The mission of the Internal Audit Department is to provide
independent and objective assurance and consulting services to assist the
Board of Trustees and University management in the effective discharge of
their oversight, management, and operating responsibilities. Internal auditing is based on an objective
assessment of evidence. It uses a
systematic, disciplined approach to evaluate and recommend improvements
to the risk management, internal control, and governance processes.
The nature and scope of an assurance engagement are
determined by the internal auditor.
An assurance audit provides an opinion or conclusion regarding the
activity under review and, depending on the engagement, includes:
Determining that risks are appropriately
identified and managed.
Reviewing and appraising the adequacy and
effectiveness of accounting, financial, and operating controls.
Determining the extent of compliance with
established policies, plans, and procedures, and with applicable law.
Evaluating the reliability of accounting
and other information developed within the organization.
Evaluating the extent to which University
assets are accounted for and safeguarded from losses of all kinds.
Identifying areas of cost savings and/or
Reviewing the design of or modifications
to major electronic data processing systems prior to their
to improve internal control may be identified during assurance
audits. They will be communicated
to the appropriate level of management and follow-up actions by
management will be reviewed to determine whether appropriate actions are
taken. The responsibilities of supervisory
personnel include notifying the internal audit director in writing within
30 days when internal audit recommendations are not followed, so that the
president can be advised accordingly and corrective action taken. If corrective action is required, the president
shall notify the chair of the Board of Trustees and the chair and vice chair of the Legislation, Audit & External
Affairs Committee of the Board of Trustees.
addition to performing assurance audits, the Internal Audit Department
provides consulting services that are advisory in nature and are
generally performed at the specific request of an engagement client. Consulting may range from formal
engagements with defined scope and objective, to advisory activities,
such as participating in standing or ad hoc committees or project
teams. Consulting may also include
formal guidance provided on an as-needed basis.
Internal audit records are not public
documents. Internal Audit reports
are made available to the Board of Trustees and to others as mandated by
legal, statutory, or regulatory requirements. Requests for reports should be directed
to the Office of the President.
the concurrence of the president and the Board of Trustees and in
accordance with the Fiscal Control and Internal Auditing Act (Illinois
Revised Statutes, 1989, Chapter 15, paragraph 1001-3004), the Internal
Audit Department is authorized to review and evaluate policies,
procedures, and practices of any University activity, program, or
function. This authority provides
for full access to all records, properties, and personnel relevant to the
subject under review. Persons requesting an audit, special project, or
investigation to be performed by the internal audit department should
direct their request to the Office of the President. In performing the
audit engagements, the internal audit department has no direct
responsibility for or authority over any of the activities reviewed. Therefore, the internal audit review
and appraisal process does not in any way relieve other University
personnel of the responsibilities assigned to them.
The internal audit department is organized with the
intent of being in compliance with the Fiscal Control and Internal
Auditing Act which requires:
State universities to establish a full-time program of internal
The chief internal auditor to report directly to the chief
executive officer (president) and to have direct communication with the chief
executive officer and the Board of Trustees, if applicable, in the
exercise of auditing activities;
Internal auditors to be free of all operational duties;
A two-year audit plan and an annual report on the prior year audit
activity to be prepared annually;
Audits of major systems of internal accounting and administrative
control to be conducted on a regular basis;
The design or modification of major electronic data processing
systems to be reviewed prior to their implementation;
Special audits to be performed as requested by the president;
The chief internal auditor to have, in addition to all other
powers or duties authorized by law, required by professional ethics or
standards, or assigned consistent with the Act, the powers necessary to
carry out the duties required by the Act;
The chief internal auditor may consult with state agencies,
commissions, boards, and committees on matters affecting the duties or
responsibilities of the chief internal auditor under the Act.
The Act also created an Internal Audit Advisory Board
(Board) which established professional standards and a code of ethics to
which all State internal auditors must adhere:
audits shall be conducted in compliance with the general and specific
standards of the "International Standards for the Professional
Practice of Internal Auditing" published by the Institute of
Internal Auditors, or where required, in accordance with government
auditing standards published by the U.S. General Accounting Office. The
professional conduct of persons involved in internal audit operations
shall be based on the ethical standard adopted by the Institute of Internal
Auditors, "IIA Code of Ethics,
Standards of Conduct."
Approved by Board of Trustees May13, 2010