(Extracted from Annual Report 2023)
The Swire group has had GIAD in place for 28 years. GIAD plays a critical role in monitoring the governance of the Group. The department is staffed by 26 audit professionals and conducts audits of the Group and of other companies in the Swire group. The 26 professionals include a team based in the Chinese Mainland which reports to the Group Head of Internal Audit in Hong Kong.
GIAD reports directly to the Audit Committee without the need to consult with management, and via the Audit Committee to the Board. GIAD has unrestricted access to all areas of the Group’s business units, assets, records and personnel in the course of conducting its work.
The annual internal audit programme and resources are reviewed and agreed with the Audit Committee.
Business unit audits are designed to provide assurance that the risk management and internal control systems of the Company are implemented properly and operating effectively, and that the risks associated with the achievement of business objectives are being properly identified, monitored and managed.
The frequency of each audit is determined by GIAD using its own risk assessment methodology, which is based on the COSO (Committee of Sponsoring Organizations of the Treadway Commission) internal control framework, considering such factors as recognised risks, organisational change, overall materiality of each unit, previous internal audit results, external auditors’ comments, output from the work of the Swire Pacific Group Risk Management Committee and management’s views. Each business unit is typically audited at least once every three years. Acquired businesses would normally be audited within 12 months. 16 assignments were conducted for Swire Properties in 2023.
In addition, GIAD assists the Audit Committee in carrying out the analysis and independent appraisal of the adequacy and effectiveness of the Group’s risk management and internal control systems through its review of the process by which management has completed the annual Control Self-Assessment, and the results of this assessment.
Furthermore, GIAD conducts ad-hoc projects and investigative work as may be required by management or the Audit Committee.
Copies of internal audit reports are sent to the Chairman of the Board, the Chief Executive, the Finance Director and the external auditors. The results of each review are also presented to the Audit Committee.
Management is required to provide action plans in response to internal audit recommendations, including those aimed at resolving material internal control defects. These are agreed by GIAD, included in its reports and followed up with a view to ensuring that they are satisfactorily undertaken.