Internal Audit

HomeInternal AuditCharter

Charter

Louisiana Tech University
Internal Audit Activity Charter

This charter sets forth the purpose, mission, objectives, authority, and responsibility of the internal audit function at Louisiana Tech University. The charter establishes the internal audit function’s position within the University; authorizes access to records, personnel, and physical properties relevant to the performance of engagements; and defines the scope of internal audit functions. 

Purpose and Mission

The purpose of the University’s internal audit function is to provide independent, objective assurance and consulting services designed to add value and improve the University’s operations. The mission of internal audit is to enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight. The internal audit function helps the University accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of governance, risk management, and control processes. The internal audit function is guided by a value-driven philosophy of partnering with other departmental units to continuously improve the operations of the University.

Standards for the Professional Practice of Internal Auditing

The internal audit function will govern itself by adherence to the mandatory elements of the Institute of Internal Auditors’ International Professional Practices Framework, including the Core Principles for the Professional Practice of Internal Auditing, the Code of Ethics, the International Standards for the Professional Practice of Internal Auditing (Standards), and the Definition of Internal Auditing.  Act 314 of the 2015 Regular Legislative Session (L.R.S. 17:3351) provides that the chief audit executive will ensure that the internal audit function adheres to the IIA Standards.  The Director of Internal Audit (Chief Audit Executive) will report periodically to the University President and, through the Chief Audit Executive and Chief Compliance Officer, to the Audit Committee (Audit Committee) of the Board of Supervisors of the University of Louisiana System (Board) regarding the internal audit function’s conformance to the Code of Ethics and the Standards.

Authority

The University’s internal audit function is established by the Audit Committee.  The internal audit function’s responsibilities are defined by the Audit Committee as part of their oversight role.  The Director of Internal Audit will report administratively (i.e., day-to-day operations) to the President of the University and functionally to the Audit Committee, through the Chief Audit Executive and Chief Compliance Officer.  To establish, maintain, and assure that the University’s internal audit function has sufficient authority to fulfill its duties, the Audit Committee will:

  • Exercise oversight of all internal audit functions to ensure audit coverage adequately encompasses all aspects of University operations;
  • Review and approve the annual risk-based internal audit plan and receive interim progress reports at least quarterly;
  • Review and approve the internal audit budget and resource plan, and any significant changes to the resource plan, to achieve the internal audit plan;
  • Consult with the University President concerning the annual evaluation, compensation, promotion, or dismissal of the Director of Internal Audit; and
  • Receive periodic reports on internal audit’s conformance with the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing and the Code of Ethics.

The Director of Internal Audit will have unrestricted access to communicate and interact directly with the Chief Audit Executive and Chief Compliance Officer, the Audit Committee, and the Board of Supervisors, including in private meetings without management present.

The Director of Internal Audit and staff of the internal audit function are authorized to:

  • Have full, free, and unrestricted access to all functions, records, property, and personnel pertinent to carrying out any engagement, subject to accountability for confidentiality and safeguarding of records and information;
  • Audit or review any function, activity, or unit of the University and the accounts of all organizations required to submit financial statements to the University; 
  • Have direct and unrestricted access to present to the President of the University any matter considered to be of sufficient importance to warrant attention or that has been brought to the internal audit function for review;
  • Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives; and
  • Obtain the necessary assistance of personnel of the University where they perform audits, as well as other specialized services from within or outside the University, in order to complete the engagement.

Independence and Objectivity

The Director of Internal Audit will ensure that the internal audit function remains free from all conditions that threaten the ability of internal auditors to carry out their responsibilities in an unbiased manner, including matters of audit selection, scope, procedures, frequency, timing, and report content. If the Director of Internal Audit determines that independence or objectivity may be impaired in fact or appearance, the details of impairment will be disclosed to appropriate parties.

Internal auditors will maintain an unbiased mental attitude that allows them to perform engagements objectively and in such a manner that they believe in their work product, that no quality compromises are made, and that they do not subordinate their judgment on audit matters to others.

