University Audits provides a service to the University and to all levels of management with information regarding the internal control environment throughout the University. The Office of University Audits was established to fulfill the charge of the Board of Regents’ Bylaw 3.01 (2). Under direction of the President of the University of Michigan and the Finance, Audit and Investment Committee of the Board, the executive director of University Audits shall fulfill the Bylaw’s requirements by reviewing risks, internal controls, quality, efficiency and effectiveness of University processes and systems. This direct reporting line to the president and to the Board of Regents ensures that University Audits shall remain independent. The results of all reviews are to be reported to the Board of Regents at designated intervals throughout the year.
Authority and Responsibility
- University Audits has the authority to audit any and all University processes within all units, and is authorized by the Board of Regents to have full and unrestricted access to all personnel, properties, assets and information, including financial records, records of communications, policies, plans, and procedures relevant to the subject under review. University units must make available, in a timely manner, all appropriate information related to internal audits as requested by University Audits staff.
Units that are audited by external entities should provide copies of all external audit reports to University Audits so it can help in proactively minimizing future risk across the university by:• Sharing identified findings with other areas across the institution where applicable• Recording / tracking findings to identify trends, common themes, or causal factors across audits• Leveraging past audit results to satisfy new external audits where possible and in the development of future internal audit plansQuestions about an external audit’s authenticity, scope of review, propriety of information requested, or other questions regarding the general audit process can be directed to University Audits.
- University Audits conforms to the Standards for the Professional Practice of Internal Auditing adopted by the Institute of Internal Auditors, as practical, given the environment in which the office carries out its assigned responsibilities.
- In performing its responsibilities, University Audits has no direct responsibility for or authority over any of the operations it reviews.
Scope of University Audits Activities
- Annual Audit Plan - Based on a comprehensive review of internal control risks throughout the University, University Audits prepares a plan of audit projects for each fiscal year. This plan is reviewed and approved by the Finance, Audit and Investment Committee of the Board of Regents.
- University Audits is charged with:
- Conducting operational and compliance audits of processes, procedures, practices and information systems.
- Assisting management in self-assessments of risk and internal controls when developing and reviewing processes.
- Collaborating with internal and external specialists, as appropriate.
- Advisory Services – University Audits may support departments and units with assessment of the effectiveness of policies, procedures and internal controls, and may also act in an advisory capacity in the design of controls, if requested.
- Special Investigations – University Audits may assist the Department of Public Safety or other University departments with special investigations. University employees are urged to contact the U-M Compliance Hotline to report financial, regulatory and patient safety irregularities or areas of concern. 1.866.990.0111 (www.compliancehotline.umich.edu).
For additional information about University Audits, please visit the Web Site at http://www.umich.edu/~uaudits/.
This SPG serves as the charter for the Office of University Audits and was approved by the Finance, Audit and Investment Committee of the Board of Regents on September 20, 2007.