Internal Audit: Difference between revisions

3,975 bytes removed ,  March 30, 2020
no edit summary
No edit summary
No edit summary
 
(23 intermediate revisions by 2 users not shown)
Line 1: Line 1:
<table style="background:#F8FCFF; text-align:center" width="100%" cellspacing="0" cellpadding="0" border="0">
<table style="background:#F8FCFF; text-align:center" width="100%" cellspacing="0" cellpadding="0" border="0">
<tr>
<tr>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF" width="20">[[Human Resources]]</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF"  
width="20">[[Human Resources]]</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF" width="20">[[Safety/Security]] </td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF"  
width="20">[[Safety/Security]] </td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF" width="20">[[Research Compliance]] </td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF"  
width="20">[[Research Compliance]] </td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="padding:0.5em; background-color:white; line-height:0.95em; border:solid 2px #A3B1BF; border-bottom:0; font-weight:bold;" width="20">[[Compliance]]</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF"  
width="20">[[Compliance]]</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF" width="20">[[Privacy/Information Security]]</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF"  
width="20">[[Privacy/Information Security]]</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF" width="20">[[Business Operations]]</td>
<td style="padding:0.5em; background-color:white; line-height:0.95em; border:solid 2px #A3B1BF; border-bottom:0; font-weight:bold;" width="20">[[Business Operations]]</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF" width="20">[[Intellectual Property]]</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF"  
width="20">[[Intellectual Property]]</td>
<td style="border-bottom:2px solid #A3B1BF" width="3">&#160;</td>
<td style="padding:0.5em; background-color:#e5e5e5; font-size:90%; line-height:0.95em; border:1px solid #A3B1BF; border-bottom:solid 2px #A3B1BF"
width="20">[[Faculty]]</td>
</tr>
</tr>
</table>
</table>
<br />
<br />
[[Compliance Program]] | [[Compliance Hotline]] | [[Investigations by Third Parties]] | [[Research Integrity]] | [[Copyright]] | [[Export Control]] | [[Code of Conduct]] | [[Use of Human Anatomical Material]] | [[Clinical Trial Fee Billing Procedures]] | [[Contracts Policy]] | [[Conflict of Interest]] | [[Red Flag Identity Theft Prevention Program]] | [[Principles of Financial Stewardship]] | [[Human Tissue Use & Transfer]] | [[International Research Policy]] | [[Health Care Vendor Interactions Policy]] | [[Internal Audit]]
[[General Accounting]] | [[SBIR/STTR Program Participation]] | [[Supplemental Compensation Plan]] | [[Facilities Management/Planning]] | [[Purchasing]] | [[Public Affairs]] | [[Facility Identification]] | [[Serving Alcoholic Beverages]] | [[Travel and Reimbursement]] | [[State Vehicles]] | [[Reproducing Copyrighted Materials]] | [[Bank Card Processing]] | [[Student Training Agreement]] | [[Volunteer]] | [[Cash Handling]] | [[Fraud]] | [[Assigning Research Lab Space]] | [[Space Scheduling and Fundraising]] | [[Academic Personnel Records]] | [[Cellular Phone]] | [[Off-campus Graphic Design and Related Printing]] | [[Off-campus Photography]] | [[Tax Exempt Financing and Tracking of Both Qualified Use and Non-Qualified Use of Research Space]] | [[Secondary Logos]] | [[Social Media]] | [[Sensitive Equipment Tracking]] | [[International Visitors]] | [[Accounts Receivable Management]] | [[Internal Audit]] | [[Regulations on the Use of University Facilities and Grounds]]
<br /><br />Policy No.: '''8016'''<br />
<br />
Effective Date: '''DRAFT'''<br />
<br />'''Effective March 30, 2020, UNMC Policy No. 8016, Internal Audit, is no longer in effect. It has been replaced by the university-wide [https://nebraska.edu/offices-policies/internal-audit-and-advisory-services/charter University of Nebraska Internal Audit Charter] and the [https://www.unmc.edu/internal-audit/index.html UNMC Internal Audit and Advisory Services webpage].'''<br />
Revised Date:<br />
<br />
Reviewed Date:<br /><br />
<big>'''Internal Audit'''</big>
==Basis for Policy==
The University of Nebraska Medical Center (UNMC) shall comply with all applicable federal, state and local laws and regulations and University of Nebraska and UNMC Policies and Procedures.
==Internal Audit Structure==
The mission of the internal audit activity is to provide independent, objective assurance and consulting services designed to add value and improve the UNMC’s operations. It helps UNMC accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.  
 
