Internal Audit

A strong internal control system, including an independent and effective Internal Audit Function, is part of sound corporate governance. The mission of the Internal Audit Function at Bank One is to provide vital assurance to the Board Audit Committee (and ultimately the Board) and senior management on the quality of the bank’s internal control system, risk management and governance processes.

The Internal Audit Function of Bank One functionally reports to the Board Audit Committee on a quarterly basis. Individual working sessions are also conducted with the Board Audit Committee without the presence of management. A Management Audit Committee is also set up to ensure that adequate management involvement is obtained within internal audits and effective control is maintained by top management for the implementation of recommendations by the Bank One management team.

The Internal Audit Function consists of a Head of Internal Audit and a team of 5 staff. The department consists of 2 units namely the Risk Based Audit (RBA) unit and the Information Technology (IT) unit.

RBA unit

A risk based strategic approach is adopted for the development of the annual internal audit plan. This approach involves a focus on understanding the work of each department and identifying risks associated with all processes and procedures. The internal audit plan is then developed based on a prioritization approach based on the inherent and residual risk rating associated with each process (or department as a whole). The plan also includes input from senior management and the Board Audit Committee. Internal audit assignments is conducted in accordance to the procedures set out in the Internal Audit Procedures Manual and in compliance with the Standards for the Professional Practice of Internal Auditing as prescribed by the Institute of Internal Auditors.

IT unit

The IT audit function has the task of helping the bank undergo business transformation while managing potential IT risks that could cripple the bank. To achieve this objective, the IT audit operates to help identify, mitigate and monitor IT risks. IT auditing evaluates the controls around the information with respect to Confidentiality, Integrity, and Availability. The framework in use is COBIT (Control Objectives for Information and related Technology) which is a worldwide accepted framework for IT auditing developed by the ISACA (Information Systems Audit and Control Association).

Date joined: July 2015

Qualifications: Bachelor (Honors) Accounting with Business Operations Management from the London Metropolitan University; Certificate in Bookkeeping from the London Chamber of Commerce and Industry; ACCA qualified.

Yusra is a member of the ACCA (Association of Chartered and Certified Accountants) and of the IIA (Institute of Internal Auditors). She is also a recognized Professional Accountant of the MIPA (Mauritius

Institute of Professional Accountants) and has extensive experience in Risk Assurance with specialization in Internal Audit and Risk Management.

Prior to joining Bank One, Yusra was a Risk Assurance Manager within a Big 4 audit firm in Mauritius. She was responsible for internal audits and risk management implementation for a portfolio of clients in various industries including several banks. Her assignments were conducted in Mauritius as well as abroad (Madagascar, Comoros Island, Reunion Island, Seychelles, DRC, and Congo Brazzaville among others).