Article (17) Internal Audit
An organisational unit dedicated to internal audit shall be established within the federal entity, adhering to the guidelines outlined in the Guide for Preparing Organisational Structures ratified by the Cabinet, with an objective of executing the mandates delineated in the Internal Audit Methodology Manual of the UAE Federal Government, as amended. As well as providing the BOD with requisite assurances concerning the efficiency and efficacy of policies and procedures employed in managing significant risks within the federal entity. The Unit shall assess the efficiency of risk management, enforce regulatory controls, and oversee governance processes within the federal entity. Moreover, it shall offer recommendations and impartial consultations to the Board of Directors, undertaking the following principal tasks:
1. Carry out internal audit work in accordance with the accepted legal, financial and administrative principles, rules and standards to verify the extent of the commitment of the organisational units in the entity to implementing all financial, administrative and operational systems and regulations in force in the federal entity.
2. Follow the professional standards and professional ethics standards issued by the Institute of Internal Auditors and any related changes issued in the future.
3. Prepare the annual internal audit plan and having it approved by the Audit and Risk Committee.
4. Prepare an assessment of the risks that may affect the objectives, activities, and operations of the organisational unit, and develop policies and procedures to reduce them.
5. Study the reports submitted by regulatory authorities such as the Ministry of Finance and the UAE Accounting Authority to verify the extent of the entity organisational units commitment to implementing all financial and administrative systems and regulations in force in the federal entity.
6. Assist in investigating suspected acts of fraud and manipulation, and submit the necessary reports to the concerned authority in accordance with the procedures followed in this regard, without prejudice to the powers of the UAE Accounting Authority.
7. Present a comprehensive report detailing the outcomes of the audit, as well as the findings from the examination and monitoring of reports issued by other regulatory bodies. Evaluate the effectiveness of operations within the organisational units of the entity and provide suitable recommendations accordingly. Submit this report to the Audit and Risk Committee, which will subsequently relay key findings to the BOD. The BOD shall retain the authority to intervene as necessary based on these findings.
8. Help the federal entity maintain effective systems of internal control and risk management by evaluating the efficiency and effectiveness of these systems, and providing effective suggestions towards continuous improvement.
9. Coordinate with the organisational units in the entity during the planning stage and follow up on the implementation of the recommendations and observations contained in the reports of the UAE Accounting Authority.
10. Propose additional control standards or any measures that lead to continuous development and improvement and add value to the effort.
11. Refrain from performing any administrative or executive responsibilities related to the design or implementation of internal control systems, which may affect independence thereof, as well as refrain from assuming any responsibility or executive authority for the work audited thereby.