Audit Committee Charter
Effective Date: 1 July 2020
You can download an electronic version of our Audit Committee Charter (PDF, 374KB).
The Chief Executive Officer (CEO) has established an Audit Committee in accordance with section 45 of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) and PGPA Rule section 17 — Audit committee for Commonwealth entities.
1. Role and responsibilities
The committee provides an independent source of assurance and advice to the CEO on the appropriateness of the DTA’s financial and performance reporting, system of risk oversight and management, and system of internal control.
The committee has an exclusively advisory role, it is not responsible for the executive management of the agency’s functions. DTA’s line management is responsible for the development and implementation of systems, processes, and internal controls for the management of DTA’s risks. The committee will engage with management in a constructive and professional manner in discharging its advisory responsibilities and formulating its advice to the CEO.
The committee will be assisted by the DTA’s internal audit function that will be responsible for delivering an internal audit program in line with the Audit Committee’s guidance and subject to approval by the CEO. The committee will exercise a governance role in relation to the DTA’s internal audit function.
The CEO authorises the committee, in accordance with its role and responsibilities, to:
- obtain any information it requires from any official or external party (subject to any legal obligation to protect information);
- discuss any matters with the Australian National Audit Office (ANAO), or other external parties (subject to confidentiality considerations);
- request the attendance of any official at committee meetings; and
- obtain legal or other professional advice, as considered necessary to fulfil its role, at the DTA‘s expense, subject to approval by the CEO, or delegate.
Committee members must not use or disclose information obtained by the committee except in meeting the committee’s responsibilities, or unless expressly agreed by the CEO.
The Audit Committee comprises at least four members, appointed by the CEO.
The Audit Committee can be made up of members who are:
- Officials of the DTA (Until 30 June 2021)
- Commonwealth Officials from other agencies; and
- External Members who are not Commonwealth Officials.
Until 30 June 2021 no more than one member will be officials of the DTA and no more than one member can be a Commonwealth Official from another agency. The committee may have a temporary increase in the number of members as a result of staggering the rotation of members.
After 1 July 2021, the committee will be comprised of a majority of external members, with no more than one member being a Commonwealth Official from another agency. At this time, members who are officials of the DTA will cease to be members of the audit committee. No DTA officials will be appointed as members of the audit committee after this date. The committee may have a temporary increase in the number of members as a result of staggering the rotation of members.
The CEO will appoint the Chair of the committee, whom will be selected from among the external members.
External committee members will be appointed by the CEO for an initial period not exceeding two years.
The committee is authorised to appoint a Deputy Chair who will act as chair in the absence of the Chair.
Members cannot delegate their responsibilities as members of the Audit Committee, there will not be alternates or temporary members appointed for the purpose of delegating or to meet quorum.
Rotation of Members
The CEO will consider the rotation of members in line with the following principles:
- Maintaining continuity of corporate knowledge
- Managing the threat of familiarity to a member’s judgement
Commonwealth Officials on the Committee will have their membership reviewed annually. External members place on the committee will be reviewed in line with contractual requirements.
Appropriate qualifications, knowledge, skills or experience
Collectively, the committee needs sufficient expertise to provide independent advice and assurance on the appropriateness of the agency’s financial and performance reporting and the systems of risk management and oversight and internal controls for the DTA. At a minimum, it is expected that members of the committee would understand and observe the legal requirements of the PGPA Act, the PGPA Rule and Public Governance, Performance and Accountability (Financial Reporting) Rule 2015 (FRR), and any official guidance relevant to the performance of their functions.
Members are also expected to do the following:
- gain a good understanding of the DTA’s functions, objectives and operational context
- act in the best interests of the DTA and the Commonwealth
- apply good analytical skills, objectivity and sound judgement
- continuously build, apply and maintain experience and awareness of the challenges and opportunities associated with the DTA’s and the public sector’s operating context
- express opinions constructively and openly, raise matters that relate to the committee’s responsibilities and pursue independent lines of inquiry
- contribute the time required to meet their responsibilities.
The Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Head of Internal Audit or other management representatives may attend meetings as observers as determined by the Chair, but will not be members of the committee.
Representatives of the ANAO will be invited to attend meetings of the committee, as observers.
