The role of the chief internal auditor is to monitor and verify the adequacy, effectiveness and correct operation of the internal audit system.
The chief internal auditor has an appropriate level of independence (he or she does not head an operating area, works fully independently from the heads of operating activities and reports to the Board of Directors) and suitable tools to perform the functions of the role.
The chief internal auditor:
- checks, on an on-going basis and in response to specific requirements, in compliance with international standards, that the internal audit and risk management system operates correctly and appropriately, through an auditplan approved by the Board of Directors, based on a structured process for the analysis and prioritisation of key risks;
- has direct access to all information needed to perform the role;
- draws up regular reports containing adequate information on his or her activities, the methods used to manage risk and compliance with the plans drawn up to contain risk. The reports assess the fitness for purpose of the internal audit and risk management system;
- draws up timely reports on particularly significant events;
- forwards the reports as at points c) and d) to the chairmen of the board of statutory auditors, the internal audit & risks committee and the Board of Directors, as well as the director responsible for the internal audit and risk management system;
- with reference to the audit plan, verifies the reliability of the information systems including the accounting systems.