Sify Technologies Limited

Internal Audit Charter

This Internal Audit Charter was prepared in line with the requirement of the appointment of Internal Auditors under the Companies (Auditor’s Report) Order, 2003 under the Indian Companies Act, 1956 and under the proposed Rule 5645 of the NASDAQ for Listed Companies. The Charter was adopted by the Audit Committee and the Board of Directors of Sify Technologies Limited on July 18, 2013.

1. Objective

Internal Audit ensures independent and objective assurance and consulting activity to add value to improve the operations of the organisation. It assists the organization in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the organization's risk management, control and governance processes.

It also provides assurance to the Management and Board that the entity’s financial and operational controls designed to manage the organisation’s risks and achieve the entity’s objectives are operating in an efficient, effective and ethical manner and also assist the Management in improving the entity’s business performance.

The objective of the Internal Audit Charter is to define the scope, duties and responsibilities of the Internal Auditors and the submission of their report to the Audit Committee for suggesting improvements to the functioning of the entity and strengthen the overall governance mechanism of the entity.

2. Appointment and remuneration

The Internal Auditors shall be appointed and their remuneration is fixed by the Board of Directors of the Company based on the recommendation of the Audit Committee every year.

3. Independence and objectivity

The internal audit activity will remain free from interference by any element in the organization, including matters of audit selection, scope, procedures, frequency, timing, or report content to permit maintenance of a necessary independent and objective mental attitude.

Internal auditors will have no direct operational responsibility or authority over any of the activities audited. Accordingly, they will not implement internal controls, develop procedures, install systems, prepare records, or engage in any other activity that may impair internal auditor’s judgement.

Internal auditors must exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal auditors must make a balanced assessment of all the relevant circumstances and not be unduly influenced by their own interests or by others in forming judgments.

The Internal Auditors will confirm to the Audit Committee and Board, at least annually, the organizational independence of the internal audit activity.

4. Scope and Responsibility

The scope of internal auditing encompasses, but is not limited to, the examination and evaluation of the adequacy and effectiveness of the organization's governance, risk management and internal process as well as the quality of performance in carrying out the assigned responsibilities to achieve the organization’s stated goals and objectives. This includes:

· Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information.

· Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact on the organization.

· Evaluating the means of safeguarding the assets of the organisation and, as appropriate, verifying the existence of such assets.

· Evaluating the adequacy and effectiveness of internal controls, including information technology system controls such as those relating to Finance, Operations, Information Technology Systems and Information Security.

· Evaluating the effectiveness and efficiency with which resources are employed.

· Ensuring proper and timely identification of liabilities.

· Assisting the Management to identify risks and develop risk mitigation and monitoring strategies as part of the Risk Management Framework.

· Assisting the Management to identify the risks of fraud and develop fraud prevention and monitoring strategies.

· Evaluating operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned.

· Monitoring and evaluating governance processes.

· Evaluating the quality of performance of External Auditors and the degree of coordination with internal audit.

· Reporting periodically on the internal audit activity’s purpose, authority, responsibility, and performance related to its plan.

· Evaluating specific operations at the request of the Audit Committee or Management, as appropriate.

5. Authority

The head of Internal Audit and staff of the Internal Auditing Unit are authorized to:

· Have unrestricted access to all functions, records, property, and personnel. Documents and information given to Internal Auditors are handled in the same prudent manner as by those employees normally accountable for them.

· Have full and free access to the Audit Committee and Board.

· Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish the audit objectives.

· Obtain the necessary assistance of personnel in units of the Center where they perform audits, as well as other specialized services from within or outside the Center.

6. Internal Audit Plan

The Internal Auditors will submit the internal audit plan every quarter to the Audit Committee for its review and approval. The internal audit plan will be developed based on the discussions with the Management on the areas to be covered based on the significance and priority. Any significant deviation from the approved internal audit plan will be communicated to the Audit Committee and the Board through periodic activity reports.

7. Reporting and monitoring

A written report will be prepared and issued by the Internal Auditors every quarter following the conclusion of audit of the specific areas agreed to be covered under the internal audit plan and will be distributed to the concerned Department for eliciting their views and clarifications.

The final internal audit report shall include the Management’s response and corrective action taken or to be taken in regard to the specific findings and recommendations. Management's response, whether included within the original audit report or provided thereafter by the Executive of the audited area should include a timeline for expected completion of action to be taken and an explanation for any corrective action that will not be implemented.

The Internal Auditors will be responsible for appropriate follow-up on engagement findings and recommendations. All significant findings will remain in an open issues file until cleared.

The Audit Committee has the sole responsibility to oversee the internal audit function and cannot allocate or delegate this responsibility to another Board Committee.

8. Periodic Assessment

The Internal Auditors will periodically report to the Audit Committee on the internal audit activity’s purpose, authority, and responsibility, as well as performance relating to its plan. Reporting will also include significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by senior management and the board.

9. Independent discussions with the Audit Committee.

The Internal Auditors shall have independent discussions with the members of the Audit Committee without the Management Team, at least twice in a year, for assessing their independence in discharging their functions, budget and staffing of the Company’s internal audit function, any problems or difficulties they encountered in discharging their functions, and any issues that the internal auditor believes warrant Audit Committee attention, material written communications between the Internal Auditors and the Management of the Company, such as any reports on observations and recommendations on internal controls, status on Action Taken Reports, Internal Auditor’s Engagement Letter etc.

10. Review of the charter

This charter will be reviewed at least annually by the Audit Committee. Any substantive changes will be formally approved by the Board on the recommendation of the Audit Committee.