Internal Audit Charter

1. Objectives
2. Responsibilities
3. Scope
4. Access
5. Independence
6. Relationships
7. Quality and Skills



1. Objectives


Internal Audit is responsible for advising all levels of Management and the Board (through its Audit Committee), on the Corporation's systems of internal control and management of business risk. It is a review activity, which continuously reinforces Management's responsibility for effective internal controls. Internal audit supports Management's business objectives and the Audit Committee's need for overall assurance on the quality and cost effectiveness of internal controls.

Internal Audit is expected to add value through the provision of assurance and advice in the areas of:

  • risk management processes
  • internal control effectiveness
  • opportunities for process improvement
  • corporate governance
  • systems development
  • management of change
  • acquisition and divestments
  • cost reduction opportunities

2. Responsibilities of Internal Audit


The Internal Audit function is responsible for:

  • Assisting executives with risk management through the provision of advice and assurance
  • Developing
    • A plan that is based on assessed business risks and objectives and which is flexible enough to meet changing business needs; and
    • Resourcing arrangements that will cope with special requests
  • Providing regular progress reports to Management and the Audit Committee
  • Ensuring Internal Audit remains effective, credible, productive and focused on areas of most significance to the Corporation
  • Working with Management constructively to challenge and improve established and proposed practices and to put forward ideas for improving processes
  • Providing an appropriately skilled team, supported where necessary by specialist expertise
  • Maintaining an open relationship with the external auditors
  • Fostering a culture of joint-working with Management leading to agreed solutions

Internal Audit is not relieved of its responsibilities when areas of the Corporation's business are subject to review by others. It always needs to assess the extent to which it can rely upon that work, coordinate its audit planning with those other review agencies (e.g. external auditors) and decide what further investigations need to be carried out.

Internal Audit will conduct the audit and review activities identified in the annual Internal Audit plan in the following manner:

  • Developing a sufficient understanding of the area under review
    planning the audit
  • Agreeing the scope of reviews with Management
  • Examining and evaluating internal controls
  • Drafting reports will be discussed with Management and issued in draft for Management responses prior to finalisation and distribution to the Audit Committee; and
  • Reported audit findings will be followed up to ascertain that appropriate action has been taken

3. Scope


Internal Audit's work seeks to provide assurance on the extent to which internal controls ensure that:

  • The Corporation's assets are safeguarded from significant losses, including those caused by fraud, waste, inefficiency and commercially unsound practices
  • Relevant laws, rules and regulations, including the Financial Management Standard are complied with
  • Operations are conducted effectively, efficiently and economically in accordance with the Corporation's policies and procedures
  • Management information systems are reliable and secure
  • Systems under development are monitored, that appropriate internal controls are built in and are consistent with the Corporation's business needs
  • Significant business risks are effectively managed; and
  • Major business projects achieve their objectives

In addition, Internal Audit may perform special reviews requested by Management or the Audit Committee. When plans are changed for such reviews, this is reported to the Audit Committee so that it clearly understands the implications on the assurance it requires about internal controls.


4. Access


Internal Audit has unrestricted access to all the records, personnel, property and operations of the Corporation with due responsibility for safekeeping and confidentiality.


5. Independence


For Internal Audit to fulfil its responsibilities it is essential that it is independent of the activities it audits and reviews. Internal Audit is independent when it carries out its work freely and objectively. Internal Audit derives its independence from the Audit Committee to which it should have unrestricted access.

The Audit Committee reviews and approves the scope and nature of the work of Internal Audit and receives and reviews regular progress reports.


6. Relationships


To strengthen its independence, Internal Audit reports to the Chief Executive and has access to the Chief Executive on a regular basis. Internal Audit does not perform and is not responsible for management of internal control processes as this impairs its objectivity; neither does it have any direct responsibility for, nor authority over, the activities it reviews.

The Audit Committee shall review the activities of the Internal Audit function in relation to the Audit Plan and monitor audit activities. Copies of all reports shall be forwarded to the Audit Committee. The Audit Committee may contract part or all of the Internal Audit services to suitably qualified and experienced professional Internal Auditors.

The Auditor-General of Queensland, is required by legislation to audit the Corporation. The Internal Auditor shall cooperate fully, and co-ordinate its activities with an authorised officer of the Queensland Audit Office in the course of the external audit of the Corporation. The authorised officer shall have access to internal audit programmes, working papers and reports of Internal Audit.


7. Quality and Skills


The Internal Audit function should ensure that the skills of Internal Audit are developed and maintained through:

  • Skilling and training of Internal Audit staff (eg in complex technical areas, in the use of technology implementing best practice and in developing inter-personal skills such as communication)
  • Techniques such as benchmarking to identify and adopt appropriate best practices
  • The engagement of external specialists as and when necessary and cost-effectively to meet changing business needs; and
  • Developing and monitoring appropriate internal audit performance measures, including mechanisms for continuous improvement

Internal Auditors shall respect the confidentiality of information acquired in the course of their work and shall not disclose any such information to a third party without specific authority or unless there is a legal or professional duty to disclose.

Internal Audit must demonstrate objectivity and professionalism, including applying the Code of Ethics, Standards and Guidelines of the Institute of Internal Auditors, Institute of Chartered Accountants in Australia and the Australian Society of Certified Practicing Accountants.