Internal Audit Charter
Internal auditing is an independent objective assurance and consulting activity designed to add value and improve the University's operations. It helps the University accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. The objectives of internal auditing are to assist members of the University community in the effective discharge of their responsibilities by furnishing them with analyses, appraisals, recommendations, counsel, and information concerning the activities reviewed and by promoting effective control at reasonable cost.
Role of the Internal Audit Department
The internal audit department is an established department within Finance & Business, and its responsibilities are defined in this charter which is approved by the Committee on Audit and Risk of the Board of Trustees, The internal Audit Director reports administratively to the Senior Vice President for Finance & Business/Treasurer, and reports functionally to the Chair of the Committee on Audit and Risk of the Board of Trustees. In addition, the Director has direct and full access to the President of the University, as Necessary.
Authorization is granted for full and complete access to any of the University's records (either manual or electronic), physical properties, and personnel relevant to an audit engagement. Also, authorization is given to allocate resources, set audit scope and apply techniques required to accomplish internal audit objectives. Documents and information given to internal auditors during a periodic review will be handled in the same prudent manner as by those employees normally accountable for them.
Internal auditors have no direct responsibility or any authority over any of the activities or operations that they review. They should not develop procedures and install or assist in installing systems, prepare records, or engage in activities that would normally be reviewed by internal auditors.
Recommendations on standards of control applicable to a specific activity may be included in the written report of opinions and audit issues that are given to operating management for review and implementation.
Internal Audit will conduct its responsibilities in accordance with University policies and procedures and the Standards for the Professional Practice for Internal Auditing issued by The Institute of Internal Auditors.
The responsibilities of internal auditing encompasses the following:
- Review the adequacy and effectiveness of internal control systems, both manual and electronic.
- Review established systems, policies and procedures to ensure the University is in compliance with laws and regulations.
- Receive initial reports from the University’s Ethics and Compliance Hotline. Assign non-financial matters to the pre-designated University department and insure an appropriate response is completed and transmitted to the University’s Hotline provider. For financial matters, determine and transmit the appropriate response to each report.
- Conduct investigations of allegations of financial and operational misconduct.
- Review means of safeguarding assets.
- Determine if resources are used efficiently and effectively.
- Evaluate University operations to identify process improvement and cost-saving opportunities.
- Assist in determining and then provide the needed amount of internal audit effort in connection with the performance of the annual financial audit conducted by the external independent accountants.
- Consult in the review of the design/development of new business and computer systems.
- Determine if significant financial, managerial and operating information is accurate, reliable and timely.
- Review the University’s compliance guidelines for ethical business conduct.
- Evaluate plans and actions taken to correct Internal Audit report issues.
- Provide adequate follow-up to ensure corrective action is taken and evaluate its effectiveness.
- Submit annual audit plans and status to the Senior Vice President for Finance & Business/Treasurer and the Committee on Audit and Risk.
- Provide a status report of auditing findings and corrective action to the Senior Vice President for Finance & Business/Treasurer and the Committee on Audit and Risk.
- Maintain a professional audit staff with appropriate skills, knowledge, experience and certifications to meet the requirements of this Charter.
- Keep Senior Management and members of the Committee on Audit and Risk informed with respect to emerging trends and successful practice in the internal audit profession.
The manager of the activity or department receiving the internal audit report will incorporate a written response to each audit issue and recommendation within the audit report. This response will indicate what actions were taken or are planned in regard to the specific issues and recommendations in the internal audit report. If appropriate, a timetable for the anticipated completion of these actions will be included.
A written report will be prepared and issued by the Internal Audit Director following the conclusion of each audit and will be distributed as appropriate in accordance with University policy. The report will be issued to the Senior Vice President for Finance & Business/Treasurer. In addition, a written summary of all reporting activity will be prepared and presented to the Committee on Audit and Risk at its meetings.