AUDIT & RISK COMMITTEE CHARTER

CONTENTS
1 Introduction
2 Role of the Audit & Risk Committee
3 Membership
4 Responsibilities
5 Authority
6 Reporting Responsibilities
7 Review of Audit & Risk Committee Performance and Charter
8 Meeting Procedures

1 INTRODUCTION
This Charter has been developed and approved by the Board to outline the manner in which the Audit
& Risk Committee discharges its responsibilities in relation to Telstra Group Limited (‘Telstra’) and the
controlled entities in the Telstra Group (together, ‘the Group’).

2 ROLE OF THE AUDIT & RISK COMMITTEE

2.1 The Audit & Risk Committee is a Committee of the Board established under Telstra’s
Constitution to:
2.1.1 assist the Board in discharging its responsibilities on matters relating to:
a) financial reporting;
b) risk management;
c) compliance;
d) external audit;
e) internal control;
f) internal audit;
g) the Structural Separation Undertaking (‘SSU’)1 and Director of Equivalence; and
h) environmental, social and governance matters relevant to the Audit & Risk
Committee’s responsibilities.
2.1.2 assist the Board in discharging its responsibilities on matters that may significantly
impact the financial condition or affairs of the business.
2.1.3 provide a forum for communication between the Board, management and both the
internal and external auditors.
2.1.4 provide a conduit to the Board for external advice on audit, risk management and
compliance matters.
2.2 Management is responsible for, among other things:
2.2.1 the preparation, presentation and integrity of the Group’s financial statements.
2.2.2 maintaining appropriate accounting and financial reporting principles and policies,
risk management processes, and internal controls and procedures designed to
ensure compliance with accounting standards and applicable laws and regulations;
2.2.3 managing risks relevant to the Group (including the design and implementation of an
appropriate and effective risk management framework) and ensuring there is an
appropriate risk culture within the organisation; and
2.2.4 ensuring that any circumstances which require the Group to operate outside of its
risk appetite are brought to the attention of the Audit & Risk Committee or the Board.
The Audit & Risk Committee has primary oversight of management in its performance of these

1the SSU means the Structural Separation Undertaking accepted by the ACCC on 27 February 2012 under section 577A of the
Telecommunications Act as in force from time to time (which currently applies to Telstra Corporation Limited and Telstra
Limited).
TELSTRA GROUP LIMITED (ABN 56 650 620 303)
Confidential
 functions.
2.3 The Telstra Corporation Limited Board is responsible for approving the half yearly and annual
financial statements and Directors’ Reports of Telstra Corporation Limited.

3 MEMBERSHIP
3.1 The Board appoints the Audit & Risk Committee members and its Chair.
3.2 The Chair of the Audit & Risk Committee is to be an independent Director who is not Chair of
the Board.
3.3 The Audit & Risk Committee must be comprised of at least three Board members, all of whom
are determined by the Board to be independent.
3.4 The members shall, between them, have sufficient accounting and financial knowledge to
allow them to discharge their duties and actively challenge information presented by
management, and internal and external auditors.

4 RESPONSIBILITIES
In performing its role, the responsibilities of the Audit & Risk Committee include, but are not limited to:
4.1 Financial Reporting
4.1.1 Reviewing significant accounting and reporting issues, including changes to accounting
standards and regulatory requirements and their impact on the financial statements.
4.1.2 Overseeing Telstra’s periodic external financial reporting and the integrity of the key
accounting and corporate reporting processes implemented by management in connection
with that reporting.
4.1.3 Reviewing the half yearly and annual financial statements and Directors’ Reports of Telstra
(excluding the Remuneration Report in respect of the full year which is reviewed by the People
& Remuneration Committee), and discussing them with the external auditor prior to their
recommendation to the Board.
4.1.4 Prior to their recommendation to the Board, reviewing key elements of other significant related
disclosures and regulatory filings and discussing them with the external auditor as appropriate.
4.1.5 Reviewing the half yearly and annual financial statements and Directors’ Reports of Telstra
Corporation Limited (excluding the Remuneration Report in respect of the full year which is
reviewed by the People & Remuneration Committee) from a Telstra perspective.
4.2 Risk Management
In addition to the risk management processes outlined elsewhere in this Charter:
4.2.1 Overseeing the design, implementation and effectiveness of the Group’s risk management
framework (including risk culture). This includes:
a) reviewing the Group’s risk management framework at least annually to satisfy itself
that it continues to be sound and effective, and that the Group is operating with due
regard to the risk appetite set by the Board;
b) making recommendations to the Board on the Group’s risk management policy and
changes to the risk appetite set by the Board; and
c) reviewing reports from management on risk culture and any conduct that is materially
inconsistent with the Group’s Values or the Telstra Group Code of Conduct (‘Code of
Conduct’) (including material breaches and the action taken, or proposed to be taken,
in response to those breaches) which are of relevance to the Audit & Risk
Committee’s responsibilities.
4.2.2 Assisting the Board in the review and identification of risks through more detailed
consideration of selected risks, and reviewing reports from management on emerging and
escalating sources of risk and the risk management plans management has put in place to
deal with those risks.
4.2.3 Reviewing the Group’s Treasury policy principles.
4.2.4 Overseeing the Group’s insurance program, having regard to the Group’s business and the
insurable risks associated with its business.

