5.5. Internal audit
5.5.1. Requirement to maintain internal audit function
An Authorised Person must establish and maintain an internal audit function with responsibility for monitoring the appropriateness and effectiveness of its systems and controls.
5.5.2. Independence of internal audit function
An Authorised Person must ensure that its internal audit function is independent from operational and business functions.
5.5.3. Access to records and resources
An Authorised Person must ensure that its internal audit function has unrestricted access to all relevant records and recourse when needed to the Authorised Person's Governing Body or the relevant committee, established by its Governing Body for this purpose.
5.5.4. Documentation of organisation, responsibilities and procedures
An Authorised Person must document the organisation, responsibilities and procedures of the internal audit function.