In its review of the systems and controls framework in Paragraph HC-3.2.1, the audit committee must:
(a) Make effective use of the work of external and internal auditors. The audit committee must ensure the integrity of the
licensee's accounting and financial reporting systems through regular independent review (by internal and external audit). Audit findings must be used as an independent check on the information received from management about the licensee's operations and performance and the effectiveness of internal controls;
(b) Make use of self-assessments, stress tests, and/or independent judgements made by external advisors. The board should appoint supporting committees, and engage
senior management to assist the audit committee in the oversight of risk management; and
(c) Ensure that
senior management have put in place appropriate systems of control for the business of the licensee and the information needs of the board; in particular, there must be appropriate systems and functions for identifying as well as for monitoring risk, the financial position of the licensee, and compliance with applicable laws, regulations and best practice standards. The systems must produce information on a timely basis.