Almarai’s Board of Directors approves the internal control system to support the effective implementation of the Company’s governance rules and to assess the adequacy of policies and procedures relating to risk management, compliance, and related party transactions.
To support the internal control framework, the Company has established independent departments for risk assessment and risk management and for internal audit. Where needed, external parties may be engaged to perform certain duties or provide specialist expertise, without affecting the Company’s responsibilities.
Internal Audit Department
The Internal Audit Department assesses and monitors the implementation of internal controls and verifies compliance with applicable laws, regulations, and instructions, as well as the Company’s policies and procedures. The Department is led by an Internal Audit Manager, whose appointment is recommended by the Audit Committee, and it operates with a competent team of appropriately trained employees. The procedures of the Department are in conformance with the Global Internal Audit Standards as set by the International Internal Audit Association.
The Internal Audit Department:
- reports to, and is accountable to, the Audit Committee
- has access to the information and documents required to perform its duties
- operates independently and is not assigned duties outside internal audit and internal control responsibilities
- follows the remuneration and governance requirements set by the Company, including remuneration recommendations made by the Audit Committee for the Internal Audit Manager
Audit Plan and Reporting
Internal Audit performs its work in accordance with a comprehensive audit plan approved by the Audit Committee. The plan is reviewed and updated annually, and key activities and operations, including those of the Risk Management and Compliance departments, are reviewed at least annually.
Internal Audit submits written reports to the Board of Directors and the Audit Committee at least quarterly. These reports include an assessment of the internal control system, the Internal Audit Department’s opinion and recommendations, and follow-up on the actions taken to address previous findings and recommendations, including explanations where corrective actions were not implemented.
Internal Audit also submits an annual report covering audit activities performed during the year, including an explanation of any deviations from the approved audit plan. The Board determines the scope of the Internal Audit report based on the recommendations of the Audit Committee and the Internal Audit Department.
Annual Review of Internal Controls
Based on the reports and recommendations of the Audit Committee, and in line with the Company’s business plan, the Board confirms that internal control systems are effectively functioning and support the mitigation of potential risks. This reflects the results of the annual review of the effectiveness of the Company’s internal control procedures and the Audit Committee’s opinion on the adequacy of the internal control system.
During the year, no matters were brought to the Board’s attention that would indicate a fundamental lack of integrity in financial and accounting systems requiring disclosure. Corrective actions were taken on findings and recommendations raised by Internal Audit and the Audit Committee to support the adequacy and effectiveness of internal controls.
During the year, the Audit Committee did not recommend the appointment of a new internal auditor. The Board did not decline any Audit Committee recommendations regarding the appointment, dismissal, fees, or performance evaluation of the external auditor, or the appointment of the internal auditor.