Internal Audit Charter
Mission & Responsibilities
The Internal Audit Office at Idaho State University is an independent, objective, assurance and consulting organization. Our mission is to assist the University in the accomplishment of its goals in the primary disciplines of learning, research, and public service. We do this by providing a systematic, disciplined, approach to evaluating, advising, and improving the processes of resource application, risk management, control, and governance throughout the University.
Internal Audit accomplishes its mission through the achievement of the following fundamental responsibilities:
- Assess the economy and efficiency with which University resources are employed and identify opportunities for cost savings and revenue enhancements.
- Assist University management by identifying and evaluating significant exposures to risk and contributing to the improvement of risk management and control systems.
- Assess the adequacy and effectiveness of the University’s systems of internal accounting and controls and provide recommendations as to how these controls could be improved.
- Review and evaluate the reliability, integrity and compliance of financial information and the means used to identify, measure, record, classify and report such information.
- Verify the existence of University assets and ensure adequate financial and management safeguards and controls are maintained to protect them from loss.
- Ascertain compliance with University policies and procedures and government laws and regulations.
- Perform special studies and assessments to deal with specific problems or information needs and provide consultation and guidance relative to new policies, procedures, processes, and systems.
- Perform special reviews to investigate fiscal misconduct, fraud, conflicts of interest, waste, abuse and policy violations and recommend controls for their prevention and detection. Communicate findings to appropriate management and the Audit Committee as necessary.
- Act as a liaison with all external audit organizations to provide assistance where appropriate and maximize audit effort through effective coordination.
- Submit annually a risk assessment, list of auditable entities and a comprehensive audit plan to the Audit Committee for its review and approval.
- Report periodically to the Audit Committee on whether:
- Internal Audit is aware of any significant deficiencies or material weakness that could affect operations;
- Appropriate and timely action was taken to remediate significant issues;
- Activities have been directed to address the highest exposures to risk and toward increasing efficiency, economy and effectiveness of operations;
- There is any unwarranted restriction on the authority, staffing, budget or compensation of Internal Audit or on access to all University activities, records, properties, systems and personnel; and
- Approved annual audit plans and budget are on schedule or whether significant deviations have taken place.
- Recruit, train and manage Internal Audit staff to adequately carry out departmental responsibilities and the audit plan.
To provide for the independence of the internal audit activity, the Director of Internal Audit reports functionally to the State Board of Education Audit Committee and administratively to the University President.
Internal Audit operates under the guidelines of the State Board of Education Audit Committee Charter (Appendix E). Internal Audit is authorized to:
- Have full, free, and unrestricted access to all University activities, records, properties, systems and personnel.
- Audit, review or investigate any function, activity, or unit of the University and affiliated organizations.
- Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives.
- Have direct access to and communication with the Audit Committee of the State Board of Education and University President.
- Obtain the necessary assistance of personnel in units of the University where they perform audits, reviews or investigations, as well as other specialized services from within or outside the University.
Code of Ethics
Internal staff is responsible for conducting themselves so that their integrity, objectivity, confidentiality and competency are not open to question. Standards of professional behavior based up the Code of Ethics of the Institute of Internal Auditors require internal auditors to:
- Exercise honest, objectivity and diligence in the performance of their duties and responsibilities.
- Not knowingly be a party to illegal or improper activities.
- Refrain from entering into any activity that may be in conflict with the interest of the University or that would prejudice their ability to objectively carry out their duties.
- Decline to accept anything that may impair or be presumed to impair their professional judgment.
- Be prudent in the use of information acquired in the course of their duties and not use confidential information for any personal gain or in a manner that knowingly would be detrimental to the welfare of the University.
- Use reasonable care to obtain sufficient and appropriate evidence to support the conclusion drawn.
- In reporting, disclose such material facts know to them which, if not disclosed, could distort the report of the results of the entity under review or conceal an unlawful practice.
- Engage only in those project which they have the necessary knowledge, skill and experience.
- Continue to strive for improvement in the proficiency and effectiveness of their service.