An annual audit plan is developed based on risk assessment and in response to audit requests.

Risk assessment consists of an analysis of all university operating units and control functions to identify areas of potential institutional risk.

In addition to planned audits, the Internal Audit Department responds to reports of fraudulent activities, irregularities or mishandling of university funds. Internal Audit is also consulted on new system developments or implementations.

The audit plan is developed annually by the director of Internal Audit. The plan is reviewed and approved by the executive director of Audit and Compliance and the Audit Committee.