University governance Audit and Risk Committee

Terms of Reference


  • The Audit and Risk Committee reports to the University Court and oversees the arrangements for risk, internal control and governance, including the associated assurances related to these systems.
  • The committee is authorised by Court to obtain outside legal or other independent professional advice and to secure the attendance of non-members with relevant experience and expertise if it considers this necessary, normally in consultation with the Principal and/or convener of Court.
  • It is also authorised to investigate any activity within its terms of reference and to seek any information it requires from any employee, and all employees are directed to co-operate with any request made by the committee.

Main duties

The specific duties of the Audit and Risk Committee shall be to:

Internal Controls

  • keep under review the adequacy and effectiveness of the University’s corporate governance arrangements, and its financial and other internal controls systems,
  • consider the effectiveness of the University’s policy on whistleblowing and its arrangements for the prevention, detection or investigation of questions of fraud or other financial irregularities and be notified of any actions taken in line with such arrangements
  • to monitor and be satisfied that suitable arrangements are in place to promote economy, efficiency and effectiveness (value for money) in the management of the University’s resources
  • ensure the appropriate investigation of significant losses and that the relevant parties have been informed

Internal Audit

  • consider and advise the Court on the criteria for the selection and appointment of the Head of the Internal Audit Service or the appointment and terms of engagement of the internal audit service
  • review and endorse the Internal Audit Service’s draft assurance strategy and annual plans; consider major findings of internal audit reviews and management’s response and be satisfied that appropriate action is taken
  • monitor the implementation of agreed audit-based recommendations
  • consider if the resources made available to the Internal Audit Service are sufficient to meet the University’s needs and make recommendations to the Court, if appropriate
  • promote co-ordination between the internal and external auditors

External Audit

  • advise the Court on the appointment of the external auditors, the audit fee, and any questions of resignation or dismissal of the external auditors
  • discuss with the external auditors, before the annual audit begins, the nature and scope of the audit
  • review the annual financial statements, prior to submission to the Court, in the presence of the external auditors and alongside the auditors’ formal opinion, the Management Letter and the Statement of Corporate Governance and Internal Control, in accordance with the Scottish Funding Council’s accounts direction, financial memorandum and other relevant direction and guidance
  • discuss with the external auditors any issues and reservations arising from the annual audit, including a review of the management letter, incorporating management responses and any other matters the external auditors may wish to discuss (in the absence of management where necessary)
  • to review and approve policy on the engagement of the external auditors to supply non-audit services
  • monitor annually the performance and effectiveness of the external auditors, including any matters affecting their independence or objectivity, and make recommendations to the Court concerning their reappointment, where appropriate

Risk Management

  • to monitor and ensure the effectiveness of the University's approach to risk assessment and management through regular review of the Corporate Risk Register and reports from relevant University officers or committees
  • to review the prioritisation of risk management focus via the Corporate Risk Register, taking into account financial, reputational and commercial risks
  • to ensure that audit work is informed by risk management


  • consider the impacts of reports or guidance issued by relevant external bodies, including the Scottish Funding Council, and make recommendations to the Court, where appropriate
  • to receive, as appropriate, reports on the implementation of major projects within the University covering progress, risks and mitigations
  • to receive reports, as appropriate, where there is a potential reputational, commercial and/or financial risk to the University
  • Prepare and present to Court, and subsequently to the Scottish Funding Council, an annual report covering the University’s financial year and any significant events up to the date of preparation. The report should express opinions in relation to the committee’s review of the effectiveness of institutional arrangements for:
    • Risk management, control and governance (including the adequacy of the governance statement)
    • Economy, efficiency and effectiveness (value for money)


  • consider such other topics as may be remitted by the Court from time to time
  • review, on an annual basis and in consultation with Court, the committee’s own performance against accepted good practice


  • The Committee shall consist of no fewer than three lay members of the Court, of whom one shall be Convener. At least one member shall have recent relevant experience in finance, accounting or auditing. The Committee may co-opt up to three further individuals external to the University, who should not have significant interests in the University, for a period of time to be determined by the Committee. Neither the convener of Court nor the Treasurer of Court should be a member of the committee, although the Treasurer will attend once a year for the meeting at which the Annual Financial Statements are considered by ARC.
  • In the absence of the convener at any meeting of the Committee, the Committee shall appoint any of its members as Acting Convener for that meeting.
  • The Convener of ARC shall not concurrently be a member of the Remuneration Committee   

The meeting shall normally be attended by the following staff members of the University.

  • The Principal
  • Chief Financial Officer
  • University Compliance Officer
  • Head of Internal Audit
  • Senior Internal Auditor

Any other attending officer required for that meeting.


  • Meetings shall normally be held at least four times each financial year. The external auditors or head of internal audit may request a meeting if they consider it necessary.
  • The committee should meet with the external and internal auditors, without any officers present, at least once a year.
  • There shall be a quorum at any meeting of the Committee when not less than 3 members, at least 2 of whom are members of Court, are present. In the absence of a quorum no business shall be transacted other than the adjournment of the meeting.