Terms of Reference
The purpose of the Quality, Audit and Risk Committee (‘QARC’ or ‘the Committee’) is to assist Council in fulfilling and discharging its responsibilities in relation to the University operations and strategic objectives, by providing independent and objective advice on the adequacy, integrity and/or effectiveness of the University’s systems of risk management, internal control and compliance; and such other matters as are referred to it by Council.
To this end, QARC has responsibility for:
- Ensuring that collectively, quality improvement, risk management, compliance and control tools enhance the effectiveness, efficiency and economy of University activities.
- Ensuring that the University has appropriate systems and processes in place to support the achievement of the University’s strategic plan as it relates to matters of risk management, internal control and compliance.
- Assisting Council to meet its obligations under certain legislation, regulation and standards.
- Reporting to Council as required on such other matters as may be referred to the Committee by the Council, Chancellor or Vice-Chancellor.
- Making decisions on matters delegated to the Committee by Council.
The Committee has the authority to speak with any person, internal or external to the University, access any records, and act on behalf of Council in obtaining assurance on matters that fall within its terms of reference.
The Committee will:
Audit and Assurance
- Review and recommend to Council the approval of the Internal Audit Charter to ensure appropriate protocols, access and reporting arrangements are in place.
- Assess and approve progress against the internal audit work plan:
- Assess the internal audit coverage and annual work plan and oversee progress of the work plan, including approving any significant changes to it.
- Advise the Council on the adequacy of internal audit resources to carry out its responsibilities, including completion of the approved internal audit plan.
- Oversee the coordination of audit programs conducted by internal audit and external audit respectively.
- Consider the key findings of internal and external audit reports and assess management’s response in terms of content and timeliness.
- Assess the adequacy of management’s implementation of internal audit and external audit recommendations.
- Consider the scope, audit plan and key findings from external audit reports, including the audit of the University’s Annual Financial Statements and Key Performance Indicators, and other reviews that the WA Auditor General may conduct from time-to-time.
- Periodically assess the performance of internal audit.
Risk Management
- Review and recommend to Council the approval of the integrated risk management policy and framework, including the risk management function and its resourcing.
- Review and recommend to Council the approval of University’s risk appetite; and assess the processes to ensure the University operates within the approved risk appetite.
- Assess and provide advice on the adequacy, integrity and effectiveness of the risk management framework including the identification of key enterprise-wide risks, and in relation to strategic, operational and emerging risks (including corporate, academic governance, cybersecurity and values-based culture risks).
- Assess management’s evaluation of the effectiveness of internal controls.
- Assess the effectiveness of the University’s business continuity management practices and insurance and risk financing activities.
- Receive advice from management on critical incidents and assess management’s treatment action plans.
- Consider significant work health and safety risks, and assess compliance with key work health and safety legislation, to enable Council to meet its obligations under all relevant safety legislation.
- Consider significant Environmental, Social and Governance (ESG) risks, to support the realisation of the University’s purpose and strategic priorities.
- Review and recommend to Council the acceptance of the overall level of risk associated with partially controlled entities, as defined under Voluntary Code of Best Practice for the Governance of Australian Universities.
Compliance
- Review and provide advice on the adequacy, integrity and effectiveness of the University’s compliance framework, including key systems of internal control for ensuring compliance with compliance obligations across university operations (corporate and academic) including relevant laws, regulations, internal policies and legislation, external reviews and consistency with applicable standards.
- Consider the University’s processes to ensure ongoing compliance with the Higher Education Standards Framework (2015) and professional accreditation standards, including reporting obligations to the Tertiary Education Quality and Standards Agency (TEQSA), Australian Skills Quality Authority (ASQA), and other professional accreditation bodies.
- Consider the University’s quality initiatives related to the Higher Education Standards Framework (2015) and standards regulated by TEQSA, ASQA and professional accrediting bodies.
- Obtain regular updates from management regarding compliance matters that may have a material impact on the University’s activities.
- Assess the effectiveness of procedures and processes for complying with the University’s integrity framework including the Code of Conduct and integrity policies.
- Consider the key findings from significant fraud, misconduct and corruption reports and assess the appropriateness of remedial actions.
See downloads for more information on the membership and meeting schedule of the Quality, Audit and Risk Committee.
Agendas and minutes
To enquire about access to agendas and minutes from the Quality, Audit and Risk Committee please contact University Governance at universitygovernance@ecu.edu.au.