Table of Contents
2. Reporting Relationship
3. Independence and Objectivity
4. Mission Statement
It is the policy of Tulane University (University) to establish and support an internal audit department as an independent appraisal function to examine and evaluate University activities as a service to management and the governing boards of the organization as a whole.
The objective of Internal Audit is to assist members of management and the Board in the effective discharge of their responsibilities. To this purpose, Internal Audit furnishes findings, conclusions, and recommendations concerning the activities reviewed.
To provide for independence, Internal Audit reports administratively to the Chief Operating Officer and functionally to the Audit Committee. The Director of Internal Audit will communicate and interact directly with the Audit Committee, including Audit Committee meetings and between sessions as appropriate.
The Audit Committee will:
- Approve the Internal Audit charter annually
- Approve the risk based internal audit plan and objectives annually
- Approve decisions regarding the appointment and removal of the Director of Internal Audit
- Approve the remuneration of the Director of Internal Audit
- Make appropriate inquiries of management and the Director of Internal Auditing to determine whether there are inappropriate scope or resource limitations.
Independence and Objectivity
The Internal Audit activity will remain free from interference by any element in the organization, including matters of audit selection, scope, procedures, frequency, timing, or report content to permit maintenance of a necessary independent and objective mental attitude.
Internal auditors will have no direct operational responsibility or authority over any of the activities audited. Accordingly, they will not implement internal controls, develop procedures, install systems, prepare records, or engage in any other activity that may impair internal auditor’s judgment.
Internal auditors will exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal auditors will make a balanced assessment of all the relevant circumstances and not be unduly influenced by their own interests or by others in forming judgments.
The Director of Internal Audit will confirm to the board, at least annually, the organizational independence of the internal audit activity.
The mission of Internal Audit is to provide independent, objective assurance and consulting services designed to add value and improve University operations. Internal Audit helps the University accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
While strictly complying with procedures for maintaining confidentiality and safeguarding records, Internal Audit is authorized to:
- Have unrestricted access to all functions, records, property and personnel
- Have full and free access to the Audit Committee
- Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives
- Obtain the necessary assistance of University personnel in areas under audit
- Obtain specialized services from within or outside the University, with the approval of the Senior Vice President of Operations
Internal Audit is not authorized to:
- Perform any operational duties for any department other than Internal Audit (including, but not limited to, implement internal controls, install systems, prepare records, or engage in any other activity that may impair the auditor’s judgement)
- Initiate or approve accounting transactions outside of the Internal Audit Department
- Direct the activities of any University employee not employed by Internal Audit, except to the extent such employees have been appropriately assigned to assis
The scope of the work is to determine whether University risk management, internal controls and governance processes, as designed and represented by management, are adequate and functioning in a manner to ensure:
- Risks are appropriately identified and managed
- Significant legislative or regulatory issues are recognized and addressed properly
- Significant financial, managerial and operating information is accurate, reliable and timely
- Employees act in compliance with policies, standards, procedures and applicable laws and regulations
- Resources are acquired economically, used efficiently and adequately protected
- Quality and continuous improvement are fostered
- Interaction as needed between Internal Audit and the various governance groups
- Information technology is reliable and secure
Internal Audit shall be accountable to management and the Audit Committee to:
- Report and provide information on significant issues related to University operations, including potential improvements, through resolution
- Provide reporting that identifies significant risk exposures and control issues, including fraud risk, governance issues, and other matters needed or requested by senior management and the Audit Committee
- Provide information periodically on the status and results of the annual audit plan and the sufficiency of department resources
- Coordinate and consult with other control and monitoring functions (risk management, compliance, security, legal, ethics, environmental, external audit)
- Confirm, at least annually, the organizational independence of the internal audit activity
Internal Audit has the responsibility to:
- Establish procedures and programs for the internal auditing activity, including technical and administrative functions
- Identify activities requiring internal audit through communication with management, other key personnel or problem areas encountered during the performance of regular assignments
- Prepare a risk-based audit plan annually and submit it to the Audit Committee for approval (The Director of Internal Audit shall review and adjust the plan as necessary, in response to changes in the organization’s business, risks, operations, programs, systems, and controls. Any significant deviation from the approved plan will be communicated to senior management and the Audit Committee)
- Maintain a desired level of professional competence in internal auditing principles and practices
- Undertake internal audits and reviews in a thorough and adequate manner, with a minimum interference to operations
- Present full and valid results and recommendations
- Examine existing systems and activities to evaluate efficient and effective use of resources, accomplishment of goals and objectives, reliability of information, accuracy of records, compliance with policies and procedures and integrity of controls
- Appraise the economy and efficiency with which University economic resources are employed
- Identify opportunities to improve operating and technological performance
- Review the reliability, integrity and security of information and the means and technology used to identify, measure, classify and report such information
- Review the integrity of safeguarding assets and, as appropriate, verify asset existence
- Participate in the review of operating policies and information systems security policies and recommend modifications as needed
- Publish and distribute reports on the results of audit examinations, including recommendations for improvement
- Utilize resources assigned to maximum advantage
- Establish a quality assurance program by which the Director assures the efficient and effective operations of the department
- Perform consulting services as requested to assist management in meeting its objectives
- Inform the Audit Committee of emerging trends and successful practices in internal auditing
- Provide a list of significant measurement goals and results to the Audit Committee
- Assist in the investigation of significant suspected fraudulent activities and notify management and the Audit Committee of the results
Our primary focus is to provide excellent service to the University. Internal Audit will meet or exceed the Standards for the Professional Practice of Internal Auditing of the Institute of Internal Auditors.
We are committed to the highest degree of fairness, integrity and ethical conduct in the performance of our mission. We shall:
- Adhere to the definition of Internal Auditing and the Code of Ethics as established by the Institute of Internal Auditors
- Uphold the core values of the University
- Allow responsible management of an audited area to review and respond to our findings and recommendations before publication
Our relationship with the University community will be characterized by respect, helpfulness, sharing, patience and openness. We are committed to maintaining our professionalism as internal auditors through continuance of our education and training.