The scope of work of the internal audit activity is to determine whether UNMC’s network of risk management, control and governance processes, as designed and represented by management, is adequate and functioning in a manner to ensure:
*Risks are appropriately identified and managed.
*Interaction with the various governance groups occurs as needed.
*Significant financial, managerial and operating information is accurate, reliable, and timely.
*Employees’ actions are in compliance with policies, standards, procedures, and applicable laws and regulations.
*Resources are acquired economically, used efficiently and adequately protected.
*Programs, plans, and objectives are achieved.
*Quality and continuous improvement are fostered in UNMC’s control process.
*Significant legislative or regulatory issues impacting UNMC are recognized and addressed appropriately.
*Opportunities for improving management control, profitability, and UNMC’s image may be identified during audits. They will be communicated to the appropriate level of management.
==Accountability==
The Internal Audit Director, shall be accountable to the Chancellor and provide information, on request for the chief audit executive, to be presented at the Audit, Risk and Compliance Committee including:
*Provide annually an assessment on the adequacy and effectiveness of the campus processes for controlling its activities and managing its risks in the areas set forth under the mission and scope of work.
*Report significant issues related to the processes for controlling the activities of the campus and its affiliates, including potential improvements to those processes, and provide information concerning such issues through resolution.
*Periodically provide information on the status and results of the annual audit plan and the sufficiency of activity resources.
*Coordinate with other control and monitoring functions (risk management, compliance, security, legal, ethics, environmental, external audit) to conduct risk assessments and develop or recommend monitoring activities to evaluate the adequacy and effectiveness of internal controls.
==Responsibility==
*Develop a flexible annual audit plan using an appropriate risk-based methodology, including any risks or control concerns identified by management, and submit that plan to the Chancellor for review and approval as well as periodic updates. The Plan shall be presented to the Audit, Risk and Compliance Committee annually.
*Implement the annual audit plan, as approved, including as appropriate, any special tasks or projects requested by management and the Audit, Risk and Compliance Committee.
*Maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of this Charter.
*Evaluate and assess significant merging/consolidating functions and new or changing services, processes, operations, and control processes coincident with their development, implementation, and/or expansion.
*Issue periodic reports to the chief audit executive and management summarizing results of audit activities.
*Keep the chief audit executive informed of emerging trends and significant issues, as it relates to their campus.
*Provide a list of significant measurement goals and results to the chief audit executive.
*Assist in the investigation of significant suspected fraudulent activities within their campus and notify management and the chief audit executive of the results.
*Consider the scope of work of UNMC-selected external auditors for the purpose of providing optimal audit coverage to UNMC at a reasonable overall cost.
==Independence ==
To provide for the independence of the internal auditing activity, administration’s personnel report to the chief audit executive, who reports functionally to the Audit, Risk and Compliance Committee and administratively to the President in a manner outlined in the above section on Accountability. The chief audit executive will include as part of the annual report to the Audit, Risk and Compliance Committee a section on internal audit personnel.
 
The campus directors will report to their campus Chancellor and provide information to the chief audit executive as outlined in the above section on Accountability.
==Standards of Audit Practice ==
The internal audit activity will meet or exceed the [https://na.theiia.org/standards-guidance/mandatory-guidance/Pages/Standards.aspx International Standards for the Professional Practice of Internal Auditing] and [https://na.theiia.org/standards-guidance/mandatory-guidance/Pages/Code-of-Ethics.aspx Code of Ethics] of The [https://na.theiia.org/Pages/IIAHome.aspx Institute of Internal Auditors].
==Additional Information==
==Additional Information==
*Contact the [mailto:mjustus@nebraska.edu Asst. Vice President and Director, Internal Audit], 402-472-7109
*Contact the [mailto:barb.brey@unmc.edu Director, Internal Audit], 402-559-5824  
*Contact the [mailto:barb.brey@unmc.edu Director, Internal Audit], 402-559-5824  
*UNMC Policy No. 8000, [[Compliance Program]]
*[https://nebraska.edu/offices-policies/internal-audit-and-advisory-services/charter University of Nebraska Internal Audit Charter]
*[https://na.theiia.org/Pages/IIAHome.aspx Institute of Internal Auditors]
*[https://na.theiia.org/Pages/IIAHome.aspx Institute of Internal Auditors]
:*[https://na.theiia.org/standards-guidance/mandatory-guidance/Pages/Standards.aspx International Standards for the Professional Practice of Internal Auditing]  
:*[https://na.theiia.org/standards-guidance/mandatory-guidance/Pages/Standards.aspx International Standards for the Professional Practice of Internal Auditing]  
:*[https://na.theiia.org/standards-guidance/mandatory-guidance/Pages/Code-of-Ethics.aspx Code of Ethics]
:*[https://na.theiia.org/standards-guidance/mandatory-guidance/Pages/Code-of-Ethics.aspx Code of Ethics] of The Institute of Internal Auditors
 
Prior to July 1, 2017, reporting and accountability of UNMC's Internal Audit Department was to the Chancellor of the University of Nebraska Medical Center.<br />
 
<br />
This page maintained by [mailto:dpanowic@unmc.edu dkp].
This page maintained by [mailto:dpanowic@unmc.edu dkp].