Audit Charter

Mission and Scope of Work

The mission of Internal Audit and Consulting Services (IACS) is to independently and objectively determine whether internal controls at Miami University are in place and functioning effectively. In addition, IACS performs consulting services for the University to proactively advise management on internal control. To accomplish this mission, an audit risk analysis is performed to develop an internal audit plan that schedules audits by department or subject matter. Assurance audits evaluate the adequacy and effectiveness of the associated internal controls and will identify the particular objectives included in the scope of the audit. The focus may include, but is not limited to, whether the University's network of risk management, control, and governance processes, as designed and represented by management, is adequate and functioning where:

  • Risks are appropriately identified and managed.
  • Significant financial, managerial, and operating information is accurate, reliable, and timely.
  • Employees' actions are in compliance with policies, standards, procedures, and applicable laws and regulations.
  • Resources are acquired economically, used efficiently, and adequately protected.
  • Programs, plans, and objectives are achieved.
  • Quality and continuous improvement are fostered in the University.

Opportunities for improving internal control may be identified during audits. They will be communicated to the appropriate level of management and follow-up actions by management will be reviewed by IACS to determine whether appropriate actions are taken.

In addition to performing assurance audits, such as financial, information technology, and operational audits, IACS provides consulting services. Consulting may range from formal engagements with defined scope and objectives, to advisory activities, such as participating in standing or ad hoc committees or project teams. Consulting may also include informal guidance provided on an as needed basis. In all cases, IACS functions only as an advisor, with management deciding on final direction.

Accountability

The Director of IACS shall be accountable to management and the Finance and Audit Committee of the Board of Trustees to:

  • Report significant issues related to the processes for controlling the activities of the University, including potential improvements to those processes, and provide information concerning such issues through resolution.
  • Periodically provide information on the status and results of the annual audit plan and the sufficiency of department resources.
  • Coordinate with other control and monitoring functions (security, general counsel, and external audit).

Independence

To provide for the independence of IACS, its personnel report to the Director of IACS, who reports functionally to the Finance and Audit Committee of the Board of Trustees and administratively to the Vice President for Finance and Business Services. The Director will meet privately with the Finance and Audit Committee on a periodic basis, at least annually.

Responsibility

The Director and staff of IACS have responsibility to:

  • Develop a flexible annual audit plan using an appropriate risk-based methodology, including any risks or control concerns identified by management, and submit that plan to the Vice President for Finance and Business Services for review and approval as well as periodic updates.
  • Present to the Finance and Audit Committee the annual plan and scope of internal audit activities, budget and staffing for the current year, and review any significant changes during the year.
  • Implement the annual audit plan, as approved, including as appropriate any special tasks or projects requested by management and the Board of Trustees.
  • Maintain a professional audit staff with sufficient knowledge, skills, and experience, to meet the requirements of this Charter.
  • Issue reports to management and the Finance and Audit Committee.
  • Review all significant issues raised in reports to University administrators, including the administrators' responses to internal audit recommendations with the Finance and Audit Committee.
  • Establish a quality assurance program by which the Director assures the operation of internal auditing activities.
  • Perform consulting services, beyond internal auditing's assurance services, to assist management in meeting its objectives.
  • Assist in the investigation of significant suspected fraudulent activities in the University and notify management and the Finance and Audit Committee of the results.
  • Consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage to the University at a reasonable overall cost.

Authority

The Director and staff of IACS are authorized to:

  • Have unrestricted access to all functions, records, property, and personnel.
  • Have full and free access to the Board of Trustees through the Finance and Audit Committee.
  • Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives.
  • Obtain the necessary assistance of personnel in University departments where they perform audits, as well as other specialized services from within or outside the University.

The Director and staff of IACS are not authorized to:

  • Perform any operational duties for the University.
  • Initiate or approve accounting transactions external to IACS.
  • Direct the activities of any University employee not employed by IACS.

Professionalism

IACS will govern itself by adherence to The Institute of Internal Auditors' mandatory guidance including the Definition of Internal Auditing, the Code of Ethics, and the International Standards for the Professional Practice of Internal Auditing (Standards). This mandatory guidance constitutes principles of the fundamental requirements for the professional practice of internal auditing and for evaluating the effectiveness of the internal audit activity's performance. The Institute of Internal Auditors' Practice Advisories, Practice Guides, and Position Papers will also be adhered to as applicable to guide operations. In addition, IACS will adhere to Miami University and IACS's relevant policies and procedures.