Types of Audits and Projects that are Performed
The work of the NAU internal audit staff generally falls into five
categories. Most of the audits/projects
can be classified into one of the five categories, but some are a
combination of two or more of the five categories. The
following is a list of the five categories with a brief description of
- These address cost accounting issues, recharge
centers/user fees, internal control effects of proposed
systems/process changes, performance measurement,
pricing of services, in-house vs. contracting
out/outsourcing issues, operational controls/procedures,
process flows, forms, integrity of management
information, and opportunities for more efficient and
effective use of resources to fulfill the unit's mission
and objectives. Also, includes providing assurance that
system/process problems were properly corrected and that
action was taken to prevent recurrence.
- A compliance audit determines the degree of adherence to
laws, internal and external policies and procedures, and
terms of contracts or grants. These include
federal/state of Arizona laws and regulations, Arizona
Board of Regent's policies and procedures, management
standards, and NAU policies and procedures. Examples of
specific regulations are NCAA and FLSA.
- These address accounting and reporting of financial
transactions, transaction testing (document support,
public purpose, policy compliance), internal financial
reporting, accounting and other internal controls,
accounting and fund accounting issues, accountability,
reconciliations, and checks and balances.
- These audits address allegations or discoveries of
internal theft, manipulation of records, misuse of
assets and/or conflicts of interest. We work closely
with senior management, the comptroller's office, and
the NAU police department as necessary to resolve the
Information Systems (IS)
- These technical audits address the internal control
environment of automated information and transaction
processing systems, and how people use those systems.
IS audits typically evaluate system input, output, and
processing, backup and recovery plans, and system
security and documentation. IS audits at NAU are
performed by the Arizona Board of Regents' IS Auditor.
Some of the internal audit department's work comes
in the form of inquiries from the campus community via phone, e-mail, or
in person. A formal audit report is not issued in these cases.
Instead, the work is documented in a memo or e-mail message, or
discussed verbally. Examples of these miscellaneous projects