Audits are conducted to assist management in minimizing risk, as well as assist with other areas such as compliance to laws and policies, efficiency of operations, safeguarding of assets, and detecting and preventing fraud. The main phases of our audit process are listed below.
At the beginning of each fiscal year, Internal Audit prepares an annual audit plan. This plan considers previous audit coverage, time since last audit, complexity of operations, etc. The objective is to audit each entity over time. Priorities are:
The planning phase is the first step to understanding your operations and determine the work we want to conduct in the audit. We gather and review background information, including:
Based on this information, we create a draft planning memo. The planning memo includes the audit objectives, scope, and initial questions. The planning phase includes an opening meeting.
This meeting will include management and key contacts. The planning memo is sent beforehand and is reviewed during this meeting. The audit’s objectives and scope are discussed. This is an opportunity to discuss any areas that you would like us to focus on, specific procedures you would like us to perform, or areas that should be left out of scope due to previously being audited (such as by an external auditor). We want to include areas that will assist you and your operations.
We have access to UVU's systems and records. We conduct most of our testing with this access. Field work includes conducting interviews, requesting information and documentation, completing surveys, and observing processes. Answering our questions and providing the documentation can take time, but we strive to minimize the interruption of your daily activities.
We will provide periodic written and verbal updates during the audit. These include any areas of concern and preliminary recommendations.
A meeting is held to review the preliminary report. We work with you to ensure the report is accurate. This is an opportunity to discuss our observations and recommendations, and for you to ask questions, provide feedback, and suggest corrections.
We will provide a written draft report and you will be requested to provide written responses to each recommendation. These responses indicate what action you plan on taking to address the recommendations and planned completion dates.
We provide a written final draft report that includes your responses for your review. The final draft report is distributed to the auditee, divisional leadership, and executive management.
We provide a final report to the Board of Trustees Audit Committee.
This reporting process helps provide an opportunity to address risks and make improvements campus-wide.
All audit recommendations will be reviewed to ensure implementation was completed.
