Internal audit

The main purpose of the internal audit is to assist the Board of Directors and executive bodies with enhancing the efficiency of the Company’s management and improving its financial and economic activities.

The goals, objectives, powers, and place of the internal audit in the Company’s organizational structure are defined in the Internal Audit Policy that was approved by the Board of Directors on August 21, 2015Minutes No. 152 dated August 24, 2015.. Internal audit functions at the Group are performed by the PJSC Inter RAO Internal Audit Unit and the internal audit divisions of the following subsidiaries: LLC Inter RAO – Power Generation Management and JSC Mosenergosbyt.

Internal audit activities are carried out in accordance with the work plan approved by the Board of Directors. The work plan for 2019 was completed in full and on time. The priority areas of internal audit activities are determined in accordance with the Company’s objectives taking into account the results of risk assessment. The audit plan covers all major segments of the Group’s business: Supply, Generation, Trading, and Engineering. Upon completion of the audit, recommendations were prepared to eliminate any shortcomings that were identified based on which management comes up with corrective action plans. The internal audit units control the execution of the plans through monitoring.

Results of 2019

Digitalization of internal audit

In September 2019, the Audit and Sustainable Development Committee of the Board of Directors gave instructions to develop a plan for the use of data analysis tools to perform internal audit tasks, including market research on specialized software, and to also train employees on using IT-methods to conduct audits.

As part of the activities performed by the Internal Audit Unit to provide guarantees in 2019, 107 audits were conducted (including 78 revision audits) as well as four evaluations of the effectiveness of systems and 28 monitoring surveys of the implementation of corrective action plans. The internal audit consulting activities included 11 consultations at the request of management.

Independent assessment of internal audit

In 2019, JSC Deloitte & Touche CIS conducted an independent external assessment of PJSC Inter RAO’s internal audit function for the first time.

The independent experts concluded that the Company’s internal audit activities fully comply with the International Standards for the Professional Practice of Internal Auditing and the Code of Ethics of the Institute of Internal Auditors (IIA). This assessment encompasses the Company’s organizational structure, policies and procedures as well as the processes in which they are applied.

Key findings from the assessment:

  • The Internal Audit Unit’s activities are built on the principles of independence and objectivity and received high praise from the Company’s management
  • The audit plan includes various types of audits (an evaluation of corporate governance and the Risk Management and Internal Control Framework, and an audit of subsidiaries) that take into account the existing risk assessment procedure employed by the Company and current business requirements
  • The head of the Internal Audit Unit regularly holds meetings with management, takes part in meetings of the committees, and regularly presents reports at meetings of the Audit and Sustainable Development Committee
  • Employees have the necessary qualifications to perform their work at the proper professional level, have a deep understanding of the specifics of the Company’s business and processes, and are guided by the Standards in their activities
  • The Internal Audit Unit’s activities are continuously being improved, for example, a project was implemented in 2017-2018 to automate the internal audit function
  • Stakeholders underscored the high level of professionalism and quality of audits

Plans to improve internal audit

Based on the recommendations that were given during the independent external assessment, an action plan was developed to improve activities. The plan aims to bolster auditors’ expertise in risks and control procedures related to information technologies and introduce an integrated approach to utilizing data analysis tools to perform internal audit tasks.

As part of the Program to Ensure and Improve the Quality of Internal Audits, work plans for the development of internal audit functions are prepared each year based on the results of internal audits. The development plan for the internal audit function for 2020 was approved by the Board of Directors on November 29, 2019. The plan includes measures to utilize data analysis tools to perform internal audit tasks, including studying the market of specialized software, update the standard program for verifying the ‘Information Technology Management and Information Security’ process as well as train employees on IT methods that can be used to conduct audits.