University of Illinois System

Internal Audit Charter

Mission

The mission of the Office of University Audits (University Audits) is to provide independent and objective audit, consulting, and advisory services to protect and strengthen the University of Illinois System (U of I System) and its related organizations.

Definition of Internal Auditing

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Purpose

The purpose of University Audits is to determine whether the U of I System’s control, risk management, and governance processes, as designed and implemented by management, are adequate and functioning to ensure:

  • Risks are appropriately identified and managed.
  • Interaction with the various governance groups occurs as needed.
  • Financial, managerial, and operating information is accurate, reliable, and timely.
  • Employee actions are in compliance with U of I System policies and procedures, and applicable laws and regulations.
  • Resources are acquired economically, used efficiently, and adequately protected.
  • Plans and objectives are achieved.
  • Quality and continuous improvement are fostered in the U of I System’s control process.
  • Significant legislative or regulatory issues impacting the U of I System are recognized and addressed appropriately.

University Audits reports functionally to the President of the University of Illinois System (President) and The University of Illinois Board of Trustees (BOT) through its Audit, Budget, Finance, and Facilities Committee (ABFFC), and administratively to the Comptroller of the Board of Trustees, who is also the Vice President and Chief Financial Officer.

Internal Auditing Responsibilities

University Audits responsibilities include:

  • Develop a flexible two-year audit plan using an appropriate risk-based methodology, including any risks or control concerns identified by management, and submit the plan to the President for approval by June 30 of each year.
  • Implement the audit plan, as approved by the President, including as deemed appropriate special tasks or projects requested by management and the ABFFC.
  • Issue periodic reports to the President and Chairman of the ABFFC summarizing results of audit activities.
  • Report annually to the ABFFC regarding audit plans, activities, staffing, and the organizational structure.
  • Report to the ABFFC and BOT by September 30 of each year the scope and results of audits and the adequacy of management’s corrective actions.
  • Ensure the internal audit function collectively maintains sufficient knowledge, skills, and experience to meet the requirements of this Charter.
  • Perform consulting or advisory services where appropriate, the nature of which is agreed to with U of I System management, and for which University Audits assumes no management responsibility.
  • Conduct or assist in the investigation of significant suspected fraudulent activities within or against the institution and notify management and the ABFFC of the results, as well as law enforcement as appropriate.
  • Establish a follow-up process to monitor and identify whether management actions have been effectively implemented, or senior management has accepted the risk of not taking action.
  • Consider the scope of work of the external auditors and regulators as appropriate for the purpose of providing optimal audit coverage to the institution.
  • Periodically provide the Internal Audit Charter to the ABFFC for review and approval.

Authority

The general scope of audit coverage is U of I System-wide and no function, activity, or unit of the U of I System or a related organization is exempt from audit and review. No officer, administrator, or staff member may interfere with or prohibit internal auditors from examining any U of I System or related organization’s record or interviewing any employee or student that the auditors believe necessary to carry out their duties. Additionally, the Executive Director has the authority to audit all organizations required to submit financial statements to the U of I System.

In performing their work, internal auditors have neither direct authority over, nor responsibility for, any of the activities reviewed. Internal auditors do not develop and install procedures, prepare records, make management decisions, or engage in any other activity that could be reasonably construed to compromise their independence or impair their objectivity. Therefore, internal audit reviews do not, in any way, substitute for or relieve other U of I System personnel from their assigned responsibilities.

Professional Standards

University Audits has the responsibility to carry out its duties as defined by the State of Illinois Fiscal Control and Internal Auditing Act (Illinois Compiled Statutes, 30 ILCS 10/1001).  Those responsibilities include performing audits in accordance with The Institute of Internal Auditor’s International Professional Practices Framework (IPPF), which the State of Illinois Internal Audit Advisory Board has adopted as the standard of performance for all state internal auditors. The IPPF requires mandatory adherence to the Core Principles of the Professional Practice of Internal Auditing, Definition of Internal Auditing, the Code of Ethics, and the Standards.

 


Charter Approved by Audit, Budget, Finance, and Facilities Committee March 1, 2021