Skip to main content
Entire section Custom print Text Only Rich Text Print / Save as PDF
Download Original PDF

Principle 6: Duties and Responsibilities of the Department

No: 46020559 Date(g): 1/10/2024 | Date(h): 28/3/1446 Status: In-Force
1.Subject to the relevant laws, regulations, and instructions, the Department's activity must include evaluating the Company’s governance, risk management, and compliance processes annually and submitting appropriate recommendations according to the approved internal audit plan.
 
2.The Department shall evaluate the effectiveness of governance processes and make recommendations to the Audit Committee based on studying the following aspects:
 
 a.The effectiveness of the Company’s strategic and operational decisions.
 
 b.The Company’s compliance with the governance regulations approved by the Board.
 
 c.The effectiveness of communication between the Board and internal or external auditors.
 
 d.The effectiveness of IT governance in the Company in supporting its strategies and objectives.
 
3.The Department shall evaluate the effectiveness of the Company’s risk management processes and contribute to their improvement. It shall also make recommendations in this regard to the Audit Committee, which in turn discusses them with the risk and credit management committee (as needed) based on studying the following aspects:
 
 a.The ability of the risk management function or department to identify and evaluate risks.
 
 b.The suitability of the risk response mechanism with the Company's level of risk appetite.
 
 c.The ability of the risk management function or department to deliver risk-related information on a timely manner that enables the Board, Executive Management, and relevant departments to carry out their responsibilities.
 
4.The Department shall investigate cases of fraud during the performance of its duties and conduct a regular assessment to verify the effectiveness of and compliance with anti-fraud policies and procedures approved by the Board. It shall also ensure appropriate and timely handling of suspicious cases of fraud, proper documentation of actions taken, and inclusion of such information in the Department’s report mentioned in Principle (9) of these Principles.
 
5.The Department shall provide the Company with the necessary support to achieve the required level of compliance by evaluating the effectiveness and adequacy of the Company's compliance department procedures to avoid the risk of non-compliance.