Audit and Risk Management Committee

*Membership of the Audit and Risk Management Committee is limited to external members of Council i.e. not a current RMIT staff member or student. In making these appointments, the Council shall satisfy itself that each member is independent of management and does not have any business or other relationship which could interfere with or be reasonably perceived to have the potential to interfere with their capacity to exercise independent judgement. Members of the Committee should have the appropriate level of skills and business experience. At least one member of the Committee will hold a formal accounting qualification, with a strong financial and accounting background.

The Committee may invite or require Officers of the University to attend meetings where appropriate to assist in the effective discharge of the Committee's duties or for selected agenda items as determined by the Chair.

At least once a year the Committee will separately meet with the Chief Audit and Risk Officer and external auditor without any management present.  Similarly, the Committee may meet with the Vice-Chancellor, Chief Finance Officer or General Counsel without any other management being present.

Role

Pursuant to Section 18 of the Royal Melbourne Institute of Technology Act 2010, a committee of Council will be known as the Audit and Risk Management Committee (“the Committee”). This Charter establishes the role and responsibilities of the Committee.

The primary objective and responsibility of the Committee is to assist the Council in fulfilling and discharging its responsibilities in relation to the University’s accounting policies, financial reporting practice, financial and internal control systems, external and internal audit functions, risk management framework and compliance framework, by providing an objective view on the effectiveness of these policies, financial reporting practices, systems and risk management framework.

Terms of Reference

Financial Reporting

• Review the annual financial statements and reports for the University before submission to the Council for approval, and through reports from senior management, the Chief Audit and Risk Officer and VAGO to the Committee, consider the following:
  • The appropriateness of accounting practices selected, the consistency with which they are applied and any changes in financial policy, accounting standards and practice.
  • The appropriateness of the material judgments and estimates made in the course of the preparation of the financial statements.
  • The propriety of any related party transactions.
  • Significant adjustments arising from the external audit and the impact and reasons for those adjustments.
  • The VAGO independent audit opinion.
  • Audit representation letters to be signed by management and the contents of those letters.
  • VAGO’s audit management letters and management’s responses to them.
  • The form of and responses to questionnaires to management in connection with the University's annual financial statements.
  • Key Management Personnel (KMP) declaration of related parties’ transactions signed by KMP.
• Review and recommend to Council the University’s annual budget.
• Monitor the University’s financial performance (long term and short term) against budget and approved financial performance indicators and targets, and any corrective actions required to achieve budget objectives.
• Monitor policies relating to financial matters and financial risk management including Delegations of Authority.

Financial and Internal Controls

• Discuss with management, the Chief Audit and Risk Officer and VAGO, the adequacy and effectiveness of the University's accounting, financial, and internal controls including the University's policies and processes to assess, monitor and manage these controls.
• Obtain reports on internal control findings raised by Internal Audit and any external auditors, together with management’s responses to these findings.
• Oversee and provide high-level direction in relation to the University’s annual internal controls certification process, including the methods employed to gain assurances from management that internal controls have operated effectively over the specified financial reporting period.

External Audit

• Oversee the University's relationship with VAGO.
• Review and agree with VAGO the scope of the audit plan before the audit commences and subsequently the result of the audit.
• Review any significant changes made to the VAGO audit plan and the reasons for those changes including whether any restrictions on scope have been placed by management on the audit.
• Review any significant difficulties or disputes encountered with management during the course of the audit and the resolution of those difficulties or disputes.
• Review reports and management letters from VAGO including reviews of accounting procedures and recommendations for improvements in internal controls and management responses.

Internal Audit

• Ensure the independence of the internal audit function.
• Provide adequate oversight of the internal audit function and a structured reporting line to the Committee.
• Review the activities, resources, organisational structure and the operational effectiveness of the internal audit function and where appropriate make recommendations to the Council.
• Review and approve the annual internal audit plan to ensure adequate coverage of the University's significant business risks, the system of internal control and the efficiency and effectiveness of the University’s operations.
• Monitor the progress of the internal audit plan and approve any changes required to the planned scope of the plan.
• Review reports from the internal auditor, the rating of those reports and the recommendations contained therein.
• Review any significant findings and recommendations made by internal audit and ensure they are received, considered and responded to by management on a timely basis.
• Monitor follow up action in response to internal audit’s recommendations and management's agreed action plans.
• Consider any difficulties encountered by internal audit during the course of its work, including any restrictions on the scope of the planned work or access to required information.
• Ensure that the activities of internal audit are coordinated with VAGO.
• Approve the appointment of the Chief Audit and Risk Officer for the University and any proposed changes to that appointment.

Risk Management

• By receiving updates about the University’s Strategic Risk profile, provide an objective view to Council on the effectiveness of the University’s risk management framework.
• Review and monitor risk aspects arising from external reviews of the University’s performance, including quality reviews performed by Commonwealth regulatory bodies.
• By obtaining management reports into and reviewing significant cases of conflicts of interest, misconduct, fraud or grievances and the resolution and reporting of those cases, monitor the overall culture of the University.
• Receive an annual report on the academic risk profile for the University and invite the Chair of the Academic Board to attend an ARMC meeting annually to discuss key academic risks.
• Review the University’s insurance coverage and other risk transfer arrangements to ensure it is appropriate.

Compliance

• Review the effectiveness of the University’s systems and processes for ensuring compliance with laws, regulations and internal policies, and the results of management’s investigation and follow-up of any instances of non-compliance.
• Review updates from management, the Chief Audit and Risk Officer, General Counsel and University Secretary regarding compliance matters that may have a material impact on the University’s reputation or financial statements.
• Review the findings of any examinations conducted by regulatory or other external bodies in relation to compliance matters.
• Review reports from the General Counsel about any current pending litigation or regulatory proceedings in which the University is a party and which may have a material effect on the University.

The Committee is authorised to obtain outside legal and/or other independent professional advice and to secure the attendance of external parties with relevant experience and expertise if it considers this necessary. The Committee is entitled to call upon resources from the University to support the achievement of its duties.

The Committee has the right to obtain all information it requires and request reports from management, the Chief Audit and Risk Officer, General Counsel and VAGO which it considers necessary for the performance of its duties.

Committee Administration

There shall be an agenda and minutes for all meetings and the Secretary (who shall not be a Committee member) shall record the proceedings of the meeting and distribute Chair approved minutes within 10 business days of the meeting.

The Committee shall review its own performance on an annual basis and refer findings and actions arising from the review process to Council.

The Terms of Reference for the Committee shall be reviewed on an annual basis and any amendments recommended to Council for approval.

Reporting

To Council after each meeting.

Quorum

Quorum is a majority of members. The Chair holds an additional ‘casting’ vote if there is a tie in the vote.

Frequency of meetings

Four times a year or more as required. Members will receive regular reporting between meetings where that facilitates the Committee’s functions. Any Committee member, the Victorian Auditor General’s Office (VAGO) or the Chief Audit and Risk Officer may, in consultation with the Chair, request additional or special meetings if they believe it is necessary.

List of sub-committees

None

Secretariat

University Secretariat

Contact

Ms Nicole Knight
Senior Governance Officer
Email: council.secretariat@rmit.edu.au
Phone: 03 9225 2008