Internal auditing is a critical function of a registered company in Malaysia. Internal audits are conducted objectively and are intended to enhance and refine the company’s business practices.
The aim of auditing internally is to give insight into the company’s procedures, policies and culture, and help the Board and management administration through internal controls’ verification, including risk mitigation controls, operating efficiency and compliance with the relevant rules and regulations. This article highlights the roles and duties of a Malaysia public listed company in the internal audit function.
Roles and Responsibilities of the Board of Directors
The Board of Directors is responsible for the governance, internal control and risk management of the company. Therefore, the Board of directors must formulate proper policies and seek guarantees to ensure the effective functioning of the supporting activities and processes.
The Board of directors must set up an Audit Committee to help the Board oversee the sufficiency and effectiveness of the governance, internal control, risk management and Internal Audit Function’s performance. These duties are performed besides other oversight activities, including the external auditors’ performance and the company’s financial statements’ integrity.
Although the board of directors’ delegates power to the audit committee, they remain responsible for ensuring the following:
Solid governance, risk management and internal control framework are established
An internal audit function is set up and placed appropriately in the company
The internal audit’ head reports directly to the audit committee
The internal audit function is detached from the management and its audit function
Company disclosure policies and procedures are developed to ensure that every information revealed to the public, including reports associated with the internal audit function, is reliable, comprehensive and timely
The Board of directors must ensure that the appointed internal auditors carry out effective and satisfactory internal audit activities throughout the year. They must realize that appointing an internal auditor is not enough to be regarded as holding an internal audit function.
Roles and Responsibilities of the Audit Committee
The obligations of an audit committee in the internal audit function are as follows:
If the internal audit function is outsourced, approve the appointment and removal of the internal audit’s head or service provider
Evaluate the performance and approve the remuneration of the internal audit’s head
Review and approve the Internal Audit Charter. The charter can also be submitted to the Board of directors for approval
Review and approve risk-based internal audit strategies, resource plans and internal audit budgets
Review the audit plan’s progress
Address resource and scope limitations and ensure audit scope’s adequacy
Review internal audit reports and recommendations, and ensure that management implements the recommendations
Communicate the investigation report to the Board of directors as appropriate
Ensure the continuous performance of quality assurance and improvement plans, and an independent Quality Assessment Review is performed every five years.
Roles and Responsibilities of the Management
The function of management is to establish and maintain governance, internal control procedures and risk management. The internal audit function assesses the sufficiency and effectiveness of these procedures and makes recommendations for their improvement.
Management supports the internal audit function in the following ways:
Invites the internal audit’ head as an observer to participate in management meetings and conference on governance, internal control and risk management process
Provide unrestricted access to records, information, physical and personal attributes, including management, which is related to internal audit task
Provide feedback and input on the internal audit planning procedure
Implement internal audit suggestions to enhance the efficiency of governance, internal control and risk management process
The internal audit’s head shall report to the CEO or equivalent administrative staff, whereas the internal audit function will report to the audit committee.
Getting Help from a Professional internal Audit Services Provider in Malaysia
Professional internal audit consulting services help review and monitor the company’s policies and procedures and identify control recommendations to enhance these processes’ efficiency. They also ensure the company stays compliant with the latest laws and regulations.
