1 Purpose

Its primary purpose is to monitor and report to Council on:

• oversee an effective risk management capability

• maintenance of an effective internal audit capability

• facilitate the performance of the external audit

• compliance with all legislative and regulatory requirements

• reliable management and financial reporting

• internal controls

2 Responsibilities

The duties and responsibilities of the Committee are:

2.1 Risk Management:

1. monitor strategic and operational business risks, including fraud under an institutional risk management framework;

2. review and assess the actions taken to identify and manage the University’s exposure to business risk and corruption and monitor the development and implementation of measures and strategies to minimise their impact;

3. evaluate, the adequacy of the University’s business continuity, disaster recovery plans and critical incident management processes to ensure relevance and reliability; and

4. satisfy itself that insurance arrangements are appropriate for the risk management framework.

2.2 Internal Audit:

1. review and recommend to Council for approval, the internal audit plan, its scope and progress and any significant changes to the plan;

2. ensure the internal auditor has unfettered access with regard to the achievement of the audit plan, audit scope and access to information;

3. provide a forum for the internal audit function in respect of its planning, monitoring and reporting processes;

4. review and approve the proposed internal audit strategic and operational plans to ensure that key areas of risk are addressed, and monitor their implementation;

5. evaluate the performance of the internal audit function by reference to the annual audit plan and established performance indicators, ensuring that it complies with appropriate professional standards in the conduct of its activities; and

6. ensure that significant findings and recommendations made by the internal audit function together with management’s responses are received and appropriately acted upon in a timely manner.

2.3 External Audit:

1. consult with the external auditor on the proposed audit strategy, audit plan and audit fees for each coming year;

2. review the significant findings and recommendations made by the external auditor and assess management’s responses to such findings and recommendations;

3. ensure that the external auditor has unfettered access to all University records; and

4. evaluate the overall effectiveness of external audit functions in providing adequate audit coverage, ensuring that there is appropriate coordination of activities with the internal audit.

2.4 Compliance:

1. review the adequacy and effectiveness of the University’s framework and processes for monitoring legal and compliance risks as part of risk assessment and management arrangements;

2. review the results of management’s investigation and follow-up all compliance issues and obtain regular updates from management regarding compliance matters that may have a material impact on the University’s financial statements or compliance policies; and

3. review the findings of any examinations carried out by regulatory agencies including auditor observations.

2.5 Management and Financial Reporting:

In conjunction with the Finance and Facilities Committee:

1. monitor and assess the adequacy of management reporting to Council in terms of quantity, quality and timing of information on the University’s risks, operations and financial reporting;

2. monitor and assess the University’s performance management systems to enable assessments of whether the University is:

   1. optimising its revenue base

   2. operating within budget

   3. optimising the use of, and benefits from, its cash, physical and other resources

   4. ensuring its physical assets are physically secure and in good repair

   5. ensuring essential back up exists in respect of critical ICT systems and data

   6. minimising liabilities including contingent liabilities

   7. actively monitoring transactions and balances that may have a material impact on the University

3. review the University’s financial statements for compliance with prescribed accounting and other requirements including monitoring representations made by University staff;

4. review the processes to ensure financial trend analyses, including variations to budget, are undertaken;

5. review the annual financial statements and external findings in conjunction with external auditor and Finance & Facilities Committee and make recommendations to Council;

6. monitor the financial content of the Annual Report and make recommendation to Council; and

7. receive reports from management and the external and internal auditors on any significant proposed regulatory, accounting or reporting issue, to assess the potential impact upon the University’s financial reporting process.

2.6 Internal Controls

1. approve at the commencement of each year, an Annual Work Plan for the planned activities for the coming year;

2. review through the internal and external audit functions, whether relevant policies and procedures are in place and up to date, including those for management and exercise of delegations including compliance;

3. review through the internal and external audit and functions, the adequacy of internal control structures and systems, including technology security;

4. after each Committee meeting provide a written report to Council on Committee activities and make appropriate recommendations;

5. promote ethical behaviour by and within the University; and

6. on a yearly basis, review and assess the adequacy of the terms of reference of the Committee and make any recommendations to Council.

3 Authority

The Council has authorised the Committee, within the scope of its responsibilities, to:

1. perform activities within its terms of reference as the Committee deems relevant and necessary;

2. engage independent counsel and other advisers as it deems necessary to carry out its duties; require the attendance of University officers at meetings as appropriate;

3. have unrestricted access to employees and management;

4. receive any relevant information it requires from any officer or employee of the University or any of its controlled entities.

4 Membership

1. The Council nominates and appoints the Committee members.

2. Members will be appointed for a term of office, to run concurrently with the term of office of the Council.

3. Membership of the Committee consists of:

   1. at least 3 (three) members of the Council who are not employees or students of the University and are able to contribute to the broad skills base relevant to the business of the Committee;

   2. at least one person external to the Council and staff of the University who represent the accounting profession with experience in auditing and

   3. the Chancellor of the University.

4. Committee members shall have skills and experience, which may include accounting, finance and audit appropriate to the Committee’s business.

5. The Chair shall be elected annually by the Committee from and by the members but the Chair shall not be the Chancellor.

5 Meetings

1. Meetings are to be held at least 4 (four) times per year.

2. The Chair shall call meetings of the Committee as required or if requested to do so by any Committee member, the internal or external auditors, the Chancellor or the Vice Chancellor.

3. A quorum consists of at least half the members of the Committee.

4. The Committee may invite other persons, including members of management and staff and the external auditor to attend meetings and provide information as necessary.

6 Ethical Practices, Confidentiality And Independence

Members of the Committee are to:

1. exercise objectivity, and probity in the discharge of their duties and responsibilities;

2. refrain from entering into any activity that may prejudice their ability to carry out their duties and responsibilities objectively and independently.

3. act in a proper and prudent manner in the use of information acquired in the course of their duties and responsibilities;

4. exercise sound judgement guided by highest personal standards of honesty and integrity in all matters relating to membership of the Committee;

5. ensure that they do not place themselves in situations which could lead to, or be perceived to give rise to a conflict of interest; and

6. disclose to the Committee any matter which could compromise, or be seen to compromise, the performance of their duties on the Committee or give rise to a perception of a conflict of interest.

7 Secretary

The Secretary to Council shall act as Secretary to the Committee.

8 Performance Evaluation

On an annual basis, the Committee will undertake a self-evaluation of performance utilising the Governance and Risk Management Self Assessment Program for Universities prepared by the QLD Audit Office, or such other self assessment tool as the Committee shall approve. The evaluation shall be submitted to Council.

If directed by Council, the Committee will arrange for an external review of its activities.

9 Review Of Terms Of Reference

These Terms of Reference will be reviewed annually by the Committee to ensure the Terms remain consistent with the Committee objectives and responsibilities. Any proposed amendments to the Terms of Reference will be referred to Council for approval.

10 Other Policy Information