untitled.bmp

 

Internal Audit Activity Charter

This charter sets forth the purpose, authority, and responsibility of the internal audit activity at Northwestern State University.  The charter establishes the internal audit activity's position within the University; authorizes access to records, personnel, and physical properties relevant to the performance of engagements; and defines the scope of the internal audit activities.

MISSION AND SCOPE OF WORK 

The mission of the internal audit activity is to provide independent, objective, assurance and consulting services designed to add value and improve the University's operations.  It helps the University accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.  The internal audit activity is guided by a value driven philosophy of partnering with other departmental units to continuously improve the operations of the University.

The scope of work of the Internal Audit department is to determine whether the University's network of risk management, control, and governance processes, as designed and represented by management, is adequate and functioning in a manner to ensure:

  • Risks are appropriately identified and managed.
  • Interaction with the various governance groups occurs as needed.
  • Significant financial, managerial, and operating information is accurate, reliable, and timely.
  • Employees' actions are in compliance with policies, standards, procedures, and applicable laws and regulations
  • Resources are acquired economically, used efficiently, and adequately protected.
    Programs, plans, and objectives are achieved.
  • Quality and continuous improvement are fostered in the University's control process.
  • Significant legislative or regulatory issues impacting the University are recognized and addressedappropriately.

Opportunities for improving management control, profitability, and the University's image may be identified during audits.  They will be communicated to the appropriate level of management.

RESPONSIBILITY

The University's Internal Auditor, who oversees the internal audit activity, has the responsibility to:

  • Develop a flexible annual audit plan and submit that plan to the University President, and to the University of Louisiana System, Board of Supervisors (Board) for approval.The plan should be developed based on the Internal Auditor's assessment of risk and available audit resources, with input from management personnel regarding areas of concern and areas of increased risk.
  • Implement the annual audit plan, as approved, including any special tasks orprojects, such as those requested by the University's President, the System Director of Internal Audit, and/or the Board's Audit Committee.
  • Consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage to the University at a reasonable overall cost.
  • Assist in the investigation of significant suspected fraudulent activities within the University andnotify management and the Audit Committee of the results.
  • Perform consulting services, beyond the traditional assurance services provided byInternal Audit, to assist management in meeting its objectives. Examples may include facilitation, process design training, and advisory services.
  • Establish a quality assurance program by which the Internal Auditor assures the operations of internal auditing activities are acceptable.
  • Maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certification to meet the requirements of this charter.
  • Evaluate and assess significant new or changing services, processes, operations, and control processes coincidentwith their development, implementation, and/or expansion.
  • Submit written and timely reports to the President of the University and appropriate members of management at the conclusion of each engagement to acknowledge satisfactory performance or to set forth findings and/or recommendations for correctionor improvement. A copy of each internal audit report will be forwarded to the System's Director of Internal Audit.

As discussed in the Board's Internal Audit Charter, the University's internal audit activity will include the following general objectives:

  • Determining that the University's overall system of internal control and the controls in each departmental unit or activities under audit are adequate, effective, efficient, and functioning by conducting audits on a periodic basis so that all major systems are reviewed. Such reviews will be coordinated with the State of Louisiana Office of the Legislative Auditor to avoid unnecessary duplication of effort.
  • Determining the reliability and adequacy of the accounting, financial, and reporting systems and procedures.
  • Determining on a test basis, that University activities, including the administration of grants and contracts received or made, are in conformance with the University policies and procedures, state and federal laws and regulations, contractual obligations, Board Rules, and good business practices.
  • Determining the extent to which University assets are accounted for and safeguarded from losses of all kinds and, as appropriate, verifying, on a test basis, the existence of such assets.
  • Evaluating operational procedures to determine whether results are consistent with established objectives and goals and whether the procedures are being carried out as planned.
  • Evaluating the design of major new electronic data processing systems and major modifications to existing systems prior to their installation to determine whether the system of internal control will be adequate, effective, and efficient. Prior to its installation, sufficient information must be provided to the internal audit activity regarding the intended internal controls, so they can complete their evaluation and issue recommendations.
  • Conduct investigations are required or directed related to the general objectives previously stated.

AUTHORITY

The Internal Auditor is authorized to:

  • Have unrestricted access to all University functions, records, manual and automated systems, properties, and personnel of the University.
  • Audit or review any function, activity, or unit of the University and the accounts of all organizations required to submit financial statements to the University.
  • Have direct access to the President of Northwestern State University and shall present to the President any matter considered to be of sufficient importance to warrant attention, or that has been brought to the internal audit activity for review.
  • Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish theaudit objectives.
  • Obtain the necessary assistance of personnel in units of the University,as well as other specialized services from within or outside the University.

The Internal Auditor is not authorized to:

  • Perform any operational duties for the University or its affiliates.
  • Initiate or approve accounting transactions external to the internal audit function.
  • Direct the activities of any University employee not employed by the internal audit activity, except to the extent such employees have been appropriately assigned to the internal function or to otherwise assist the Internal Auditor.

INDEPENDENCE AND OBJECTIVITY

To provide for the independence of the internal audit activity, the Internal Auditor reports administratively to the President of Northwestern State University, and functionally to the Board through the System Director of Internal and External Audit.  In performing work, the Internal Auditor has no direct authority over, nor responsibility for, any of the activities reviewed.  Internal Audit will not develop and install procedures, prepare or approve records, make management decisions, or engage in any other activity, which could be construed to compromise its independence.  Therefore, reviews and appraisals by Internal Audit do not, in any way substitute for or relieve other person at the University of the duties and responsibilities assigned to them.  Internal Audit staff shall be objective and maintain an independent mental attitude in performing engagements.

ACCOUNTABILITY

The Internal Auditor, in the discharge of his/her duties, shall be accountable to the President to:

  • Assess the adequacy and effectiveness of the University's processes for controlling its activities and managing its risks in the areas set forth under the mission and scope of work.
  • Report significant issues related to the processes for controlling the activities of the Universityand its affiliates, including potential improvements to thoseprocesses, and provide information concerning such issues through resolution.
  • Provide information periodically on the status and results of the annual auditplan and thesufficiency of department resources.
  • Coordinate with and provide oversight of other control and monitoringfunctions (riskmanagement, compliance, security, legal, ethics, environmental,and external audit).

AUDIT COMMITTEE for the BOARD of SUPERVISORS       

To maintain oversight of the audit function, both internal and external, the Audit Committee for the Board of Supervisors will review and approve a System-wide audit program for the upcoming year.  The Audit Committee will also review the previous year's System-wide internal audit program, along with the annual financial and compliance audit, including any specific issues of concern.  As appropriate, any background documents related to specific audit issues will be sent to the Audit Committee upon request.                  

  STANDARDS OF AUDIT PRACTICE

The internal auditing staff shall govern themselves by adherence to the Institute of Internal Auditors' "Code of Ethics".  Assurance and consulting services shall be conducted in accordance with the Institutes "Standards for the Professional Practice of Internal Auditing" using such audit programs, techniques, and procedures as are considered necessary under the circumstances.  Although not mandatory, internal auditing staff may obtain guidance in particular engagement situations from the Institute of Internal Auditors' "Practice Advisories", the Information System Audit and Control Association's "Standards for Information Systems Auditing", the American Institute of Certified Public Accountant's "Statement of Auditing Standards", and the United States General Accounting Office's "Government Auditing Standards".