What Do we do?
- Assess the adequacy, effectiveness and application of the systems of governance, risk management and internal control.
- Ascertain the extent to which the system of internal control ensures compliance with established policies and procedures.
- Ascertain the extent to which the assets and interests entrusted to or funded by the University are properly controlled and safeguarded from losses arising from fraud, irregularity or corruption.
- Ascertain that accounting and other information is reliable as a basis for producing accounts, and financial, statistical and other returns.
- Ascertain the integrity and reliability of financial and other information provided to management, including that used in decision making.
- Ascertain that systems of control operate to achieve value for money.
- Assess the quality of the management controls over the production of data for HEFCE, HESA and other public bodies.
What We Don’t Do
To help us meet these responsibilities, independence is essential. We are not, therefore, involved in operational or non-audit activities, e.g. acting as cashiers or invoice checkers. However, we need to have a close working relationship with schools and departments through contact at the appropriate managerial levels before, during, and at the end of our assignments. Also, we are not responsible for the controls that exist for the University’s systems and its use of resources. These are the responsibility of the relevant managers – we do however, have a role to play in providing managers with assurances (or otherwise) on how well these controls are working.
What you can expect from us
- Contact the responsible or nominated officer(s) to identify the most appropriate timing for the individual audit to take place.
- Where possible, work with colleagues who audit or review other activities of the University (e.g. HSU, Academic Office) so that any planned work can be co-ordinated to minimise the impact and disruption to those services being reviewed.
- Produce terms of reference and scope that are agreed with you. The terms of reference will reflect the key issues of financial and operational risk for your area that is being reviewed.
- Provide a professional and independent service through training, adherence to professional audit standards and membership of professional bodies and networks.
- Carry out our work to meet the agreed terms of reference / scope. Any variation from this, will be discussed before any of this additional work takes place.
- Endeavour to work in a way that causes minimal disruption to your work environment during our audit.
- Provide you with on-going feedback and progress reporting during the audit review – areas of significant concern will usually be raised before the formal audit feedback starts.
- Keep you informed of the likely impact and revise the appropriate dates, where further work is required which may affect the timing of our reporting and feedback.
- Produce balanced and practical audit reports with recommendations that are practical, supported and justified within the report. We will also ensure that anything we recommend contributes to the achievement of the strategic and operational objectives.
- Report to you in a timely manner subject to any limitations identified above.
- Respect the need for privacy or confidentiality.
- Provide you with an opinion that gives assurance or otherwise on the areas that have been reviewed.
- Report the progress of our work (including any fundamental recommendations) to each meeting of the University’s Audit Committee.
- As part of our annual plan of work, carry out a number of follow-up reviews. These reviews are a way of us establishing how an area that was previously audited is progressing with the implementation of its action plan.
- Within the resource constraints of our service be available for advice and guidance outside of the routine programme of audits.
- Periodically, compare our service against similar, “peer” organisations and use this as a means for
What we need from you
- A response to the Head of Internal Audit’s request for the appropriate timing of the audit. This will help us ensure that our work is carried out at a convenient time of the year for you and your area. This will also help us co-ordinate our work with other review agencies inside and outside of the University.
- You to make some time available to help us plan and scope the audit assignment – this is a meeting that usually lasts around two hours. We will contact you to arrange the planning meeting at least a week before the start of the audit but usually around two weeks before.
- To know if there are any areas of significance or concern as this may affect our planning or approach. We will also need to be kept informed of any factors that may impede us completing our work or may affect us meeting our agreed deadline dates.
- Access to staff, records and assets during our assignment – we may need to take copies of some documents – where possible these will be identified in advance of the audit review starting.
- You to identify key staff that we need access to in advance of us starting our work.
- Depending upon the nature of the work we carry out, somewhere to work – we will discuss the practicalities of this with you at our planning meeting.
- A timely response to our draft audit report so that it can be progressed to the stage of an agreed final report as quickly as possible. We usually ask that you respond to us within ten working days of the draft being received.
- You to complete the action plan produced as part of the draft report and identify any nominated officers with practical and reasonable time scales for implementation of recommendations.
- You to complete our post-audit questionnaire that is dispatched along with the final report. We use this as a basis for identifying improvements to our service
- We will periodically review this statement to ensure that it continues to meet the needs of the IAS and our clients.