An Internal Auditor’s job is to determine whether leaders of an organization (management) are assessing and managing risks appropriately. A fundamental component of managing risk is the use of controls and mitigating actions.
Controls are things that are in place to prevent risks from being realized. For example, a lock on a door is a type of control, meant to prevent unauthorized access.
An internal auditor ensures that the administration of an organization is aware of, understands and manages risks and that the organization has controls in place that are effectively mitigating risk.
Other services provided by internal auditors include:
- Helping to design new processes
- Development and supporting implementation of projects
- Offering support, coaching and advice on improvements and efficiencies
Internal Audit Services adds value by delivering above and beyond anticipated scope and expectations and minimum expected delivery. We work to save the University money and help to improve efficiencies.
Many factors are considered when formulating the annual audit plan. Criteria considered include:
- History of the department
- Materiality, or the measure of the estimated effect that the presence or absence of an item of information may have on the accuracy or validity of a statement.
- Requests made by senior management or the department itself for an audit
- Sometimes, potential for misappropriation or malfeasance (misconduct) is a factor
You can expect:
- To be treated with respect, integrity and courtesy
- Transparency, trustworthiness, and open and frank discussions
- Use of an established flexible methodology
- Open communication and timely responses
- Brock’s Internal Audit team to consider context and endeavour to understand context of operations
- That our goal is to provide you with tools and capability to properly perform your duties.
- That we want to help you to improve your processes; we’re not out to “get” anyone.
After the audit, the department management creates an action plan for resolution of any issues that were identified. Internal Audit Services issues the report and action plan to the department’s managers and directors, the related Vice-President and the President, along with the Internal Audit’s opinion on risk and control in the department. Future follow up is done to ensure the action plans have been successfully implemented.
Semi-annually these issues are reported to the Audit Committee along with status and progress reports.