Audit Charter
Accountability
The Chief Audit Officer shall be accountable to management and the Finance and Audit Committee of the Board of Trustees to:
Periodically provide information on the status and results of the annual audit plan and the sufficiency of department resources.
Coordinate with other control and monitoring functions, i.e., Police, Information Security Office, General Counsel, and external audit.
Independence
To provide for the independence of IACS, its personnel report to the Chief Audit Officer, who reports functionally to the Finance and Audit Committee of the Board of Trustees and administratively to the Senior Vice President for Finance and Business Services. The Chief Audit Officer meets privately with the Finance and Audit Committee on a periodic basis, at least annually.
Responsibility
The Chief Audit Officer and staff of IACS have the responsibility to:
- Develop a flexible annual audit plan using an appropriate risk-based methodology, including any risks or control concerns identified by management, and submit that plan to the Senior Vice President for Finance and Business Services for review, as well as periodic updates.
- Present to the Finance and Audit Committee the annual plan and scope of internal audit activities for approval. Also, present budget and staffing for the current year, and review any significant changes during the year.
- Implement the annual audit plan, as approved, including as appropriate any special tasks or projects requested by management and the Board of Trustees.
- Maintain a professional audit staff with sufficient knowledge, skills, and experience, to meet the requirements of this Charter.
- Issue reports to management and the Finance and Audit Committee.
- Review all significant issues raised in reports to University administrators, including the administrators’ responses to internal audit recommendations with the Finance and Audit Committee.
- Establish a quality assurance program by which the Chief Audit Officer assures the operation of internal auditing activities.
- Perform consulting services, beyond internal auditing’s assurance services, to assist management in meeting its objectives.
- Assist in the investigation of significant suspected fraudulent activities in the University and notify management and the Finance and Audit Committee of the results.
- Consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage to the University at a reasonable overall cost.
Authority
The Chief Audit Officer and staff of IACS are authorized to:
- Have unrestricted access to all functions, records, property, and personnel.
- Have full and free access to the Board of Trustees through the Finance and Audit Committee.
- Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives.
- Obtain the necessary assistance of personnel in University departments where they perform audits, as well as other specialized services from within or outside the University.
The Chief Audit Officer and staff of IACS are not authorized to:
- Perform any operational duties for the University.
- Initiate or approve accounting transactions external to IACS.
- Direct the activities of any University employee not employed by IACS.
Professionalism
IACS will govern itself by adherence to The Institute of Internal Auditors' mandatory guidance including the Core Principles for the Professional Practice of Internal Auditing, the Code of Ethics, the International Standards for the Professional Practice of Internal Auditing (Standards), and the Definition of Internal Auditing. This mandatory guidance constitutes principles of the fundamental requirements for the professional practice of internal auditing and for evaluating the effectiveness of IACS’s performance. The Institute of Internal Auditors' Implementation Guidance and Supplemental Guidance will also be adhered to as applicable to guide operations. In addition, IACS will adhere to Miami University and IACS's relevant policies and procedures.