Audit and Risk Committee

The PSI’s Audit and Risk Committee acts independently to ensure that the PSI complies with all aspects of the law, relevant regulations and good governance. 

The Audit and Risk Committee examines the nature, extent and effectiveness of the PSI’s internal control systems. These include accounting, risk management as outlined in the PSI’s Risk Management Framework, as well as overseeing the work of the PSI’s internal and external auditors. 

The Committee meets at least four times a year and the Terms of Reference outline its remit. 

The Audit and Risk Committee is scheduled to meet on the following dates in 2026: 

  • Friday, 13 March
  • Friday, 5 June
  • Thursday, 11 September
  • Wednesday, 18 November
Advisory Committee agendas and minutes
Reports to PSI Council

The Pharmaceutical Society of Ireland (PSI) Council has established an Audit and Risk Committee as an advisory Committee of the Council to maintain oversight, and ensure the integrity, of the PSI’s governance, internal audit, external audit, and financial controls and assess such risks as the PSI may be exposed to, and the measures taken to mitigate those risks. The Committee will report to Council. As set out in the Code of Practice for the Governance of State Bodies, the Committee acts independently to ensure that the interests of PSI stakeholders are protected in relation to the PSI’s business and financial reporting, and internal controls. 

Membership 

The members of the Audit and Risk Committee are appointed by Council, following recommendation by the Special Purposes Committee. 

The Committee will collectively possess a diverse range of skill, and expertise, relating to the remit and operational functions of the PSI, and such risks as may arise in these areas. 

The Committee is composed of a maximum of seven members which includes: 

  • One person who is a Council member, who will Chair the Committee.
  • One person who is qualified in and practising accounting or auditing.
  • One person who is a registered pharmacist.
  • Members who have experience in risk management relevant to the PSI’s remit, or its core operational functions, or the governance of public bodies and public sector reform initiatives.   

Audit and Risk Committee members that are also Council members will sit on the Committee for up to two years and will be eligible for reappointment. The external members, appointed by Council will sit on the Committee for up to three years and will be eligible for reappointment for a further term of up to three years. No member will ordinarily serve more than two consecutive terms. The Chairperson will be nominated by the President, after consultation with the Special Purposes Committee, and approved by the Council. 

The Executive Leadership Team lead for the Audit and Risk Committee is the Head of Governance and Programme Delivery. The Audit and Risk Committee will be provided with a secretariat function through the Governance and Programme Delivery Business Area. 

Reporting

  • The Audit and Risk Committee will report to Council by means of a written report, presented by the Chair of the Committee, at the first public meeting of Council following each Audit and Risk Committee meeting.
  • Each year the Audit and Risk Committee will provide the Council with a copy of its annual report, prior to its publication in the PSI’s Annual Report and financial statements, summarising its findings for the year in question. 

Responsibilities

The Audit and Risk Committee will advise the Council on: 

  • the PSI’s policies and procedures for the management of risk, internal control and governance;
  • the assurance it has received that the correct procedures are being applied across the organisation with regard to the PSI’s internal control, and its procurement function;
  • its quarterly financial accounts, the PSI’s annual financial statement as published in the PSI’s Annual Report, including issues of concern, levels of error or omissions, and the Executive Leadership Team’s letter of representation to the external auditors;
  • the schedule and results of both the PSI’s internal and external audits;
  • the adequacy of management response to issues identified in audits, including the external audit’s management letter of representation;
  • assurances relating to the management of risk, and corporate governance, in the PSI;
  • proposals for tendering for either internal or external audit services or for purchase of non-audit services from contractors who provide audit services;
  • anti-fraud policies and procedures, protected disclosure processes, and arrangements for special investigations; and
  • the Audit and Risk Committee will review its own effectiveness each year and report the results of that review to the Council.

Duties

In order to meet its responsibilities, the PSI’s Audit and Risk Committee may investigate any matter which falls within the scope of the following headings. It will be granted access to any information it requires in order to do this and may seek external professional advice if it deems necessary.   

Risk Management 

  • Report to Council on the effectiveness of the PSI risk management framework.
  • Review the efficacy of the PSI’s policy and processes for the identification, assessment, and control or mitigation of risk.

Internal Control 

  • Consider the efficacy of the internal control system in providing early warning of control failures, and/or notice of emerging risk.
  • Obtain and review internal audit reports, significant findings and recommendations, together with the Executive Leadership Team’s responses.
  • Initiate special projects or investigations it deems necessary.
  • Monitor the Executive Leadership Team’s implementation of audit recommendations. 

Corporate Governance

  • Report to Council on assurances relating to the PSI’s compliance with its corporate governance obligations as outlined in the Code of Practice for the Governance of State Bodies.
  • Report to Council on the PSI’s levels of compliance, with regard to the law as it relates to public bodies including, but not limited to, the following areas: Health & Safety; Data Protection; Freedom of Information; Standards in Public Office; Equality; Disability; Discrimination; the Official Languages; and Protected Disclosures. 

Financial Statements 

  • Review with management and the External Auditors, the results of each audit.
  • Review the draft Annual Financial Statements, prior to submission to Council, and consider whether they are complete, consistent with information known to the Committee, reflect appropriate accounting standards and principles, and present accurately the PSI’s financial position.
  • Consider whether issues raised by the External Auditor have been comprehensively and appropriately dealt with by the Executive Leadership Team. 

Internal Audit 

  • Review with the management and the Internal Auditor the Internal Audit Charter and audit plan.
  • Approve the annual audit plan, ensuring it includes value for money audits, and complies with the PSI’s procurement policy, which requires an internal audit be carried out on procurement of all purchases, with an anticipated spend above €100,000.
  • Consider regular progress reports on the audit plan assignments. Ensure that there are no restrictions or limitations placed on the work of internal auditors.
  • Assess the adequacy of the internal audit function. 

