Internal Audit

Yara's Internal Audit Department is accountable to the Board and provides an annual assessment of the adequacy of Yara's processes for controlling its activities and managing its risks. The department shares information on the status and results of the annual audit plan and the sufficiency of department resources when appropriate.

Internal Audit has unrestricted access to all functions, records, property and personnel and has complete access to the board.

External auditor

Yara's external auditor also follows an annual plan. The external auditor participates in the meetings of the Audit Committee and the board meeting, approving the annual accounts and meeting with the board at least once annually without Yara executive management being present. Yara's external auditor's remuneration is shown in note 33 to the Annual Report's consolidated financial statements.

Auditor information

Deloitte Statsautoriserte Revisorer AS
Karenslyst Allé 20
0213 Oslo
Norway
Phone +47 23 27 90 00
Fax: + 47 23 27 90 01
Contacts: Ingebret G. Hisdal
Kjetil Nevstad
www.deloitte.com

Internal Audit Charter

Scope

This Corporate Governance document is valid for Yara.

Definition of Internal Auditing

Internal auditing in Yara is an independent, objective assurance and consulting activity designed to add value and improve Yara’s operations. It helps Yara accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.

Independence and Accountability

The Chief Audit Executive (CAE) reports functionally to the Board of Directors and administratively to the Chief Financial Officer (CFO). The CAE has, independent of the reporting lines described above, the right and duty to inform the Board of Directors of fraud/corruption or other issues that in his/her opinion may inflict significant damage to Yara.

Internal Auditors shall have no direct operational responsibility or authority over any of the activities they review. Accordingly, they shall not develop nor install systems or procedures, prepare records, or engage in any other activity, that may be audited.

The CAE is accountable to:

• Provide assessment on the effectiveness and efficiency of the internal control, risk management and governance processes regarding the engagements in the audit plan  
• Report significant issues related to the processes for controlling the activities of Yara and its affiliates, including potential improvements to those processes, and provide information concerning such issues
• Provide information periodically on the status and results of the audit plan and the sufficiency of department resources

Authority

YIA is authorized to:

• Have unrestricted access to all functions, records, physical properties and personnel relevant to the performance of engagements
• Have full and free access to the Board of Directors and the Audit Committee of the Board of Directors
• Allocate resources, set frequencies for the audits, determine scope of work and apply the techniques required to accomplish the set audit objectives
• Obtain the necessary assistance of personnel in units of Yara where YIA performs audits as well as other specialized services from Yara as well as from external service providers
• Documents and information given to YIA during an audit engagement will be handled in the same prudent and confidential manner as by those employees normally accountable for them

Responsibility

The CAE is responsible for:

• Conducting independent risk assessments as a basis for the audit plan
• Developing and maintaining a risk-based audit plan and submitting the plan and any adjustments to the Yara Management and the Board of Directors for approval
• Coordinating the audit plan with the external auditors
• Carrying out the audit plan, as approved, including, as appropriate, any special assignments or projects requested by members of the Yara Management and/or the Board of Directors
• Maintaining a professional internal audit activity with sufficient competence, knowledge, skills and experience to meet the requirements of this Charter
• Managing the co-sourcing agreement and the selected external service providers regarding internal audit
• Issuing written reports following the completion of each audit engagement and to distribute as appropriate      
• Issuing periodic summary reports to the Yara Management, the Audit Committee and the Board of Directors covering the executed internal audit engagements
• Monitoring the audit findings and recommendations communicated to management

Audit Scope

The scope of Internal Audit encompasses the examination and evaluation of the adequacy and effectiveness of Yara’s governance, risk management process, system of internal control structure, and the quality of performance in carrying out assigned responsibilities to achieve Yara’s stated goals and objectives.

It could include:

• Reviewing the reliability and integrity of financial and operating information and the means used to identify, measure, classify, and report such information
• Reviewing and assessing the economy, efficiency and effectiveness with which resources are employed
• Reviewing the means of safeguarding assets and, as appropriate, verifying the existence of such assets
• Reviewing the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations, which could have a significant impact on operations and reports and whether the organization is in compliance
• Monitoring and evaluating the effectiveness of Yara's risk management system
• Reviewing operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned
• Reviewing specific operations at the request of members of the Yara Management and/or the Board of Directors, as appropriate

YIA adheres to the standards of best professional practice, such as those published by the Institute of Internal Auditors.

Audit Planning

The Chief Audit Executive submits annually an audit plan, together with a budget, to the Yara Management, the Audit Committee and the Board of Directors for approval. The audit plan is to be developed based on a prioritization of the audit universe using a risk-based methodology.

Significant deviations from the audit plan shall be communicated to Yara Management and/or the Audit Committee through periodic activity reports.

Periodic Assesment

The Chief Audit Executive should annually assess whether the purpose, authority, and responsibility, as defined in this charter, continue to be adequate to enable the internal auditing activity to accomplish its objectives. The result of this annual assessment should be communicated to Yara Management, the Audit Committee and the Board of Directors.

Ownership and review cycle

This Corporate Governance document is maintained by the Chief Audit Executive. 

Based on the annual assessment of the Chief Audit Executive, Yara Management, the Audit Committe and any subsequent changes adopted by the

Board of Directors, new versions will be released by the Board Secretary.

Definitions

Yara Yara International ASA and consolidated entities, their employees and others (e.g. contractors and consultants) that act under Yara's instructions.