Ensure the internal audit function maintains a quality assurance and improvement
program, including internal procedures and assessments and a periodic external
quality assessment of conformance with the Institute of Internal Auditors’
International Standards for the Professional Practice of Internal Auditing
Internal Audit Administration
Review the Chief Audit Executive’s administrative reporting relationship to the Vice
Chancellor for Business and Finance to assure not only that independence is fostered,
but adequate resources in terms of staff and budget are provided to enable the
department to effectively perform its responsibilities. The Vice Chancellor has
administrative authority for approval of the Chief Audit Executive’s time, travel and
other expenses of the Office of System-wide Internal Audit. Additionally, the Vice
Chancellor may initiate a performance evaluation of the Chief Audit Executive at the
request of the Audit Committee or Chair of the committee. This administrative
reporting relationship is meant to facilitate administrative activities and does not
diminish the Chief Audit Executive’s reporting relationship to the Audit Committee
and the Board of Regents.
Review and approve the appointment, compensation, reassignment, or dismissal of
the Chief Audit Executive; review and approve the compensation and termination of
system office internal auditors; review the compensation of campus internal auditors;
and approve the termination of campus internal audit directors.
Risk, Internal Control and Compliance
Consider the effectiveness of the internal control system and compliance with laws
and regulations, including computerized information system controls and security.
Understand the scope of internal and external auditors’ reviews of internal controls
over financial reporting.
Make recommendations to improve the internal control and compliance systems to
ensure the safeguarding of assets and prevention and detection of errors and fraud.
The components of the control system are:
control environment—creating a culture of accountability;
risk assessment—performing analyses of program operations to determine if
control activities—taking actions to address identified risk areas;
information and communication—using and sharing relevant, reliable, and
timely information; and
monitoring—tracking improvement initiatives and identifying additional
actions needed to further improve program efficiency and effectiveness.
Review and evaluate risk assessments performed by management of the Board and its
Ensure that the Board, and the management and staff of the Board and its institutions
take all reasonable steps to prevent, detect, and report fraud, waste and abuse.