- 192 Table of Contents 194 267

Board Risk Committee Guide

Section 5: Sources of BRC Assurance | 193 5.1 Introduction 5.1.1 The Board is required to comment on the adequacy and effectiveness of the company’s internal controls (including financial, operational, compliance and information technology controls) and risk management systems, and provide a statement on whether the AC concurs with the Board’s comment. Where either the Board or AC comments that the internal controls or risk management systems have material weaknesses, the company must provide clear disclosure on the weaknesses and the steps taken to address them 1 . 5.1.2 Typically, the BRC supports the Board in this process by coordinating the annual review of the framework and system, identifying the material deficiencies to be reported, and preparing the disclosures – the latter including emerging areas such as sustainability and integrated reporting (which also require consideration, management and disclosure of key risks). 5.1.3 For the Board and the BRC to provide their comment, sufficient evidence must be obtained, and the basis for their comment must be disclosed 2 . In order to do so, the BRC should ensure that there is an assurance framework in place when it gathers evidence across the different layers (or “lines of defence”) of the framework. 5.1.4 This section describes the scope of work required of the BRC to assist the Board in meeting disclosure obligations as follows: • The context and meaning of the “adequacy and effectiveness” of the risk management and internal control systems. • The various “Lines of Defence” models, and an explanation of each line of defence based on four lines of defence. • How the various lines of defence can be brought together in combined assurance. • How the BRC should handle the deficiencies in the review of the risk management and internal control systems. • The type of disclosures required by the Board in giving its comment on the adequacy and effectiveness of the risk management and internal control systems. • Additional areas of disclosures in sustainability reporting and integrated reporting. 1 MR 1207(10) and CR 1204(10). 2 MR 719(1) and CR 719(1), and MR Practice Note 12.2 and CR Practice Note 12B.

RkJQdWJsaXNoZXIy Mjk3ODQ1