Internal Audit Service
Internal Audit Service (hereinafter-IAS) of EIC “KazakhExport” JSC (hereinafter - the Company) was established in accordance with the decision of the Board of Directors dated 23.08.2003 (Protocol No.1).
The mission of the Internal Audit
The mission of the IAS is to maintain and increase the value of the organization through objective internal audits based on a risk-based approach, providing advice and knowledge sharing.
Purpose
The IAS is created in order to provide an objective assessment of the internal control system, risk management system, corporate governance and recommendations for their improvement.
Objectives of the Internal Audit
The main objective of the IAS is to conduct analysis and evaluation in the framework of the audit engagement and consultations:
- Reliability and efficiency of the internal control system;
- Adequacy and effectiveness of the risk management system;
- Reliability of the internal control system for the use of automated information systems, including the control of the integrity of databases and their protection from unauthorized access and(or) use, taking into account the measures taken in the event of abnormal and emergency situations in accordance with the action plan aimed at ensuring the continuity of activities and (or) the Company'sbusiness-recovery in the event of abnormal and emergency situations;
- Reliability, completeness, objectivity of the accounting system and reliability of financial statements and other information of the Company, as well as evaluation of the rules (principles, methods) used for identification, measurement, classification and presentation of such information (plans and reports) to internal and external users;
- Rationality and efficiency of resources and methods applied to ensure the safety of property (assets);
- Economic viability and efficiency of operations and transactions;
- Compliance with the requirements of the legislation of the Republic of Kazakhstan, internal policies and other documents of the Company, as well as the effectiveness of systems and procedures created and applied to ensure compliance with these requirements (compliance control);
- Execution of decisions of bodies of Companies and orders (proposals) of the authorized (supervisory) state bodies;
- Sufficiency and/or efficiency of business processes carried out by structural divisions of the Company, measures to achieve their objectives within the Company's strategic goals;
- Efficiency of the corporate governance system and the process of its improvement, compliance with the principles of corporate governance, relevant ethical standards and values.
Internal Audit functions
The IAS it performs the following functions in accordance with the main objectives in the prescribed manner:
- Annually, on the basis of the Company's risk management system and/or independent risk assessment, the Company develops an annual audit plan for the upcoming calendar year, which determines the priorities of the Company's internal audit activities taking into account the risks, strategic objectives of the Company and provides it for consideration and approval by the Board of Directors, previously considered by the audit Committee;
- Performs audit engagement in accordance with the main objectives of the IAS;
- Regularly provides the report on the activities of the IAS, previously reviewed by the audit Committee for consideration and approval of the Board of Directors at the end of the reporting period (quarter, year);
- Monitors the Company's compliance with the recommendations/instructions of the Holding company, the external auditor and other state inspection bodies adopted in accordance with the established procedure, and provides the Board of Directors with information on the progress and quality of corrective actions within the framework of periodic reports;
- Monitors the Company's implementation of the IAS recommendations issued and adopted in accordance with the established procedure, as well as within the framework of periodic reports provides the Board of Directors (if necessary, together with the management Board) with information on the progress and quality of corrective actions (preventive actions) approved by the management Board as a result of the IAS audits and/or recommendations;
- Interacts with the Holding, external auditors and government bodies within the competence of the IAS, and if necessary, participates in the audit, evaluation, analysis processes conducted by external auditors, independent appraisers and/or consultants;
- Summarizes and analyzes the results of internal and external audits, systematizes violations, errors and omissions in the work of the structural units of the Company identified during the audits in order to assess the Internal Control System;
- Assesses the risks of fraud and the way the organization manages the fraud risk;
- Develops internal guidelines governing the activities of the IAS in accordance with the requirements of Standards and requirements of the Holding;
- Considers complaints, letters, appeals on issues within the competence of the IAS;
- Within its competence participates (if necessary) as a consultant in the consideration of draft internal regulations to assess their compliance with the requirements of regulations, the appropriateness, adequacy and effectiveness of internal control procedures (consulting services are provided by the IAS while maintaining the independence and objectivity of the IAS, excluding the adoption of IAS management decisions);
- Ensures the maintenance of a single database and / or information system, including data on the results of control procedures, identified problems in the systems of internal control, risk management and corporate governance, identified violations, deficiencies, and measures to eliminate the identified violations;
- Provides advice to the Executive body on improving internal control, risk management and corporate governance processes. Consulting services are provided by the IAS on the basis of the results of control procedures while maintaining the independence and objectivity of the IAS, excluding the adoption of IAS management decisions;
- In exceptional cases, on behalf of the audit Committee and/or the Board of Directors and/or the Holding, it carries out topic-specific internal audit of certain aspects of the Company's activities, as well as participates in internal investigations, and special inspections;
- Confirms the reliability of the actual values of the key performance indicators of the members of the Executive body;
- Makes arrangement for continuous professional training and professional development of the IAS employees;
- Verification of reliability, completeness of disclosure, objectivity, timeliness of provision of the relevant reporting or requested information by units to the authorized body (including information subject to financial monitoring), management and other interested parties;
- Control environment formation corresponding to the international professional standards of internal audit and requirements of the legislation of the Republic of Kazakhstan on insurance and insurance activities, compulsory insurance, joint-stock companies, securities market, countering the legalization (laundering) of proceeds from crime and financing of terrorism, through regular inspections in accordance with the approved plan;
- Control over the maintenance of the register of insurance (reinsurance) contracts;
- System analysis and evaluation of the organization's activities for financial stability and solvency, compliance with prudential standards and other mandatory standards and limits;
- Analysis of financial documents, including the consolidated balance sheet and profit and loss statement in comparison with the previous period and planned financial indicators, as well as the investment report with the grouping of financial instruments by type and indicating the book and market value, profitability and total amount of purchases (sales);
- Performs other functions within the competence of the IAS.