risk
Committee has sufficient authority
and resources to achieve its
objectives.
The Audit & Risk Committee should
have adequate authority and resources
to discharge its responsibilities
effectively.
Audit & Risk Committee Self-Assessment Checklist: Template last updated Sept 2015
1
#
1. Committee structure and
Operating Context
5
The Treasury Audit & Risk
Committee’s responsibilities,
specific duties and resources are
clearly set out in writing and
regularly reviewed.
Rating
(1-7)
Comment
Rating
(1-7)
Comment
The Audit & Risk Committee should
have a written Charter setting out its
authority, responsibilities, specific
duties and resources.
This should be approved by the
Secretary, reviewed periodically and
modified as necessary.
6
There are open lines of
communication between the
Treasury Audit & Risk Committee
and the Secretary and CFO.
The Secretary and the CFO should be
encouraged to communicate with the
Audit & Risk Committee when, in the
judgement of either of them, the Audit &
Risk Management Committee should
be informed of any special financial
reporting, risk, internal control or
auditing matter.
7
The Committee has access as
required to senior management, and
to external audit service providers.
The Committee should monitor the
process and results of both internal and
external audit for the agency and its
entities. Entities should ensure it has
sufficient to senior management to
inform itself and to convey any
concerns.
2. Work of the Committee
8
The CAE and Internal Audit service
providers have direct unrestricted
access to the Treasury Audit & Risk
Committee.
The CAE and other internal audit
service providers should be an
important resource for the Audit & Risk
Committee, providing a valuable source
of information and advice.
An internal auditor should be able to
communicate as necessary with the Audit
& Risk Committee and report on internal
audit activities, findings and concerns.
Audit & Risk Committee Self-Assessment Checklist: Template last updated Sept 2015
2
2. Work of the Committee
9
Rating
(1-7)
Comment
Audit & Risk Committee members
maintain a sufficient understanding
of Treasury’s operations.
Audit & Risk Management Committee
members must have a sufficient
understanding of the organisation’s
operations and associated business
risks, financial reporting process and
internal control structure.
To maintain a sufficient level of
understanding, Audit & Risk Committee
members should systematically keep
abreast of business developments and
issues.
10
The Treasury Audit & Risk
Committee meets on a regular basis
and, if circumstances require,
special meetings are called.
The minimum number of meetings
should be included in the Audit & Risk
Committee’s Charter and Terms of
Reference.
11
The Audit & Risk Committee
contributes an effective independent
review of financial reporting.
The Audit & Risk Committee should
review interim results and annual
financial statements prior to the final
sign off by the Secretary and issue to
the external auditor.
12
The Treasury Audit & Risk
Committee members satisfy
themselves as to the adequacy of the
organisation’s systems of internal
control.
The Audit & Risk Committee should
satisfy itself that management
systematically identifies key areas of
risk faced by the business and that an
appropriate control environment is
maintained.
In particular the Audit & Risk Committee
should monitor Treasury management’s
strategy for ensuring that the
organisation has implemented
appropriate systems of internal control
and that these internal controls are
functioning effectively.
Audit & Risk Committee Self-Assessment Checklist: Template last updated Sept 2015
3
2. Work of the Committee
13
Rating
(1-7)
Comment
The Treasury Audit & Risk
Committee meets with the external
auditors.
The Audit & Risk Committee should
meet with the external auditors to
review the scope, and later the results,
of their planned audit work.
At least once a year the Audit & Risk
Committee should meet with the external
auditors without Treasury staff members
being present.
14
The Treasury Audit & Risk
Committee regularly asks
management and the external
auditors if there were any significant
accounting or reporting issues
discussed during the year.
The Audit & Risk Committee should be
aware of any discussions between
management and the external auditors
relating to significant accounting and
reporting issues and whether there
were any differences of opinion and
how any such differences were
resolved.
15
The Treasury Audit & Risk
Committee seeks explanations from
management and the external
auditors concerning the effects of
any new accounting standards on
Treasury financial statements.
The Audit & Risk Committee should
enquire not only about the effects of
adopted accounting standards, but also
about the potential effects of new
accounting standards for which
adoption has been postponed.
16
The Treasury Audit & Risk
Committee reviews the
representation letter to the external
auditors before the external auditor
issues the independent auditor’s
report.
The Audit & Risk Committee should
review the details of management
representations before they are
submitted to the external auditor for
approval and issue of the independent
auditor’s report.
Audit & Risk Committee Self-Assessment Checklist: Template last updated Sept 2015
4
2. Work of the Committee
17
Rating
(1-7)
Comment
The Treasury Audit & Risk
Committee provides independent
advice to the Secretary on the
results of internal and external
audits.
The Audit & Risk Committee deals with
issues that are pertinent to the overall
responsibilities and duties of the
Secretary and Executive team.
18
The Treasury Audit & Risk
Committee reviews how its role and
activities during the financial period
have been disclosed in the
appropriate section of Treasury’s
annual report.
The Audit & Risk Committee should
consider the description of the
composition, role and activity of the
Committee and should also ensure that
these are reflected accurately, in a
manner that promotes a clear
understanding by the reader of the
Treasury annual report.
19
The Treasury Audit & Risk
Committee creates an atmosphere of
trust, encouraging candid
discussion between itself and all
parties.
20
The Treasury Audit & Risk
Committee ensures new members
have a sufficiently robust orientation
to enable a good understanding of
their responsibilities and the
associated processes.
21
The Treasury Audit & Risk
Committee considers all emerging
issues that will demand its future
attention and is proactive in
positioning itself to deal with them.
22
The Treasury Audit & Risk
Committee monitors Treasury’s
compliance with laws, regulations
and directions through periodic
reviews and briefings from external
and internal auditors.
23
The Treasury Audit & Risk
Committee periodically reviews
Treasury’s fraud prevention
processes and how the organisation
communicates its code of conduct.
Audit & Risk Committee Self-Assessment Checklist: Template last updated Sept 2015
5
2. Work of the Committee
24
The Treasury Audit & Risk
Committee periodically reviews
Treasury’s enterprise-level risk
management system and examines
the clear definition and allocation of
responsibility for controlling risks.
25
The Treasury Audit & Risk
Committee periodically reviews the
incorporation of risk management
practices into all management
planning, resource allocation and
control processes within Treasury.
26
The Treasury Audit & Risk
Committee periodically reviews risk
management documentation to
ascertain whether the format is
appropriate and whether it contains
sufficient detail to inform the
Committee, and senior and line
management, of Treasury’s risk
identification and management
processes and how successful they
are.
Signature:________________________
Rating
(1-7)
Comment
Date:____________________
Audit & Risk Committee Self-Assessment Checklist: Template last updated Sept 2015
6