| Governance element |
Principle/s |
Summary recommendation/s |
Difference to King II |
|---|---|---|---|
| Chapter 7. Internal audit |
|||
| The need for and role of internal audit |
7.1. The board should ensure that there is an effective risk-based internal audit |
The board should demonstrate how adequate assurance was obtained on an effective governance, risk management and internal control environment; in the event of the absence of an internal audit function. Evaluation of governance processes, including ethics, especially ‘tone at the top’. A senior or executive or director to be responsible for internal audit where internal audit is fully outsourced. |
Board to demonstrate how effective internal control, processes and systems assurance were obtained Ethics not specifically mentioned No mention of custodian function in an outsourced scenario |
| Internal audit’s approach and plan |
7.2. Internal audit should follow a risk-based approach to its plan |
Internal audit planning should be informed by the strategy of the organisation. The chief audit executive should discuss the adequacy and resources of skills available to address risk identified with the audit committee. |
Not a requirement in King II Not a requirement in King II |
| 7.3. Internal audit should provide a written assessment of the effectiveness of the company’s system of internal controls and risk management |
Internal audit should form an integral part of the combined assurance model and should provide a written assessment of the effectiveness of the company’s system of internal control and risk management. |
Not a requirement in King II |
|
| 7.4. The audit committee should be responsible for overseeing internal audit |
Internal audit pay, bonus and benefits to be determined separately to process undertaken for the rest of the business to ensure appropriate independence. Internal audit to perform the pivotal role of effecting combined assurance. |
Not a requirement in King II Only mention of the avoidance of duplication of assurance effort in King II |
|
| Internal audit’s status in the company |
7.5. Internal audit should be strategically positioned to achieve its objectives |
The chief audit executive to have a standing invitation to attend EXCO as an invitee to protect independence. Internal audit to report functionally to the chairman of the audit committee. Internal audit should establish and maintain a quality assurance and improvement programme. |
Not a requirement of King II Internal audit should report to an appropriate level in the organisation Not a requirement of King II |