Audit Services Charter

Internal Audit is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes

The mission of the Office of Audit Services is to enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight.

The internal audit activity is established per the Texas Internal Auditing Act. The Office of Audit Services is the internal audit activity. The TWU Board of Regents, through the Finance and Audit Committee, provides oversight. The Office of Audit Services works to be a trusted advisor to management in the areas of governance, risk management and internal controls.

The internal audit activity will govern itself by adherence to the mandatory elements of The Institute of Internal Auditors’ International Professional Practices Framework, including the Core Principles for the Professional Practice of Internal Auditing, The Code of Ethics, the International Standards for the Professional Practice of Internal Auditing, and the Definition of Internal Auditing, as well as Generally Accepted Governmental Auditing Standards as required by the Texas Internal Auditing Act. This mandatory guidance constitutes principles of the fundamental requirements for the professional practice of internal auditing and for evaluating the effectiveness of the internal audit activity’s performance.

The Institute of Internal Auditors’ Implementation Guides, Practice Guides, Supplemental Guidance, and Position Papers will also be adhered to as applicable to guide operations. In addition, the internal audit activity will adhere to applicable Texas Woman’s University’s policies and procedures and the internal audit activity’s standard operating procedures manual.

The internal audit activity, with strict accountability for confidentiality and safeguarding records and information, is authorized full, free and unrestricted access to any and all of Texas Woman’s University’s records, physical properties, and personnel pertinent to carrying out any engagement. All employees are requested to assist the internal audit activity in fulfilling its roles and responsibilities. The internal audit activity will also have full, free and unrestricted access to the Chancellor and President, and the Board of Regents through the Finance and Audit Committee.

The Office of Audit Services is an integral part of Texas Woman’s University and functions in accordance with the policies established by the Chancellor and President, and the Board of Regents. To provide for the independence of the internal auditing activity, the Chief Audit Executive reports directly to the Board of Regents, functionally through the Finance and Audit Committee. The Chief Audit Executive reports administratively to the Chancellor and President.

The Chief Audit Executive will communicate and interact directly with the Board of Regents, including in Finance and Audit Committee meetings, executive sessions where allowed by law, and between committee meetings, as appropriate. Responsibilities of the Board of Regents and Finance and Audit Committee are outlined in the Board of Regents Bylaws.

The internal audit activity will remain free from interference by any element in the organization, including matters of audit selection, scope, procedures, frequency, timing, or report content to permit maintenance of a necessary independent and objective mental attitude.

Internal auditors will have no direct operational responsibility or authority over any of the activities audited. Accordingly, they will not implement internal controls, develop procedures, install systems, prepare records, or engage in any other activity that may impair internal auditor’s judgment. Internal auditors may provide assurance services where they have previously performed consulting services provided the nature of the consulting did not impair objectivity, and provided individual objectivity is managed when assigning resources to the engagement.

Internal auditors will exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal auditors will make a balanced assessment of all the relevant circumstances and not be unduly influenced by their own interests or by others in forming judgments.

The Chief Audit Executive will confirm to the Board of Regents, at least annually, the organizational independence of the internal audit activity and its staff members. The Director of Audit Services is defined as the Chief Audit Executive of Texas Woman’s University (per the International Standards for the Professional Practice of Internal Auditing).

The scope of internal auditing encompasses, but is not limited to, the examination and evaluation of the adequacy and effectiveness of the organization’s governance, risk management, and internal controls as well as the quality of performance in carrying out assigned responsibilities to achieve the organization’s stated goals and objectives. This includes:

