Types of Audits
Financial audits assess, evaluate, and make recommendations to management regarding accounting and financial reporting of transactions and activities. The central objective is to ensure that the financial activity of the department, unit or area is completely and accurately reflected in the appropriate financial reports.
Operational audits assess, evaluate, and make recommendations to management regarding internal controls for operations of departments, units, and areas. Operational audit objectives include determining whether operations are functioning efficiently and effectively, are in alignment with the University mission, and are being conducted in accordance with management's intent.
Compliance audits assess, evaluate, and make recommendations to management regarding the effectiveness of the University's compliance program. The function evaluates whether the compliance program promotes a culture that fosters ethical and compliant behavior and includes adequate internal controls that effectively prevent and/or detect violations of laws, regulations, University policies or code of conduct.
IT audits examine and evaluate an organization's information technology infrastructure, policies and operations. The primary objectives of IT audit include:
- Determine risks to a company's information assets, and help identify methods to minimize those risks.
- Evaluate the systems and processes in place that secure company data, maintain data integrity and availability and produce reliable and accurate information.
- Ensure information management processes are in compliance with IT-specific laws, policies and standards.
- Determine inefficiencies in IT systems and associated management.
Internal Audit works closely with the ITS Department and are members of the Data Security Committee to provide educational guidance and promote security awareness to the University community.
Performed when appropriate. These audit activities focus on alleged violations of federal and state laws and of university policies and regulations. Internal theft, misuse of university assets, hotline allegations, and conflicts of interest are examples of investigative audits.
Departmental Control Assessment Surveys and Data Security Surveys are used as a tool to assess the internal control environment and data security practices of a given department and identify areas of unmitigated risks and opportunities for improvement.