The mission of the Office of Internal Auditing (Internal Audit) is to provide independent, objective assurance and consulting services designed to add value and improve the operations of Illinois State University.
Scope of Work
The scope and nature of Internal Audit work includes:
- Using a systematic and disciplined approach to evaluate and contribute to the improvement and effectiveness of the risk management, control, operational and governance processes of the institution.
- Assisting the University in maintaining effective controls by evaluating their effectiveness and efficiency, promoting continuous improvement of the controls, and testing that the controls respond to risks within the University’s governance, operations, and information systems regarding the:
- Reliability and integrity of financial and operational information;
- Effectiveness and efficiency of operations;
- Safeguarding of assets; and
- Compliance with applicable laws, regulations, and contracts
- Providing assurance services through independent and objective examinations and assessments. Examples include financial, operational, compliance, and information technology audits
- Providing consulting services, the nature and scope of which are agreed upon with management, that are intended to add value and improve governance, risk management, and control processes.
The Director of Internal Audit shall be accountable to Illinois State University’s President and the Board of Trustees Audit Committee to:
- Provide assessments on the adequacy and effectiveness of ISU’s processes for controlling its activities and managing its risks in the areas set forth under the mission and scope of work;
- Report significant issues related to the processes for controlling the activities of ISU, including potential improvements to those processes, and provide information concerning such issues through resolution;
- Provide information periodically on the status and results of the annual audit plan and the sufficiency of the department resources;
- Work with the Auditor General’s Office or other external auditors and provide information regarding the status of audits and reviews.
Internal Auditing staff will be free of all operational and management responsibilities that would impair their ability to independently review all aspects of the University and its operations. To provide for this independence Internal Audit reports directly to the President of the University. The Director also has a dotted reporting line to the Board of Trustees’ Audit Committee.
Internal Audit may act in an advisory, consulting role without adversely affecting objectivity by:
- Assisting in the recommendation of standards and techniques of controls to be applied in system and procedural development.
- Assisting management in analysis of operations or activities.
- Providing training related to controls, compliance, and/or governance processes and frameworks.
- Serving on University committees in an advisory capacity.
The Director and staff of the Office of Internal Audit have responsibility to:
- Develop a flexible two-year audit plan, in accordance with the Fiscal Control and Internal Auditing Act (30 ILCS 10/), with input from senior management and the Board of Trustees, that is approved by the President prior to June 30th of each year.
- Implement the annual audit plan, as approved, including, and as appropriate, any special tasks or projects requested by management.
- Share information and coordinate activities with both internal and external control and monitoring functions to ensure proper coverage and minimize duplication of efforts
- Establish a quality assurance program by which the Director assures the operational quality of internal audit activities.
- Meet periodically with the President and senior management providing periodic reports summarizing the results of audit activities, emerging trends, and successful practices in internal auditing.
- Meet at least annually with the Audit Committee providing reports summarizing the results of audit activities, emerging trends, and successful practices in internal auditing, as necessary.
- Assist in the investigation of significant suspected fraudulent activities as requested by management.
- Prepare an annual report and submit to the President by September 30th of each year summarizing the scope, results, status of implemented action plans, and activities of Internal Audit.
- Maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of this charter, including ensuring appropriate continuing professional development to ensure the staff has the skills and abilities to perform audit assignments.
- Perform special requests, projects, investigations, and consulting services as requested by management.
- Assist in the coordination of Fiscal Control and Internal Auditing Act certification of internal controls for the University; ensuring certifications are filed by May 1st of each year .
Internal Audit staff is authorized to :
- Have full, free, and unrestricted access to all University activities, records, property, information systems, and personnel needed to accomplish its mission and scope of work.
- Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives.
- Obtain the necessary cooperation and assistance of personnel in units where Internal Audit performs audits, as well as other specialized services from within or outside the University.
Internal Audit staff is not authorized or expected to:
- Perform any operational duties;
- Initiate or approve accounting transactions external to Internal Audit; and
- Direct the activities of any ISU employee not employed by Internal Audit except to the extent such employees have been appropriately assigned to auditing teams or to otherwise assist the auditors.
Standards of Audit Practice
Internal Audit has the duty to carry out its responsibility as defined by the State of Illinois Fiscal Control and Internal Auditing Act ( 30 ILCS 10/1001 ). As well as performing audits in conformance with The Institute of Internal Auditor’s International Professional Practices Framework (IPPF). The IPPF requires adherence to the Definition of Internal Auditing, the Code of Ethics, and the Standards. Internal Auditing will also abide by Generally Accepted Government Auditing Standards; by-laws and requirements established by the State of Illinois Auditing Advisory Board, the General Accounting Office or other governing agencies, as deemed appropriate.
The Internal Auditing Charter was approved by the President on September 20, 2012. Internal Audit will periodically review the charter.