Internal auditors will have no direct operational responsibility or authority over any of the activities audited. Accordingly, internal auditors will not implement internal controls, develop procedures, install systems, prepare records, or engage in any other activity that may impair their judgment, including:

  • Assessing specific operations for which they had responsibility within the previous year;
  • Performing any operational duties for the University or its affiliates;
  • Initiating or approving transactions external to the Department of Internal Audit; and
  • Directing the activities of any University employee not employed by the internal audit function, except to the extent that such employees have been appropriately assigned to auditing teams or to otherwise assist internal auditors.

To provide for the independence of the internal audit function, its personnel will report to the University’s Director of Internal Audit, who reports functionally to the Audit Committee through the Chief Audit Executive and Chief Compliance Officer and administratively to the President of the University.  Therefore, internal audits and appraisals do not in any way substitute for nor relieve other persons in the University of the responsibilities assigned to them. 

Where the Director of Internal Audit has or is expected to have roles and/or responsibilities that fall outside of internal auditing, safeguards will be established to limit impairments to independence or objectivity. Internal auditors will:

  • Disclose any impairment of independence or objectivity, in fact or appearance, to appropriate parties;
  • Exhibit professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined;
  • Make balanced assessments of all available and relevant facts and circumstances; and
  • Take necessary precautions to avoid being unduly influenced by their own interests or by others in forming judgments.

At least annually, the Director of Internal Audit will confirm to the University President and the Audit Committee through the Chief Audit Executive and Chief Compliance Officer, the organizational independence of the internal audit function.  The Director of Internal Audit will also disclose to those parties any interference and related implications in determining the scope of internal auditing, performing work, and/or communicating results.

Scope of Internal Audit Activities

The scope of internal audit functions encompasses, but is not limited to:

  • Assurance services provided to the Board, management, and outside parties primarily consisting of objective examinations of evidence for the purpose of providing independent assessments on the adequacy and effectiveness of governance, risk management, and control processes for the University.Examples may include financial, performance, compliance, system security, and due diligence engagements; and
  • Consulting services provided to the Board, management, and outside parties primarily consisting of advisory and related client service activities, the nature and scope of which will be agreed with the client and be intended to add value and improve the University’s governance, risk management, and control processes without the internal audit function assuming management responsibility. Examples may include counsel, advice, facilitation, and training.

Internal audit assessments include evaluating whether:

  • Risks relating to the achievement of the University’s strategic objectives are appropriately identified and managed;
  • The actions of the University’s officers, directors, employees, and contractors are in compliance with the University’s policies, procedures, applicable laws, regulations, and governance standards;
  • The results of operations or programs are consistent with established goals and objectives;
  • Operations or programs are being carried out effectively and efficiently;
  • Established processes and systems enable compliance with the policies, procedures, laws, and regulations that could significantly impact the University;
  • Information and the means used to identify, measure, analyze, classify, and report such information are reliable and have integrity; and
  • Resources and assets are acquired economically, used efficiently, and protected adequately.

The Director of Internal Audit will report periodically to senior management and the Audit Committee regarding:

  • The internal audit function’s purpose, authority, and responsibility;
  • The internal audit function’s plan and performance relative to its plan;
  • The internal audit function’s conformance with The IIA’s Code of Ethics and Standards, and action plans to address any significant conformance issues;
  • Significant risk exposures and control issues, including fraud risks, governance issues, and other matters requiring the attention of, or requested by, the Board or Audit Committee;
  • Results of audit engagements or other activities;
  • Resource requirements; and
  • Any response to risk by management that may be unacceptable to the University.

The Director of Internal Audit also coordinates activities, where possible, and considers relying upon the work of other internal and external assurance and consulting service providers as needed. The internal audit function may perform advisory and related client service activities, the nature and scope of which will be agreed with the client, provided the internal audit function does not assume management responsibility.

Opportunities for improving the efficiency of governance, risk management, and control processes may be identified during engagements. These opportunities will be communicated to the appropriate level of management.

