The University Audit Plan and Risk Analysis is prepared annually by the Audit Director. Audits are designed to evaluate and test significant accounting, operational, compliance, and information system controls within the University. Each control technique is evaluated to determine if it is effectively achieving a specific control objective.
The purpose of the annual risk analysis is to prioritize all audit areas for review based on a risk assessment and ensure that Internal Audit resources are appropriate, sufficient, and effectively deployed to achieve audit coverage. Risk-based software is used to target areas of greatest exposure. This process automates the audit planning approach by
- defining and weighting risk criteria
- providing assurance that high-risk areas are being reviewed on a regular basis
- continuously updating the audit plan to reflect emerging issues.
Risk criteria are updated as each audit is performed to provide continuous assessment.
Click here to learn more about the audit process.