The mission of the Internal Audit Department is to provide independent and objective assurance and consulting services to assist the Board of Trustees and University management in the effective discharge of their oversight, management, and operating responsibilities. Internal auditing is based on an objective assessment of evidence. It uses a systematic, disciplined approach to evaluate and recommend improvements to the risk management, internal control, and governance processes.
The nature and scope of an assurance engagement are determined by the internal auditor. An assurance audit provides an opinion or conclusion regarding the activity under review and, depending on the engagement, includes:
Opportunities to improve internal control may be identified during assurance audits. They will be communicated to the appropriate level of management and follow-up actions by management will be reviewed to determine whether appropriate actions are taken. The responsibilities of supervisory personnel include notifying the internal audit director in writing within 30 days when internal audit recommendations are not followed, so that the president can be advised accordingly and corrective action taken. If corrective action is required, the president shall notify the chair of the Board of Trustees and the chair and vice chair of the Compliance, Audit, Risk Management and Legal Affairs Committee of the Board of Trustees.
In addition to performing assurance audits, the Internal Audit Department provides consulting services that are advisory in nature and are generally performed at the specific request of an engagement client. Consulting may range from formal engagements with defined scope and objective, to advisory activities, such as participating in standing or ad hoc committees or project teams. Consulting may also include formal guidance provided on an as-needed basis.
Internal audit records are not public documents. Internal Audit reports are made available to the Board of Trustees and to others as mandated by legal, statutory, or regulatory requirements. Requests for reports should be directed to the Office of the President.
With the concurrence of the president and the Board of Trustees and in accordance with the Fiscal Control and Internal Auditing Act (Illinois Revised Statutes, 1989, Chapter 15, paragraph 1001-3004), the Internal Audit Department is authorized to review and evaluate policies, procedures, and practices of any University activity, program, or function. This authority provides for full access to all records, properties, and personnel relevant to the subject under review. Persons requesting an audit, special project, or investigation to be performed by the internal audit department should direct their request to the Office of the President. In performing the audit engagements, the internal audit department has no direct responsibility for or authority over any of the activities reviewed. Therefore, the internal audit review and appraisal process does not in any way relieve other University personnel of the responsibilities assigned to them.
The internal audit department is organized with the intent of being in compliance with the Fiscal Control and Internal Auditing Act which requires:
The Act also created an Internal Audit Advisory Board (Board) which established professional standards and a code of ethics to which all State internal auditors must adhere:
All audits shall be conducted in compliance with the general and specific standards of the "International Standards for the Professional Practice of Internal Auditing" published by the Institute of Internal Auditors, or where required, in accordance with government auditing standards published by the U.S. General Accounting Office. The professional conduct of persons involved in internal audit operations shall be based on the ethical standard adopted by the Institute of Internal Auditors, "IIA Code of Ethics, Standards of Conduct."
Approved by Board of Trustees May 13, 2010