Audit Frequently Asked Questions
We Change Lives
- Why was I selected to be audited?
- Why might I request an audit?
- What should I expect when an audit is scheduled for my unit?
- How long will the audit take?
- How will the audit findings be reported?
- Whom should I contact if I have any questions for our university audit office?
- Are there different types of audits?
Why was I selected to be audited?
If you are like many directors or department heads, you may not have requested an internal audit. The University conducts a regular, ongoing examination of its internal controls; and, as part of this process, the Office of Internal Audit conducts numerous audits annually. Regular audit reviews for many units are scheduled on a rotating cycle. A small percentage of internal audits are initiated to investigate possible irregularities.
Why might I request an audit?
n audit can produce many benefits, and timing can be an important factor. If you have recently assumed new or additional supervisory responsibilities, an audit can review administrative procedures to assess whether internal controls in that unit are adequate. It is also beneficial to assess system controls and modified office procedures when new computer systems are being installed. A periodic “checkup” to review your unit’s administrative activity can help ensure that your procedures continue to comply with University policy. An audit is an opportunity to receive independent appraisal of the effectiveness and efficiency of your unit’s administrative activities.
Anyone within the University community can request an audit. You may wish to coordinate the request with your Dean or Supervisor’s office or submit a request for an audit directly to the Office of Internal Audit. All requests will remain confidential.
What should I expect when an audit is scheduled for my unit?
The Office of Internal Audit will contact you to schedule a meeting to discuss the scope of the review and the logistics of conducting the audit. At this initial meeting, you should take the opportunity to discuss any concerns or questions you may have about the audit, and then determine how you can facilitate the review process. A typical audit has several stages, including preliminary research, data collection and analysis, review, preparation and distribution of a report and follow-up.
How long will the audit take?
Audits can last from several days to several months. The auditor will give you a reasonable estimate of the time he or she needs to complete the audit.
How will the audit findings be reported?
You and your staff will be kept apprised of the auditor’s findings throughout the course of the audit. At the conclusion of the audit, you will be able to review a draft of the report before the final version is issued. Except for special reports requested by a government agency, all audit information is treated as confidential and reported only to those within the institution who need to know.
Final audit reports are distributed to the President, the appropriate Vice President, the Dean or your Supervisor and you. In addition, the State Legislative Auditor has access to all audit reports.
Whom should I contact if I have any questions for our university audit office?
Please direct questions to Victoria Roach, Internal Auditor, at 475-5590.
Are there different types of audits?
Yes. There are six different types of internal audit reviews:
- Administrative Internal Control Reviews focus on the departmental-level activities that are components of the University’s major business affairs activities. Areas such as payroll and benefits, cash handling, inventory and equipment and their physical security, grants and contracts, and financial reporting are usually subject to review.
- Compliance Audits evaluate a unit’s adherence to external laws, regulations, policies and procedures. Examples of external requirements include federal and state laws, NCAA regulations and federal and state OSHA regulations. Recommendations often call for improvements in processes and controls that would ensure compliance with regulations.
- Electronic Data Processing (EDP) Audits address the internal control operations of automated information processing systems and how people use those systems. EDP audits typically evaluate system input, output, processing controls, backup and recovery plans, system security and computer facility reviews. EDP auditing projects can focus on existing systems as well as systems in the development stage.
- Financial Audits address questions of accounting and reporting of financial transactions. This would include commitments, authorizations and receipt and disbursement of funds. The intent is to verify there are sufficient accounting controls over cash and similar assets and that there are adequate process controls over the acquisition and use of resources.
- Investigative Audits focus on alleged civil or criminal violations of state or federal laws or violations of University policies and procedures that may result in prosecution or disciplinary action. Internal theft, white-collar crime, misuse of University assets and conflicts of interest would prompt the performance of an investigative audit.
- Operational Audits examine the use of departmental resource facilities to evaluate whether those resources are being used in the most efficient and effective manner possible. An operational audit includes elements of a compliance audit, a financial audit and EDP audit in the fact-finding phases.