Skip to main content

Internal Audit

Assurance Engagements

IA provides independent and objective services to assist in the identification, evaluation, and mitigation of risk. We conduct audits and reviews to assess the effectiveness and efficiency of the existing controls across the University. Our audits engagements range from audits of small departments to large colleges, as well as audits of University-wide processes.  Most audits and reviews are chosen based on an annual risk assessment.  IA seeks to add value to the University community by conducting the following assurance services:

Departmental Reviews

Departmental reviews are comprehensive examinations of an operating unit or a complete organization to evaluate its performance, as measured by management’s objectives.  A departmental review focuses on the efficiency, effectiveness, and economy of operations.

Compliance Reviews

Compliance audits determine whether, and to what degree, there is conformance to certain specific requirements of policy, procedures, standards, or laws and governmental regulations.  The auditor must know what policies, procedures, standards, etc., are required.  Compliance audits require little preliminary survey work or review of internal controls, except to outline precisely what requirements are being audited.  The audit focuses almost exclusively upon detailed testing of conditions.

Information Systems/Technology Review

Information Technology audits evaluate the accuracy, effectiveness, efficiency and security of electronic and information processing systems that are in production or under development.

Advisory/Consulting Engagements

Advisory Services, also called Consulting Engagements, are generally performed at the request of a department or University management. Advisory Services are intended to assist management in solving specific problems, improving control systems, and designing control systems. The scope of the engagement is established through collaboration of IA, University management, and/or process owners. When performing Advisory Services, IA maintains objectivity and does not assume management responsibility.

Special Reviews

IA conducts planned and unplanned engagements known as special reviews.  Special review engagements may differ from typical assurance engagements in scope and reporting procedures.  Special reviews may include the following:

  • Special requests by University management
  • Special requests by the BOR/USG and/or BOR/USG Office of Internal Audit
  • BOR/USG system-wide assurance engagements
  • Assurance engagements focused on new or emerging risks that were not identified in the annual risk assessment
  • Transition audits
  • Forensic investigations based on allegations of fraud, waste, and/or abuse


IA provides campus training on the following topics:

  • Internal Controls
  • Fraud Awareness, Red Flags, and Prevention
  • Best Practices for Management
  • Ethics and Compliance

Last updated: 4/29/2021