Responsibility

The University’s Director of Internal Audit has the responsibility to:

  • Annually develop and submit to senior management and the Audit Committee a risk-based internal audit plan for review and approval. The flexible annual audit plan will be developed based on internal audit’s assessment of risk with input from management regarding areas of concern and areas of increased risk;
  • Communicate to senior management and the Audit Committee the impact of resource limitations on the internal audit plan;
  • Review and adjust the annual internal audit plan, as necessary, in response to changes in the University’s business, risks, operations, programs, systems, and controls;
  • Communicate to senior management and the Audit Committee any significant interim changes to the internal audit plan;
  • Ensure each engagement of the internal audit plan is executed, including the establishment of objectives and scope, the assignment of appropriate and adequately supervised resources, the documentation of work programs and testing results, and the communication of engagement results with applicable conclusions and recommendations to appropriate parties;
  • Follow up on engagement findings and corrective actions, and report periodically to senior management and the Audit Committee any corrective actions not effectively implemented;
  • Ensure the principles of integrity, objectivity, confidentiality, and competency are applied and upheld;
  • Ensure the Department of Internal Audit collectively possesses or obtains the knowledge, skills, and other competencies needed to meet the requirements of the internal audit charter;
  • Maintain a Quality Assurance and Improvement Program by which the Director assures the operations of internal auditing functions are adequate;
  • Perform consulting services, beyond internal auditing’s assurance services, to assist management in meeting its objectives;
  • Ensure trends and emerging issues that could impact the University are considered and communicated to senior management and the Audit Committee as appropriate;
  • Ensure emerging trends and successful practices in internal auditing are considered;
  • Evaluate and assess significant merging/consolidating functions and new or changing services, processes, operations, and control processes coincident with their development, implementation, and/or expansion;
  • Assist in the investigation of significant suspected fraudulent activities within the University and notify management and the Audit Committee of the results;
  • Consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage;
  • Establish and ensure adherence to policies and procedures designed to guide the internal audit function;
  • Ensure adherence to the University’s relevant policies and procedures, unless such policies and procedures conflict with the internal audit charter. Any such conflicts will be resolved or otherwise communicated to senior management and the Audit Committee;
  • Submit written and timely reports to the President of the University and appropriate members of management at the conclusion of each engagement to acknowledge satisfactory performance or to set forth observations and/or recommendations for correction or improvement; 
  • Forward a copy of each internal audit report and a summary to the Chief Audit Executive and Chief Compliance Officer; and
  • Ensure conformance of the internal audit function with the Standards, with the following qualifications:
    • If the internal audit function is prohibited by law or regulation from conformance with certain parts of the Standards, the Director of Internal Audit will ensure appropriate disclosures and will ensure conformance with all other parts of the Standards; and
    • If the Standards are used in conjunction with requirements issued by other authoritative bodies (e.g., AICPA, GAO, etc.), the Director of Internal Audit will ensure that the internal audit function conforms with the Standards, even if the internal audit function also conforms with the more restrictive requirements of other authoritative bodies.

Quality Assurance and Improvement Program

The internal audit function will maintain a Quality Assurance and Improvement Program that covers all aspects of the internal audit function.  The program is detailed in the Audit Manual of the Louisiana Tech University Department of Internal Audit.  The program will include an evaluation of the internal audit function’s conformance with the Standards and an evaluation of whether internal auditors apply the IIA’s Code of Ethics. The program will also assess the efficiency and effectiveness of the internal audit function and identifies opportunities for improvement.  The program will include both internal and external assessments.  The internal assessments will include ongoing monitoring of the performance of the internal audit function and periodic self-assessments.  The Standards provide that external assessments are required to be conducted at least once every five years by a qualified, independent assessor or assessment team from outside the organization.  The Director of Internal Audit will communicate to senior management and the Audit Committee on the internal audit function’s Quality Assurance and Improvement Program, including results of internal assessments (ongoing monitoring and periodic self-assessments) and external assessments.