Internal Audit

Opportunities for improving management control, profitability, and the organization's image may be identified during audits. They will be communicated to the appropriate level of management.

• Provide annually an assessment on the adequacy and effectiveness of the organization's processes for controlling its activities and managing its risks in the areas set forth under the mission and scope of work. 
• Report significant issues related to the processes for controlling the activities of the organization and its affiliates, including potential improvements to those processes, and provide information concerning such issues through resolution. 
• Periodically provide information on the status and results of the annual audit plan and the sufficiency of department resources. 
• Coordinate with and provide oversight of other control and monitoring functions (risk management, compliance, security, legal, ethics, environmental, external audit).

Independence

To provide for the independence of the internal auditing department, its personnel report to the University Auditor, who reports functionally and administratively to the President and periodically to the audit committee in a manner outlined in the above section on Accountability. It will include as part of its reports to the audit committee a regular report on internal audit personnel.

Responsibility

The University Auditor and staff of the internal auditing department have responsibility to:

• Develop a flexible annual audit plan using an appropriate risk-based methodology, including any risks or control concerns identified by management, and submit that plan to the audit committee for review and approval as well as periodic updates. 
• Implement the annual audit plan, as approved, including as appropriate any special tasks or projects requested by management and the audit committee. 
• Maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of this Charter. 
• Evaluate and assess significant merging/consolidating functions and new or changing services, processes, operations, and control processes coincident with their development, implementation, and/or expansion. 
• Issue periodic reports to the audit committee and management summarizing results of audit activities. 
• Keep the audit committee informed of emerging trends and successful practices in internal auditing. 
• Provide a list of significant measurement goals and results to the audit committee. 
• Assist in the investigation of significant suspected fraudulent activities within the organization and notify management and the audit committee of the results. 
• 
  Consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage to the organization at a reasonable overall cost. 

Authority

The University Auditor and staff of the internal auditing department are authorized to: 

• Have unrestricted access to all functions, records, property, and personnel. 
• Have full and free access to the audit committee. 
• Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives. 
• Obtain the necessary assistance of personnel in units of the organization where they perform audits, as well as other specialized services from within or outside the organization. 

The University Auditor and staff of the internal auditing department are not authorized to: 

• Perform any operational duties for the organization or its affiliates. 
• Initiate or approve accounting transactions external to the internal auditing department. 
• Direct the activities of any organization employee not employed by the internal auditing department, except to the extent such employees have been appropriately assigned to auditing teams or to otherwise assist the internal auditors.