Charter

Purpose

University Audit and Advisory Services provides independent, objective assurance and consulting services that add value and improve the operations of Arizona State University. Internal Audit reviews help ASU accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of business, risk management, control and governance processes.

Internal Audit evaluates risk exposures relating to ASU’s governance, operations and information systems for:

  • Achievement of the organization’s strategic objectives. 

  • Compliance with laws, regulations, policies, procedures and contracts.

  • Effectiveness and efficiency of operations and programs.

  • Reliability and integrity of financial and operational information.

  • Safeguarding of assets.

Authority

日本一本道a不卡免费In order to accomplish its objectives, Internal Audit has full, free and unrestricted access to all functions, records, reports, activities, property and personnel, as needed to fulfill their assigned responsibilities. Internal Audit staff will exercise discretion in the review of records to assure the necessary confidentiality of matters that come to their attention, as required by the Institute of Internal Auditors’ Code of Ethics.

University management is responsible for the risk management and internal control structure over the areas audited. Internal auditors have no direct responsibility or any authority over any of the activities or operations that they review.

Independence and objectivity

日本一本道a不卡免费Internal audit must be independent, and the internal auditors must be objective in performing their work.  Internal Audit’s Authority comes from the Arizona Board of Regents Audit Committee.  The Audit Committee is responsible for auditor independence and objectivity, but delegates responsibility for ongoing oversight of the university internal audit function to the ASU Internal Audit Review Board. 

The Chief Audit Executive of ASU Audit and Advisory Services reports functionally to the Internal Audit Review Board and administratively to the Executive Vice President, Treasurer and Chief Financial Officer. This authority cannot be delegated. The University Chief Audit Executive is not a member of the Internal Audit Review Board.

日本一本道a不卡免费The reporting line for the internal audit activity is the ultimate source of its independence and authority. Examples of functional reporting involve:

  1. 日本一本道a不卡免费Approving the internal audit charter.

  2. 日本一本道a不卡免费Approving a risk-based internal audit plan.

  3. 日本一本道a不卡免费Approving the internal audit, budget and resource plan.

  4. Receiving communications from the Chief Audit Executive on the internal audit activity’s performance relative to its plan and other matters.

  5. 日本一本道a不卡免费Approving decisions regarding the appointment and removal of the Chief Audit Executive.

  6. Approving the remuneration of the Chief Audit Executive, and

  7. Making appropriate inquiries of management and the Chief Audit Executive to determine whether there are inappropriate scope or resource limitations.

Administrative reporting is a relationship within the organization’s management structure that facilitates day-to-day operations of the internal audit activity and provides appropriate interface and support for effectiveness. Examples of administrative reporting involve:

  1. Budgeting and management accounting.

  2. 日本一本道a不卡免费Human resource administration.

  3. 日本一本道a不卡免费Internal communications and information flows.

  4. 日本一本道a不卡免费Administration of the organization’s internal policies and procedures (expense approvals, leave approvals, floor space, etc.)

The Chief Audit Executive confers with the Arizona Board of Regents Audit Committee at least annually, outside the presence of university officials, on any subject related to Internal Audit's area of responsibility. The Chief Audit Executive may communicate directly with the Chair of the Audit Committee at any time.

Internal auditors must exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined and shall have an impartial, unbiased attitude and avoid conflicts of interest.

Responsibilities

日本一本道a不卡免费The responsibility of the internal audit function is to serve ASU in a manner that meets or exceeds the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing and the associated Code of Ethics.

日本一本道a不卡免费Internal Audit responsibilities include, but are not limited to:

  1. Developing and implementing a risk-based annual audit plan and additional 4-year audit schedule that recognizes the scope of work performed by other university compliance functions and other auditors

  2. 日本一本道a不卡免费Submitting the aforementioned plan to the Internal Audit Review Board for review and approval.  The Chief Audit Executive will submit the plan to the Audit Committee for approval.

  3. 日本一本道a不卡免费Implementing the annual audit plan, as approved.

  4. 日本一本道a不卡免费Examining and evaluating the adequacy and effectiveness of the systems of internal control, including information systems security and control.

  5. 日本一本道a不卡免费Identifying opportunities for reducing costs, improving processes and enhancing the university’s reputation.

  6. Appropriately documenting the results of all audit work performed.

  7. 日本一本道a不卡免费Promptly and properly reporting any frauds, abuses, internal control weaknesses, other concerns and opportunities for improvement to University management and the audit committee, if appropriate.

  8. Following-up on previously completed audits to ensure management is implementing actions to address identified operational, compliance and internal control issues satisfactorily.

  9. Distributing audit reports to university management and the Audit Committee.

  10. Preparing and submitting an annual report summarizing the audits, management advisory services, and investigations conducted by the office during the fiscal year.

  11. 日本一本道a不卡免费Maintaining a professional audit staff with sufficient knowledge, skills, professional certifications and competencies to meet the requirements of this charter.

  12. Performing advising and consulting services, as requested, to assist management in meeting its objectives.

  13. 日本一本道a不卡免费Responding to requests and special audit projects requested by the Audit Committee.

  14. Establishing a quality assurance program by which the Chief Audit Executive assures the operation of internal auditing activities are conducted in accordance with professional standards.

Reports to the Audit Committee

During each Audit Committee regularly scheduled meeting, the Chief Audit Executive will report:

  1. 日本一本道a不卡免费Significant obstacles experienced in performing individual audits/projects.

  2. Concerns regarding ability to complete the annual audit plan.

  3. Changes in significant risks since prior meeting.

  4. Significant audit findings in audit reports issued since the prior Audit Committee meeting, irrespective of remediation. The Chief Audit Executive is to determine which findings to report.

日本一本道a不卡免费Annually, the Chief Audit Executive will present for Audit Committee approval:

  1. Audit Plan Status Report highlighting audits and projects that may not be completed by fiscal year-end and their disposition.

  2. University risk assessment, including a description of the heat map development.

  3. Annual Internal Audit Plan for the next fiscal year, with a description of how the plan was developed and how the risk assessment influenced the plan.

  4. Multiyear audit schedule.

  5. Updated Internal Audit Charter for Audit Committee approval, highlighting any changes proposed since last approval, if any.

  6. A written Annual Report on Internal Audit (a historical perspective) addressing:

    • ​​​​Performance against the Annual Audit Plan.

    • A narrative summarizing completed audits and major findings.

    • Status of major corrective actions pending. The Chief Audit Executive is to determine which findings to include.

    • A summary of Internal Audit staffing levels, qualifications & specializations, certifications, and turnover during the year.

    • A summary of continuing education activities.

    • A summary of internal audit expenditures.

Periodically, when appropriate, the Chief Audit Executive will present Internal Audit’s completion of a Quality Assessment Review (peer review).