GIAD Activities in 2022 This statement is made in accordance with the resolution of the Board dated 19 April 2023. Prepare the Audit Plan and Budget for approval of the BAEC. The Audit Plan was developed based on assessment of the significant potential risk exposure of the auditable areas; Provide independent assessment and objective assurance on the adequacy and effectiveness of internal controls implemented to mitigate the risk exposures. Prepare audit report consisting of observations, improvement opportunities, rootcause, management responses which include the corrective actions by the respective stakeholders, deadline for resolution and person responsible for implementation of corrective actions; Follow-up on the Management corrective actions on audit issues raised by the GIAD. Determine whether corrective actions taken have generally achieved the desired results to mitigate the risk exposures; Report to the BAEC, the final audit report highlighting the audit plan coverage, audit scope and risks covered, audit rating, significant audit findings, findings escalated for Management’s immediate action, root-cause and status of corrective actions. A total of 137 audits (against the approved audit plan of 133) were conducted for the Group in FY2022; Report to the BAEC the adequacy, reliability, integrity and compliance of: • risk management, internal controls and governance processes; • Information Technology, stress testing procedures and practices and the back-up system to cover for contingencies and disaster; • Regulatory reporting, accounting records, financial reports and management information; Review compliance with relevant legal, regulatory and internal policies as well as compliance with Shariah rules and principles as determined by the SSC and Shariah Compliance Policy. Provide independent assessment on the effectiveness of the Business Continuity Plan/ Disaster Recovery Plan to ensure resumption of business activities is not hampered. Review, update and enhance the Internal Audit Charter by incorporating among others, additional scope and responsibilities of GCIA and GIAD related to Authority; Independence & Objectivity; Scope of Internal Audit Activities; Responsibility; and Quality Assurance and Improvement Program. Address the concern on GIAD’s readiness, i.e., competency and capabilities of IT auditors in assessing Cloud based system and vendor. Accountability Bank Islam Malaysia Berhad 207 01 05 03 07 02 06 09 04 08
RkJQdWJsaXNoZXIy NDgzMzc=