(As approved by the Board of Trustees in May 2005 and amended in May 2013, May 2014, May 2016, May 2017, May 2018, March 2019, September 2020, and June 2023)
I. Purpose
The Audit and Risk Committee (“Committee) is formed to support and enhance the capacity of the Queen’s University Board of Trustees (“Board”) to fulfil both its strategic responsibilities, and its fiduciary obligations to ensure the integrity of the University’s financial controls and oversee financial reporting, enterprise risk, and legal compliance responsibilities of Queen’s University.
II. Authority
The Audit and Risk Committee is a Committee of the Board of Trustees of Queen’s University from which it derives its authority and to which it reports.
Oversight Areas: The Committee has delegated authority from the Board in respect of the areas of oversight for which it has accountability under these Terms of Reference. As specified under “Duties and Responsibilities” below, the Board delegates to the Audit and Risk Committee the authority to monitor and oversee, provide advice to the Board, to review and recommend matters to the Board for approval, and to approve matters on behalf of the Board.
Investigation: The Committee has the authority to initiate any investigation it deems appropriate to fulfilling its obligations under this Terms of Reference.
Professional Advisors: The Committee has the authority, with the consent of the Chair of the Board, to retain professional advisors as it deems appropriate to fulfilling its obligations under this Terms of Reference.
III. Duties and Responsibilities
The Committee is accountable to the Board for oversight of financial reporting and internal controls, external audit, internal audit, enterprise risk management, and legal compliance (“Oversight Areas”).
i. Financial Reporting and Internal Controls
The Committee will monitor the integrity of the financial statements and internal control systems of the University and specifically will:
a. Review the University’s annual consolidated audited financial statements and all associated material, including discussion with the administration and the external auditors of significant issues regarding accounting principles, practices, levels of error, key accounting judgments and significant administration estimates, risks to audit quality, and adequacy of disclosure.
b. Review and discuss significant findings and recommendations of the external auditors set out in the Management Letter, if any, together with administration’s responses, and report to the Board the key findings and recommendations along with the Committee’s plans to oversee ongoing issues.
c. Recommend approval of University’s annual consolidated audited financial statements to the Board, along with the basis for such recommendation.
d. Review and approve the Annual Financial Report and other related reports with financial disclosures as appropriate.
e. Meet regularly with the external auditor (including at least once a year without university administration) to discuss the auditor’s perspective of their interaction with university administration, audit issues, and any other matters identified by the Committee or the external auditor.
f. Oversee the continued effectiveness and currency of the Queen’s University Fraud and Improper Acts Reporting Policy, and associated procedures, and recommend policy changes to the Board of Trustees.
g. Review significant accounting and reporting developments, including professional and regulatory proposals, understand their impact on financial reports, and report to the Board on the anticipated effect of significant developments.
h. Assess the effectiveness of the internal control framework and at least annually report to the Board the Committee’s assessment of the University’s financial reporting and internal controls and financial risk exposures, the basis for such assessment, and to describe the ongoing Committee monitoring of plans to address deficiencies or improve financial reporting and internal controls.
ii. External Audit
The Committee will monitor and oversee the effectiveness and objectivity of the external auditor and specifically will:
a. Oversee the selection process, annual performance assessment, re-appointment, and removal of the external auditor. Annually review and assess the auditor’s objectivity and independence.
b. Review and approve the proposed audit scope and approach for the annual consolidated financial statement audit and other mandated audits.
c. Annually recommend to the Board the appointment and terms of engagement of the external auditors, and, in consultation with university administration, their compensation.
d. Develop and at least every three years review a policy establishing a process for pre-approving and reporting of non-audit services.
e. After the conclusion of an audit, report to the Board confirming the Committee’s assessment of the audit process and the basis for this assessment.
iii. Internal Audit
The University’s internal audit function and the Director of Internal Audit will report and be accountable to the Committee, through the Committee Chair, and the Committee specifically will:
a. Monitor the effectiveness of the internal audit function at least every three years including: 1) reviewing and approving the organization, structure, and resources of the internal audit function to ensure adequate resourcing, and; 2) reviewing the qualifications of internal audit personnel, the mandate, and objectives of the internal audit function.
b. Annually, through the Committee Chair working directly with the Director of Internal Audit, review, amend as appropriate, and approve the proposed internal audit plan for the coming year along with the criteria upon which it is based (the risk assessment process).
c. Review and discuss significant findings and recommendations resulting from internal audits, special investigations, and other reviews of internal controls along with administration’s response and monitor the implementation of follow-up plans.
d. Through the Committee Chair, on recommendation of the Vice Principal (Finance and Administration), review and concur with the appointment, re-assignment, or dismissal of the Director, and their annual performance assessment.
e. At least annually, meet privately with the Director of the internal audit function at each meeting of the Committee.
f. At least annually, report to the Board on the Committee’s assessment of the integrity and sufficiency of the internal audit function, with reference to the ongoing work of the Committee to monitor follow-up plans, and the basis for the Committee’s assessment.
iv. Risk in Oversight Areas
The Committee will oversee the effective management of financial risk within its Oversight Areas, and specifically will:
a. Ensure that the University has identified and is managing significant risk exposures arising from Committee Oversight Areas, identified by the external auditor, or assigned by the Board, and monitor risk management initiatives.
