Corporate Governance

Corporate Governance is the system by which Corporations are direct and control. It includes the
rules and procedures for making decisions on corporate affairs to ensure success while
maintaining the right balance with the stakeholders’ interest.
Boards of directors and committees must be:
1) Proactive
2) Informed
3) Investigative
4) Accountable

Corporate Governance Models:

1) Anglo-American Model
2) German Model
3) Japanese Model
The Audit Committee
The audit committee’s ‘core’ duties overseeing financial reporting and controls, as well as
external and internal auditors are a substantial undertaking and time commitment. In addition,
many audit committees have oversight responsibilities for a range of other risks that have
become increasingly complex and challenging in the current business environment from
operational and compliance risks posed by globalization and the extended organization (partners,
suppliers, vendors, etc.) to cybersecurity and other risks related to emerging technologies.
Prioritizing this heavy audit committee workload continues to be a challenge for most audit
committees.

Audit Committee Key Responsibilities are to assist the Board in fulfilling its oversight
responsibilities:
1) Financial reporting.
2) The effectiveness of the system of risk management and internal control.
3) Compliance with applicable external legal and regulatory requirements.
4) Monitoring the qualifications, expertise, resources and independence of both the internal
and external auditors.
5) Assessing the internal and external auditors’ performance and effectiveness each year.
Audit committees are meeting this oversight challenge by focusing on ways to improve their
effectiveness and efficiency, refining their agendas and oversight processes and reassessing their
skills and composition. This requires the following:
1) Agendas that are manageable (what risk oversight responsibilities are realistic given the
audit committee’s time and expertise?).
2) Focusing on what is most important (starting with financial reporting and audit quality).
3) Allocating time for robust discussion while taking care of ‘must do’ compliance activities
and perhaps most importantly.
4) Understanding the tone, culture, and rhythm of the organization by spending time outside
of the boardroom.
5) Visiting company facilities.
6) Interacting with employees and customers.
7) Hearing outside perspectives.

The Audit Committee keeps the Board informed of its activities and recommendations. Where
the Audit Committee is not satisfied with, or if it considers that action or improvement is
required concerning any aspect of financial reporting, risk management and internal control,
compliance or audit-related activities, it promptly reports these concerns to the Board.
Audit Committee Activities
The Audit Committee covers a variety of topics in its meetings. These include both standing
items that the Audit Committee considers as a matter of course,
1) The quarterly unaudited financial statements, control issues, accounting policies and
judgements and reporting matters.
2) A range of topics relevant to corporation control framework.
The Audit Committee invites the Following to Attend Each Meeting:
1) Chief Executive Officer.
2) Chief Financial Officer.
3) Legal Director.
4) Chief Internal Auditor.
5) Executive Vice President Controller.
6) Vice President for Accounting and Reporting.
7) External auditor.
The Chair of the Board also regularly attends the meetings as an observer. Other members of
management attend when requested.
At every meeting, the Audit Committee holds private sessions separately with the external
auditor and the Chief Internal Auditor without members of management, except for the Legal
Director, being present.

Composition of the Audit Committee

The Audit Committee consists of:
1) A chairperson, who is an independent and non-executive member of the board
2) A minimum of two other non-executive members of the board, excluding the CEO and
any former member of the board. All members shall be independent.
At least one member has to have recent and relevant financial expertise; the others must be
familiar with the issues of accounting and audit.

Audit Committee and Firm Value

1) Expert-independence of audit committee (more than 50%) results in positive firm value.
2) Positive firm value if expert-independent directors have control of board (more than 50%
are expert-independent directors).
Internal Audit
The audit committee is responsible to the board for the oversight on internal control and risk
management systems.
The mission of internal audit is to enhance and protect organizational value by providing
risk-based and objective, assurance, advice and insight.

Internal audit is an independent, objective assurance and consulting activity designed to

add value and improve an organization’s operations. It helps an organization and audit
committee accomplish its objectives by bringing a systematic, disciplined approach to
evaluate and improve the effectiveness of risk management, control and governance
processes.

