The Office of Internal Audit and Compliance Audit Charter outlines the purpose, authority, independence, responsibilities, audit standards and ethics followed by the department.
The Office of Internal Audit (Internal Audit) and Compliance Audit at Washington University is an independent, objective assurance and consulting activity designed to add value and improve the university’s operations.
Internal Audit helps the university accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, compliance and governance processes. Internal Audit is established as a service to management and the Audit Committee of the Board of Trustees. It is the policy of the university to maintain an internal audit function as an integral component of the internal control environment. This charter sets forth the purpose, authority and responsibilities which enable Internal Audit to continually meet the expectations of the university and its Audit Committee.
2. Purpose and Role
Internal Audit reports administratively to the Chancellor of the University and functionally to the Audit Committee of the Board of Trustees. The overall objective of Internal Audit is to assist management in the effective discharge of its responsibilities by providing impartial analyses, appraisals, recommendations and pertinent comments on the activities reviewed. The audits are designed to evaluate the adequacy of internal control, compliance, risk management and governance practices, as well as to establish whether university resources are acquired economically, used efficiently and adequately protected. Internal Audit may also provide consulting services beyond routine audit services in order to assist management in meeting its objectives. Examples include process design reviews, facilitation, serving on committees and training or advisory services in any area of auditor expertise.
In carrying out their duties and responsibilities, Internal Auditors have full, free and unrestricted access to all properties, personnel records, reports and files in all offices, service departments, auxiliary areas and data centers of the university.
Independence and objectivity are essential to the effectiveness of the Internal Audit function. Internal Audit is a staff function and as such does not exercise direct authority over other persons and departments whose work is reviewed. While the Internal Audit staff is free to review and appraise polices, plans, procedures and resources, the auditor’s review does not in any way relieve other persons in the organization of their responsibilities.
The establishment and maintenance of acceptable business practices and adequate and effective risk management, control and compliance activities is the responsibility of management. To assist management in carrying out this responsibility, Internal Audit will:
- Review and evaluate these activities and practices and report results to management, including any identified weaknesses and opportunities for improvement, and follow up on the progress of management’s implementation of improvements
- Develop and implement flexible annual audit plans using appropriate risk-based methodology, including any risks or control concerns identified by management.
- Conduct special projects or investigations, at the request of management or the Audit Committee, as appropriate.
Internal Audit shall report to the Audit Committee annually or more often, a summary of audit plans, audit results, adequacy of management actions in response to significant recommendations, as well as staffing and organizational structure of Internal Audit.
6. Audit Standards and Ethics
Internal Audit’s work shall be performed in accordance with the International Standards for the Profession of Internal Auditing as advocated by the Institute of Internal Auditors. Internal Audit Department members will also adhere to the Institute of Internal Auditors Code of Ethics. These two documents constitute addendums to this charter. In addition, Internal Audit’s activities and conduct shall be consistent with the policies of the university.