C O R P O R AT E G O V E R N A N C E A N D I N T E R N A L C O N T R O L S TAT E M E N T
UNIVERSITY COMMITTEES Council met five times during the 2010/11 academic year and in addition was supported by three Council committees, whose decisions were formally reported to Council. These committees were the Audit Committee, Remuneration Committee, and Council Nominations Committee. They are formally constituted as committees of Council with written terms of reference and specified membership, which includes lay members. A lay member chaired the Audit, Remuneration and Council Nominations Committees. Concerning its strategic and developmental responsibilities, Council receives recommendations and advice from the Vice-Chancellor’s Executive Group and the Senior Management Group, including a recommendation on the annual revenue budget, and monitoring reports on performance against the approved budget. Two strategic groups, led by Council members, being the Risk Governance Committee and the Infrastructure Strategy Group, also supported the Council in much of its detailed work. From 2011/12 the Risk Governance Committee will stand down and risk-related objectives will be coordinated and delivered by the Vice-Chancellor’s Executive Group. The University’s business is governed through a mechanism known as dual assurance. This model involves two people – the first of these is a member of the Vice-Chancellor's Executive Group, who takes responsibility for the management and development of policy in a particular area of business. The second member of the dual assurance partnership is a lay member of Council, knowledgeable in the same area, who provides assurance to Council that this activity is well-managed and that decisions have been reached following due process and appropriate consultation. The University also has formal standing committees in the areas of Health and Safety, Ethics, Honorary Degrees, and also the Senate, its academic decision-making body. S TAT E M E N T O F I N T E R N A L C O N T R O L As the governing body of the University of Exeter, Council has responsibility for maintaining a sound system of internal control that supports the achievement of policies, aims and objectives, while safeguarding the public and other funds and assets for which it is responsible, in accordance with the responsibilities assigned to Council in the Charter and Statutes and the Financial Memorandum with HEFCE.
16
UNIVERSITY OF EXETER:
The system of internal control is designed to manage rather than eliminate the risk of failure to achieve policies, aims and objectives; it can therefore only provide reasonable and not absolute assurance of effectiveness. The system of internal control is based on an ongoing process designed to identify the principal risks to the achievement of policies, aims and objectives, to evaluate the nature and extent of those risks and to manage them efficiently, effectively and economically. This process has been in place for the year ended 31 July 2011 and up to the date of approval of the financial statements. Council has responsibility for reviewing the effectiveness of the system of internal control. It meets at regular intervals (at least four times a year) to consider the plans and strategic direction of the institution and receives periodic reports from the Chair of Audit Committee concerning internal control and the minutes of Audit Committee. The Audit Committee receives regular reports from the internal audit, which includes an independent opinion on the adequacy and effectiveness of the University’s system of internal control, together with recommendations for improvement. The University has established the Risk Management Committee (formerly the Performance and Risk Steering Group) to manage the development of risk management at Exeter and the Audit Committee oversees the work undertaken through the consideration of regular reports and an annual meeting with representatives of the Group. A regular programme of facilitated workshops is held across the University to identify and keep up to date the record of risks facing the organisation. The Risk Management Committee also reports regularly to Council, via managers, on the steps they are taking to manage risks in their areas of responsibility, including progress reports on key projects. The University continues to undertake a programme of risk awareness training and a robust risk prioritisation methodology based on risk ranking has been developed, together with the on-going maintenance of an organisationwide risk register.
F I N A N C I A L S TAT E M E N T S F O R T H E Y E A R E N D E D 3 1 J U LY 2 0 1 1