Types of Audits

Audit Engagements

Audit Engagements are classified based on the underlying purpose of the project. Audits cannot give absolute assurance, however, we strive to obtain reasonable assurance among the various types of audit engagements we undertake. Below is the list of audit types and a brief description what the audit is and how it is used by Audit Services.
Various government agencies have very specific rules and regulations with which the university must comply. Compliance audits are conducted to evaluate adherence to regulations and also measure the effectiveness of efforts to maintain compliance with important statutory requirements. In addition, units must comply with university policies, such as travel or ProCard. Compliance audits are performed to give reasonable assurance that university policies are followed.
Financial audits focus primarily on accounting controls and include the review of ancillary functions such as financial statements, accounting systems, cash receipts and revenue collection procedures, procurement including the use of university procurement cards, payrolls, management information systems, and security systems and procedures. The purpose is the accuracy of financial data within the university's financial system and how effective controls are at maintaining dependable results.
Information Technology (IT)
In these audits we examine information confidentiality, integrity, and availability in the highly distributed IT infrastructure. The auditing of computer application systems is usually conducted as an integral part of the financial audit. However, due to the increasing importance of the computer as a management support tool, specialized audits, especially in the areas of computer operating systems and operations, networking, telecommunications, and system acquisition, development, implementation, and maintenance are now taking place. We review and measure how well controls operate so the highest quality and most effective IT environment can be constructed and maintained.
These projects investigate reports of possible fiscal misconduct. They can be initiated as part of another audit when evidence is discovered warranting further investigation or through specific allegations made by concerned individuals. We work closely with management, the Controller's Office, Department of Public Safety, Human Resources, University Counsel, law enforcement agencies, and the criminal justice system as necessary to protect employees and the university. Confirmed instances of possible criminal activity will be reported to law enforcement.
Governance processes deal with the procedures used by an organization to provide oversight of risk and control processes administered by management.  Audits in this area assess how well policies, procedures, and management administer or control the university to meet Board of Trustees expectations and the university's mission.
We interview key departmental personnel to obtain a basic understanding of the business functions performed at the departments and units under review. In addition to the internal control environment, the audit will evaluate the operational effectiveness of processes and evaluate whether the processes help the unit meet its mission.

Advisory Engagements

Advising is a natural extension of the assurance and investigative services listed above. Advisory engagements may range from a formal service, defined by a written agreement to participating in a standing or temporary management committee or project team. Audit Services is uniquely positioned to perform this type of work based on its breadth of knowledge of best business practices and university processes, risks, and strategies. Opinions are not rendered as a result of these engagements. In addition, the unit requesting the engagement will control the level of work performed by audit services. The purpose is to provide an independent assessment of the area or information being reviewed.

Types of Advisory Engagements

Examples of advisory engagements include:

  • Recommend improvements to existing processes
  • Assess proposed processes
  • Analyze controls built into developing systems
  • Analyze security products
  • Serve on task forces established to analyze operations and make recommendations

How an Advisory Engagement Benefits a Department and the University

  • Needs are addressed at an appropriate level of management
  • Assessments can be made with minimal disruption to daily operations
  • Shows a proactive approach by management to make improvements

How to Request an Advisory Engagement

To request an advisory engagement, please contact Audit Services.  (Click to request an engagement)