Frequency
- Annual Work - Each fiscal year an annual audit plan is developed and submitted to the Audit Committee for review. The audit plan is based on a risk assessment methodology.
- Management Request -These audits occur when there is a request by management. If you would like to request an audit, please call the Director of Internal Audit and Advisory Services at 402-472-7109.
- Fraud/Special Projects - These projects are the result of a complaint by an individual who knows or suspects an act of fraud or financial misconduct. Complaints may be made by phone or anonymously by email. Click here for more information.
Types
- Compliance – A compliance audit measures the compliance of the University with an established law, regulation and/or policy.
- Financial – A financial audit is a review intended to serve as the basis for expressing an opinion regarding the fairness, consistency and conformity of financial information with generally accepted accounting principles.
- Investigation – These audits are normally requested by management and/or anonymous tips and focus on alleged, irregular conduct.
- Operational – Operational audits are concerned with the effectiveness and efficiency of operational units within the University.
- Information Technology – Information technology audits are conducted to evaluate the quality of the controls and safeguards over the information technology resources of the University.
- Risk/Control Assessment – Risk/Control Assessments are used to develop the annual audit plan. It allows all areas of the University to be evaluated using uniform criteria to identify and appraise significant risks associated with the University.
- Consulting/Advisory Services - Internal Audit and Advisory Services also provides routine consultation and advisory services to the University. This may include, but is not limited to, interpreting policies and procedures, non-voting participation on standing committees, ad-hoc meetings, and routine information exchange. If you have a question please give us a call.
Audit Processes
- Preliminary Review – The preliminary review consists of an entrance conference and a preliminary survey and internal control review. The entrance conference is the very first meeting of the audit process involving the internal auditor, management and other members of the department being reviewed. Objectives of the review and completion dates are discussed as well as any concerns management may have. The preliminary survey and internal control review includes gathering information about the processes in place and reviewing and evaluating the existing internal control structure.
- Fieldwork – Fieldwork involves performing tests and examining transactions, documents, and records.
- Reporting – The reporting process includes a closing conference at the end of the fieldwork phase, a draft report, obtaining management’s plan, evaluating management’s response and issuing a final audit report to the Audit Committee.
- The Collaboration and Communication Process – Internal Audit and Advisory Services is continually developing internal control processes that enables the campuses to work together and communicate through open lines of communication.
- Audit Follow-up – Follow-up audits are designed to determine whether corrective action has been taken on previous audit recommendations.
- Audit Tracking System – All significant auditor recommendations are input on an audit tracking system. This system tracks the University personnel responsible for the resolution of the recommendation and the date the issue will be resolved. The audit tracking system is reviewed by the Audit Committee.
- Annual Report to the Audit, Risk and Compliance Committee – On an annual basis, we present this report to the Audit Committee. The Annual Report includes an overview of the department, a top 10 risk list, the Audit Plan, an organization chart, required disclosures, and a summary of the prior year’s activity.