IAD Activities in 2021 Prepare the Audit Plan and Budget for approval of the BAEC. The Audit Plan was developed based on assessment of the significant potential risk exposure of the auditable areas. Provide independent assessment and objective assurance on the adequacy and e f f ec t i venes s o f i nterna l cont ro l s implemented to mitigate the risk exposures. Prepare audi t report cons i st ing of observations, improvement opportunities, root-cause, management responses which include the corrective actions by the respective stakeholders, deadline for resolution and person responsible for implementation of corrective actions. Follow-up on the Management corrective actions on audit issues raised by the IAD. Determine whether corrective actions taken have generally achieved the desired results to mitigate the risk exposures. Report to the BAEC, the final audit report highlighting the audit plan coverage, audit scope and risks covered, audit rating, significant audit findings, findings escalated for Management’s immediate action, rootcause and status of corrective actions. A total of 143 audits (against the approved audit plan of 133) were conducted for the Group in FY2021. Report to the BAEC the adequacy, reliability, integrity and compliance of: risk management, internal controls and governance processes; Information Technology, stress testing procedures and practices and the backup system to cover for contingencies and disaster; and Regulatory reporting, accounting r eco rds , f i nanc i a l r epo r t s and management information. Review compliance with relevant legal, regulatory and internal policies as well as in compliance with Shariah rules and principles as determined by the Shariah Supervisory Council and Shariah Compliance Policy. Provide independent assessment on the effectiveness of the Business Continuity Plan/Disaster Recovery Plan to ensure resumption of business activities is not hampered. Review, update and enhance the Internal Audit Division Manual by incorporating among others, the updated Heat Map tables, Non-Financial Risk Impact Matrix and Structured Training and Certification Plan for Internal Auditors. Engage the Institute of Internal Auditors Malaysia (IIAM) to conduct the External Quality Assessment Review (QAR). The IAD was assessed as “Generally Conforms” to the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing (IPPF/Standards). BOARD AUDIT & EXAMINATION COMMITTEE REPORT BANK I SLAM MALAYS IA BERHAD 192
RkJQdWJsaXNoZXIy NDgzMzc=