Charter - NIU - Internal Audit Department

Internal Audit Department Charter


NIU Internal Audit Department Charter

The mission of the Internal Audit Department is to provide independent and objective assurance and consulting services to assist the Board of Trustees and University management in the effective discharge of their oversight, management, and operating responsibilities. Internal auditing is based on an objective assessment of evidence. It uses a systematic, disciplined approach to evaluate and recommend improvements to the risk management, internal control, and governance processes.

The nature and scope of an assurance engagement are determined by the internal auditor. An assurance audit provides an opinion or conclusion regarding the activity under review and, depending on the engagement, includes:

  • Determining that risks are appropriately identified and managed.
  • Reviewing and appraising the adequacy and effectiveness of accounting, financial, and operating controls.
  • Determining the extent of compliance with established policies, plans, and procedures, and with applicable law.
  • Evaluating the reliability of accounting and other information developed within the organization.
  • Evaluating the extent to which University assets are accounted for and safeguarded from losses of all kinds.
  • Identifying areas of cost savings and/or operational improvement.
  • Reviewing the design of or modifications to major electronic data processing systems prior to their implementation.

Opportunities to improve internal control may be identified during assurance audits. They will be communicated to the appropriate level of management and follow-up actions by management will be reviewed to determine whether appropriate actions are taken. The responsibilities of supervisory personnel include notifying the internal audit director in writing within 30 days when internal audit recommendations are not followed, so that the president can be advised accordingly and corrective action taken. If corrective action is required, the president shall notify the chair of the Board of Trustees and the chair and vice chair of the Compliance, Audit, Risk Management and Legal Affairs Committee of the Board of Trustees.

In addition to performing assurance audits, the Internal Audit Department provides consulting services that are advisory in nature and are generally performed at the specific request of an engagement client. Consulting may range from formal engagements with defined scope and objective, to advisory activities, such as participating in standing or ad hoc committees or project teams. Consulting may also include formal guidance provided on an as-needed basis.

Internal audit records are not public documents. Internal Audit reports are made available to the Board of Trustees and to others as mandated by legal, statutory, or regulatory requirements. Requests for reports should be directed to the Office of the President.

With the concurrence of the president and the Board of Trustees and in accordance with the Fiscal Control and Internal Auditing Act (Illinois Revised Statutes, 1989, Chapter 15, paragraph 1001-3004), the Internal Audit Department is authorized to review and evaluate policies, procedures, and practices of any University activity, program, or function. This authority provides for full access to all records, properties, and personnel relevant to the subject under review. Persons requesting an audit, special project, or investigation to be performed by the internal audit department should direct their request to the Office of the President. In performing the audit engagements, the internal audit department has no direct responsibility for or authority over any of the activities reviewed. Therefore, the internal audit review and appraisal process does not in any way relieve other University personnel of the responsibilities assigned to them.

The internal audit department is organized with the intent of being in compliance with the Fiscal Control and Internal Auditing Act which requires:

  • State universities to establish a full-time program of internal auditing;
  • The chief internal auditor to report directly to the chief executive officer (president) and to have direct communication with the chief executive officer and the Board of Trustees, if applicable, in the exercise of auditing activities;
  • Internal auditors to be free of all operational duties;
  • A two-year audit plan and an annual report on the prior year audit activity to be prepared annually;
  • Audits of major systems of internal accounting and administrative control to be conducted on a regular basis;
  • The design or modification of major electronic data processing systems to be reviewed prior to their implementation;
  • Special audits to be performed as requested by the president;
  • The chief internal auditor to have, in addition to all other powers or duties authorized by law, required by professional ethics or standards, or assigned consistent with the Act, the powers necessary to carry out the duties required by the Act;
  • The chief internal auditor may consult with state agencies, commissions, boards, and committees on matters affecting the duties or responsibilities of the chief internal auditor under the Act.

The Act also created an Internal Audit Advisory Board (Board) which established professional standards and a code of ethics to which all State internal auditors must adhere:

All audits shall be conducted in compliance with the general and specific standards of the "International Standards for the Professional Practice of Internal Auditing" published by the Institute of Internal Auditors, or where required, in accordance with government auditing standards published by the U.S. General Accounting Office. The professional conduct of persons involved in internal audit operations shall be based on the ethical standard adopted by the Institute of Internal Auditors, "IIA Code of Ethics, Standards of Conduct."

Approved by Board of Trustees May 13, 2010