Corporate Governance Aligned to King IV Principles

Principle 15:



  • Principle 15 – The governing body should ensure that assurance services and functions enable an effective control environment, and that these support the integrity of information for internal decision-making and of the organisation’s external reports



  • Assurance on the effectiveness of internal controls and integrity of information for internal decision-making and external reporting purposes

Internal Audit (IA)

  • IA supports the Board and management to execute their mandate by providing independent objective assurance of the Fund’s operations
  • Technology has been leveraged to incorporate data consistency and integrity, stronger collaboration among functions, concise information, and real-time visibility to help identify key areas of focus and opportunities to create and protect strategic business value


  • Assurance that governance structures remain appropriate and functional for the Fund
  • Assurance is provided on financial and non-financial information
  • Key components of the integrated report, such as governance, risk management and controls are assured
  • Accountability is clear within the three lines of defence model, with assurance providers working together to provide coordinated assurance. (The coordination with assurance providers does not impair the independence of IA)
  • Combined assurance ensures that there is comprehensiveness in terms of coverage, and avoidance of duplication

Combined assurance

  • The three lines of defence play a complementary role to each other:
    • Enterprise Risk Management, Legal and Internal Audit, work collaboratively to provide combined assurance on risk, compliance, and internal controls

External Auditors

  • The ARC reviews the external audit plan with the External Auditor and discusses their approach, nature and scope of work, audit and reporting obligations before the audit commences
  • In addition, the ARC oversees the relationship between the Internal and External Auditors and ensures that the external audit is coordinated with the internal audit programmes

Summary of the arrangements for governing ASSURANCE

  • Well embedded Combined Assurance Model
  • Audit Committee oversees assurance:
    • Assurance Plans (internal and external audits)
    • Results of assurance reviews/audits
    • Implementation of agreed remedial actions
    • Quarterly assurance reporting to the ARC

Key areas of focus during the reporting period

  • ARC
  • Combined assurance ensures that there is comprehensiveness in terms of coverage, and avoidance of duplication

Measures taken to monitor ASSURANCE and how the outcomes were addressed

  • Considered results of internal and external assurance provider reports
  • Oversee the implementation of agreed remedial actions for improvements required in the internal control environment (processes and systems etc.)
  • Assurance provided on the 2022 Integrated Report
  • Auditors report in the Annual Financial Statements

Planned areas of
future focus

The Strategic Focus of the Internal Audit Function in providing independent assurance

Mr. Geofrey Barigye


Internal Audit (IA) supports the Board and Management to execute their mandate by providing independent and objective assurance, thereby protecting, and creating value for a better life.

IA provides an independent, objective, and continuous evaluation of the Fund’s operations and system of internal controls. The function reviews, appraises and reports on:

  • The effectiveness and adequacy of internal controls, risk management and governance processes; and
  • The reliability of financial and other management information.
The IA Charter approved by the Board of Directors provides the framework that guides activities, purpose, authority, and responsibility of the IA function.

IA reports functionally to the Board and administratively to the MD.

The annual risk-based IA audit plan and budget are developed in consultation with Management and approved by the ARC.

Issues raised in various audit assignments, are reported to both Management for remediation and to the Board ARC for oversight. IA makes value adding recommendations to Management and all remedial actions are followed up to completion and independently validated

The INTERNAL AUDIT Strategic Plan

Within the context of the International Standards for the Professional Practice of Internal Auditing (Standards), internal audit planning involves the formulation of:

  • The Internal Audit Strategic Plan that relates the role of Internal Audit to the requirements of the Organisations by outlining the broad direction of Internal Audit over the medium term, in the context of all IA assurance activities
  • The Annual Audit Plan, which includes a schedule for engagements, developed through a risk-based approach to determine the priorities of the internal audit for a year


Together, the above plans serve to set out the strategic and operational roles and responsibilities that are included in the IA Charter.

As one of the good practices, IA has developed and is implementing a Strategic Plan for the department covering the period 2021/2022 to 2024/2025. The Strategic Plan is reviewed annually and updated appropriately in consultation with all key stakeholders.

It is crucial for IA to adapt to the changing expectations, remain relevant and align with the organisation’s objectives. An IA strategy is fundamental to remaining relevant as it plays a significant role in achieving the balance between cost and value, while making meaningful contributions to the Fund’s overall framework of governance, risk management and internal controls. The Strategic Plan is how the internal audit vision and mission will be pursued.

The implementation of the key strategies contained in the plan, will uphold transparency and accountability in rendering an effective IA function.

The annual IA operational plan has been developed in accordance with the Fund strategic plan.