The Office of Internal Audit serves McNeese State University and its various departments. It provides a central point for coordination of and oversight for activities that promote accountability, integrity, efficiency, and compliance. This charter sets forth the purpose, authority, and responsibility of the internal audit activity at the McNeese State University. The charter establishes the internal audit activity's position within the University; authorizes access to records, personnel, and physical properties relevant to the performance of engagements; and defines the scope of internal audit activities.
Mission and Scope of Work
The mission of the internal audit activity is to provide independent, objective assurance and consulting services designed to add value and improve the University's operations. It helps the University accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
The scope of work of the internal audit activity is to determine whether the University's network of risk management, control, and governance processes, as designed and represented by management, is adequate and functioning in a manner to ensure:
- Risks are appropriately identified and managed.
- Interaction with the various governance groups occurs as needed.
- Significant financial, managerial, and operating information is accurate, reliable, and timely.
- Employee's actions are in compliance with policies, standards, procedures, and applicable laws and regulations.
- Resources are acquired economically, used efficiently, and adequately protected.
- Programs, plans, and objectives are achieved.
- Quality and continuous improvement are fostered in the University's control process.
- Significant legislative or regulatory issues impacting the University are recognized and addressed properly.
Opportunities for improving management control, profitability, and the University's image may be identified during audits. They will be communicated to the appropriate level of management.
The Director of Internal Audit in the discharge of his/her duties shall be accountable to management to:
- Assess the adequacy and effectiveness of the University's processes for controlling its activities and managing its risks in the areas set forth under the mission and scope of work.
- Report significant issues related to the processes for controlling the activities of the University and its affiliates, including potential improvements to those processes, and provide information concerning such issues through resolution.
- Periodically provide information on the status and results of the annual audit plan and the sufficiency of department resources.
- Coordinate with other control and monitoring functions (risk management, compliance, security, legal, ethics, environmental, external audit).
Independence and Objectivity
The Office of Internal Audit staff report to the University's Director of Internal Audit, who operates under the general administrative oversight of the University President and reports functionally to the Board through the Board's CAE. This reporting relationship promotes independence and assures adequate consideration of audit findings and planned actions. In performing their work, the Director of Internal Audit and other internal audit staff members have no direct authority over, nor responsibility for, any of the activities reviewed. Internal auditors will not develop and install procedures, prepare or approve records, make management decisions, or engage in any other activity, which could be construed to compromise their independence. Therefore, internal audit's reviews and appraisals do not in any way substitute for nor relieve other persons in the University of the responsibilities assigned to them. Staff of the internal audit activity shall be objective and maintain an independent mental attitude in performing engagements.
The University's Director of Internal Audit and staff of the internal audit activity have responsibility to:
- Develop a flexible annual audit plan and submit that plan to the University President and the University of Louisiana System Board of Supervisors (Board) for approval. The plan is to be developed based on internal audit's assessment of risk with input from management, ULS Board members, and ULS Director of Internal Audit regarding areas of concern and areas of increased risk.
- Implement the annual audit plan, as approved, including, as appropriate, any special tasks or projects requested by management and the Audit Committee.
- Maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of this charter.
- Establish a quality assurance program by which the Director of Internal Audit assures the operations of internal auditing activities.
- Perform consulting services, beyond internal auditing's assurance services, to assist management in meeting its objectives. Examples may include facilitation, process design, training, and advisory services.
- Evaluate and assess significant functions and new or changing services, processes, operations, and control processes coincident with their development, implementation, and/or expansion.
- Assist in the investigation of significant suspected fraudulent activities within the University and notify management and the audit committee of the results.
- Manage the University's reporting hotline and investigate concerns as deemed appropriate.
- Consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage.
- Submit written and timely reports to the President of the University and appropriate members of management at the conclusion of each engagement to acknowledge satisfactory performance or to set forth observations and/or recommendations for correction or improvement. A copy of each internal audit report and a summarization will be forwarded to the Board's CAE.
- Act as the University's designee for the State of Louisiana Ethics program in monitoring and providing ethics education to all personnel.
As discussed in the Board's Internal Audit Charter, the University's internal audit activity will include the following general objectives:
- Determining that the University's overall system of internal control and the controls in each departmental unit or activities under audit are adequate, effective, efficient, and functioning by conducting audits on a periodic basis so that all major systems are reviewed. Such reviews will be coordinated with the Office of the Louisiana Legislative Auditor to avoid unnecessary duplication of effort.
- Determining the reliability and adequacy of the accounting, financial, and reporting systems and procedures.
- Determining, on a test basis, that University activities, including the administration of grants and contracts received or made, are in conformance with the University policies and procedures, state and federal laws and regulations, contractual obligations, Board Rules, and good business practices.
- Determining the extent to which University assets are accounted for and safeguarded from losses of all kinds and, as appropriate, verifying, on a test basis, the existence of such assets.
- Evaluating operational procedures to determine whether results are consistent with established objectives and goals and whether the procedures are being carried out as planned.
- Evaluating the design of major new electronic data processing systems and major modifications to existing systems prior to their installation to determine whether the system of internal control will be adequate, effective, and efficient. Prior to its installation, sufficient information must be provided to the internal audit activity regarding the intended internal controls, so they can complete their evaluation and issue recommendations.
- Conduct investigations as required or directed related to the general objectives previously stated.
The Director of Internal Audit and staff of the internal audit activity are authorized to:
- Have unrestricted access to all functions, records, manual and automated systems, properties, and personnel of the University.
- Audit or review any function, activity, or unit of the University and the accounts of all organizations required to submit financial statements to the University.
- Have direct access to the President of the University and shall present to the President any matter considered to be of sufficient importance to warrant attention or that has been brought to the internal audit activity for review.
- Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives.
- Obtain the necessary assistance of personnel in units of the University where they perform audits, as well as other specialized services from within or outside the University.
The Director of Internal Audit and staff of the internal audit activity are not authorized to:
- Perform any operational duties for the University or its affiliates including the development and installation of policies and procedures, preparation of records, making management decisions or engaging in any other activity that could be reasonably construed to compromise the independence of the internal audit staff.
- Initiate or approve accounting transactions external to the internal audit activity.
- Direct the activities of any University employee not employed by the internal audit activity, except to the extent such employees have been appropriately assigned to auditing teams or to otherwise assist the internal auditors.
Standards of Audit Practice
The activities of the Office of Internal Audit shall be conducted in accordance with the International Standards for the Professional Practice of Internal Auditing. With the adoption of these standards, the Office of Internal Audit prescribes to the Code of Ethics promulgated by the Institute of Internal Auditors. Although not mandatory, internal auditing staff may obtain guidance in particular engagement situations from the Information Systems Audit and Control Association's "Standards for Information Systems Auditing", the American Institute of Certified Public Accountants "Statements on Auditing Standards", and the United States General Accounting Office's "Government Auditing Standards". The Office of Internal Audit is further committed and prescribes to the guiding principles of integrity, fairness, and objectivity.
Approved by the Board of Supervisors for the University of Louisiana System on February 14, 2012.