Frequently Asked Questions
The Internal Audit and Advisory Services Department adds value by responding to internal control questions. You may call the Internal Audit and Advisory Services Department direct at (402) 472-7109 if you have a specific question and we will either answer your question or refer you to the proper department to answer your question.
What is Internal Audit and Advisory Services?
Internal Audit and Advisory Services provides an independent, objective assurance and consulting activity that adds value and improves the University’s operations. Internal Audit and Advisory Services assists the Board of Regents, the Audit Committee, and the President in accomplishing their objectives in bringing a systematic, disciplined approach to evaluating and improving the effectiveness of risk management, control and the governance process.
What is the authority of Internal Audit and Advisory Services?
Internal Audit and Advisory Services reports directly to the Audit Committee of the Board of Regents. This reporting relationship promotes independence and assures adequate consideration of audit findings and recommendation. Internal Audit and Advisory Services has the authority to audit all parts of the University and has full and complete access to any of the organization’s records, physical properties, information systems and personnel relevant to the performance of an audit or investigation
What can be expected when an audit is scheduled?
Management of the area to be audited will be notified when an audit is scheduled. Internal Audit and Advisory Services will contact the appropriate personnel to schedule a meeting to discuss the audit. At this opening conference, the scope and objectives of the audit will be discussed. The audit process will be explained and any concerns or questions regarding the audit will also be discussed.
How long does it usually take to complete an audit?
Audits can take from a few days to several weeks depending upon the complexity of the operation and the condition of the records. During the opening conference, the estimated length of the audit will be discussed. Internal Audit and Advisory Services will keep you informed about the progress throughout the audit.
Who will receive the audit report?
Management of the area being audited will receive the draft audit report and have an opportunity to prepare a written response to each finding and recommendation noted during the audit. After reviewing management’s responses to the draft audit report, Audit Advisory Services will make any changes deemed necessary to the report. Any remaining differences are worked out with management prior to the issuance of the final audit report.
The final audit report will be distributed to the Audit Committee of the Board of Regents, the President and other members of senior management and/or department management as may be appropriate.
Who is responsible for taking corrective actions as outlined in the audit report?
Management is primarily responsible for corrective actions. Prior to final issuance of the audit report, management will have an opportunity to review a preliminary draft of the audit report and include a response and action plan. Senior and department management of the area audited share overall responsibility for ensuring adherence with laws, regulations, policies and procedures. The audit results should be communicated to project staff and other administrative personnel. Corrective action plans should be implemented in a timely manner along with cooperating with Internal Audit and Advisory Services regarding follow-up procedures.
What is meant by segregation of duties?
In order to protect the University from fraudulent activities, an appropriate level of segregation of duties should be instituted. This means separating the responsibility for key processes between multiple individuals to maintain checks and balances.
How do I report suspected improper or illegal acts affecting the University?
Any University faculty, staff or student who has a reasonable basis for believing fraud, waste or financial misconduct has occurred is responsible for reporting such incidents. You may do so by completing and submitting the Disclosure Form on-line.
Any such complaint or concern may be reported anonymously, but since we are not elected officials you may not be covered by the protections described in the "State Government Effectiveness Act." Your identity may also be reported to the Audit Committee of the Board of Regents, the President or other senior members of University management as well as other Internal Audit and Advisory Service personnel who are or become responsible for investigating, evaluating, addressing or resolving the complaint or concern. Under certain circumstances, the complaint or concern may be required to be reported to State governmental or law enforcement officials. Any University employee who violates the confidentiality of a person filing a report may be subject to appropriate personnel action.