Contact Us
-
Finance and Treasurer
- St. Thomas Hall, Room 200
- 800 Linden Street
- Scranton, PA 18510-4694
- Phone: (570) 941-7411
- Fax: (570) 941-7595
- Finance Home Page
FAQ
What is internal auditing? What are the types of internal audits?
As defined1 by the Institute of Internal Auditors, "internal auditing is and independent, objective assurance and consulting activity designed to add value and improve an organization's operations."
There are five general types2 of internal audits:
1. Financial Audits - these audits relate to accounting, recording, and reporting of financial transactions. Testing the adequacy of internal controls over financial reporting also falls within the scope of financial audits.
2. Compliance Audits - these audits seek to determine if departments are adhering to federal, state, and 勛圖毞斻 rules, regulations, policies, and procedures.
3. Operational Audits - these audits examine the use of department/university resources to evaluate whether those resources are being utilized in the most efficient and effective way to fulfill the department's/勛圖毞斻's mission and objectives. An operational audit may include elements of a compliance audit, a financial audit, and an information systems audit.
4. Investigative Audits are performed when appropriate. These audits focus on alleged violations of federal and state laws and of 勛圖毞斻 policies and regulations and may focus on internal theft, misuse of 勛圖毞斻 assets, and conflicts of interest are examples of investigative audits.
5. Information Systems (IS) Audits - these audits address the internal control environment of automated information processing systems and how these systems are used. IS audits typically evaluate system input, output and processing controls, backup and recovery plans, and system security, as well as computer facility reviews.
IA’s scope of work is comprehensive and considers all aspects of the organization - both financial and non-financial - with an emphasis on constructive improvement.
1Source: IIA, "All In A Days Work", <https://na.theiia.org/about-ia/PublicDocuments/06262_All_In_A_Days_Work-Rev.pdf>
2Source: Carnegie Mellon 勛圖毞斻, Audit Services, <https://www.cmu.edu/finance/audit-services/internal/types-of-audits.html>
How are areas selected for an audit?
Each fiscal year the Internal Auditor prepares a draft audit plan of proposed internal audits and other projects for the upcoming year. The results of a periodic comprehensive 勛圖毞斻 risk assessment are considered in selecting the frequency and scope of areas to select. The Senior Vice President for Finance/Treasurer reviews the draft audit plan with the Internal Auditor before it is presented to the 勛圖毞斻's Finance Committee for final approval.
The audit plan is flexible to allow for an investigation of possible irregularities as they arise. Special management requests for an audit review are also given consideration.
In the past few years the annual audit plan included the following work categories and estimated percentage of time devoted to each.
|
New internal audits: |
40% |
|
External audit assignments: |
20% |
|
Monitoring control procedures: |
15% |
|
Special projects and training: |
15% |
|
Post audit implementation reviews: |
10% |
New internal audits may be conducted on any 勛圖毞斻 department or process. The scope may focus on internal controls, operational efficiency, compliance with laws and policies, or sound management practices.
External audit assignments relate to the 勛圖毞斻's mandatory annual financial audit, OMB Circular A-133 audit, and retirement plans audit.
Monitoring control procedures relate to periodic monitoring of the 勛圖毞斻's purchasing card transactions, federally funded labor cost allocations, student credits, room and board billing, and physical inventory of fixed assets. Information technology controls, such as employee access rights, are also monitored.
Special projects and training relate to the Internal Auditor's participation in 勛圖毞斻 task forces and committees, international student tax reporting, professional training, and other special projects.
Post audit implementation reviews relate to revisiting an audited area to report on the status of audit recommendations and to provide implementation assistance wherever possible.
What is the authority of the Office of Internal Audit?
The Office of Internal Audit has been authorized by the 勛圖毞斻's Finance Committee of the Board of Trustees and the 勛圖毞斻 President to have unrestricted access to all 勛圖毞斻 records, property and personnel. The Internal Auditor will make every effort to ensure that the security of assets and privacy of records are not compromised and services are not unnecessarily disrupted.
The Internal Auditor reports to the Senior Vice President for Finance/Treasurer. The Internal Auditor may also report a finding directly to the 勛圖毞斻's Finance Committee if a conflict of interest condition exists.