To sustain a healthy growing and all-inclusive economy, adopting effective corporate governance management and control tools like Governance Audit is imperative. Governance is beyond compliance with laws and regulations. It is about ensuring that the organization is managed in the interest of current and future generations and within the laid down legal framework.
Organizations need to improve governance practices for the benefit of their stakeholders. The Institute encourages all Organizations to undertake an annual governance health check to assure the stakeholders that the Organization is sustainable in a competitive market. A Governance Audit is an effective assessment that gives necessary assurance to the management, regulators and stakeholders, in regard to the governance standing of the organization.
Definition of Governance Audit
A Governance Audit is an independent assessment of an organization with a view to expressing an opinion on the adequacy and effectiveness of the organization’s policies, systems, practices and processes within the legal and regulatory framework and in line with global best practices on corporate governance for the interest of its stakeholders. It is an objective assurance intended to add value by introducing a systematic, disciplined approach to evaluate and improve effectiveness of risk management, control, and governance processes.
Mandate for Preforming Governance Audit
The responsibility of carrying out Governance Audit for Organizations in Kenya is vested in Certified Secretaries Accredited by the Institute for that purpose.
Importance of Governance Audit
A Governance Audit provides an effective mechanism to check compliance with legislation, regulations and codes of best practices and therefore help to detect cases of non-compliance and facilitate taking corrective-measures. Governance Audit therefore gives assurance to stakeholders as to the governance standing of the Organization. The following are some the benefits of Governance Audit:
a) Employee and customer loyalty and respect for the brand;
b) Recognition for the Organization as a good corporate citizen;
c) Impact on the bottom line through improved visibility and endorsements;
d) Promotion of the Organization’s image and competitiveness;
e) Increased investor confidence and credit rating;
f) Increased transparency and accountability;
g) Promotion of high standards of compliance;
h) Improvement of the working relationship between management and the Board;
i) Enhancement of communication with stakeholders; and
j) Identification of operational and functional gaps.
Types of Governance Audit
There are two types of Governance Audit:
Self-Assessment Governance Audit; or
Self-Assessment Governance Audit is a structured tool used by the Management and the Board to assess the adequacy and effectiveness of Organization’s governance structures.
Independent Governance Audit.
This is an independent assessment carried out by a Governance Auditor. They are classified into:
a) Voluntary Governance Audit
This is a Governance Audit that is undertaken by an Organization on its own volition.
b) Statutory Governance Audit
This is a Governance Audit that is mandatory under the law or regulations.
c) Other Governance Audit
These are any other assessments undertaken as required by the relevant authorities or stakeholders.
Frequency of Governance Audits
a) The Statutory Governance Audit shall be undertaken annually.
b) Voluntary Governance Audit may be undertaken on an annual basis.
c) Other Governance Audits may be undertaken as required by the relevant authorities or stakeholders.
Users of Governance Audit Reports
Some of the benefits that accrue from the Governance Audit to specific stakeholders are:
Governance Audits assure owners that the Board and Management are conducting the affairs of the Organization in accordance with international best practices of good governance, the organization is sustainable and that the owners’ interests are not being exposed to unintended risks.
Governance Audits assure the Management that governance and compliance systems are working effectively and efficiently. Further, this establishes benchmarks for governance and compliance review mechanism.
Governance Audits provide guidance to employees in the conduct of their roles.
Governance Audits provide comfort to Board Members that appropriate governance mechanisms and processes are in place thus mitigating any compliance risk, liabilities or penalties.
Government and Regulatory Authorities
Governance Audits reduce the resource requirement by the regulatory authorities in the enforcement of compliance and governance matters.
Governance Audits inform investors on the governance compliance status of the Organization. It is an effective due diligence exercise for prospective investors or joint venture partners.
Governance Audits enable stakeholders to measure the extent to which the Organization practices good governance. These stakeholders may include financial institutions, creditors, suppliers, customers, consumers and host communities.
General Principles of Governance Audit
In carrying out a Governance Audit, the Governance Auditor and the engagement team are required to:
Comply with ethical guidelines
The Governance Auditor shall act with integrity. A Governance Auditor shall be objective shall and not allow prejudice to influence his decisions. The Governance Auditor shall treat all information obtained during his assignment with confidentiality.
Comply with quality control requirements
The Governance Auditor shall take responsibility for the overall quality of each Governance Audit assignment.
Adhere to Governance Standards and Guidelines
During the conduct of Governance Audit, the Governance Auditor shall adhere to principles and essential procedures provided for in the Governance Standards and Guidelines.
The Governance Auditor shall plan and perform the Governance Audit with an attitude of professional skepticism, noting the possibility of being provided with governance information that could be materially flawed. This attitude is necessary throughout the Governance Audit to reduce the risk of overlooking unusual circumstances or over generalized conclusions.
Obtain reasonable assurance
The Governance Auditor shall obtain reasonable assurance that Management representations made are free from material misrepresentation.
Reduce Governance Audit Risks
The Governance Auditor shall reduce Governance Audit risks by planning, designing and performing Governance Audit procedures in line with these guidelines. This is to obtain sufficient and appropriate Governance Audit evidence, to enable him draw reasonable conclusions upon which to base the Governance Audit opinion.
Evaluate the Self-Assessment Reporting Framework
The Governance Auditor shall determine whether the Governance Self-Assessment Reporting Framework adopted by management is acceptable and in compliance with the Framework approved by the Institute.
Governance Audit Criteria
(a) These are the benchmarks used to evaluate the subject matter in a Governance Audit. The Governance Auditors shall establish suitable criteria which correspond with Governance Audit questions. The criteria shall provide a basis for evaluating the evidence, developing Governance Audit findings and reaching conclusions on the audit objectives.
(b) The criteria may be qualitative or quantitative and shall define what the Organization will be assessed against. The criteria may also be general or specific; focusing on what shall be according to laws, regulations or objectives; what is expected, according to sound governance principles, and best practice; or what could be, given better conditions.
(c) Diverse sources can be used to identify criteria, including performance measurement frameworks. The criteria shall be transparent, indicate which sources were used, and the criteria shall be relevant and easily understood by users, complete, reliable and objective in the context of the subject matter and Governance Audit objectives.
(d) The criteria shall be discussed with the Organization, but it is ultimately the Governance Auditor’s responsibility to select suitable criteria. It is important to select reliable and objective criteria.
Sources of Governance Audit Criteria
The Governance Audit criteria is obtained from the following sources:
(a) Enabling and related legislation which governs the operations of the auditee Organization;
(b) Organization policies, standards, directives, guidelines, operating and procedure manuals;
(c) Relevant multilateral conventions
(d) International governance best practices;
(e) Previous Governance Audit criteria or inquiries by regulatory authorities;
(f) Standards and guidelines developed by professional Organizations.
(g) Independent expert advice.
Governance Audit Risk
(a) Governance Audit risk is the risk of obtaining incorrect or incomplete conclusions, providing unbalanced information for expression of an Governance Audit opinion.
(b) The risk that a Governance Audit will fail to add value ranges from the likelihood of not being able to provide new information or perspectives to the risk of neglecting important factors. Important aspects of risk may include inadequate competences to conduct sufficiently broad analysis, lacking access to complete and quality information and relying on inaccurate information.
(c) Governance Auditors shall, actively manage risk. Audit planning documents shall state possible or known risks of the work envisaged and show how these risks will be handled. This ensures that the Governance Audit provides important feedback for better governance and adds value to the auditee Organization.