Frequently Asked Questions


What does Internal Audit do?
  • Provide management with important and useful information
  • Determine presence and functioning of  internal controls in operating environment
  • Suggest ways to improve the efficiency and effectiveness processes
  • Assess compliance with policies, procedures, laws, and regulations.
  • Promote effective internal control at reasonable cost.
  • Verify existence and safeguarding of assets
  • Conduct examinations and reviews as requested by management.
What university activities are auditable?
  • Administrative, academic, or auxiliary departments.
  • Information technology systems.
  • Grants, contracts, and externally funded programs.
  • Organizational units such as divisions, sub-divisions, or regional campuses.
  • Payroll, purchasing, construction, marketing, accounting, and human resources functions
  • Laws and regulations.
  • Policies, procedures, and practices.
What are internal controls?

Internal controls are activities grouped in a system designed to provide reasonable assurance about the achievement of the following objectives:

  • The reliability and integrity of information.
  • Compliance with policies, plans, procedures, laws, and regulations.
  • The safeguarding of assets.
  • The economical and efficient use of resources.
Who is responsible for internal controls?
  • Management is responsible for ensuring that internal controls are established and functioning.
  • Management must create additional controls or altering existing controls as operating environments change.
Why is a segregation of duties important?
  • When duties are properly segregated the potential for loss or inappropriate use of university assets is minimized. 
  • Supervisory review of work does not replace the need for segregation of duties. 
  • Proper segregation of duties in an operating environment can provide a level of assurance for proper use and safeguarded of assets.
Why would I want to request an audit?
  • An audit is very beneficial to assess operations within any area of the university.
  • Review of department's administrative activity can help ensure that your procedures continue to comply with University policies. 
  • Beneficial to assess system controls and procedures when new IT systems are planned for implementation.
  • All requests will be evaluated to determine whether an investigation or review is warranted.
How long should records be retained?

Please refer to the university's record retention schedule for details.