Page 219 - SAMRC Annual Report 2024-2025
P. 219

GOVERNANCE





            INTERNAL CONTROL UNIT





            The  Board  is  responsible  for  the  organisation’s   environment across SAMRC. In addition, Internal
            internal control system, its annual review and ensuring   Audit report to Executive Management and the
            its  efficiency.  As  such,  the  Board  approved  certain   ARIC, at least quarterly, on the status of the internal
            governance functions and structures that achieve the   control environment, including reporting of any
            goal of effectively undertaking the ERM function and   significant control issues and the status of actions to
            ensuring the efficiency and effectiveness of internal   address deficiencies.
            control aspects within the organisation. The SAMRC’s
            comprehensive risk management and internal control   The outsourced Internal Audit function is completely
            system is designed to identify and appropriately   independent from the Executive Committee and
            mitigate  the  emerging  and  significant  risks  of  the   reports functionally to the ARIC and is overseen by the
            business and ensure the accuracy and reliability of   Internal Audit Charter. Internal Audit has unrestricted
            the SAMRC’s financial reporting, while facilitating the   access to the Chairperson of the ARIC and the SAMRC
            delivery and sustainability of the strategic goals.  President. The Internal Audit function works closely
                                                               with the Risk Management function and engages with
            Key  features  of  the  SAMRC’s  financial  reporting   the external auditors on an ongoing basis.
            internal controls include:
                                                               The  work  of  Internal  Audit  focuses primarily on
            •  clearly defined delegations of authority and lines   areas that present the greatest risk to the SAMRC.
               of accountability;
                                                               This is achieved by following a risk-based assurance
            •  policies  and  procedures  governing  financial   approach, focus on the key risk exposure as approved
               resource  management,  financial  reporting  and   by the Board. Its audits cover internal controls and
               key IT projects;                                risk management processes relating to the financial

            •  assurance on key processes and audits as part of   and operational, as well as IT and compliance
               the internal audit coverage;                    activities of the SAMRC. Internal Audit monitors
            •  an annual IT general control assessment         and tracks the implementation of agreed control
               conducted by the external auditors on the       actions arising out of these audits and ARIC oversees
               business applications which support the financial   the progress on quarterly basis to ensure timely
               close process; and                              implementation of actions to mitigate risks. Focus
                                                               areas are determined and updated annually using a
            •  a detailed review by the Audit and Risk and IT   risk-based approach considering the risk assessments
               Committee (ARIC) and the Board of the financial   conducted in the SAMRC and ensuring the work is
               statements and disclosures within the annual    appropriately aligned to and coordinated with the
               report.
                                                               activities of other relevant assurance providers. The
            The ARIC assists the Board in overseeing the       ARIC receives quarterly reports on progress against
            organization through, among other things, monitoring   the Internal Audit Plan and corrective actions taken
            the soundness and integrity of the financial statements   by management in response to audit findings.
            as well as reviewing the systems of internal audit
            and compliance. In addition, the ARIC oversees the   Based on the results of the planned and adhoc audit
            implementation of internal audit and compliance    activities undertaken during the financial year, it can
            systems and functions. The ARIC is therefore required   be concluded that for the performed audit activities
            to ensure that management has adequate controls    the key internal controls were generally effective in
            in  place  over  assets,  risk  and  financial  systems,   all  material  aspects  and  reported  findings  did  not
            and has systems to allow for timeous and accurate   expose the SAMRC to significant risk.
            financial reporting that complies with all applicable
            requirements and legislation.                      The Auditor-General South Africa (AGSA) is
                                                               responsibility for expressing an opinion on the
            Internal Audit provides  objective  assurance and   financial  statements  and  to  report  on  findings
            insight  on  the  effectiveness  and  efficiency  of  risk   relating to the audit predetermined objectives, and
            management,  internal  control  and  governance    material non-compliance with specific requirements
            processes.  The function provides  the Audit       in key applicable legislation. The AGSA is invited to
            Committee  with  an  annual  assessment  on  the   all ARIC meetings and receives copies of all relevant
            efficiency  and  effectiveness  of  the  internal  control   papers and meeting minutes.



                                                              SAMRC  ANNUAL REPOR T 2024-25             217
   214   215   216   217   218   219   220   221   222   223   224