Internal audit statement


Internal Audit Statement

Gold Fields Internal Audit (GFIA) is an independent, objective assurance and consulting service designed to add value and improve the Gold Fields business. GFIA evaluates the adequacy and effectiveness of controls in responding to risks within Gold Fields operations and information systems. The Board Audit Committee of Gold Fields has mandated GFIA to provide the necessary assurances on the major risks facing the company and has clearly spelt out GFIA’s responsibilities in the Internal Audit Charter. GFIA submits an annual report to the Board Audit Committee on the status of governance, risk management and internal control.

The Internal Audit activities performed during this period were identified through the risk based methodologies adopted by the Gold Fields Internal Audit function. Many of the areas of assurance were derived from the Gold Fields Enterprise-Wide Risk Management system. These activities generally appraise the value chain of the Gold Fields business and have been executed at a process, operational, business and entity level. Audit activities also aim to assess the robustness and efficiency of processes in place to support the achievement of strategic, operational, compliance, financial and sustainability business objectives.

Internal Audit assurance is provided through the application of the International Standards for the Professional Practice of Internal Auditing, as prescribed by the Institute of Internal Auditors and the Code of Ethics of the Institute of Internal Auditors (IIA). GFIA’s Quality Assurance programme has been assessed as ‘generally compliant’ with the IIA standards, this is the highest rating of the degree of conformity.

The annual assessment

GFIA submits an annual report to the Board Audit Committee on the status of governance, risk management and internal control. This report included the following statements:

In terms of the work performed by Internal Audit, it would appear that Gold Fields:

1. Achieves its business objectives,
2. Generates reliable financial and operational information,
3. Substantially complies with the laws and regulations that apply to it.
4. Operations are efficiently and effectively functioning, and
5. Adequately safeguards its assets.

Annually, Internal Audit reviews the Risk Management process within Gold Fields and comments on the compliance to the Corporate Governance code and the efficiency and effectiveness of this process. Internal Audit has satisfied itself that the Risk Management process followed at Gold Fields is complaint to good corporate governance and its process is efficient and effective.

Based on Internal Audit’s review of the Sarbanes Oxley controls, implemented at Gold Fields, and its corresponding test results, there is good indication that the financial controls are operating as management intended. The combined results of the Gold Fields Group have continuously achieved adequate results, which have been reported to the audit committee on a quarterly basis.

Further, based on the operational work performed no significant issues have been identified or brought to Internal Audits attention.

  • Therefore, it is Internal Audits opinion that Gold Fields
  • Complies to policies, procedures, laws and regulations,
  • Manages its operations efficiently and effectively, and
  • Safeguards its assets appropriately

To this end, the Internal Control environment and Risk Management process is adequate within the Gold Field business and provides reasonable, not absolute, assurance that the objectives of Gold Fields will be met.

Project M

The South African operations embarked on various cost and revenue optimisation initiatives under the ‘M project’ portfolio. The audit objectives set for assurance provision on these projects aimed to determine whether these activities complied with the respective Project Charters and whether these projects would accomplish their goals and objectives. No significant issues were raised, nor had any been brought to GFIA’s attention. Generally, the projects were found to be satisfactorily executed and managed. Further, it is envisaged that these initiatives will contribute to the Gold Fields objectives of ‘optimising our operations’, ‘growing Gold Fields’ and ‘securing our future responsibly’.

Employee verification

At the request of the Chief Executive Officer, we performed a verification of the number of employees on the respective Gold Fields RSA Payrolls, with the objective of identifying ‘ghost’ employees. The verification was based on full-time employees on the June 2010 payroll and contract staff were excluded from this review.

Approximately 46,902 employees on the June 2010 payroll had to be verified, of which Internal Audit physically verified 43,212 (92%) employees, whilst 3,690 or 8% of employees were verified through alternative processes such as:

  • Supporting documentation (including leave and termination records)
  • Human Resources and management representations
  • Other investigative techniques (including reviews of past records of clockings, personnel records etc.)

GFIA concluded that for ‘ghost’ employees to exist within Gold Fields, it would require significant collusion and management override by a number of employees and senior managers from different business units. GFIA believes the likelihood of this is low, due to the robust systems and controls currently in place. Therefore, we have satisfied ourselves, based on the information obtained as well as the work executed and the resources available to us that no ghost employees were identified during the employee verification project.

Shyam Jagwanth
Senior Manager: Internal Audit
Gold Fields
23 March 2011