Answers to your questions
A department, program or process may be selected for an audit for a variety of reasons. The University’s audit department uses a risked-based approach and with the input of a cross-section of leadership and personnel we prioritize which audits to put on our schedule. Risk factors may include complexity and size of the operations, personnel turnover, results of previous audits and laws and regulations. Some area require more frequent audits while others may only need reviewed every few years.
In addition, department management or other parties may request a special request audit of a specific area or process.
Internal audit can be beneficial to your department in a number of ways. We can assess whether there are appropriate internal controls over your processes, help ensure that you are in compliance with external regulations and University policies and make recommendations for procedural improvements and best practices.
Any employee or board member can request an internal audit. Since risk and exposure to the University is a determining factor in prioritizing unplanned audits, requests are evaluated to determine what level of review is warranted.
As part of the planning process, the auditor will meet with the appropriate members of your department to discuss timing, scope of the audit. Every effort will be made to minimize disruption and accommodate potential scheduling conflicts.
Internal Audit is required to maintain independence in order to provide an objective assessment at any level of the University. The Chief Audit Executive reports directly to The Board of Trustees through the Audit and Compliance Committee on functional matters.
Internal controls can be defined as a process or group of processes designed to provide reasonable assurance regarding the achievement of objectives in the 3 categories of; effectiveness and efficiency of operations, reliability of financial reporting and compliance with applicable laws and regulations. Internal controls can also safeguard a companies assets by preventing fraud, waste, or abuse.
Think of internal controls as sound business practices that when performed correctly safeguard University assets by preventing or detecting error or fraudulent activity. Internal controls differ depending the individual department’s objectives.
For more information on internal controls click here.