4. Functions of the Committee
The audit committee will review and provide advice on the appropriateness of the accountable authority’s:
- annual financial statements;
- information (other than annual financial statements) requested by the Department of Finance (Finance) in preparing the Australian Government’s consolidated financial statements, including the supplementary reporting package;
- processes and systems for preparing financial reporting information;
- financial record keeping;
- processes in place to allow the entity to stay informed throughout the year of any changes or additional requirements in relations to financial reporting; and
- review the annual financial statements.
And provide annually a statement to the accountable authority:
- whether the annual financial statements, in the committee’s view, comply with the PGPA Act, the PGPA Rules, the Accounting Standards and supporting guidance;
- whether additional entity information (other than financial statements) required by Finance for the purpose of preparing the Australian Government consolidated financial statements (including the supplementary reporting package) comply with the PGPA Act, the PGPA Rules, the Accounting Standards and supporting guidance;
- in respect of the appropriateness of the entity’s financial reporting as a whole, with respect to any specific areas of concern or suggestions for improvement.
The audit committee will review and provide advice on the appropriateness of the accountable authority’s performance reporting, including
- systems and procedures for assessing, monitoring and reporting on achievement of the entity’s performance. In particular, the committee could satisfy itself that:
- the entity’s Portfolio Budget Statements and corporate plan contain appropriate details of how the entity’s performance will be measured and assessed;
- the entity’s approach to measuring its performance throughout the financial year against the performance measures included in its Portfolio Budget Statements and corporate plan is appropriate and in accordance with the Commonwealth performance framework. This may include reviewing, over time, particular elements of the performance measures;
- the entity has appropriate systems and processes for preparation of its annual performance statement and inclusion of the statement in its annual report.
- The audit committee will review the annual performance statements and provide advice to the accountable authority on their appropriateness to the entity.
And provide annually:
- a statement to the accountable authority whether, in their view, the accountable authority’s annual performance statements and performance reporting as a whole is appropriate, with reference to any specific areas of concern or suggestions for improvement.
Systems of risk oversight and management
The audit committee will review the appropriateness of the accountable authority’s system of risk oversight and management for the entity. This would entail the audit committee gaining a sufficient understanding of the accountable authority’s risk appetite and the entity’s operating environment, and reviewing the mandatory requirements of the PGPA Act, the PGPA Rule, the Commonwealth Risk Management Policy (mandatory for NCEs and a better practice for CCEs) and also consider advice in supporting guidance. The audit committee will also review and provide advice on the appropriateness of the accountable authority’s:
- enterprise risk management policy framework and the necessary internal controls for the effective identification and management of the entity’s risks, in keeping with the Commonwealth Risk Management Policy (for NCEs);
- approach to managing the entity’s key risks—including those associated with individual projects and program implementation and activities;
- process for developing and implementing the entity’s fraud control arrangements consistent with the fraud control framework, and satisfy itself that the entity has adequate processes for detecting, capturing and effectively responding to fraud risks;
- articulation of key roles and responsibilities relating to risk management and adherence to them by officials of the entity.
And provide annually:
- a statement to the accountable authority whether in their view, the accountable authority’s system of risk oversight and management as a whole is appropriate (with reference to the Commonwealth Risk Management Policy for NCEs) and any specific areas of concern or suggestions for improvement.
System of internal control review
The committee will take a risk-based approach to reviewing the agency’s System of Internal Control. This will include:
Internal control framework
- reviewing management’s approach to maintaining an effective internal control framework and whether appropriate processes are in place for assessing whether key policies and procedures are complied with
- reviewing whether management has in operation relevant policies and procedures- such as accountable authority instructions
- Obtain an annual report from the Head of Internal Audit on the overall state of DTA’s internal controls.
Legislative and Policy Compliance
- reviewing the effectiveness of systems for monitoring the entity’s compliance with laws, regulations and associated government policies with which the entity must comply
- determining whether management has adequately considered legal and compliance risks as part of the entity’s enterprise risk management framework, fraud control framework and planning
- reviewing managements approach to maintaining an effective internal security system – including complying with the Protective Security Policy Framework
- satisfying itself that an appropriate approach has been taken in establishing business continuity planning arrangements—including whether business continuity and disaster recovery plans have been periodically updated and tested
- reviewing the proposed internal audit coverage, ensuring that the coverage takes into account the entity’s primary risks, and recommending approval of the internal audit work plan by the accountable authority or the nominated delegate;
- Periodically review the Internal Audit Charter;
- reviewing all internal audit reports, providing advice to the accountable authority on major concerns identified in those reports, and recommending action on significant matters raised—including identification and dissemination of information on good practice; and
- reviewing the performance of internal audit.
