Requirements and Responsibilities of the Unit Head
| No: 43037826 | Date(g): 1/12/2021 | Date(h): 26/4/1443 | Status: In-Force |
Translated Document
Effective from 2022-01-01 - Dec 31 2021
To view other versions open the versions tab on the right
| 32- | The unit head must possess the necessary independence, objectivity, competencies, and ethics to effectively perform their role and duties. | ||
| 33- | Their responsibilities must be clearly defined and should include, at a minimum, the following: | ||
| 33-1 | Attracting human resources with suitable qualifications and skills, based on a formal analysis of the unit’s actual needs required to perform its activities efficiently, and comparing those needs with the available human resources and their competency levels. Develop a plan to meet these needs and competencies, and formally share it with the audit committee for monitoring and evaluation. The analysis should consider international standards, emerging risk areas, and audit experience. | ||
| 33-2 | Working towards Saudization of the unit’s positions as required by relevant regulations. | ||
| 33-3 | Developing teams and skills related to audit techniques with the aid of technical systems and performance analysis programs to expand the scope of their reviews and manage system-related risks more comprehensively. | ||
| 33-4 | Continuously monitoring, evaluating, and developing the unit’s staff. | ||
| 33-5 | Ensuring the unit's adherence to integrity and compliance with sound internal audit standards. | ||
| 33-6 | Developing the internal audit plan and obtaining approval from the audit committee, and periodically reviewing and updating it. | ||
| 33-7 | Developing and periodically reviewing the internal audit policy as needed and at each audit committee cycle, and submitting it along with any updates to the board for approval based on the audit committee’s recommendation. | ||
| 33-8 | Formulating an internal audit strategy aligned with the bank’s strategy, obtaining approval from the audit committee, and regularly reporting the results and compliance to the committee. | ||
| 33-9 | Participating in relevant committees, such as those for risk and compliance, while adhering to core governance principles in financial institutions. | ||
| 33-10 | Meeting with the audit committee individually whenever necessary. | ||
| 33-11 | Monitoring the work of external service providers when some or part of the internal audit tasks are outsourced, ensuring their adherence to the internal audit policy, and verifying that they do not affect the unit’s independence and objectivity, and that they transfer relevant knowledge and experience to the unit's staff. | ||
| 33-12 | Preparing a detailed matrix listing and classifying potential risks resulting from suspending or postponing any audit activities or parts of them beyond the plan’s year, including an assessment and risk classification. This should address whether the suspension or postponement is requested by the unit or other units, and submit it to the audit committee for approval of high and medium-risk cases, with reasons and considerations, ensuring that risks continue to be addressed. | ||
| 33-13 | Identifying factors to consider when selecting branch samples for field audits in the targeted geographic area. | ||
| 33-14 | Encouraging audit unit staff to obtain Certified Internal Auditor (CIA) certification and other professional certifications (or one of them) to enhance the competence of internal auditors in the banking sector. | ||
| 33-15 | Enabling and supporting the implementation of an independent external quality assessment of the audit unit’s work at least once every five years, to ensure the quality of audit outputs, in line with the board-approved policy, based on the direction and approval of the audit committee, and selecting the independent assessment provider. The results should be presented to the committee and reported to the board. | ||