Audits and assurance engagements include planned reviews of compliance, operations, information technology, finance, and internal controls. They also include integrated audits which incorporate more than one of those categories in a single engagement. Audits are typically included on our office’s annual audit plan (work plan), and they result in a formal audit report that includes an overall opinion of the area under review and any findings and recommendations that were identified.
Administrative Reviews
Administrative reviews begin with a risk assessment to determine the most important issues to the area based on risk and management's requests. Administrative reviews often include assessments of items such as:
- Financial processes and transactions
- Cash handling
- Fixed assets and computer inventory management
- Payroll and personnel
- Policies
- General controls and access rights
- Academic areas including admission procedures and the awarding of scholarships
- Tax issues including unrelated business income tax, sales tax, and fringe benefits
- Governance structure and communication
Compliance Reviews
During a compliance review, operations are compared to external regulations such as those of a Federal, State, or accrediting agency. Our recommendations are intended to help management fully comply with the established regulations.
Information System Reviews
Information system reviews include many different topics such as:
- System, software, and document access
- Document storage and retention
- Credit card compliance
- Business continuity and disaster recovery planning
- Online presence
- Physical security of computer assets