Skip to Main Content
Office of Internal Auditing
oneColumn

Internal Auditing

Our goal is to provide an objective, consistent and independent service to management and senior stakeholders.

These are the stages a typical audit follows:

Planning 

Planning determines the objectives, scope, timing, and resources for the audit.  In addition, the audit team will send an audit notification letter to the Department Head of the area scheduled to be audited.  This notification will inform the audit client that our office will be performing an audit of their area along with the time frame the review will cover.

The notification letter will provide the client with an estimated start date of fieldwork, along with an estimated timeline to completion.  While these dates are estimations and subject to change, it allows the client to prepare for the review and notify any applicable departmental employees.

Planning may involve: 

  • Process discussions,
  • Information gathering,
  • Relationship building.

Fieldwork

The primary purpose of fieldwork is to review internal controls and test transactions to ensure management risks are adequately mitigated.  In addition, the tests of transactions  provides assurance that processes help to follow adherence to policies, regulations, statutes and laws.  The auditor tests a sample of transactions, with emphasis placed on higher risk items to verify that controls are functioning as intended or determine where improvements are needed. Audits of revenues and expenditures typically include tests of revenues, purchases, Procurement Card (PCard) purchases, property, travel, and payroll.

Test processes, transactions and controls may involve: 

  • Direct observation,
  • Shadowing,
  • Document review,
  • Transaction testing.

Reporting

At the completion of fieldwork, the audit team will provide an opportunity for department leadership to meet with the audit team to discuss any tentative observations.  This meeting is known as an Informal Exit Summary.

At the completion of the Informal Exit Summary, the audit team will prepare the Draft Audit Report which enables management to give their responses to the issues raised.

The final audit report is sent to the audit area department head with copies to the following: 

  • Vice President/Dean over audit area.
  • Any additional department applicable individuals.
  • Board of Trustees Audit and Compliance Committee

Reporting communicates audit results to audit client, management and stakeholders and may involve:  

  • Informal exit summaries for a collaborative review,
  • Recommendations to ensure best practices,
  • Management responses.
  • Transaction testing.

Follow-up

The audit team will follow-up on management corrective action plans to ensure audit recommendations are completed.  Follow-up corrective action is reported to the BOT Audit and Compliance Committee.