• Developing a flexible annual audit plan using appropriate risk-based methodology, including any risks or control concerns identified by senior management, and submit that plan to the Texas Woman’s University Board of Regents for review and approval.
• Executing the annual audit plan as approved.
• Developing relationships throughout the organization to become a trusted advisor to management on risk management and internal control matters.
• Maintaining a professional audit staff with sufficient knowledge, skills, abilities, experience, and professional certifications.
• Evaluating risk exposure relating to the achievement of the organization’s strategic objectives.
• Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information.
• Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact on the
  organization.
• Evaluating the means of safeguarding assets and, as appropriate, verifying the existence of such assets.
• Evaluating the effectiveness and efficiency with which resources are employed.
• Evaluating operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being
  carried out as planned.
• Monitoring and evaluating governance processes.
• Monitoring and evaluating the effectiveness of the organization’s risk management processes.
• Evaluating the quality of performance of external auditors and the degree of coordination with internal audit, as applicable.
• Performing consulting and advisory services related to governance, risk management and control as appropriate for the organization. Such services include management requests, participation on institutional committees, and participation on implementation teams for information technology projects and business process improvements.
• Evaluating specific operations at the request of the Finance and Audit Committee or management, as appropriate.
• Conducting interviews or investigations of suspected fraudulent activities in accordance with university policies and procedures.

At least annually, the Chief Audit Executive will submit to the Board of Regents through the Finance and Audit Committee an internal audit plan for review and approval. The internal Audit plan will consist of a work schedule, budget and resources plan for the next fiscal year. The internal audit plan will be developed based on a prioritization of the audit universe using an appropriate risk-based methodology, including input of senior management and the Finance and Audit Committee Chair. The Chief Audit Executive will review and adjust the plan, as necessary, in response to changes in the internal audit resource levels or the University’s business, risks, operations, program, systems, and controls. Any significant deviation from the internal audit plan will be communicated to the Board of Regents through the Finance and Audit Committee.

The Chief Audit Executive or designee will communicate the results of each internal audit engagement to the appropriate individuals and state and federal oversight agencies as required. Internal audit results will also be communicated to the Board of Regents.

Communication of the engagement results may vary in form and content depending upon the nature of the engagement and the needs of the client. A formal internal audit report will include management’s response and corrective action taken or to be taken in regard to the specific findings and recommendations. Management’s response should include an implementation date for anticipated completion of action.

The Office of Audit Services will be responsible for appropriate follow-up on management action plans to address engagement findings and recommendations and reporting the results to appropriate management members and the Board of Regents. All significant findings will remain as open issues until reviewed and cleared by the Office of Audit Services.

The Office of Audit Services will fulfill reporting requirements for audit reports and the annual report, including the annual audit plan, as prescribed by the Texas Internal Auditing Act.

The Chief Audit Executive will periodically report to the Board of Regents through the Finance and Audit Committee on the Office of Audit Services’ purpose, authority, and responsibility, as well as performance relative to its audit plan. Reporting will also include significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by the Chancellor and President and the Board of Regents.

The internal audit activity will maintain a quality assurance and improvement program that covers all aspects of the internal audit activity. The program will include an evaluation of the internal audit activity’s conformance with the Definition of Internal Auditing, the Core Principles, and the Standards and an evaluation of whether internal auditors apply the Code of Ethics. The program will also assess compliance with the Texas Internal Auditing Act and Generally Accepted Government Auditing Standards, and the efficiency and effectiveness of the internal audit activity, as well as opportunities for improvement.

The Chief Audit Executive will communicate to the Board of Regents on the internal audit activity’s quality assurance and improvement program at least annually, including results of ongoing internal assessments and external assessments conducted at least every three years.

• Texas Internal Auditing Act, Government Code Chapter 2102
• U.S. Government Accountability Office, Government Auditing Standards (GAGAS or The Yellow Book)
• The Institute of Internal Auditors, International Standards for the Professional Practices Framework (IPPF or IIA Standards)
• The Institute of Internal Auditors, Code of Ethics
• TWU Board of Regents, Regent Policy: A.10000 Bylaws
• TWU Board of Regents, Regent Policy: B.20400 Internal Audit

The Office of Audit Services Audit Charter was approved by the Finance and Audit Committee and the Board of Regents on November 11, 2021 and November 12, 2021, respectively.