 |
 |
|
|
| |
Audits
|
 |
|
|
What
are audits? |
|
|
How
are audits done by UAC selected? |
|
|
What
happens during an audit engagement? |
| |
•
|
Planning
Phase |
| |
•
|
Assessment
Phase |
| |
•
|
Reporting
of Results |
| |
•
|
Post
Project Follow-Up |
|
|
Are
audits considered public records? |
|
|
May
I request an audit? |
|
|
How
can I do a self-audit or assessment? |
|
|
How
do I know UAC's work meets industry standards for
auditing? |
|
| |
|
| |
What are audits? |
| |
An
audit is a formal examination and analysis of operations,
functions, or programs that is performed using industry
standards defined by the profession of internal auditing.
These engagements are designed to facilitate positive
changes in the area being audited going forward by analyzing
historical information about the area being audited.
In
most cases, audits focus on the effectiveness and efficiency
of operations and compliance with key rules and regulations
as the defined audit objectives. Audits may also be
conducted to examine financial information and program
results. |
| |
|
| |
How
are audits done by UAC selected? |
| |
Areas
are selected for audit based on an annual University-wide
risk assessment. This risk assessment takes into consideration
strategic, operational, compliance, financial, public
relations, and fraud risks, as well as areas of management
concern. UAC uses a risk assessment to assure that its
limited resources are used to audit those areas and activities
of greatest risk to the institution. |
| |
|
| |
What happens during an audit engagement? |
| |
In
general, audits include the following steps:
|
•
|
Planning
Phase |
| |
An
audit begins with a planning meeting or entrance
conference between UAC staff and the client to review
project scope and objectives, arrange a mutually
acceptable project time table, and discuss any specific
areas of concern. Audits typically last between
two and six months.
As
part of the planning phase, UAC staff familiarize
themselves with the program, function, or unit
by collecting information through interviews of
key personnel and review of policies, procedures
and relevant reports. This knowledge is used to
prepare an assessment of risk and risk management
strategies. |
|
•
|
Assessment
Phase |
| |
Using
the results of the risk assessment, a formal audit
plan is developed based on the defined project scope.
The audit plan provides the "roadmap"
that describes specific items that will be reviewed
and tested during the audit. This "roadmap"
is developed by following certain auditing procedures
including inspection, verification, confirmation,
analytical review, and detailed testing. Risk drives
the extent of procedures performed so that higher
risk issues receive more focus during the audit.
Throughout
the engagement, regular briefings are provided
to the client on the results of the risk assessment,
material issues and results, as well as overall
project status. |
|
•
|
Reporting
of Results |
| |
While
the format of our reports may vary depending on
the nature of the project, all audit reports should
be concise, balanced in presentation of strengths
and weaknesses, and positive in tone.
Audit
reports are presented in draft form to the client
prior to completing the engagement. While draft
reports may only be issued to clients, UAC may
also issue draft reports to others within the
University as directed by the responsible Vice
President/Provost. An exit conference or project
close-out meeting will be held to review the draft
report and discuss planned client actions.
Based
on the results of this meeting, a final response
draft is then issued to the client so that they
may formally respond to any proposals or recommendations
in the report.
These official responses are embedded in the final report. This report is
sent to the client, designated Dean or Director,
responsible Vice President/Provost, Executive
Vice President, Media Relations, and the Office
of General Counsel. Other University offices and
units may receive summary information or copies
of final reports based on the nature of their
responsibilities.
In
some cases, regulations or governance standards
may require distribution of results to research
sponsors or selected State of Florida or Federal
agencies. The responsible Vice President/Provost
will share results with these external entitites,
as appropriate. UAC will distribute results to
selected State or Federal agencies as required. |
|
•
|
Post
Project Follow-Up |
| |
Once
a project is complete, UAC will schedule a follow-up
with the client to determine if planned corrective
action has been taken, if recommedations have been
implemented, respond to any questions, and assist
with implementation strategies. Follow-up typically
occurs every six months until open items are closed.
These results are reported to the USF Finance Council,
a committee of internal University business and
financial officers, and to each Vice President/Provost.
|
|
| |
|
| |
Are audits considered public records? |
| |
Based
on a review of Florida law and guidance from the USF Office
of the General Counsel, on-going audits of the University
of South Florida and its related entities are not considered
public. As these engagements are completed, both audit
reports and workpapers for University activities, functions,
and programs are considered public records. Reports and
workpapers relating to Direct Support Organizations and
entities under the control and direction of the University
are always exempt under Florida Statutes Section 1001.28. |
| |
|
| |
May I request an audit? |
| |
Should
you have an area which you believe should be audited,
please contact the UAC Director. While it is unlikely
that an audit will be scheduled based solely upon a request,
UAC may be able to provide other services which will achieve
your objectives. |
| |
|
| |
How
can I do a self-audit or assessment? |
| |
UAC
has tools to assist you in conducting a self-audit or
assessment. The Committee of Sponsoring Organizations
(COSO), a well-known external organization dedicated to
improving the quality of financial reporting, business
ethics, internal controls and governance processes, has
developed certain risk assessment principles that you
can utilize. Our office can also present information on
best practices and assist you in developing training materials.
|
| |
|
| |
|
How
do I know that UAC's work meets industry standards for auditing? |
| |
UAC
is subject to audit just as any unit or operation on campus.
Since the work of UAC is performed under the Professional
Practice of Internal Auditing, a peer review is required
every five years under professional standards. External
auditors, such as the State Office of the Auditor General,
periodically audit UAC functions. |
| |
|
|
|
|
|
Copyright
© 1998 - 2006 · University Audit & Compliance
3702 Spectrum Boulevard · Suite 180 · Campus Mailpoint ADM241 · Tampa, FL 33612-9444 ·
(813) 974-2705
|
