Process Framework

Outlined below is a broad overview to assist in the understanding of the function and its key parts. Compliance and Audit Services function can be organized into six (6) sections - this exhibit highlights the Internal Audit structure and key processes within the function.

Internal Audit Policy

Defines the general authority and responsibilities of the Compliance and Audit Services. We are appropriately positioned to receive the support needed to deliver valued services.

Internal Audit Policy No. 1.6

  • Provides for internal audit function existence
  • Serves as independent appraiser
  • Has access to all operations/activities
  • Unrestricted access to all personnel, records and property
  • Reports to the President

Audit Committee Charter

Provides for independent communication and defines oversight (governance).

Internal Auditing Oversight

  • Internal Auditing Staff Evaluation (5.1)
  • Internal Audit Process (5.2)
  • Internal Audit Reports (5.3)

Internal Controls and Code of Conduct Oversight

  • Provide an Assessment of Internal Controls (7.1)
  • Reports Violations Related to Code of Conduct (7.2)

Audit Environment Assessment

A broad risk assessment is developed which helps to understand the University's overall risk profile when planning areas to be audited.

  • Risk Assessments
  • Audit Planning Process

Audit Activities

Audit resources are allocated to defined areas. Management requests/special projects will be accommodated as the concern dictates.

  • Planned Audits
  • Investigations
  • Special Projects
  • External Audit Assistance

Fraud Reporting Program

Communication of Audit Activities

Formal audit reports are issued to Management to communicate final results. Specific key data is captured and analyzed to assess our University environment. Per Audit Charter - any concerns can be directly addressed to the Audit Committee.

Management Reports

  • Management Briefing (single page reporting)
  • Executive Summary
  • Presidential Audit Action Form
  • Other

Audit Committee

  • Summary of Internal Audit activity report

Audit Follow-up Process

Provide follow-up action that requires continued intervention.

  • Audit areas/items denoted as high risk
  • As specifically requested