Target Audit Committee and Audit Steering Group

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to form an audit committee. An audit committee could typically examine management's process for ensuring the appropriateness and effectiveness of systems and controls, examine the arrangements made by management to ensure compliance with requirements and standards under the regulatory system, oversee the functioning of the internal audit function (if applicable - see SYSC 3.2.16 G9 ) and provide an interface between management and the external auditors. It should have an appropriate number of non-executive directors and it should have formal terms of reference.

Internal audit

SYSC 3.2.16

(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to delegate much of the task of monitoring the appropriateness and effectiveness of its systems and controls to an internal audit function. An internal audit function should have clear responsibilities and reporting lines to an audit committee or appropriate senior manager, be adequately resourced and staffed by competent individuals, be independent of the day-to-day activities of the firm and have appropriate access to a firm's records.

(2) The term 'internal audit function' refers to the generally understood concept of internal audit within a firm, that is, the function of assessing adherence to and the effectiveness of internal systems and controls, procedures and policies. The internal audit function is not a controlled function itself, but is part of the systems and controls function (CF28)

Target Loan Services proposal of an Audit Committee

In light of the above FSA guidelines under the SYSC (Senior Management Arrangements, Systems and Controls) theTLS Board should set out formal and transparent arrangements for how they apply financial reporting and internal control principles and formally document how they maintain appropriate relationships with the company's auditors.

Internal audit can play a leading role in providing assurance that management are properly identifying and mitigating risks arising both from the business operations, internal systems, reporting lines and segregation of duties.

Strong internal control leads to a lower risk scoring by the financial regulators and hence a lower level of regulatory intervention during ARROW visits. It will also provide external auditors will a level of assurance, placing reliance on internal audit rather than carrying out in depth testing.

Thus the main role and responsibilities of the audit committee should be set out in written terms of reference and made available to staff. It is recognised that, as the Target organisation increases in size, it is ever more important to provide evidence to the FSA (during ARROW visits), external auditors and auditors from Loan/Investment companies that the organisation is addressing the risks that face the business. Thereby properly constituting an audit committee with a clear remit and identified authority.

Ideally the Audit Committee should be regarded as a subcommittee of the Board and include non Executive Directors (as per FSA guidelines). The reporting lines of the Audit Committee should be directly to the Board and Internal Audit should be able to have direct communication with the Audit Committee. It is recommended that this Audit Committee should meet at least every three months to discuss audit issues reported by the Internal Auditors. This will ensure that the company are escalating the importance of managing internal controls.

At present the organisation employs Auditors that cover the following areas:

Target Harlosh Services



Information Security

TLS Software

In future, it is recommended that the audit extends to the Target back office departments such as Finance and HR etc.

It is recommended that the Target Board considers in future setting up such an audit committee, in the mean time; such issues are dealt with by the Risk Board. All the Directors of TLS attend the Risk Board and the top risks identified in the organisation are reviewed. The Risk Board approves the audit schedule annually in the January and every month will review a rolling plan on the audit schedule together with the audit reports. Any outstanding actions or report issues will be discussed and feed back to the Internal Auditors. The existing auditors have been tasked with setting up an 'Audit Committee' without Board presence. The Risk Board should have their Audit Remit written into their Terms of Reference.

It is also recommended that there is a direct communication link between the Audit Committee and the Chairman on the Risk Board, ideally a Non Executive Director.

Audit Steering Group

Terms of Reference as follows:


The board hereby resolves to establish a sub - committee (of the board), to be known as the audit committee, to assist the board in fulfilling its objectives and responsibilities.


To be appointed.


The committee shall consist of:

Group Head of Risk and Compliance - Cheryl Gape

Auditors -

Target Harlosh

TLS Software

TLS Risk and Compliance Executive - Jon Beach

Business Improvement Manager -Ian Mc Ivor

Finance Auditor - Fay Lewis


To be appointed.

Attendance at meetings

No one other than the audit committee members shall be entitled to attend audit committee meetings, although representatives of the external auditors or other persons shall attend meetings at the invitation of the committee.


Chair plus two members.

Frequency of meetings

Weekly or Bi weekly meetings?


The committee is authorised by the board to:

investigate any activity within its terms of reference.

seek any information that it requires from any employee of the company and all employees are directed to cooperate with any request made by the committee.

obtain outside legal or independent professional advice, at the company's expense, and secure the attendance of outsiders with relevant experience and expertise if it considers this necessary.

Duties/Purpose of meeting-

Financial reporting

Review of accounting policies and practices are not yet reviewed by internal audit. This is carried out by external audit at present.

Internal control and risk management

to review the company's procedures for detecting fraud and whistle blowing and ensure that arrangements are in place by which staff may, in confidence, raise concerns.

to assess the scope and effectiveness of the systems established by management to identify, assess, manage and monitor financial and non financial risks.

Input into the Risk Register any risks that have been highlighted during the normal course of work.

Internal audit

To consider annually the capacity to improve or expand the internal audit function as the company increases in size.

To review the internal audit programme and ensure that the internal audit function is adequately resourced and has appropriate standing within the company.

To follow the audit plan that has been approved by the Risk Board.

Work with department heads in establishing high risk areas in which to incorporate into audit plan.

Review regulatory procedures and company risk registers in establishing high risk areas to incorporate into the audit plan.

Each audit piece of work will require research into areas of high risk and to provide a scope of audit objectives to the departmental head to ensure that all required areas have been covered.

To receive reports and updates on the results of the internal auditor's work on a periodic basis.

To review and monitor management's responsiveness to the internal auditor's findings and recommendations.

Track any outstanding issues that have resulted from audits.

Ensure that the appropriate senior management and Risk Board have access to the audit reports produced by the internal auditors.

To ensure that the Risk Board reviews the audit plan on a monthly basis and to action any resulting feedback from the meeting.

To carry out ad hoc audit projects requested by the Risk Board.

External audit

to review with the external auditors, the findings of their work, including, any major issues that arose during the course of the audit that have been resolved or left unresolved, to determined why errors occurred so that corrective action can be taken.

Take advice from External Auditors with a view to improve Internal Audit processes.


The Secretary shall circulate minutes of the meeting to all the committee members. The minutes should also be reported to the Risk Board, who has overall management of the Committee.