Objective

The ARMC being a committee of the Council derives its powers and duties from the Council, and these may be varied or expanded with time by the Council.

The primary objective of the Audit and Risk Management Committee is to assist the Council in fulfilling its oversight responsibilities for the system of internal control, the audit process, the financial reporting process, and the Institute’s process for monitoring compliance with laws and regulations. The Committee also reviews the principal risks identified by the Management and oversees the implementation of appropriate systems to manage these risks.

The scope of work of the ARMC shall be extended to include the regional offices of the Institute.

Accountability

The ARMC reports to the MIA Council. The reporting should be done on a structured basis and at least four (4) times per year.

Scope and Authority

The Committee has authority, within the scope of its responsibilities, to:

1. Approve the Internal Audit Charter, which defines the mission, scope of work, independence, responsibility, authority, and standards of practice of the internal audit function of the Institute as defined under the International Professional Practices Framework (IPPF).
2. Approve the Annual Internal Audit Plan.
3. Review and appraise the performance, recommend remuneration, recommend appointment and removal of the Head of Internal Audit Department.
4. Approve the internal audit department’s budget and resource plan.
5. Have the explicit authority to investigate any matter within its terms of reference.
6. Have the resources which are required to perform its duties.
7. Have full, free, and unrestricted access to any information, records, properties, and personnel of the Institute.
8. Have direct communication channels with the External and Internal Auditors and be able to convene meetings with them whenever deemed necessary.
9. Be able to obtain independent professional or other advice.
10. Review the findings of the Internal Auditor, External Auditor, and Auditor General Department.
11. Review the half-yearly and annual financial statements of the Institute.
12. Review the Institute’s accounting policies and its reporting requirements.
13. Advice in the development and implementation of the Institute’s enterprise risk management (ERM) framework of the Institute.

Terms of Reference

1. Composition
   • The Committee comprises of five (5) members, whereby four (4) members are Council members who are not members of the Oversight Committee of the Institute and one (1) member who is a non-Council MIA member.
   • The members should be independent of Management.
   • The Secretary of the ARMC will be the team from the Internal Audit Department.
2. Attendance of other Council members and employees
   • As necessary or desirable, the Chairman may request other Council members and employees to attend any ARMC meeting at the Committee’s invitation, specific to the relevant meeting.
   • The Chief Executive Officer (CEO) will represent Management at all meetings of the ARMC. In addition, the CEO can nominate representatives from Management to attend in his/her absence and decide who else attends on behalf of the Management.
   • The Head of Internal Audit will be required to attend all meetings of the ARMC.
3. Proceeding of Meetings
   • The Committee shall meet at least four (4) times in any financial year of the Institute and as many times as the Committee deems necessary.
   • The internal and external auditor shall be invited to make presentations to the Committee as appropriate.
   • The Committee shall have a structured private session with the Head of Internal Audit Department without the presence of the executive management team at least once in any financial year via the setting of a standing meeting agenda.

Independence

A person and/or MIA Council member who is appointed to act as a member of ARMC must satisfy the definition of “independent” as follows:

“independent” means a person and/or Council member who is independent of the MIA management and free from any business or other relationship which could interfere with the exercise of independent judgment or the ability to act in the best interests of the Institute. Without limiting the generality of the foregoing, an independent person/member is one who –

1. is not a member of the MIA Oversight Committee (OC),
2. is not an authorized signatory of MIA or has the legal power to commit MIA to any obligation or commitment,
3. is not, and has not been within the last 3 years, an officer/executive of MIA,
4. is not a family member of any executive director or officer of the Institute.
5. has not been engaged as an adviser with the Institute under these circumstances
   • had personally provided professional advisory services to the Institute within the last 3 years; or
   • is presently a partner, director (except as an independent director) or major shareholder of a firm or corporation (“Entity”) that has provided professional advisory services to the Institute within the last 3 years,

and the consideration in aggregate exceeds 5% of the gross revenue on a consolidated basis (where applicable) of the Institute, or RM1 million, whichever is the higher.

Former Presidents and Vice Presidents of the MIA OC must observe a cooling-off period of one (1) year in line with the cooling-off period observed by the MIA Council before being appointed as members of the ARMC.