Audit and assurance ADNOC’s Audit & Assurance function (AAF) provides independent assurance over the effectiveness of internal controls, governance and risk management. Through a centralized, risk-based approach, the AAF supports organizational resilience and informed decision-making across ADNOC’s operated companies, with appropriate consideration of ESG-related risks where relevant. The AAF operates under the oversight of ADNOC’s Audit Committee, a subcommittee of the ADNOC Board 31 . Audit coverage is determined through a comprehensive risk-based planning process, supported by an annually refreshed five- year plan and a rolling three-year internal audit plan. Plans are reviewed and updated to reflect material changes in the business or risk profile. Audit planning, risk management and scope The AAF’s priorities are informed by an annual Group-wide risk assessment, aligned with Abu Dhabi Accountability Authority (ADAA) regulations, the Institute of Internal Auditors’ Global Internal Audit Standards and applicable ISO standards. Stakeholder inputs, including on ESG considerations, are incorporated where relevant. Audit scope and frequency are determined based on the assessed risk profile. In addition to planned audits, we conduct standalone and ad-hoc audits to address emerging risks or specific issues, including ESG-related matters. Audit coverage spans strategic and operational activities, IT, financial controls, regulatory compliance and related monitoring, and reporting processes. ESG integration ESG considerations are incorporated into the assurance model where relevant, supported by other applicable local and international standards. Dedicated ESG-focused audits are conducted to strengthen assurance coverage and support continuous improvement. The AAF assesses the design and operating effectiveness of ESG-related risk management practices, including the integration of ESG risks within ERM and the Internal Controls Framework. All audit findings are recorded and tracked in the audit management system (AMS). ESG assurance coverage includes: • ESG data and reporting processes • Ethics and compliance, including whistleblowing, investigations and anti-bribery controls • Human rights and contractor welfare • Energy management • Supply chain and responsible sourcing • ESG assurance roles, responsibilities and coordination Reporting, review and communication All audit findings are documented in the AMS using standardized classification and tagging to support consistent tracking and reporting. Where relevant, findings are mapped to ADNOC’s 2030 Sustainability Strategy. The Chief Audit & Assurance Officer formally signs and issues reports and shares them with the ADNOC Audit Committee, relevant senior management and the MD & GCEO. Actions are agreed with management and progress is monitored through the AMS and formal follow-up mechanisms. Senior leadership and relevant stakeholders receive periodic updates. Advanced technology enablement The AMS is hosted on a secure platform supporting governance, risk and compliance activities. Data and digital workflow tools enable near real-time monitoring, improved reporting accuracy and more efficient audit execution. AI-enabled continuous control assurance modules are available to provide assurance over 100% of transactions of selected shared service business processes with more than 400 control tests, automatically driving timely insights and value realization. 31 For details, see “Our Leadership” section in this chapter. 127 ADNOC Sustainability Report 2025 HOW WE OPERATE KEEPING OUR PEOPLE SAFE ADVANCING NET ZERO EMPOWERING LIVES SUSTAINABILITY AT ADNOC ABOUT ADNOC PROTECTING NATURE AND BIODIVERSITY
Sustainability Report 2025: Delivering Responsibly Page 118 Page 120