The only thing I would add to what Mr. Cory said is that the internal auditors on an annual basis develop a risk-based audit plan that is informed and approved by the finance and audit committee of the board. That risk-based audit plan is informed by the highest areas of risk with respect to not only governance but also compliance. Compliance with policies, including procurement, is included as part of that annual audit plan.
On May 9th, 2023. See this statement in context.