CMS Case Study

C loyd Bank & Trust Policy Manual

Subject:

Audit Policy

Date: 2.21.19

Section:

Management

Reviewed: 5.27.21

I. PURPOSE

The primary responsibility of the internal audit is to examine periodically the records of every bank function to ensure that (1) generally accepted accounting practices are being followed, (2) internal controls and safeguards are adequate, effective and efficient, (3) regulatory and legal requirements are being followed, and (4) to provide management with an independent evaluation of ongoing operations.

Key components of fulfilling this charge include:

• Facilitating and maintaining an open avenue of communication among the Board of Directors, Audit/Compliance/Identity Theft Committee (ACIT), Senior Management, the independent external accountants, the 3 rd party internal auditors, and the Internal Audit Officer.

• Serving as an independent and objective party to help monitor the corporation’s financial reporting process and internal control system.

• Reviewing and appraising the efforts of the Internal and External Auditors, or independent accountants.

• Providing direction to and oversight of the Internal Audit function.

An effective audit program consists of periodic examinations of all functions of the Bank. This policy consists of guidelines that reflect the Bank’s functions, operations and accounting methods, and takes into consideration the structure, lines of authority and responsibility, and the internal controls in effect. This audit policy also takes into account the objectives and parameters of the subject, including the size of the function or unit being examined and the controls that exist or need to be established in order for an audit to take place.

Other factors considered in planning audits are:

1. Risk factors;

2. Length of time between reviews;

3. Effectiveness of management;

Reviewed by Board of Directors on 5.27.21