Internal Audit Department

1. Reporting 

The Executive Director of Compliance and Audit reports administratively to the Chancellor and has dotted-line reporting to the Audit Committee.

2. Purpose 

The overall objective of the Internal Audit Department is to assist management in the effective discharge of its responsibilities by providing impartial audit analyses, appraisals, recommendations, and pertinent comments on the activities reviewed.  The audits are designed to evaluate the adequacy of controls and practices as they relate to the effective, efficient, and economical use of the resources of the University.  The Internal Audit Department may also provide consulting services beyond traditional internal auditing services in order to assist management in meeting its objectives.  Examples include process design reviews, serving on committees, and internal controls training.

3. Authority 

In carrying out their duties and responsibilities, the Internal Auditors have full, free, and unrestricted access to all properties, personnel records, reports, files, and data in any and all areas and auxiliary areas of the University.

4. Independence 

Independence and objectivity are essential to the effectiveness of the Internal Audit function. Internal Audit and Compliance Audit is a staff function and as such does not exercise direct authority over other persons and departments whose work is reviewed. While the Internal Audit and Compliance staff is free to review and appraise policies, plans, procedures, and records, the auditor's review does not in any way relieve other persons of the responsibilities assigned to them.

The Internal Auditor's objectivity is not adversely affected when the auditor recommends standards of control or reviews procedures before they are implemented. Moreover, Internal Audit has the responsibility and authority to recommend necessary improvements and to follow auditees' progress toward implementing appropriate improvements.

5. Responsibilities 

The establishment and maintenance of acceptable business practices and adequate and effective internal controls is the responsibility of management. To assist management in carrying out this responsibility, Internal Audit reviews and evaluates business practices and systems of internal control, reports to management any identified weaknesses, together with recommendations for improvements, and follows the progress of corrective actions.

The Internal Audit Department and University Compliance Office shall report to the Audit Committee annually or more often, if necessary, to summarize audits conducted during the previous fiscal year and to discuss the audit plans and priorities for the upcoming year.

The Internal Audit Department and University Compliance Office develops long-range and annual audit plans based on an assessment of risks, which include dollar magnitude and volume of transactions, the time elapsed since the last audit, prior audit findings, the complexity of the operation, the potential for fraud, turnover of key business personnel, and special requests by management and/or the Audit Committee.

6. Audit Standards and Ethics 

Audit work of the Internal Audit Department and the University Compliance Office shall be performed in accordance with Generally Accepted Auditing Standards as advocated by the Institute of Internal Auditors in Standards for the Professional Practice of Internal Auditing.