External Audit 

  • Review the Internal Audit working relationship with the External Auditor, to ensure cooperation, avoidance of duplication, and gaps in audit coverage.
  • Review the external audit letter to the Council and its letter of representation, and the PSI’s response to management letters and external audit report.
  • Review any other external audit reports, as required.
  • Meet with the External Auditors annually to ensure that there are no unresolved issues of concern, and make the External Auditor aware of any emerging risks, or governance issues. 

Financial control 

  • Ensure its financial controls, enable the PSI to achieve its objectives on a value for money basis. 

Tendering proposals 

  • Advise on proposals for tendering for either internal or external audit services, or for purchase of non-audit services from contractors who provide audit services. 

Investment appraisal 

  • The Committee should consider whether the procedures for investment appraisal are fit for purpose and comply with best practice including the principles and relevant requirements of the Public Spending Code

 Anti-fraud, protected disclosures and special investigations

  • Ensure the effectiveness and adequacy of the PSI’s anti-fraud, anti-corruption and protected disclosure policies, arrangements for special investigations, and staff awareness of them. 

Performance review 

  • Review the Committee’s own effectiveness through an annual performance review and report the results of that review to the Council. 

Terms of Reference 

  • Review and assess the adequacy of the terms of reference on an annual basis and request approval by Council in relation to amendments. 

The Audit and Risk Committee shall perform any other duties as it deems necessary to fulfil its role.

Rights

The Audit and Risk Committee may: 

  • access the Registrar and President of the Council;
  • conduct or authorise investigations into matters within its scope of responsibility;
  • co-opt additional members to provide specialist skills, knowledge and experience;
  • procure specialist ad-hoc advice at the reasonable expense of the PSI, subject to budgets agreed by the Council;
  • receive copies of the PSI’s Annual Service Plans and Annual Reports on a timely basis; and 

Access

The Audit and Risk Committee facilitates communication between the Internal Auditors, the External Auditors and the Council. The Internal Auditor and the representative of external audit will have confidential access to the Chairperson of the Audit and Risk Committee. 

Meetings 

  • The Audit and Risk Committee will meet at least four times a year.
  • The Chairperson of the Audit and Risk Committee may convene additional meetings, as they deem necessary.
  • The quorum for a meeting of the Audit and Risk Committee shall be 50 % of the number of members of the Committee plus one or, where the number of members is uneven, 50% of the number of members of the Committee rounded up to the nearest whole number.  A Council member should be present for a meeting to be considered quorate and should chair the meeting, if the appointed chair is not present;
  • The business of the Audit and Risk Committee will require the Registrar, relevant heads of PSI Departments, Internal Auditor and the External Auditor to attend for specific meetings or agenda items, at the Committee’s request;
  • The Committee may also ask other staff members to assist it with its discussions on any particular matter.
  • The Committee may ask any or all of those who normally attend, but who are not Committee members, to withdraw from the meeting in order to facilitate open and frank discussion on a particular matter.
  • The Council may ask the Audit and Risk Committee to convene further meetings to discuss particular issues on which they seek the Committee’s advice.
  • To support accurate record-keeping and the preparation of meeting minutes, PSI staff will deploy transcription software or other appropriate tool(s) to generate a transcript of all Audit & Risk Committee meetings, whether held in person, hybrid, or fully online via Microsoft Teams. Committee members will be informed at the start of each meeting that transcription software is enabled. The output/recording will be treated as a confidential record and managed and securely deleted in accordance with PSI’s data protection, governance and retention policies. The use of transcription software or recording technologies during a closed session of the Committee is strictly prohibited.

Information Requirements 

For each meeting, the Audit and Risk Committee will be provided with the following one week ahead of the meeting: 

  • A copy of the Corporate Risk Register;
  • A copy of one PSI Business Area Risk Register.
  • Reports from the Internal Auditor as per the agreed internal audit plan;
  • A report on progress made against internal audit recommendations, which provides information on work performed, key issues emerging, management response to the recommendations, changes to the agreed internal audit plan, and resourcing issues affecting the delivery of objectives of internal audit;
  • Any progress reports, (written or verbal), from the external audit representative summarising work done and emerging findings;
  • Management assurance reports; and
  • Reports on the management of any major incidents, near misses, and lessons learned, and acted upon. 

 When required, the Committee will also be provided with: 

  • proposals for the terms of reference of internal audit / the internal audit charter;
  • the internal audit strategy;
  • the Internal Auditor’s annual opinion and report;
  • quality assurance reports from the Internal Auditor;
  • the draft financial statements of the PSI;
  • the PSI’s draft governance statement;
  • a report on any changes to accounting policies;
  • external audit’s management letter;
  • a report on any proposals to tender for audit functions, where appropriate;
  • a report on co-operation between internal and external audit; and
  • the PSI’s risk management policy.

 

Version 1.7, 2 October 2025

Current Membership of the Audit & Risk Committee:
Geraldine Campbell, PSI Council member
Chair: Ms. Geraldine Campbell
Learn more
Image of Dr. Cyril Sullivan
Dr. Cyril Sullivan
Learn more
Leon O'Hagan
Mr. Leon O'Hagan
Learn more
Dr Paula Barry Walsh, PSI Council member
Dr. Paula Barry Walsh
Learn more
Council Headshot outline
Mr. Peter Dewhurst, Chartered Accountant
Learn more
Council Headshot outline
Ms. Ciara Lynch, Chartered Accountant
Learn more