Internal Audit Charter

Charter


 

Definition

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.  It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Mission and Scope of Work

The mission of the University of Texas Medical Branch (UTMB) Office of Audit Services (Audit Services) is to add value and improve UTMB's operations through assurance and consulting services.The scope of work of Audit Services must assess whether UTMB’s network of risk management, control, and processes, as designed and represented by management, is adequate and functioning in a manner to help ensure that:

  • Risks are appropriately identified and managed
  • Significant financial, managerial, and operating information is accurate, reliable, and timely
  • Employees’ actions are in compliance with policies, standards, procedures, and applicable laws and regulations
  • Resources are acquired economically, used efficiently, and adequately protected
  • Programs, plans, and objectives are achieved
  • Quality and continuous improvement are fostered in the institution’s control process
  • UTMBs information technology governance sustains and supports the institution’s strategies and objectives.

Opportunities for improving management control may be identified within Audit Services’ scope of work.  These opportunities will be communicated to the appropriate level of management.

Accountability

The Associate Vice President of Audit Services, in the discharge of his/her duties, shall be accountable and must communicate the following directly to the UTMB President and the Institutional Audit Committee:

  • Provide assessments on the adequacy and effectiveness of the organization’s processes for controlling its activities and managing its risks in the areas set forth under the mission and scope of work
  • Report significant issues related to the processes for controlling the activities of the organization and its affiliates, including potential improvements to those processes, and provide information concerning such issues through resolution
  • Periodically provide information on the status and results of Audit Services’ annual work plan, including resource requirements, significant interim changes, and the impact of resource limitations
  • Coordinate UTMB’s interaction with the State Auditor’s Office and other external audit entities

Independence

To provide for the independence of the internal auditing activity, the Associate Vice President of Audit Services reports directly to the UTMB President and must be free of all operational and management responsibilities that would impair his/her ability to review independently all aspects of the institution (per the Texas Internal Auditing Act, Section 2102, Government Code).  The Associate Vice President of Audit Services also has an indirect reporting relationship to the University of Texas System (UT System) Chief Audit Executive who has responsibility for oversight of the internal auditing activity for the UT System and has the reporting responsibility for all components to the Board of Regents.
The Associate Vice President of Audit Services is designated as the Chief Audit Executive of UTMB (per the Standards for the Professional Practice of Internal Auditing).

Responsibility

Audit Services must:

  • Develop a flexible annual work plan using an appropriate risk-based methodology, including any risks or control concerns identified by management, and submit that plan to the UTMB President, Institutional Audit Committee, and the Board of Regents for review and approval as well as periodic updates
  • Evaluate the design, implementation and effectiveness of the organization’s ethics-related objectives, programs and activities.
  • Implement the annual work plan, as approved, including as appropriate any special projects requested by executive management of the institution, UT System officials, or the Board of RegentsHave and maintain a professional audit staff that, at minimum, apply and uphold integrity, objectivity, confidentiality, and competency.
  • Have and maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of this charter and the Texas Internal Auditing Act.
  • Exercise due professional care in considering the use of technology-based audit and other data analysis techniques.
  • Evaluate and assess significant merging/consolidating functions and new or changing services, processes, operations, and control processes coincident with their development, implementation, and/or expansion
  • Issue periodic reports to the President and Institutional Audit Committee summarizing results of audit activities
  • Keep the President and Institutional Audit Committee informed of emerging trends and successful practices in internal auditing
  • Evaluate potential fraud occurrence and how UTMB manages fraud risk.
  • Assist in the investigation of significant issues within the institution and notify appropriate members of executive management of the results
  • Consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage to the institution
  • Conduct quality assurance reviews in accordance with professional Internal Auditing standards and periodically take part in an external peer review
  • Provide consulting and advisory services as appropriate
  • Guide the institution on control self-assessment by assisting managers with risk self-assessment and conducting self-audits
  • Provide information to the UT System Director of Audits as required or requested to fulfill the System-wide audit oversight and reporting responsibilities
  • File internal audit reports and related responses or action plans with the UT System Audit Office, budget division of the Governor’s Office, State Auditor, and the Legislative Budget Board within two weeks after their presentation to the Institutional Audit Committee
  • Prepare the annual report required by the Texas Internal Auditing Act (Section 2102, Government Code) and submit the report to the UTMB President, UT System Audit Office, budget division of the Governor’s Office, State Auditor, and the Legislative Budget Board
  • (CAE) must develop retention requirements for engagement records consistent with the UTMBs guidelines, regulatory, and other pertinent requirements.

Authority

Audit Services staff are authorized to:

  • Have full, free, and unrestricted access to all functions, activities, records, property, information systems, and personnel (the examination of patient medical records is included when it serves a specific audit need)
  • Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives
  • Obtain the necessary assistance of personnel in units where they perform audits, as well as other specialized services from within or outside the institution

Audit Services staff are not authorized to:

  • Perform any operational duties
  • Assume any management responsibility by actually managing risks
  • Initiate or approve accounting transactions external to Audit Services
  • Direct the activities of any UTMB employee not employed by Audit Services, except to the extent such employees have been appropriately assigned to auditing teams or to otherwise assist the auditors

Standards of Audit Practice

The activities of Audit Services will meet or exceed the International Standards for the Professional Practice of Internal Auditing of The Institute of Internal Auditors.  Audit Services will also abide by generally accepted government auditing standards, the Texas Internal Auditing Act, and University of Texas System guidelines and applicable Business Procedures Memoranda.


Approved by President David L. Callender, M.D., and the Institutional Audit Committee, September 2, 2009