The compliance audit function develops audit programs to assess, evaluate, and make recommendations to management regarding the effectiveness of the University's compliance program. The compliance audit function evaluates whether the compliance program promotes a culture that fosters ethical and compliance behavior with adequate internal controls that effectively prevent and/or detect violations of laws, regulations, university policies or code of conduct; and ensures that compliance expectations and responsibilities are timely communicated to departments, functions, and employees.
The financial audit function develops audit programs to assess, evaluate, and make recommendations to management regarding accounting and financial reporting of transactions and activities. The function's central objective is to ensure that the financial activity of the department, unit or function is completely and accurately reflected in the appropriate financial reports. Some areas which financial audits focus include: segregation of duties, authorizations and approvals, reviews and reconciliations.
This function assesses risks and evaluates internal controls of operational systems for departments, units, and functions. Operational audit objectives include determining whether operations are functioning efficiently, effectively, and in accordance with management's intent. The operational audit function evaluates the use of resources available to the department, unit or function to determine if management's objectives and goals are being met in the most effective and efficient manner. Some areas of operational audits include: organizational structure, asset management and security, staffing, and productivity.
The information technology audit function develops audit programs to assess, evaluate, and make recommendations to management regarding the adequacy of internal controls inherent in the University's information systems, and the effectiveness of the associated risk management. The information technology audit function assesses the extent to which automated information processing systems, technology, architecture and processes produce reliable and accurate information, are in accordance with the University's policies and procedures, and applicable laws and regulations.
Advisory and consulting engagements include review of existing business processes and strategies, as well as implementations. It also includes evaluation and advice on policies, procedures, process enhancements, and any management requests for reviews of areas considered mutually critical.
This area includes, but is not limited to, inappropriate activity or behavior involving the University's accounts and operations.