Service Units
Internal Audit

Ms Kgomotso Hochobeb  - Head: Internal Audit

The Internal Audit Department provides independent and objective assurance to the Board and Management about the appropriateness and adequacy of internal controls in the company. 

A key competency area of the Internal Audit Department is the coordination of corporate and company-wide risks. The department functions on the basis of a systematic and disciplined approach to evaluating and improving the effectiveness of risk management, internal controls and company-wide governance procedures. Risk based audits are carried out as part of the Board Audit Committee approved Annual Plan with reports detailing control weaknesses and risk areas – with the respective audit recommendations to remedy such weaknesses. 

The Internal Audit Department also conducts “inspections”, which are surprise audits conducted at the post offices. These inspections are conducted randomly and without prior knowledge of the post office in question. 

The Board Audit Committee meets quarterly and is well informed of audits conducted and other activities of the department. 

The Internal Audit Department consists of two divisions: 

Internal Audit – Responsible for performing risk-based audits according to the approved Annual Plan; ad hoc assignments requested by Management; assisting in the risk management process of the company; performing forensic investigations. 

The Inspectorate – Responsible for auditing the post offices; ad hoc assignments requested by Management; assist in the risk management process of the company; performing forensic investigations.

Risk Management

As per Board approved Risk Management Framework, the Internal Audit Department has the role of coordinating and facilitating the Risk Management Process of the Company. 

Annually, the Board and Management meet and review the risks inherent in the company. An annual Risk Assessment Workshop is facilitated by the Internal Audit Department where all company risks are extensively debated per department, assessed, rated and classified in order to ensure that the Company is aware of the risks it faces in the pursuit of its business objectives. The workshop also ensures that these risks are in line with its Risk Appetite as prescribed by the Risk Framework. 

Reporting Structure

The Head of the Internal Audit Department has unrestricted access to the Chairman of the Board, Board Audit Committee and the Chief Executive Officer. The Board Audit Committee approves the Annual Work Plan of the Internal Audit Department on an annual basis.

Whistle-Blowing Process

An anonymous whistle-blowing telephone line was launched during 2011. This gives staff and the public the opportunity to report any fraud or corruption observed in the Company without fear of victimisation. 

Ways to report


Free call from landline:  0800 333 555 (Not available for mobile phone)

Free fax:                              0800 00 77 88



Website:                              Click here to submit tipoff now


Terms of Reference

The Internal Audit department is an appraisal function established within the organisation to provide independent, objective assurance and consulting services designed to add value and improve the organisation’s operations. It helps the organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. 

The Audit Committee defines the Internal Audit Department Terms of Reference, including the authority and responsibilities of the department. 


The scope of the work of the Internal Audit Department is to appraise the adequacy and effectiveness of the organisation’s systems for risk management, controls and governance processes, as designed and implemented by management to: 

  • Ensure organisational objectives are achieved;
  • Ensure risks are appropriately identified and managed;
  • Evaluate the relevance, reliability and integrity of management information and financial information;
  • Appraise the efficient and economic utilisation of resources;
  • Review the means of safeguarding assets;
  • Ensure NamPost employees’ actions are in compliance with established policies, procedures and applicable laws and regulations;
  • Advise on appropriate systems of control and other accounting and operational matters in a consulting capacity;
  • Recommend improvements in procedures and controls to prevent inefficiencies and fraud;
  • Draw attention to any failure to take effective remedial action; and
  • Carry out any ad hoc appraisals, inspections or reviews requested by the Audit Committee or senior management. 

Opportunities for improving management control, profitability, and the organisation’s image may be identified during audits. They will be communicated to the appropriate level of management. 

Organisational Reporting

The audit team should be seen as colleagues who aid the executives and senior management in controlling their business units. 

The internal audit team shall have a standing in the company that commands the necessary support. It is the Board of Directors and the Audit Committee that ensure the internal audit team has the necessary standing. 

Internal Audit should report to a level within the company that allows it to accomplish its responsibilities. The department is functionally responsible to the Chairperson of the Audit Committee and administratively will report to the Chief Executive Officer. The Head: Internal Audit shall have no executive or managerial powers and duties in the company, except those relating to the management of the Internal Audit department. 

The department shall have an independent status within the company and will not be involved in the day-to-day checking of internal control systems of the company. Also, the department shall not be responsible or involved in the implementation of internal control systems, but must be consulted on the adequacy of controls when they are first implemented. 


The Head: Internal Audit has unrestricted access to the chairperson of the Audit Committee and the Chief Executive Officer. 

The Internal Audit Department is authorised to: 

  • Decide on the nature, scope and timing of audit units;
  • Enter all premises of the company and have unrestricted access to, and inspect all, documents and records; and
  • Require any employee of the company to supply such information and explanations as may be needed. 

The Internal Audit Department is not authorised to: 

  • Perform any operational duties for the organisation or its affiliates, unless directed and approved by the Audit Committee;
  • Initiate or approve accounting transactions external to the Internal Audit Department; and
  • Direct the activities of any organisation employee not employed by the Internal Audit Department, except to the extent that such an employee has been appropriately assigned to an audit team or to assist the Internal Auditor in conducting reviews. 

Documents and information given to staff of the Internal Audit department will be treated in the same prudent manner as by those employees normally accountable for such documents and information. 

Internal Audit staff members have no direct responsibility or authority over any of the activities or operations that they review. They will not implement procedures, prepare records, or engage in activities that would normally be reviewed by internal auditors. 


Subject to the overall guidelines and policies of the Board of Directors and of the Audit Committee, the Internal Audit department shall be solely responsible for the planning, implementation and reporting of internal audit reviews. For this purpose, the department shall: 

  • Develop a flexible annual audit plan using an appropriate risk-based methodology, including any risks or control concerns identified by management;
  • Submit such an annual audit plan to the Audit Committee for review and approval;
  • Implement the annual audit plan, including any appropriate special tasks or projects requested by management or the Audit Committee;
  • Maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of this Terms of Reference;
  • Conduct the audits in an effective, professional and timely manner and report the findings to the auditee as soon as practical on completion of each audit unit;
  • Report periodically to the Audit Committee and management on the performance of the department and summarising results of the audit activities;
  • Keep the audit committee and management informed of emerging trends and successful practices in internal auditing;
  • Assist in the investigation of significant suspected fraudulent activities within the organisation and notify management and the Audit Committee of the results; and
  • Consider the scope of work of the external auditors to ensure that audit programmes are complementary for the purpose of providing optimal audit coverage to the organisation at a reasonable overall cost. 


Though the Internal Audit Department will have an independent status within the company, the department shall interact with and complement other divisions or units to enhance effective control processes. 

The Head: Internal Audit, in the discharge of his/her duties, shall be accountable to the Audit Committee to: 

  • Provide an annual assessment on the adequacy and effectiveness of the organisation’s processes for controlling activities and managing the risks;
  • Report significant issues related to the control of activities of the organisation and potential improvements to such activities;
  • Periodically provide information on the status and results of the annual audit plan and the sufficiency of department resources; and
  • Co-ordinate with, and provide oversight of, other control and monitoring functions (risk management, compliance, ethics, quality, environmental, external audit). 


The Internal Audit department will: 

  • Meet or exceed the Standards for the Professional Practice of Internal Auditing of the Institute of Internal Auditors;
  • Adhere to the professional standards of conduct as set out in the Code of Ethics of the Institute of Internal Auditors; and
  • Maintain credibility through audit staff members’ professional conduct and customer satisfaction.