Part of the audit committee’s role is to review annually the need for an internal audit function
and, where such a function exists, its effectiveness

The top five highest ranked activities currently performed by internal auditors are:
1) Operational audits.
2) Audits of compliance with regulatory codes.
3) Auditing of financial risks.
4) Investigations of fraud and irregularities.
5) Evaluating effectiveness of control systems.
External Audit

External auditors authorized by law to examine and publicly issue an opinion on the
reliability of corporate financial reports

The External Audit Types

1) Financial Types
2) Non-Financial Types

Financial Audit Types

1) Financial Reporting Audit Related to Share Holders
2) Financial Reporting Audit Related to Tax Department “Check”
Non-Financial Audit Types
1) Governance Regulations
2) Certification Body
3) Insurance
Role of IAF
The primary purpose of IAF is two-fold. Firstly, to ensure that its accreditation body members
only accredit bodies that are competent to do the work they undertake and are not subject to
conflicts of interest. The second purpose of the IAF is to establish mutual recognition
arrangements, known as Multilateral Recognition Arrangements (MLA), between its
accreditation body members, which reduces risk to business, and its customers by ensuring that
an accredited certificate may relied upon anywhere in the world.

The MLA contributes to the freedom of world trade by eliminating technical barriers to trade.
IAF works to find the most effective way of achieving a single system that will allow companies
with an accredited conformity assessment certificate in one part of the world, to have that
certificate recognized elsewhere in the world. The objective of the MLA is that it will cover all
accreditation bodies in all countries in the world, thus eliminating the need for suppliers of
products or services to be certified in each country where they sell their products or services.
Certified once - accepted everywhere.

IAF (International Accreditation Forum)

EGAC (Egypt Accreditation Council)
UKAS (United Kingdom Accreditation Service)

Why use an accredited certification body?

Third party management systems certification is a frequently specified requirement to operate in
the global market place. It can demonstrate compliance to a standard, a code of practice or
regulatory requirements. It can also deliver internal business improvement.
There are many reasons why you should use the services of an accredited certification body:
1) De-risk your procurement by taking the guesswork out of choosing a certification body
by giving you confidence that you will get the service that closely meets your
requirements.
2) Win new business particularly since the use of accredited conformity assessment services
is increasingly a stipulation of specifiers in both the public and private sector.
3) Gain access to overseas markets since certificates issued by bodies that are accredited by
an IAF MLA signatory are recognized and accepted throughout the world.
4) Help to identify best practice since the certification body is required to have appropriate
knowledge of your business sector.
5) Control costs with the help of knowledge transfer since accredited certification bodies
can be a good source of impartial advice.
6) Offer market differentiation and leadership by showing to others credible evidence of
good practice.
7) Demonstrate due diligence in the event of legal action.
8) Reduce paperwork and increase efficiency by reducing the necessity to re-audit your
business.
Main Certification Bodies:
1) Quality Management System certification (to ISO 9001).
2) Information Security Management Systems certification (ISO/IEC 27001).
3) Environmental Management Systems certification (ISO14001).
4) IT Service Management Systems certification (ISO 20000).
5) Food Safety Management Systems certification (ISO 22000).
6) Supply Chain Security Management Systems certification (ISO 28000).
Accreditation Process in Egypt:
1) Application for accreditation.
2) Document study by EGAC.
3) Appointment of assessment team.
4) Pre-assessment visit.
5) Assessment visit and defining nonconformities, if any.
6) Reviewing evidence of corrective actions.
7) Granting accreditation.
 8) Annual surveillance visits.
ISO 50001 - Energy management
Using energy efficiently helps organizations save money as well as helping to conserve resources
and tackle climate change. ISO 50001 supports organizations in all sectors to use energy more
efficiently, through the development of an energy management system (EnMS).
ISO 9001:2015
Sets out the criteria for a quality management system and is the only standard in the family that
can be certified to (although this is not a requirement). It can be used by any organization, large
or small, regardless of its field of activity. In fact, there are over one million companies and
organizations in over 170 countries certified to ISO 9001.
ISO 14001:2015
focus on environmental systems to achieve this. The other standards in the family focus on
specific approaches such as audits, communications, labelling and life cycle analysis, as well as
environmental challenges such as climate change.

OHSAS 18001:2007
OHSAS 1800:2007 Occupational Health and Safety Management Certification is an international
standard that provides a framework to identify, control and decrease the risks associated with
health and safety within the workplace. Implementing the standard will send a clear signal to
your stakeholders that you view employee’s health and safety as a priority within your
organization.
References

1) KPMG
Audit Committee Handbook, Audit Committee Institute 2017 Edition
2) Shell
Shell Annual Report 2017, Audit Committee Report
3) International Accreditation Forum (IAF)
https://www.iaf.nu/upFiles/IAF_Why_use_accredited_CB_0112.pdf
4) International Organization for Standardization (ISO)
https://www.iso.org
5) ASQ
http://asq.org/learn-about-quality/auditing/