NCC Group plc Annual Report 2022

Audit Committee report continued

Internal controls and risk management continued Other controls continued Our internal control effectiveness is assessed through the performance of regular checks, which in the year ended 31 May 2022 included: • Assessment of the identification and management of risks connected to the Group’s strategy and management of strategic change • Reviewing and testing the Group’s financial reporting processes • Performing compliance monitoring activities • Assessment of the Group’s processes for identifying and mitigating potential conflicts of interest • Monitoring the completion of the Group’s mandatory colleague training Following these regular checks, it was deemed that the controls were effective and the internal control systems are designed to meet the particular needs of the Group and the risks to which it is exposed. Whistleblowing and confidential reporting procedures The Group operates a confidential reporting and whistleblowing procedure (known as our “Whistleblowing Policy”). The policy aims to support the stewardship of the Group’s assets and the integrity of the Financial Statements as well as protecting colleague welfare. The procedure is reviewed annually by the Committee to ensure that it remains fit for purpose. The Group has appointed an independent third party reporting agent to be the first point of contact for those who do not wish to use normal internal line management channels for reporting their concerns. This is advertised internally via colleague noticeboards and our intranet. Colleagues are asked to undertake mandatory training on a regular basis. During the year, colleagues were reminded of the Code of Ethics Policy and the Whistleblowing Helpline. The Committee reviews any whistleblowing or confidential reporting of concerns raised during the year with respect to their nature, scale and any associated or consequential risks. Review of the Audit Committee’s effectiveness The Committee has reviewed and considered the effectiveness of its performance during the year. The review included the views of members of the Committee and of regular attendees at the various meetings (including the Executive Directors). I am satisfied that the degree of rigour and challenge applied in performing the Committee’s responsibilities is appropriate and effective and continues to improve. Please see pages 90 and 91 for further details of the Committee evaluation process. Auditor’s independence and objectivity The Committee received a formal statement of independence from the external auditor. The Company also operates a rigorous policy designed to ensure that the auditor’s independence is not compromised by it undertaking inappropriate non-audit work. The Audit Committee’s approval is therefore required for any fees for any non-audit work undertaken by the auditor. However, the Company recognises that it can receive particular benefit from certain non-audit services provided by the external auditor due to its technical skill and detailed understanding of the Company’s business.

During this financial year non-audit fees of £80,000 (2021: £75,000) were paid to the external auditor for the half-year review. All significant pieces of non-audit work are put to informal tender to suitable parties that, if appropriate, can include the external auditor. Upon review as to suitability and price, the work will then be placed with the service provider recommended. If this is the external auditor, then Audit Committee approval is required. The external auditor was not engaged during the year to provide any services which may have given rise to a conflict of interest. The Committee is satisfied that the overall levels of audit and non-audit fees (i.e. the half-year review fee) are not material relative to the income of the external auditor as a whole and therefore that the objectivity and independence of the external auditor were not compromised. During the year, our external auditor received ad hoc cyber resilience services in the ordinary course of business. The Committee is satisfied that this work is immaterial to both the external auditor and the Company and therefore the objectivity and independence of the external auditor are not compromised. External auditor’s effectiveness and appointment The Committee reviews and makes recommendations regarding the reappointment of the external auditor following a formal review of the auditor’s performance following completion of the prior year Financial Statements’ audit. In making these recommendations the Committee considers: • The experience, industry knowledge and expertise of the auditor • The scope and planning of the audit and any variations from the plan • The quality of the processes adopted • The auditor’s explanations of significant risks to audit quality by reference to the Company’s specific circumstances and changes to the risks • The fees charged • Its attitude to and handling of key audit judgements • Its ability to challenge and communicate effectively with management • The quality of the final report • The FRC’s Audit Quality Review report relating to KPMG During the financial year, I attended regular meetings with KPMG’s engagement partner without management being present. This provided the opportunity for open dialogue. The engagement partner demonstrated her understanding of the Group’s business risks and the consequential impact on the Financial Statements. Feedback on the conduct of the audit from the engagement partner’s perspective is used to determine if any challenges in the prior year audit would be sufficiently addressed in the next audit cycle. The Group’s current auditor, KPMG LLP, has been in place since 1 November 2013 with a competitive audit tender process having last been undertaken in November 2011 for the year ended 31 May 2014. It is the intention of the Committee to carry out a competitive audit tender process during the forthcoming year in advance of the next audit cycle (year ending May 2024).

98

NCC Group plc — Annual report and accounts for the year ended 31 May 2022

Made with FlippingBook Online newsletter maker