Internal Audit

An Introduction to Internal Audit

  • Posted February 13, 2020

An Introduction to Internal Audit

The Institute of Internal Auditors (IIA) defines Internal Audit as “an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” The first sentence of this definition uses a number of crucial words to emphasize what we do and more importantly what we do for you. The second sentence defines how we do it.

Assurance

First and foremost, managers look to internal auditors for assurance. We tell management that something is or is not what it purports to be: a control is or is not working the way it was intended; a balance in an account is or is not an accurate reflection of economic reality; a process is or is not working efficiently.  We do that by conducting an objective examination of evidence for the purpose of providing an independent assessment of the matter under review. Management and other stakeholders have to know that the information they are using to make decisions is reliable, accurate and timely.

Consulting

Sometimes, they also need help. If an assurance engagement identifies a weak or non-existent control, internal audit can be called on to help in the design of appropriate controls. If a process is not working efficiently, internal audit can be called on to help design better processes. Consulting service activities, the nature and scope of which are agreed with the client, are intended to add value and improve an organization’s governance, risk management, and control processes without the internal auditor assuming management responsibility.

Add Value

Many people fear the internal auditor and see them as the ‘gotcha’ team. This is unfortunate, because while internal audit will hold accountable those who violate the law and policy, that is not its primary function. Its primary function is to add value to the work of those it audits. According to the IIA’s Standards Glossary, “the internal audit activity adds value to the organization (and its stakeholders) when it provides objective and relevant assurance, and contributes to the effectiveness and efficiency of governance, risk management, and control processes.” As expressed in the LCTCS Internal Audit activity’s Vision Statement, internal auditors wants to be known not as the ‘gotcha’ team but as a trusted advisor and a capable business partner. Our desire is that when internal audit leaves your office, you will be better at what you do than you were before we arrived.

Organizational Objectives

For internal audit to remain relevant, its work must be aligned with the goals and objectives of the institutions it serves. We decide what projects to take on by coordinating with senior system leaders and college management to identify the risks they face in meeting their goals and then working with them to address those risks. It is important that risks be objectively determined so that appropriate resources can be applied to the greatest risks.

A Systematic, Disciplined Approach

You would not want a contractor to just arrive at your home and start remodeling your kitchen without having talked to you to determine your needs, without knowing a bit about your existing kitchen design and without a plan for the remodel effort. You should expect no less from the internal auditors who show up at your campus. IIA Standards require that all projects begin with a preliminary survey, meaning the obtaining of basic understanding of the area of the college to be reviewed. If this is the first time that we have addressed a particular program or issue on your campus, we may ask for documentation and policies regarding the program and/or interview persons to understand the matter. If it is a repeat visit, for example a repeat review of Perkins fiscal monitoring, this preliminary activity may be more abbreviated. Following this preliminary survey and using information learned from the survey, the auditors will prepare a program of action, much like a building contractor’s blueprints, that will guide the remainder of our work. It will identify the aspects of the process that will need detailed review and the objectives of this review. It will define the tests of records to be examined, the scope and methodology of these tests and how the results of those tests will be evaluated.

Evaluate and Improve

Internal auditors are professional skeptics. Our attitude is somewhere between Fox Mulder’s “trust no one” and Pollyanna’s “The Glad Game,” something more akin to Ronald Reagan’s “trust, but verify!” We are very opinionated. We are supposed to be. The goal of every internal audit project is to come to a conclusion and to express an opinion based on the evaluation of evidence reviewed. When we present those opinions to management, we hope they will accept the recommendations that accompany them to make improvements to the process on which the report was issued.

If you would like to know more about LCTCS Internal Audit or would like to request services from the LCTCS Internal Audit team, please contact us using the CONTACT US button at the top of this page.

 

Learn more about Internal Audit

Vision, Mission and Values
Internal Audit Charter

 

Auditor Independence and Objectivity
GRC – Governance, Risk and Control

 

Due Professional Care
Auditor Responsibility for Fraud

 

Internal Audit Plan
Risk Assessments

This site provides information using PDF, visit this link to download the Adobe Acrobat Reader DC software.