Mission

The mission of University of Kansas Internal Audit is to support members of the University in the effective discharge of their responsibilities. To this end, Internal Audit will furnish them with analyses, recommendations, counsel, and information concerning the activities examined.

Vision

"We are Key University Partners in Trust - Working together with KU leadership to promote student success and University excellence through management accountability and fiscal responsibility"

Core Values

• People – Hire and continuously train the best people
• Technology – Employ state of the art technological tools and techniques
• Customer Service – Deliver unquestionable customer/stakeholder value and satisfaction
• Value Added – Initiate activities which result in demonstrable and quantifiable cost savings and/or evident improvements in effectiveness and efficiency
• Control Environment – Promote a University-wide control infrastructure and consciousness which ensures integrity and ethics in the University’s operating environment.

Goals and Strategies

• Develop and maintain a state of the art audit framework and process which assures audit effectiveness.
• Develop an intentional Annual Operating Audit Plan based on an annual comprehensive University Risk Assessment.

• Develop a viable production schedule to meet the Annual Operating Audit Plan.
• Perform scheduled audits in a consultative, high quality, focused and professional manner.
• Report audit results and management analysis to University management in a comprehensive, clear, concise and high quality manner.
• Perform timely and high quality follow-up reviews of audit recommendations.
• Perform regular and comprehensive communication to the University Chancellor, General Council, Chief Business & Financial Planning Officer, and Executive Vice Chancellors.
• Support major University systems development and process improvement initiatives.

Back to top^

Internal Audit will assist University Administration by:

• Evaluating University activities and preparing an annual audit plan in accordance with Board of Regents guidelines. The plan will be based on an assessment of the various risks associated with University activities taking into consideration the time interval since last audit.
• Performing audits of records, systems, policies, procedures, property, and activities of University units, departments and functions to:
• Determine the accuracy and propriety of financial transactions
• Evaluate, consult, and educate on financial and operational processes, controls, related risks, and exposures
• Provide advice and guidance on control and risk aspects of new policies, systems, processes, and procedures
• Verify the existence of University assets and determine whether proper safeguards are maintained to protect them from loss
• Determine the level of compliance with University policies and procedures and state and federal laws and regulations
• Evaluate the accuracy, effectiveness, and efficiency of the University's electronic information and processing systems
• Determine the effectiveness and efficiency of organizations in accomplishing their mission and identify operational opportunities for cost savings and revenue enhancements
• Preparing and distributing audit reports or memorandums covering issues, findings, and recommendations in sufficient detail for management action. A written response to the audit will be required from the area under review within requested time frames.
• Recommending new or revised University or departmental policies, procedures or controls to correct issues identified during audit review.
• Conducting follow-up on significant issues on a periodic basis to evaluate the adequacy of management action taken to correct reported problems.
• Advising and consulting with the University administration on financial and management issues, sound business practices and internal control requirements.
• Performing special reviews, research, or investigations as needed or requested by the University administration.

Back to top^

In compliance with the Board of Regents action on October 17, 1996, the University of Kansas internal audit function reports directly to the Chancellor of the University.

Annually, the Director submits to the Chancellor a written report on the internal audit activity during the preceding fiscal year. The report also identifies the audit plan for the next fiscal year and presents a current University risk analysis.

During the fiscal year, the Director will make additional written reports to the Chancellor whenever there is evidence of defalcations or other problems exceeding $25,000. By Board of Regents directive, it is the responsibility of the Chancellor to communicate to the Board of Regents any audit findings which should be further reviewed by the Board of Regents.

In addition, if the circumstances ever warrant such action, the Internal Audit Director may circumvent normal University reporting lines and communicate directly with the Board of Regents.

Back to top^

Internal Audit is authorized by the Chancellor and the Board of Regents to direct a broad, comprehensive program of review throughout the University.

Internal Audit has the authority to audit all parts of the University and shall have full and complete access to any of the organization's records, physical properties, information systems, and personnel relevant to the performance of an audit or investigation. Documents and information given to internal auditors during a periodic review will be handled in the same prudent manner as by those employees normally accountable for them.

Internal Audit will have no direct responsibility or authority for any of the activities or operations they review. They should not develop and install procedures, prepare records, or engage in activities that would normally be reviewed by internal auditors. Furthermore, an internal audit does not in any way relieve other University personnel of their responsibilities.

Audits of the affiliated corporations will only be conducted when requested by appropriate authority since these organizations are routinely audited by Certified Public Accountants.

Back to top^

A report will be prepared and issued by the Internal Audit Director following the conclusion of each audit. Copies of the report will be distributed as appropriate. The manager of the activity or department will respond before the final report is issued and the response will be included with the final report. The response will indicate corrective actions taken or planned regarding specific report findings.

The Manager receiving the report is responsible for ensuring that progress is made toward correcting any reported findings. Internal Audit is responsible for determining whether the action taken is adequate to resolve the audit findings. If the action is not adequate, Internal Audit will inform University senior management of the potential risk and exposure in allowing the unsatisfactory conditions to continue.

Back to top^

Code of Ethics

The Internal Audit staff is responsible for conducting themselves so that their good faith and integrity will not be open to question. Internal Audit has adopted the Codes of Ethics issued by the Institute of Internal Auditors and the Information Systems Audit and Control Association. Staff shall realize that individual judgment is required in the application of these standards.

Statement of Commitment, Independence and Lack of Conflicts (DOC)

Back to top^