Audit and Risk committee

Audit and Risk committee

The role of the Standing Committee on Audit and Risk is to assist the University Council in discharging its responsibilities relating to the management of audit and risk across the University and with regard to each of its business enterprises and controlled entities.

Terms of Reference

Version 1 - Approved by Macquarie University Council 10 April 2014

The University Council has established the Standing Committee on Audit and Risk ("the Committee"). This charter sets out the Committee's objectives, authority, composition and tenure, roles and responsibilities, reporting and administrative arrangements.

1. Purpose of Committee

1.1 To provide independent assistance to the Council by overseeing and monitoring the governance, risk and control and compliance frameworks, and external accountability requirements of the University and its controlled entities.  The Committee is an integral component of the University's corporate governance arrangements, and its responsibilities generally cover the review and oversight of the following areas:

  • Internal audit
  • External audit
  • Risk management
  • Internal controls
  • Corruption and fraud prevention
  • External accountability (including the financial statements)
  • Compliance with applicable laws and regulations

2. Authority and scope

2.1 The Committee has delegated authority to:

2.1.1 Review the internal audit coverage and annual work plan, ensure that the plan is consistent with the University's risk profile, and approve the plan.

2.1.2 Review and approve the internal audit charter at least annually to ensure organisational structures, authority, access and reporting arrangements are in place.

2.1.3 Approve the appointment or replacement of the Internal Auditor.

2.1.4 Approve actions and consider reports on the University's commercial activities as set out in Division 3 of the University Act.

2.1.5 Consider regular reports from MQU controlled entities and take actions as required.

3. Membership and term of office

3.1 Membership

  • Deputy Chancellor
  • Chair of the Finance and Facilities Committee
  • No fewer than three members of the Council who are elected by the Council
  • Up to three persons external to the University who are appropriately qualified as detailed in this section below and elected by the Council on the recommendation of the Committee.

Where a position is not specified, Committee Members will be appointed by Council.

3.1.1 No member of the Committee may be a member of the University Executive or management.

3.1.2 Given the nature of the responsibilities of the Committee, the Council should appoint members who collectively possess most or all of the following skills and experience:

  • Broad business and/or financial management experience
  • Experience with the public sector
  • An understanding of the business and current issues affecting the sector
  • Familiarity with risk identification, evaluation and management
  • An understanding of internal controls and compliance systems
  • Knowledge of current accounting and auditing standards
  • A good understanding of the roles of internal and external audit
  • Commitment to the pursuit of best practice

3.2 Chair of Committee

3.2.1 Council will appoint one of the members of Council on the Committee to be Chair.

3.3 Term of office

3.3.1 Members may be appointed for an initial period not exceeding two years, after which they will be eligible for re-appointment.  Re-appointment will only be made after a formal review of performance and independence, and shall be for a period not exceeding two years.  Notwithstanding the above, on the cessation of a University Council member's appointment to Council, their appointment to this Committee will cease.

Return To Top

4. Responsibilities

4.1 Risk management

4.1.1 Review whether management has in place a current and appropriate "enterprise risk management" process, and associated procedures for effective identification and management of the University's financial and business risks, including fraud and corruption.

4.1.2 Review whether a sound and effective approach has been followed in developing strategic risk management plans for major operations or projects.

4.1.3 Review the impact of the University's risk management process on its control environment and insurance arrangements.

4.1.4 Review whether a sound and effective approach has been followed in establishing the University's business continuity planning arrangements, including whether disaster recovery plans are in place and have been tested periodically.

4.1.5 Review the University's fraud control plan and satisfy itself that the University has appropriate processes and systems in place to capture and effectively investigate fraud related information.

4.2 Control framework

4.2.1 Review whether management's approach to maintaining an effective Internal Control Framework, including over external parties such as contractors, advisors or outsourced service providers, is sound and effective.

4.2.2 Review whether management has in place relevant internal control policies and procedures, and that these are periodically reviewed and updated.

4.2.3 Determine whether the appropriate processes are in place to assess, at least once a year, whether policies and procedures are complied with.

4.2.4 Review whether appropriate policies and procedures are in place for management and exercise of delegations.

4.2.5 Assess how management identifies any required changes to the design or implementation of internal controls.

4.2.6 Review whether management has taken steps to imbed a culture that is committed to ethical and lawful behaviour.

4.3 External accountability

4.3.1 Review the annual statutory financial statements and provide advice to the University Council (including whether appropriate action has been taken in response to audit recommendations and adjustments), and recommend their approval and signing.

4.3.2 Satisfy itself that the financial statements are supported by appropriate management signoff on the statements and on the adequacy of the systems of internal controls.

4.3.3 Review the processes in place designed to ensure that the financial information included in the University's annual report is consistent with the signed financial statements.

4.4 Compliance with applicable laws and regulations

4.4.1 Determine whether management has appropriately considered legal and compliance risks as part of the University's risk assessment and management arrangements.

4.4.2 Review the effectiveness of the system for monitoring the University's compliance with applicable laws and regulations, and associated government policies.

4.5 Internal Audit

4.5.1 Act as a forum for communication between the University Council, senior executives and management and internal and external audit.

4.5.2 Review the internal audit coverage and annual work plan, ensure that the plan is consistent with the University's risk profile, and approve the plan.

4.5.3 Review and assess the adequacy of internal audit resources to carry out its responsibilities including the completion of the internal audit plan.

4.5.4 Oversee the coordination of internal audit programs and other review functions.

4.5.5 Review all internal audit reports and provide advice, where appropriate, to the University Council on significant issues identified and action taken on issues raised, including identification and dissemination of better practice.

