How Audits are Decided Upon
The internal audit department develops an audit plan utilizing risk analysis to identify the major areas and units needing audit attention. This involves periodic assessments of the university operating units and control functions to identify areas of potential institutional risk. The assessment of risk is based on factors such as:
- The size and make up of the budget
- Any known weaknesses/problems
- Significant changes in personnel, operations, and policies
- The degree of risk or exposure to loss
- The results of audits by other auditors (ABOR, Auditor General, Federal)
- The extent of compliance with standard university policies and procedures as reported by processing departments (i.e., accounts payable, purchasing, payroll)
- Input from the fiscal representatives for the vice presidents/provost and departments' business managers
- Historical data and prior audit results
- New or changed laws/regulations
Based on these assessments and discussions with administrators, an annual audit plan is recommended by the internal audit department. This plan is submitted to the Vice President for Administration & Finance for approval. The plan is continually subject to modification depending on the urgency of projects/issues that may arise during the year. The audit plan is intended to focus work where it would be most productive, address the highest-risk areas identified and provide the most payback.
Contact Info
P.O. Box 4115
Flagstaff, AZ 86011
928-523-6438
928-523-6630 fax
Blome 106C
523 S Knoles Dr