Internal audit isn’t just about the numbers
An internal audit is a systematic and independent examination of data, statements, records, operations and performances of an organization, for a stated purpose. The UNC Charlotte Internal Audit Department was established by the Board of Trustees, with oversight provided by the Audit, Compliance and Enterprise Risk Management Committee.
Internal auditors are tasked to provide independent assurance that the organization’s risk management, governance and internal control processes are operating effectively.
“We deal with issues that are fundamentally important to the survival and prosperity of the institution, looking beyond the numbers associated with financial risks and statements to consider wider issues such as the University’s reputation and growth,” said internal auditor Diana Hill.
The Institute for Internal Auditors, established in 1941 as the profession’s global voice and authority, defines six general categories of internal audit services:
- Financial audits address questions of accounting, recording and reporting of financial transactions
- Compliance audits seek to determine if departments are adhering to federal, state and University rules, regulations, policies and procedures
- Operational audits examine the use of resources to evaluate whether those resources are being utilized in the most efficient and effective way to fulfill missions and objectives
- Advisory and consulting engagements include reviews of existing business processes. They may include evaluation and advisement on policies, procedures, process enhancements and any management requests of areas considered mutually critical
- Special investigative audits are only performed when appropriate and focus on alleged violations of federal and state laws and University policies and procedures. Sometimes, they result in prosecution or disciplinary actions
- Information systems audits address the internal control environment of automated information processing systems and how these systems are used. Information systems audits would typically evaluate system inputs, output and processing controls, backup and recovery plans and system security, as well as computer facility reviews.
“Here at UNC Charlotte, we blend characteristics of financial, compliance, operational and information systems audits into what we call integrated audits. We believe that these audits give us the best assessment of a department or college and actually save time by performing one audit instead of several audits,” Hill stated. “We also respond to management requests for advisory and investigative services. We annually publish a rolling four-year plan of audits that gives our campus customers a heads-up on when we will be coming to visit. Our scope of work is comprehensive and considers all aspects of the University, financial and non-financial, with the emphasis always being on constructive improvement.”
Inside UNC Charlotte, during May (Internal Audit Awareness Month), has published a series of short articles to raise awareness about the internal audit process. This is the final article in the series.