4.5.6 Monitor management's implementation of internal audit recommendations.

4.5.7 Review and approve the internal audit charter at least annually to ensure appropriate organisational structures, authority, access and reporting arrangements are in place.

4.5.8 Review the performance of internal audit annually.

4.5.9 Oversee a Tender for internal audit services to include review of tender documents and selection of candidates.

4.5.10 Approve the appointment or replacement of the Internal Auditor.

4.6 External audit

4.6.1 Act as a forum for communication between the University Council, senior executives and management and internal and external auditor.

4.6.2 Provide input and feedback on the financial statements audit coverage and plans proposed by external audit.

4.6.3 Assess the performance of the external auditor annually and provide feedback to the auditor on the services provided.

4.6.4 Review reports issued by external audit and monitor management's timely implementation of external audit recommendations.

4.6.5 Provide advice to the University Council on action taken on significant issues raised by external audit.

4.7 Controlled Entities

4.7.1 Consider regular reports from MQU controlled entities and take actions as required.

4.7.2 Review Terms of Reference of Audit & Risk Committees constituted by controlled entities, and provide feedback and recommendations, if any, to the Chair of those committees as appropriate.

4.7.3 Review and consider minutes of meetings of Audit & Risk Committees of controlled entities.

4.8 Commercial activities

4.8.1 Advise the University Council with regard to the exercise of Council's powers relating to Division 3 of the Act dealing with Commercial Activities, including, but not limited to, partnerships, trusts, joint ventures, governance, risk assessment, due diligence, feasibility and administrative arrangements, Guidelines for Commercial Activities and the Register of Commercial Activities.

4.8.2 Review, monitor and make recommendations to Council with respect to the approval of Guidelines for Commercial Activities, and the Register of Commercial Activities.

Return To Top

5. Administrative arrangements

5.1 Meetings

5.1.1 Meetings shall be held at least four times per year.

5.1.2 A schedule of potential meeting dates will be prepared annually by the Governance Unit and aligned to meetings of the University council.

5.1.3 A meeting plan, including meeting dates and Agenda items will be agreed by the Committee each year.  The meeting plan will cover all of the Committee's responsibilities as detailed in these Terms of Reference.

5.1.4 Meetings may be held using any form of technology that is approved by Council for Council meetings.

5.1.5 A minimum of four Committee members is the quorum.

5.1.6 The Chancellor may attend any meeting.

5.1.7 The following persons should be invited to attend meetings of the Committee, unless requested by the Chair not to do so:

  • Vice-Chancellor
  • Deputy Vice-Chancellors
  • Chief Operating Officer
  • Chief Financial Officer
  • Director, Human Resources
  • Director Property
  • Chief Information Officer
  • General Counsel
  • Head of Risk and Compliance
  • Internal auditor
  • External auditor

5.1.8 The members of the Committee should meet privately with the external and internal auditor at least once a year, at times to be determined by the Chair.

5.2 Secretarial support, Agendas and Minutes

5.2.1 The University will provide a secretary for the Committee in consultation with the Chair.

5.2.2 Agendas will be approved by the Chair and circulated to Committee members at least one week prior to the meeting.

5.2.3 Draft Minutes of Committee meetings will be circulated to Committee members for comment and review within ten working days of the date of the meeting of which they are a record.

5.2.4 The Agenda and confirmed Minutes of the Committee are to be distributed to:

  • Vice-Chancellor
  • Deputy Vice-Chancellors
  • Chief Operating Officer
  • Chief Financial Officer
  • Director, Human Resources
  • Director Property
  • Chief Information Officer
  • General Counsel
  • Head of Risk and Compliance
  • Internal auditor
  • External auditor

5.3 Committee powers

5.3.1 In exercising its responsibilities under Section 4, the Committee may require the production and submission of reports, documents, advice and other additional material as is deemed necessary.

5.3.2 The Committee shall have such resources as are necessary to ensure it can undertake its responsibilities in a timely, independent and efficient manner.

5.4 Conflicts of interest

5.4.1 Once a year the Committee members will provide written declarations to the Chancellor stating that they do not have any conflicts of interest that would preclude them from being members of the Committee.

5.4.2 Committee members must declare any conflicts of interest at the start of each meeting in relation to agenda items or before discussion of any subsequent matter arising during the course of the meeting.

5.4.3 Where members or observers at Committee meetings are deemed to have a real or perceived conflict of interest it may be appropriate that they are excused from the Committee deliberations on the related matter.

5.5 Self evaluation

5.5.1 The Council, in consultation with the Chair of the Committee will establish a mechanism to review and report on the performance of the Committee, including the performance of the Chair, and each member, at least annually.  The review will be conducted on a self-assessment basis (unless otherwise determined by the Council) with appropriate input sought from the Council, the internal and external auditors, management any other relevant stakeholders, as determined by the Council.

5.6 Reporting requirements

5.6.1 Minutes of the Committee will be reported to Council at the next meeting of Council.

Return To Top

6. Review

6.1 At least once a year the Committee will review its Terms of Reference and recommend changes, if any, for approval by Council.

7. Version history

7.1 Approval authority

7.1.1 Council

7.2 Version 1 date

7.2.1 10 April 2014

7.3 Subsequent versions

7.3.1

Return To Top

Members

(as at April 2016)

* The Chancellor and Deputy Chancellor are members of the committee by virtue of their office, in accordance with the provisions of Section 21 of the Macquarie University By-Law 2005.

Back to the top of this page