Skip to main content

Audit and Risk Assurance Committee terms of reference

The terms of reference for the Audit and Risk Assurance Committee (ARAC), including its primary responsibilities and procedural rules.

Terms Of Reference

Terms of reference

To building a strong, effective but independent working relationship with the External Auditors:

1) To advise the Council on the appointment of the External Auditors, the audit fee and any questions of resignation or dismissal of the External Auditors.

2) To discuss with the External Auditors problems and reservations arising from the interim and final audits, including a review of the management letter incorporating management responses, and any other matters the External Auditors may wish to discuss.

3) To monitor annually the performance and effectiveness of the External Auditors, including any matters affecting their objectivity, and to make recommendations to Council concerning their reappointment, where appropriate.

4) To agree or note the agreement of the Chair of any non-audit services by the External Auditor.

To provide effective oversight of the arrangements for the Internal Audit Service:

5) To recommend to Council the appointment of the Head of Internal Audit and to advise Council of any concerns about the resignation or dismissal of the Head of Internal Audit.

6) To ensure that the resources made available for the Internal Audit Service are sufficient to meet the institution's needs or to make a recommendation to Council.

7) To review annually the Internal Audit Service to ensure that it is performing efficiently, effectively and economically.

8) To review and approve the Internal Auditors’ audit risk assessment, strategy and programme; to consider major findings of internal audit investigations; and to promote co-ordination between the Internal and External Auditors.

9) To monitor the effectiveness and timeliness of management's response to recommendations made by the Internal Audit Service.

10) To approve the Internal Auditors' annual report for submission to the Office for Students.

11) To monitor the implementation of agreed audit-based recommendations, from whatever source.

To review the audit aspects of the Financial Statements:

12) To consider, in the presence of the External Auditors, the final version of the audited financial statements after they have been submitted to Finance Committee, reviewing the auditors’ formal opinion, the corporate governance statement, the statement of members’ responsibilities, and the statement of internal control in accordance with the Office for Students’ Accounts Directions. The Committee will consider the annual report to ensure the accuracy and completeness of published data; appropriate contextual information; and the clarity of presentation. The Committee will recommend the financial statements to Council for approval.

13) To consider any changes to accounting policies.

14) To review the External Auditors' letter of representation.

To monitor the effectiveness of Internal Controls:

15) To gain assurance on the effectiveness of financial management and other operational control frameworks.

16) To oversee the institution’s policy on fraud and irregularity, including being notified of any action taken under that policy.

17) To ensure that all significant losses have been properly investigated and that the Internal and External Auditors, and where appropriate the Office for Students’ Accounting Officer, have been informed.

18) To be informed of Reportable Events communicated to the Office for Students and of any reports of serious incidents.

19) To provide assurance to Council that an appropriate culture of ethical awareness is maintained within the University and that there are appropriate mechanisms in place for bringing ethical issues to the fore.

20) To recommend to Council the Public Interest Disclosure (Whistleblowing) Policy and Procedure and to receive reports of disclosures made or an annual statement of confirmation that no such cases have arisen.

21) In the event of the merger or dissolution of the institution, to ensure that the necessary actions are completed, including arranging for a final set of financial statements to be completed and signed.

To review the effectiveness of the risk management and governance arrangements:

22) To consider and recommend to Council the risk management strategy: policy and appetite and the strategic Risk Register.

23) To provide operational oversight of the risk management strategy and keep under review the effectiveness of the risk management (including academic risk), control and governance arrangements and the culture promoted within the institution.

24) To review the management and quality assurance of data submitted to HESA (Higher Education Statistics Agency), the Student Loans Company, the Office for Students, Funding Councils, Research England and other bodies.

To monitor the effectiveness of arrangements for Value for Money:

25) To consider the adequacy and effectiveness of the arrangements for economy, effectiveness and efficiency across the University's operations.

To prepare for Council each year an annual report:

26) To recommend to Council, for submission to the Office for Students, an annual report covering the institution's financial year and any significant issues up to the date of preparing the report. It will give the Committee's opinion on the adequacy and effectiveness of the institution's arrangements for the following:

  • Risk management, control and governance (the risk management element includes the accuracy of the statement of internal control included with the annual statement of accounts;
  • Sustainability, economy, efficiency and effectiveness (value for money). This opinion should be based on the information presented to the Committee throughout the year; and
  • Management and quality assurance of data submitted to HESA (Higher Education Statistics Agency), the Student Loans Company, Office for Students, Funding Councils, Research England and other bodies.

27) The Audit and Risk Assurance Committee (ARAC) Annual Report should normally be submitted to Council before the members' responsibility statement in the annual financial statement is signed.


Total membership A maximum of six voting members, appointed by Council, of whom four must be lay members of Council and two must be external appointees.
Term A member may serve for no more than a total of nine (9) years save in exceptional cases.
Chair Lay member of Council, appointed by Council
Skills At least one of the members of ARAC will have recent and relevant experience in accounting or auditing.
Ineligibility Chair of Council, Chair and members of Finance Committee.
Secretary Secretary to Council, or member of their team

Procedural rules

Procedure In the absence of any specific rules, the procedure is as set out in the Standing Orders of Council
Quorum Two, including at least one lay member
Meeting frequency At least five ordinary meetings per year, the dates for which are published before the start of the academic year. The External Auditors or Head of Internal Audit may request a Special meeting to consider any urgent or unforeseen business on the deadlines laid out in Standing Order 3.2. At least once a year ARAC will meet with the external and internal auditors without any Officers present.
Minutes Submitted to Council and published on website according to Council policy. A copy of the minutes is provided to Finance Committee for information.

Access to information

ARAC is authorised to seek any information it requires to undertake its duties from any employee, and all employees are directed to co-operate with any request made by the Committee.

Independent advice

ARAC is authorised by Council to obtain outside legal or other independent professional advice and to secure the attendance of non-members with relevant experience and expertise if it considers this necessary, normally in consultation with the Vice-Chancellor and President and/or Chair of Council. All direct expenditure in this respect is subject to the limits set out in the University Scheme of Delegation.

Version information

Owner: Audit and Risk Assurance Committee
Version number:
Approval Date: 14 October 2021
Approved by: Council
Date of last review:


If you have any questions, please contact us.

On this page