Internal and External Audit
- Internal Audit
- External Audit
- Managing Audit issues
- Audit and Risk Management Committee
- Information and Contacts
Internal Audit
Internal Audit is an independent appraisal activity within the University for the review of our operations. It assists management of the University by providing independent advice on operations and performance and by assessing the effectiveness of internal controls. The function aims to promote efficiency, economy and effectiveness of management processes as well as reliability and accuracy of operations.
The University's Internal Audit function serves an important role in providing assurance key risk areas are being appropriately addressed and managed and that appropriate controls and activities relating to the key risks identified by management are in place.
Internal Audit also assists the Audit and Risk Committee to discharge its responsibilities, in general terms monitoring the University's governance, risk and compliance frameworks and administrative operations, and reviews the activities of the controlled entities on behalf of the Council.
The Internal Audit function at the University is conducted under a co-sourced arrangement between Deloitte Touche Tohmatsu and the University's Manager Audit Services.
Internal Audit Plan
The internal audit function will be conducted using a risk-based model.
The individual audit engagements comprising the 1 year (tactical) and 3 year (strategic) audit plans are determined through a rigorous Internal Audit Planning Methodology which involved assessing potential audit areas against the following criteria:
- Risk category and overall risk assessment
- History of audit issues
- Time since last internal audit
- Senior management priority for audit frequency
- Area subject to recent internal/external audit change
- Impact of auditable area on strategic objectives
- Interview comments
- Understanding that the University has a reasonable risk appetite
- University's available resources
External Audit
The external audit is conducted by the New South Wales Audit Office. The New South Wales Audit Office performs an annual audit of the University's Financial Statements to "identify whether agencies comply with accounting standards and relevant laws, regulations and government directions". The "financial report audits also highlight opportunities for agencies to improve their accounting and financial systems".Managing Audit issues
The Internal and External Audits conducted on the University culminate in reports being presented to University Management that detail issues identified and recommendations on how they should be dealt with. The issues raised are assigned to a person within the organisation to then provide management comments including responding to the recommendations and detailing how the issue will be managed/resolved.
To assist in the recording, management, follow up and reporting of current and historical internal and external audit issues the University has introduced an enterprise risk management (ERM) system (Leaders4).
The initial inputting of Audit Issues into the system is managed by the Risk Management Unit. These issues are then assigned to an issue owner and it is the owner that will be requested to provide updates on how the issue is being managed through until it is resolved.
Through the system, Audit issue owners will be able to run reports on their current issues as well as resolved issues.
The Risk Management Unit (RMU) will facilitate education, awareness, training and ongoing support to assist with staff*s understanding of risk management and in the use of this new system.
