Page 146 - Bank-Muamalat-Annual-Report-2021
P. 146
144 BANK MUAMALAT MALAYSIA BERHAD
ABOUT US OUR LEADERSHIP OUR STRATEGY OUR PERFORMANCE
BOARD AUDIT COMMITTEE
REPORT
The IPPF stresses on the importance of independence Management has to provide justification to the BAC for
and objectivity as one of the key pillars of effective internal any extensions to the deadlines earlier committed by
audit services. To reflect independence, the ACIA reports Management on action plans for approval.
functionally to the BAC and administratively to the PCEO.
Quality Assurance and Improvement Programme
The BAC ensures that the Internal Audit staff have the
authority to discharge their role objectively and
To support a proper design and effective functioning of
independently, free from any relationship or conflict of
internal audit operations, the IPPF requires the Chief Internal
interest, as reflected in the Internal Audit Charter approved
Auditor to develop and maintain a Quality Assurance and
by the Board.
Improvement Programme (“QAIP”) involving all aspects of the
internal audit activity. The QAIP of Internal Audit is maintained
Responsibility, Scope and Methodology
continuously through ongoing monitoring and periodic
Internal Audit adopts Internal Control-Integrated Framework assessments. Any weaknesses or areas for improvement
2013 by the Committee of Sponsoring Organisations of the noted were communicated to Internal Audit staff and
Treadway Commission (“COSO”) to evaluate the effectiveness followed by rectification action. The results of both
of the Bank’s internal control system. The COSO Framework approaches were reported to the BAC.
gives an integrated view of the effectiveness of governance,
External assessment, on the other hand, must be conducted
risk management and control processes based on five (5)
at least once every five years by an independent assessor
internal control components - control environment, risk
from outside the Bank that is qualified in the practice of
assessment, control activities, information and communication
internal auditing and the quality assessment process.
and monitoring activities. Internal Audit also integrates the
Internal Audit has engaged the IIAM to conduct the
COSO Framework in deriving audit ratings for communicating
external assessment in 2021. Internal Audit was assessed as
audit results to the stakeholders.
‘Generally Conforms’ to the IIA Standards.
To add value and improve the effectiveness of the Bank’s
internal controls system, Internal Audit take into consideration Resources
the Bank’s strategic plans in formulating the Annual Audit
All auditors are encouraged to pursue professional
Plan 2021, While the annual risk assessment is the minimum
certifications to enhance their knowledge and skills set. Due
requirement articulated in the IPPF Standards, today’s rapid
to the COVID-19 crisis, the trainings were mostly done via
changing risk landscape demands internal auditors to assess
the virtual platform. The auditors also attended trainings on
risks frequently. In response to the pandemic, Internal Audit
various audit areas organised in-house as well as webinars
conducts remote auditing for some of its audit engagements,
offered by external training providers and professional bodies.
adhering to the movement restriction and lockdown.
The approach is to ensure Internal Audit is able to deliver its
committed Audit Plan by the end of the year. Virtual alternatives
have been adopted, where meetings and interviews were The overall costs incurred to
conducted through secure video conferencing channels and maintain the Internal Audit function
sharing of documents via the Bank's secure platform and
business emails. in FY2021 was approximately
RM6.7 million. As of 31 December
The results of the audit reviews, including the audit issues,
associated risks, root causes, recommendations and 2021, Internal Audit has a staff
Management’s remedial action plans are communicated strength of 40 auditors, with
in the form of audit reports to Management and the BAC.
Management is responsible to ensure action plans to resolve relevant backgrounds, experience
audit issues are implemented within an appropriate and and qualifications. Fourteen (14)
agreed timeframe. Progress of outstanding audit issues is auditors had obtained Certification
observed in the Operational Risk Management Committee
and presented to the BAC monthly to ensure adequate for Banks Auditors and/or CIAFIN.
and effective actions are executed within the timeline.