b. At least annually, report to the Board to keep it informed of the risk exposures the Committee is monitoring, and ensure the Board understands significant risks in the Oversight Areas and significant deficiencies in risk management or mitigation plans.
v. University Risk Management
The Committee will oversee the effectiveness of the University’s risk management system, and specifically will:
Enterprise Risk Management: Ensure the ongoing effectiveness of the University-wide risk management framework, including:
a. At least every three years: 1) reviewing and advising on the organization, structure, and resources of the risk management function to ensure adequate resourcing, and; 2) reviewing the qualifications of the risk personnel as well as the mandate and objectives of the risk function.
b. Annually through the Committee Chair working directly with the Vice Principal Finance and Administration to review and approve the proposed risk management plan and priorities for the coming year.
c. Review and discuss significant findings and recommendations resulting from risk assessments and planning. Monitor and ensure the implementation of risk management and mitigation plans by University administration.
d. At least annually, report to the Board on the Committee’s assessment of the integrity and sufficiency of the risk management framework with reference to the work of the Committee, the ongoing work of the Committee to monitor follow-up plans, and the basis for the Committee’s assessment.
Board Risk Management: The Committee will support the Board to oversee the risk work of the other Committees of the Board of Trustees, including:
e. Recommending to the Board the assignment of all strategic risks to a Committee of the Board for oversight and supporting the Committees to engage in consistent risk oversight practices.
f. Receiving reports annually from each Committee respecting their assessment of the risk(s) assigned to them for oversight, the basis for such assessment, and the ongoing work of the Committee to monitor work to address deficiencies in the management or mitigation of such risks.
g. Annually, reporting to the Board on the Committee’s assessment of the status of the strategic risks and the effectiveness of the University’s strategic risk management and mitigation work, along with recommendations for addressing significant deficiencies.
h. Annually, considering risk trends, initiatives, and developments facing the post-secondary sector and assessing them for inclusion in the University’s risk management plan and reporting to the Board on significant anticipated risks to the University strategic direction and recommending to the Board the amendment of or addition of strategic risks, if any.
vi. Compliance
The Committee will oversee the University’s compliance program, and specifically will:
a. Annually review with the University’s legal counsel: 1) counsel’s assessment of the effectiveness of the management of University legal compliance; 2) any legal matters that could have a significant effect on the financial statements of, or that present a significant risk to the University; 3) the status of ongoing compliance activities and projects, and 4) compliance inquiries received from regulators or government agencies.
b. Oversee the University’s contract management framework to ensure the effective management of contracts and contract risks.
c. Annually report to the Board on the Committee’s assessment of the status of the effectiveness of the University’s legal compliance program, with recommendations for addressing significant deficiencies, and at least annually, report to the Board on significant compliance matters.
IV. Composition and Skills
The Committee will include 4 to 6 independent1 members all of whom will be appointed from among the University Council-elected Trustees and the Board-appointed Trustees.
In addition to the foregoing, the Chair of the Board and the Chancellor will serve ex officio on the Committee. The Principal will serve ex officio as a non-voting, participating member of the Committee.
In addition to being independent, a majority of Committee members must be financially literate, and financial literacy education will be made available to all members of the Committee. A member is financially literate if they have the demonstrated ability to read, understand, and ask probing questions about the University’s financial statements.
V. Governance Practices
Each year, the Committee will provide applicable training and education to its members to allow them to fulfil their responsibilities to the Committee. The Committee will annually report its training and education work to the Governance and Nominating Committee.
All Committee members will foster an inclusive Committee culture that encourages the sharing of diverse perspectives in line with the Board’s commitments to advance Indigenization, Equity, Diversity, Inclusion, Accessibility, and Anti-Racism.
All Committee members will fulfil the same expectations and are held to the same standards as Trustees including compliance with the Board of Trustees’ Code of Conduct. All Committee members will fully and effectively participate in the work of the Committee, including through attendance at Committee meetings. In conducting its work, the Committee will remain mindful of any legal or regulatory requirements, governance leading practices, the Queen’s University Charter, By-Laws, Policies, and the Board of Trustees’ Guiding Principles for Board Committees.
VI. Meetings
The Committee will meet at least three times annually.
1The oversight responsibilities of the Audit and Risk Committee are such that good governance practices dictate its members must be considered independent. Anyone in a material relationship with the University is not independent - a “material relationship” is a relationship that could, in the view of the board, be reasonably expected to interfere with the exercise of a member’s independent judgement” . See: https://assets.kpmg.com/content/dam/kpmg/ca/pdf/2021/11/kpmg-audit-Committee-guide-canadian-edition.pdf, p. 6
Membership | Status | Term Ends |
---|---|---|
D. Court | Ex Officio | |
P. Deane | Ex Officio (non-voting) | |
S. Rogers | Ex Officio | |
J. Gooden | Appointed | Jun-2025 |
T. Mattina | Appointed | Jun-2026 |
D. McCann | Appointed | Jun-2025 |
B. Pierre-Gilles | Appointed | Jun-2026 |
Chair: D. McCann
Vice-Chair: B. Pierre-Gilles