TELSTRA AUDIT & RISK CHARTER 0623

Confidential
2
4.2.5 Overseeing the process for the management of matters raised by whistleblowers and
reviewing significant matters raised through the process.
4.2.6 Overseeing the remuneration review outcomes for the Chief Risk Officer2 considered or
approved by the People & Remuneration Committee, and the results of his or her annual
performance review.
4.3 Compliance
Overseeing the Group’s compliance with applicable laws and regulatory obligations, including the
design, implementation and effectiveness of the Group’s compliance framework to manage its
compliance risk with regard to those laws and regulatory obligations. This includes:
4.3.1 making recommendations to the Board on the Group’s compliance management policy and
reviewing the design, implementation and effectiveness of key compliance programs operating
within the compliance framework;
4.3.2 reviewing the results of management’s investigation and action in relation to significant
identified instances of non-compliance and overseeing the Group’s response to the findings
and recommendations of any examinations by key regulators;
4.3.3 reviewing updates from management, the Group General Counsel and the Group Company
Secretary3 regarding compliance matters that may have a material impact on the Group’s
reputation or financial statements; and
4.3.4 reviewing the Group’s health, safety and environmental performance, including monitoring the
effectiveness of the Group’s health, safety and environmental management system and
considering significant issues relating to health, safety and the environment.
4.4 External Audit
4.4.1 Recommending and overseeing the appointment and, if necessary, the removal of the external
auditor, reviewing and agreeing on the terms of engagement and fees for the external auditor,
and reviewing the external auditor’s proposed annual audit scope and approach, including
materiality levels.
4.4.2 Reviewing reports of the external auditor and assessing the findings and recommendations
contained in those reports, and seeking confirmation that management has appropriately
addressed the significant findings and recommendations from the external auditor.
4.4.3 Reviewing and assessing the performance, independence and objectivity of the external
auditor.
4.4.4 Periodically meeting separately with the external auditor to discuss any matters that the Audit
& Risk Committee or auditors believe should be discussed privately and ensuring the external
auditor has full access to meet with or otherwise liaise with the Chair of the Audit & Risk
Committee.
4.4.5 Reviewing and approving the external auditor’s arrangements for the rotation and succession
of audit and review partners or their equivalents, including their approach to managing the
transition.
4.4.6 Monitoring management’s adherence to the policy on audit and non-audit services provided by
the external auditor, and advising the Board on whether the provision of non-audit services is
compatible with the general standard of independence.
4.5 Internal Control
4.5.1 Overseeing management’s design and implementation of the Group’s internal control systems
and processes, and the process for assessing the effectiveness of the Group’s internal
controls, and periodically assessing the overall adequacy and effectiveness of the Group’s
internal control systems and processes and assurance activities.
4.5.2 Monitoring that significant internal control issues identified by Group Internal Audit or
management are being addressed by management on a timely basis.

2For the purposes of this Charter, reference to “Chief Risk Officer” includes the equivalent position or office in the event that the
position or office is described in another manner.
3 The term ‘Group Company Secretary’ has the same meaning as set out in the Board Charter.

