Article 11 Internal auditing
1. A CCP shall establish and maintain an internal audit function which is separate and independent from the other functions and activities of the CCP and which has the following tasks:
(a) to establish, implement and maintain an audit plan to examine and evaluate the adequacy and effectiveness of the CCP's systems, internal control mechanisms and governance arrangements;
(b) to issue recommendations based on the result of work carried out in accordance with point (a);
(c) to verify compliance with those recommendations; (d) to report internal audit matters to the board.
2. The internal audit function shall have the necessary authority, resources, expertise, and access to all relevant documents for the performance of its functions. It shall be sufficiently independent from the management and shall report directly to the board.
3. Internal audit shall assess the effectiveness of the CCP's risk management processes and control mechanisms in a manner that is proportionate to the risks faced by the different business lines and independent of the business areas assessed. The internal audit function shall have the necessary access to information in order to review all of the CCP's activities and operations, processes and systems, including outsourced activities.