The mandate of the Department of Internal Audit is to determine whether the systems of financial and risk management, internal control and governance processes, as designed and represented by Management, are adequate and functioning in the following manner:
- Risks are appropriately identified and managed;
- Business objectives are achieved in an efficient and effective manner;
- Reliable financial and operating information is provided to Management and staff for decision making and accountability;
- Legislative, regulatory or contractual requirements are recognised and met; and
- Resources are adequately protected, used economically and effectively applied against stated priorities.
The objective of the Department is to be a strategic partner and work co-operatively with Management and staff to improve the economy, efficiency, and effectiveness of operations. It assists the Central Bank of Lesotho in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the Bank's risk management, control, and governance processes.
The Department consist of two (2) Divisions namely; Operational, Financial and Compliance, and Information and Technology Audits.
The functions of the above-mentioned Divisions include the following:
- To evaluate the reliability and integrity of information and the means used to identify measure, classify, and report such information;
- To evaluate the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact on the Bank;
- To evaluate the means of safeguarding assets and, as appropriate, verifying the existence of such assets;
- Evaluate the effectiveness and efficiency with which resources are employed;
- To evaluate the operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned;
- To monitor and evaluate governance processes;
- To monitor and evaluate the effectiveness of the Bank's risk management processes;
- To perform consulting and advisory services related to governance, risk management and control as appropriate for the Bank;
- To report periodically on the Internal Audit Department’s purpose, authority, responsibility, and performance relative to its plan;
- To report significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by the Board; and
- To evaluate specific operations at the request of the Board or Management, as appropriate.