TELSTRA AUDIT & RISK CHARTER 0623

Confidential
3
4.6 Internal Audit
4.6.1 In respect of the Group Internal Audit Executive (‘GIA Executive’)4:
a) advising the Board on the appointment and, should it be necessary, the cessation of
his or her employment; and
b) overseeing his or her remuneration review outcomes considered or approved by the
People & Remuneration Committee and the results of his or her annual performance
review.
4.6.2 Approving:
a) the Group Internal Audit (‘GIA’) Plan, its coverage of key risks and the level of co-
ordination with the external auditor;
b) GIA’s resource plan and budget; and
c) the GIA Charter.
4.6.3 Monitoring and reviewing GIA’s performance and progress against the annual GIA Plan
including:
a) the independence of GIA; and
b) the outcomes of internal audits or other assurance activity undertaken by GIA.
4.6.4 Monitoring management’s responsiveness to internal audit findings and associated remedial
actions.
4.7 SSU and Director of Equivalence
4.7.1 Approving the appointment and, should it be necessary, the cessation of the appointment of,
Telstra’s Director of Equivalence.
4.7.2 Overseeing the Group’s compliance with the SSU and overseeing and monitoring the activities
of the Director of Equivalence.
4.7.3 Receiving Telstra’s Annual Equivalence Report which is to be submitted to the Audit & Risk
Committee not more than 90 business days after the last business day of each financial year.
4.8 Corporate Governance and ESG
4.8.1 Reviewing significant developments in the areas of corporate governance and ESG
(environment, social and governance) relevant to the Audit & Risk Committee’s
responsibilities.
4.8.2 Reviewing and monitoring the Group’s ESG performance and considering significant issues
relating to ESG, including:
a) reviewing reports from management on the Group’s climate related risks and the
risk management plans management has put in place to deal with those risks
b) making recommendations to the Board on key external environmental targets and
disclosures under the TCFD (Task Force on Climate-related Financial Disclosures)
framework; and
c) overseeing other selected external environmental disclosures.
4.8.3 Reviewing Telstra’s corporate governance statement and any other disclosures made about
governance in Telstra's annual report.
4.8.4 Overseeing the Group CEO’s5 general delegations of authority to management.
4.9 Other
4.9.1 Periodically meeting separately with the Group CEO and Senior Management6 to discuss any

4
For the purposes of this Charter, reference to “Group Internal Audit Executive” or “GIA Executive” includes the equivalent
position or office in the event that the position or office is described in another manner.
5
The term ‘Group CEO’ has the same meaning as set out in the Board Charter.
6
For the purposes of this section, ‘Senior Management’ refers to the Group Executives who report directly to the Group CEO
and any other members of the management team the Board determines should be included in that category.

TELSTRA AUDIT & RISK CHARTER 0623

Confidential
4
 matters that the Audit & Risk Committee or management believe should be discussed
privately.
4.9.2 Periodically meeting separately with the GIA Executive to discuss any matters that the GIA
Executive or the Audit & Risk Committee believe should be discussed privately and ensuring
the GIA Executive has full access to meet with or otherwise liaise with the Chair of the Audit &
Risk Committee
4.9.3 For each of the Group General Counsel and Chief Risk Officer:
a) meeting separately with the relevant executive if requested to discuss any matters that
the executive or the Audit & Risk Committee believe should be discussed privately; and
b) ensuring the executive has full access to meet with or otherwise liaise with the Chair of
the Audit & Risk Committee.

4.9.4 Performing any other duties and undertaking or overseeing any specific projects as the Board
may from time to time request.

4.9.5 Addressing any other reporting responsibilities of an Audit & Risk Committee (or of a
committee with equivalent duties and authority as the Audit & Risk Committee).

5 AUTHORITY
The Audit & Risk Committee has full delegated authority from the Board to fulfil its responsibilities as
set out in section 4 above. The Audit & Risk Committee has rights of access to adequate internal and
external resources, including:
5.1 having:
5.1.1 access to, and meeting with, the external and internal auditors without executives or
management of the Group being present, and
5.1.2 unrestricted access to management, employees and information of the Group the
Audit & Risk Committee considers relevant to its responsibilities under this Charter;
5.2 obtaining independent advice, at Telstra’s expense, including engaging and receiving advice
and recommendations from appropriate independent experts; and
5.3 receiving minutes of the board meetings of Telstra Corporation Limited, Telstra Limited and
Telstra International Holdings Pty Ltd.

6 REPORTING RESPONSIBILITIES
6.1 The Chair of the Audit & Risk Committee updates the Board regularly about matters relevant
to the Audit & Risk Committee’s role, responsibilities, activities, and matters considered,
discussed and resolved at Committee meetings.
6.2 Information and papers considered by the Audit & Risk Committee are provided to other
Committees and/or the Board as relevant.
6.3 For each half year and full year, the Chair of the Audit & Risk Committee will report to the
People & Remuneration Committee providing an overview of the key issues considered by the
Audit & Risk Committee that are likely to be relevant to assessing the performance and
remuneration outcomes for the Group CEO and Senior Management by the People &
Remuneration Committee.

7 REVIEW OF AUDIT & RISK COMMITTEE PERFORMANCE AND

CHARTER
7.1 The Audit & Risk Committee:
7.1.1 undertakes an annual self-assessment of its performance and provides that
information to the Board; and
7.1.2 provides any information the Board may request to facilitate the Board’s review of the
Committee’s performance and its members.

TELSTRA AUDIT & RISK CHARTER 0623

Confidential
5
7.2 The Audit & Risk Committee reviews this Charter annually and seeks Board approval for any
changes.

8 MEETING PROCEDURES
The Board and Board Committee Procedural Rules set out the procedures for meetings of the Audit &
Risk Committee.

TELSTRA AUDIT & RISK CHARTER 0623

Confidential
6