And provide annually:
- A statement to the accountable authority whether the accountable authority’s systems for internal control is appropriate for the entity, with reference to any specific areas of concern or suggestions for improvement
Additional areas of concern for the Committee
Parliamentary committee reports, external reviews and evaluations
The committee will satisfy itself that the DTA has appropriate mechanisms for reviewing relevant parliamentary committee reports, external reviews and evaluations of the DTA and implementing, where appropriate, any resultant recommendations
Engagement with ANAO
The committee will engage with the ANAO, as the DTA’s external auditor, in relation to the ANAO’s financial statement and performance audit coverage. In particular, the committee will:
- provide input on planned ANAO financial statement and performance audit coverage;
- act as one of the forums for communication between DTA management and the ANAO;
- review management’s responses to all ANAO financial statement management letters and performance audit reports, including the implementation of audit recommendations;
- provide advice to the CEO on action to be taken on significant issues raised in relevant ANAO reports or better practice guides; and
- meet privately with the ANAO at least once per year.
5. Administrative Arrangements
Annual Work Plan
- The committee will prepare a work plan that outlines the activities to be undertaken to achieve the committee’s functions.
- The committee will report annually to the CEO on its operation and activities during the year and confirm to the CEO that all functions outlined in this charter have been satisfactorily addressed.
- The committee may, at any time, report to the CEO any other matter it deems of sufficient importance to do so. In addition, at any time an individual committee member may request a meeting with the CEO.
- The Chair will advise the CEO of each meeting’s key matters discussed either by correspondence or through a meeting between the Chair and CEO. The form of advice will be as agreed with the CEO.
- The Committee will produce a report to be included in the DTA Annual Report which will include:
- The names of the members during the relevant financial year
- The qualifications, knowledge, skills or experience of those members
- A record of attendance at committee meetings; and
- The remuneration of members
- The committee will meet at least four times per year. One or more special meetings may be held to review DTA’s annual financial statements and performance statements or to meet other specific responsibilities of the committee.
- The Chair is required to call a meeting if asked to do so by the CEO, and decide if a meeting is required if requested by another member, internal audit or the ANAO.
- The committee will develop a forward meeting schedule that includes the dates, location, and proposed agenda items for each meeting for the forthcoming year, and that covers all the functions outlined in this charter.
- A quorum will consist of a majority of committee members. Where there is more than one external member on the committee, a quorum will include at least one external member. The quorum must be in place at all times during the meeting.
- The CEO, in consultation with the committee, will appoint a person to provide secretariat support to the committee. The secretariat will: ensure the agenda for each meeting is approved by the Chair; the agenda and supporting papers are circulated, at least one week before the meeting; and ensure the minutes of the meetings are prepared and maintained. Minutes must be reviewed by the Chair and circulated in a timely manner to each member and committee advisers and observers, as appropriate.
Conflicts of interest
- Once each year, members of the committee will provide written declarations, through the Chair, to the CEO declaring any material personal interests they may have in relation to their responsibilities. External members should consider past employment, consultancy arrangements and related party issues in making these declarations and the CEO, in consultation with the Chair, should be satisfied that there are sufficient processes in place to manage any real or perceived conflict.
- At the beginning of each committee meeting, members are required to declare any material personal interests that may apply to specific matters on the meeting agenda. Where required by the Chair, the member will be excused from the meeting or from the committee’s consideration of the relevant agenda item(s). The Chair is also responsible for deciding, in consultation with the CEO where appropriate, if he/she should excuse themselves from the meeting or from the committee’s consideration of the relevant agenda item(s). Details of any material personal interests declared by the Chair and other members, and actions taken, will be appropriately recorded in the minutes.
- New members will receive relevant information and briefings on their appointment to assist them to meet their committee responsibilities.
- The Chair of the committee, in consultation with the CEO, will undertake a review of the performance of the committee at least once every two years. The review will be conducted on a self-assessment basis (unless otherwise determined by the CEO) with appropriate input sought from the CEO, committee members, senior management, internal audit, and any other relevant stakeholders, as determined by the CEO.
- The Chair will provide advice to the CEO on an external member’s performance where an extension of the member’s tenure is being considered.
Review of charter
- The committee will review this charter annually, or more often as required. This review will include consultation with the CEO. Any substantive changes to the charter will be recommended by the committee and formally approved by the CEO.
- A copy of the charter will be published on the DTA website.