The added value of internal audit
The Institute of Internal Auditors (IIA) defines internal auditing as “an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.”
The IIA recently published a new mission statement for internal audit: “To enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight.” A central theme in both statements is that internal audit adds value to the organization that it serves.
How does UNC Charlotte’s Internal Audit Department add value?
According to the Institute of Internal Auditors, an effective way to communicate the value of internal audit’s work to stakeholders is by focusing on three core elements: assurance, insight and objectivity. Management relies on internal audit for objective assurance and insight on the effectiveness and efficiency of governance, risk management and internal control process.
Assurance equals governance, risk and control: The Internal Audit Department provides assurance on the University’s governance, risk management and control processes to help the institution achieve its strategic, operational, financial and compliance objectives. The University’s Internal Audit Department provides assurance by evaluating risk exposures relating to the achievement of the University’s strategic objectives, by evaluating the systems established to ensure compliance with policies, plans, procedures, laws and regulations that could have a significant impact on the University and by reporting significant risk exposures and control issues, including fraud risks, governance issues and other matters needed or requested by management.
Insight equals catalyst, analyses and assessments: Internal audit is a catalyst for improving the University’s effectiveness and efficiency by providing insight and recommendations based on analyses and assessments of data and business processes. The Internal Audit Department evaluates the reliability and integrity of information and the means used to identify, measure, classify and report such information. Department personnel also evaluate the means of safeguarding assets and when appropriate, verify the existence of the assets.
Objectivity equals integrity, accountability and independence: Internal audit’s objectivity comes from the direct reporting relationship to the chancellor, a defined relationship with the ACERM and conformance with professional standards. With commitment to integrity and accountability, the Internal Audit Department provides value to governing bodies and senior management as an objective source of independent advice. The department is continually monitoring and evaluating the University’s governance processes and the effectiveness of the University’s risk management processes and reporting the results to management.
The value of internal audit is in its ability to protect the University from loss, real losses by avoiding potential fines for noncompliant practices to reputational damage from unethical or inappropriate behavior. The value added by internal audit creates conditions that promote the successful achievement of the University’s goals and objectives.