» Frequently Asked Questions
+ - How are departments selected for review?
Each year a risk assessment of the University’s operating units and control functions is performed to identify areas of potential institutional risk. We attempt to direct our audit resources to the areas deemed high risk. Our goal is to evaluate and improve the management of these risks in the units
+ - What does a typical internal audit include?
Common elements of an internal audit engagement include the following:
- Scheduling an entrance conference to discuss audit objectives, timing, and intended report format and distribution.
- Evaluating internal control systems
- Testing to ensure proper operation of internal control systems
- Developing conclusions based on test results
- Reviewing audit issues and draft audit reports with management and staff
- Preparing and distributing an audit report which generally include management’s responses to the issues raised
- Following up to ensure all issues raised in audit reports have been addressed.
For details of the above see the Audit Process
+ - What will the auditor need from me?
The main items needed from you for a successful audit are cooperation and communication with the auditor. Here are some examples of what you can do to help the audit process:
- Supply all requested information on a timely basis
- Share any internal control concerns you have with the auditor
- As issues are communicated to you during the audit, begin thinking about potential corrective actions
- Provide a written response to the issues identified in the report, along with who will be responsible for implementing the corrective actions and when they will be completed
- Be proactive in monitoring the progress of the corrective actions and reporting them
+ - How long do audits take?
Audits can last from a few days to several months, depending on the scope and objectives of the audit work
+ - What kinds of internal audit services are available?
We perform a variety of services. Here are the most common:
- Operational audits - we examine the use of unit resources to evaluate whether those resources are being used in the most effective and efficient manner to fulfill the University’s mission and objectives
- Financial audits – we focus on accounting and reporting of financial transactions. The purpose of this type of audit is to verify that there are sufficient controls over cash and cash-like assets, and that there are adequate process controls over the acquisition and use of resources
- Risk based departmental audits – we examine a broad range of risks and determine how they are being managed currently
- Investigations – we attempt to provide guidance and assistance to address alleged fraud concerns
- Consulting engagements – we are typically providing advice on some specific problem that management has asked for our assistance in solving
+ - Will the audit disrupt my department’s everyday activity?
Like any special project, an audit affects the area’s routine to some extent. The Department of Internal Audit will make every effort to minimize this disruption and cooperate with you to make the process as smooth as possible.
+ - I have a policy question, can Internal Audit help me?
Absolutely, if you have questions on policies, procedures or best practices we will be glad to help. In some cases, we will know the answer to your question, but if we don’t, we will be glad to research the answer to your question