Risk-based internal audit reviews
Recognizing that the business environment of a developing international financial institution requires an appropriately dynamic and responsive audit philosophy, the Internal Audit Department has developed a suitable audit approach based on best practices and professional standards.
Central to this audit approach, it is essential to work with all Divisions of the Bank on a “real time” basis, leveraging their own control-risk self-assessments, to commonly identify and evaluate risks, anticipate emerging issues and to initiate measures to prevent problems before they occur.
It is also a goal to detect deviations from controls as early as possible, employing suitable audit techniques to continuously audit and assess the effectiveness of controls over the key risks and significant exposures in each business or functional component of the Bank. Within this framework of on-going auditing and consulting service, the Internal Audit Department carries out audit reviews, as appropriate and also makes recommendations on most new or revised policies, procedures or manuals from a risk and control perspective and reviews operations, as plausible and appropriate.
Such a holistic enterprise risk management/ risk based audit approach is in line with the global Standards for the Professional Practice of Internal Auditing, as well as with the Committee of Sponsoring Organizations (COSO).
The Bank’s audit approach has been designed with the aim of providing a comprehensive, integrated framework of audit coverage for each business unit and for the Bank as a whole. Through continuous audit monitoring, arising from the Bank’s on-going Enterprise Risk Management exercise, the approach interacts more dynamically with changing business conditions, it helps build and maintain more effective and efficient systems of internal controls and enables auditors to respond quickly to the Bank’s needs and areas of concern.
As dictated by international best practices, the entire audit process is seen as a collaborative effort designed not just to ensure compliance to rules, mandates or internal processes, but to further enhance and improve operations and overall efficiency and effectiveness.
The Internal Audit Department reports functionally to the President in his capacity as Chairman of the Board of Directors, and directly to the Audit Committee. It carries out its work according to the Standards for the Professional Practice of Internal Auditing issued by The Institute of Internal Auditors (IIA) and The Information Systems Audit and Control Association (ISACA). Its authority and responsibility is defined in the Bank’s Internal Audit Charter.