Audit and Risk Assurance Committee Handbook

This Audit and Risk Assurance Committee (ARAC) Handbook has been refreshed and expanded to improve clarity and reflect changes in best practice in governance. The handbook covers the roleroles and responsibilities of an an ARAC and and provides guidance on good governance processes for ARACs.

Whilst it is not intended to provide guidance on areas that an an ARAC may may need to review, Annex F ’Key questions for an an ARAC to to ask’ does provide prompts of what ARACs should consider on a range of topics, including whistleblowing and cyber security. This Annex is not meant to be an exhaustive (or restrictive) list of questions relating to a particular topic.

The Handbook has been updated to include changes resulting from the introduction of the Global Internal Audit Standards. This has resulted in the introduction of a new Annex H is‘Governing athe checklistInternal Audit Function’, which anoutlines the key requirements contained in the Global Internal Audit standards, for ARACs. Consequently, the checklist which an ARAC could could use to review its effectiveness.effectiveness is now at Annex I.

To help with thisan effectiveness review and take account of each member’s views, the questions from Annex HI have been transferred to a spreadsheet (Audit and Risk Assurance Committee self-assessment tool) allowing all all ARAC members members (and the views of others) to be collated and analysed. This tool is a modified version of the National Audit Office’s Outcome Analyser.Analyser and includes changes resulting from the introduction of the Global Internal Audit Standards. As an alternative, ARACs can consider using the NAO’s ARAC effectiveness tool and its outcome analyser, which incorporates leading practice alongside the essentials set out in the ARAC Handbook. This may be particularly appropriate for ARACs of large or complex organisations.