Frequently Asked Questions

Why are audits performed?

The overall goal of Internal Audit is to add value and improve on the University's operations. Internal Auditors provide reasonable assurance to the Audit Committee of the Board of Trustees and management that risks are identified and managed; financial, managerial and operational information is accurate, reliable and timely; and activity is compliant with policies and procedures and applicable laws and regulations.

How are departments selected for an audit?

The frequency of departmental audits is based on a risk assessment process. The Internal Audit Department considers eight separate factors such as size and complexity of the department, research activity, compliance risks, amount of cash receipts, changes in key personnel, etc. Departments with high risk will be audited more frequently than those with medium or low risk. Also, management may request an audit.

What types of audits do we perform?

Information Technology
Consulting and Advisory Services
Special Investigations

Read more about types of audits »

What happens during an audit?

The audit process consists of four phases.

Planning: During this phase, the objectives and scope are determined. Also, a meeting is held with the department head and lead fiscal administrator regarding the audit plan and what is required during the audit.
Fieldwork: This phase involves conducting interviews and testing compliance with policies and procedures. Internal controls are also assessed and tested.
Reporting of Results: In this phase, a summary of audit findings and recommendations is prepared and presented to management for discussion. Once the findings/recommendations are finalized, a report is issued to management.
Follow-Up: This phase ensures that all audit recommendations have been satisfactorily implemented. Some verification procedures may be performed to ensure that recommendations have been adequately addressed.

What should I do if I learn of fraud, waste or abuse?

You may contact our office directly or use the University's anonymous hotline, AlertLine.

Why would I want to request an audit?

Audits are very beneficial to evaluate the University's operations and system of controls. If a department has recently adopted additional supervisory responsibility or implemented newly installed computer systems, an audit can review the current procedures to determine the effectiveness of internal controls. Also, periodic audits are recommended to ensure overall compliance.

Can I request Internal Audit's assistance?

Any member of management can contact Internal Audit staff members via telephone or email for our audit services or to consult on an issue. Your request will be reviewed by our staff and our director will decide how to best meet your needs. We are always available to advise you on University's policies and procedures. We also offer in-house consulting services on internal control matters and provide suggestions and recommendations for your department.

How long do audits generally take?

The audit duration depends on the size, complexity and involved risk of each department. Based on these factors, budget hours are established during the planning phase of each audit. Generally, audits can last from two to six months.

Do we have an opportunity to respond to audit comments?

Your input is solicited and considered during all phases of the audit.  Management responses to audit observations are included in the final audit report.

Who receives the final audit report?

Copies are sent to department administration, the Chancellor, the appropriate Vice Chancellor, the CFO, the controller, our external auditors (KPMG) and others if necessary.

What are the benefits of the audit?

Internal Audit assesses each department's control environment and compliance with regulations. We provide recommendations and suggestions to improve the overall efficiency and effectiveness of procedures and processes, which can help you achieve your goals.

What is a department's role during an audit?

We will need to meet with key personnel of the department for planning and interviewing purposes, but we try to accommodate any time constraints that you may have. Inevitably, some information and documentation may need to be provided, but we will not be requiring much time of department staff members.

What are the objectives of an internal audit?

Evaluate the effectiveness and efficiency of internal controls and resources employed
Review the reliability and integrity of financial and operational information
Review fiscal and administrative operations
Assess the use of established systems to ensure compliance with corresponding policies, procedures, plans, laws and regulations

What activities are audited?

Activities that are audited include compliance with the University's policies, procedures, laws and regulations, information systems, general ledger accounts, overall departmental operations and financial statements.

What information is Internal Audit authorized to access?

In accordance with the Internal Audit Department Charter, signed by the Chancellor and the Audit Committee Chair, staff of the Internal Audit Department “have unrestricted access to all functions, records, property and personnel.”  All information provided to Internal Audit is handled in a prudent and confidential manner.

What are internal controls?

Visit our Internal Controls page to learn more.

What is Internal Audit’s reporting structure?

The Internal Audit Department reports administratively to the Chancellor and functionally to the Audit Committee of the Board of Trustees.

Who audits the Internal Audit Department?

In accordance with the Institute of Internal Auditors (IIA) International Standards for the Professional Practice of Internal Auditing (Standards), external quality assurance assessments must be conducted at least once every five years.  These assessments conclude as to conformance with the Code of Ethics and the Standards, and may include operational and strategic comments.

What is the role of the university’s external auditors?

External auditors primarily perform the annual financial statement audit for the university.  Their work is completed with the assistance of the Internal Audit Department.