Internal Audit FAQs
- Why are audits performed?
- How are departments selected for an audit?
- What types of audits do we perform?
The overall goal of Internal Audit is to add value and improve on the University's operations. Internal Auditors provide reasonable assurance to the Audit Committee of the Board of Trustees and management that risks are identified and managed; financial, managerial and operational information is accurate, reliable and timely; and activity is compliant with policies and procedures and applicable laws and regulations.
The frequency of departmental audits is based on a risk assessment process. The Internal Audit Department considers eight separate factors such as size and complexity of the department, research activity, compliance risks, amount of cash receipts, changes in key personnel, etc. Departments with high risk will be audited more frequently than those with medium or low risk. Also, management may request an audit.
- Information Technology
- Consulting and Advisory Services
- Special Investigations
The audit process consists of four phases.
- Planning: During this phase, the objectives and scope are determined. Also, a meeting is held with the department head and lead fiscal administrator regarding the audit plan and what is required during the audit.
- Fieldwork: This phase involves conducting interviews and testing compliance with policies and procedures. Internal controls are also assessed and tested.
- Reporting of Results: In this phase, a summary of audit findings and recommendations is prepared and presented to management for discussion. Once the findings/recommendations are finalized, a report is issued to management.
- Follow-Up: This phase ensures that all audit recommendations have been satisfactorily implemented. Some verification procedures may be performed to ensure that recommendations have been adequately addressed.
You may contact our office directly or use the University's anonymous hotline, AlertLine.
Audits are very beneficial to evaluate the University's operations and system of controls. If a department has recently adopted additional supervisory responsibility or implemented newly installed computer systems, an audit can review the current procedures to determine the effectiveness of internal controls. Also, periodic audits are recommended to ensure overall compliance.
Any member of management can contact Internal Audit staff members via telephone or email for our audit services or to consult on an issue. Your request will be reviewed by our staff and our director will decide how to best meet your needs. We are always available to advise you on University's policies and procedures. We also offer in-house consulting services on internal control matters and provide suggestions and recommendations for your department.
The audit duration depends on the size, complexity and involved risk of each department. Based on these factors, budget hours are established during the planning phase of each audit. Generally, audits can last from two to six months.
Copies are sent to department administration, the Chancellor, the appropriate Vice Chancellor, the CFO, the controller, our external auditors (KPMG) and others if necessary.
Internal Audit assesses each department's control environment and compliance with regulations. We provide recommendations and suggestions to improve the overall efficiency and effectiveness of procedures and processes, which can help you achieve your goals.
We will need to meet with key personnel of the department for planning and interviewing purposes, but we try to accommodate any time constraints that you may have. Inevitably, some information and documentation may need to be provided, but we will not be requiring much time of department staff members.
- Evaluate the effectiveness and efficiency of internal controls and resources employed
- Review the reliability and integrity of financial and operational information
- Review fiscal and administrative operations
- Assess the use of established systems to ensure compliance with corresponding policies, procedures, plans, laws and regulations
Activities that are audited include compliance with the University's policies, procedures, laws and regulations, information systems, general ledger accounts, overall departmental operations and financial statements.
Visit our Internal Controls page to learn more.