| Initiating body: | Internal Auditing Office |
|---|---|
| Contact: | Internal Auditing Office (438-2339) |
| Revised on: | 07/2006 |
This charter sets forth the authority and responsibilities of the Internal Auditing Department and provides guidelines for its interaction with University departments, administrators and personnel.
Internal Auditing derives its authorities from the State of Illinois Fiscal Control and Internal Auditing Act of 1989, the State Internal Audit Advisory Board, and the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing. The Act mandates a full-time program of internal auditing at designated state agencies. Board of Trustees' Regulations affirm the mandate of the Act.
Internal Auditing has the authority to audit all parts of the University, and shall have full and complete unrestricted access to any of the University’s records, physical properties, electronic media, and personnel relevant to the performance of an audit.
Internal Auditing shall receive the full support and cooperation of all levels of University administration and staff.
Internal Auditing must be informed of changes in major administrator, dean, and department head positions in a timely manner so that audit communications can be appropriately addressed and a "close-out" audit planned if necessary.
Prior to dedicating significant funds or resources, the appropriate administrator must inform Internal Auditing of all proposed new and major modifications to existing:
The Director of Internal Auditing will consult with major administrators at least annually to determine that the above communications have occurred and to solicit input for the annual audit plan.
To maintain objectivity, Internal Auditing shall have no direct responsibility or authority over:
An internal audit, or lack thereof, does not in any way relieve other persons in the University of the responsibilities assigned to them.
Internal Auditing will not initiate an audit based solely on an anonymous communication but may discuss the nature of the communication with appropriate University officials.
Any fiscal agent, dean, or department head may request an internal audit. Under normal circumstances, such requests will need the approval of the major administrator. Internal Auditing will plan the audit if schedules permit. Once submitted, the request cannot be withdrawn. The requester may suggest particular areas to review, but cannot define or limit the scope of the audit or the contents of the report.
In addition to performing assurance audits, the Internal Auditing Department may, if time allows, perform consulting services that are advisory in nature and are generally performed at the specific request of an engagement client. These services may range from formal engagements with defined scope and objective to advisory activities such as limited participation in standing or ad hoc committees or project teams. Consulting may also include formal guidance provided on an as-needed basis.
Internal Auditing will handle documents and information received during the course of an audit in the same prudent manner as by those employees normally accountable for them.
Unless a fraud investigation is contemplated, Internal Auditing will inform all appropriate levels of the University Administration of the nature, scope, timing, cooperation necessary, records required, and results of all audit projects.
Although it is assumed the auditee (client) will be discussing a draft audit report and potential responses with his/her supervisors, any level of management receiving the draft report may contact Internal Auditing before the given deadline to request clarification or further discussion, or to make comments on any items in the draft report.
Internal Auditing communications are exempt from disclosure under the Freedom of Information Act. Internal Auditing includes a complete statement to this effect with all audit reports.
The State of Illinois Fiscal Control and Internal Auditing Act of 1989 stipulates that the chief internal auditor must report directly to the chief executive officer, shall have direct communication with the governing board, and shall be free from all operational duties.
The Act requires the chief executive officer to approve a two-year audit plan by the start of each fiscal year. The chief internal auditor must submit a written report to the chief executive officer within 90 days of the start of each fiscal year outlining how Internal Auditing carried out the previous fiscal year audit plan and the current status of significant findings.
The State of Illinois Fiscal Control and Internal Auditing Act of 1989 empowers the chief internal auditor with "all other powers or duties authorized by law, required by professional ethics or standards, or assigned consistent with this Act necessary to carry out the duties required by this Act."
The Act provides that the chief internal auditor may consult with the Auditor General, the Department of Central Management Services, and other groups regarding the duties or responsibilities outlined.
The Act requires audits of major systems of internal accounting and administrative control on a two-year cycle including tests of obligation, receipt, expenditure, and use of public funds and funds held in trust. Systems of Internal Control include administrative and management structures and processes not directly related to the University's accounting system.
The Act requires Internal Auditing to determine that Illinois State University is monitoring grants received or made by the University in accordance with applicable laws and regulations.
Internal Auditing must review the design of major new computer information systems and major modifications to exiting computer information systems before their installation to ensure that they provide for adequate internal controls, transaction trails and accountability.
Internal Auditing is authorized to conduct special audits of operations, procedures, programs, computer information systems, and activities as directed by the chief executive officer or the governing board.
