Audit Charter

Internal auditing is an independent and objective assurance and consulting activity that is guided by a philosophy of adding value to improve the operations of the University.  It assists the University in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the University’s governance, risk management, and internal control processes.

To accomplish its mission, the University must maintain the confidence of its Board of Trustees (BOT), faculty, staff, students, alumni, the public, elected officials, and various other stakeholders. The Division provides valuable support in maintaining the public’s confidence by performing independent and objective reviews, risk management activities, and reporting to the Audit and Compliance Committee and responsible administrative and academic officers so that corrective actions, risk response plans, and enhancements can be initiated. The Division’s objective is to assist the BOT, President, and University management in the effective discharge of their responsibilities.

The Division of Audit (Division, or DoA) provides insight on the mitigation of business risk to assist the BOT and University management in the effective discharge of their responsibilities as they relate to the University policies, processes, programs, information systems, internal controls, and management reporting.  The Division of Audit is a point of coordination of and responsibility for activities that promote accountability, integrity, and efficiency in the operations of the university.

The Division's mission is to enhance and protect the value of FAMU and its stakeholders by providing excellence in risk-based and objective assurance, advice, and insight through the promotion of accountability, integrity, and efficiency.

Audit activities will conform to the International Professional Practices Framework published by the Institute of Internal Auditors, Inc.; the Government Auditing Standards published by the United States Government Accountability Office; and/or the Information Systems Auditing Standards published by ISACA. Additionally, the Division will adhere to the University’s regulations, the Division’s standard operating procedures manual, and Florida Board of Governors regulations and standards guidance.

Investigation activities will conform to standards found in the Principles and Standards for Offices of Inspector General published by the Association of Inspector General, and professional standards issued for the State University System of Florida entitled Standards for Complaint Handling and Investigations for the State University System of Florida.

The Division provides audit, investigative, and risk management services to all entities of Florida A&M University, including schools, colleges, administrative departments, auxiliary enterprises, and direct support organizations.  Accordingly, the Division is authorized to:

• Have timely, unlimited, and unrestricted access to all data, books, records, files, property, information systems, and personnel of Florida A&M University as necessary to carry out the Division’s duties and responsibilities;
• Allocate resources, establish schedules, select subjects, determine scopes of work, and apply the techniques required to accomplish objectives;
• Obtain the essential assistance and cooperation of personnel in areas of the University where audits and investigations are performed, as well as other specialized services from within or outside the University;
• Facilitate the university’s Enterprise Risk Managment (ERM) by creating and maintaining the framework which ensures that risks are appropriately identified, assessed, managed, and considered in institutional decision making; and
• Have free and unrestricted access to the BOT.

The Vice President of the Division of Audit serves as the University’s Chief Audit Executive, as described in the International Standards for the Professional Practice of Internal Auditing.  The Chief Audit Executive shall notify the chair of the BOT’s audit committee or the President, as appropriate, of any unresolved restriction or barrier imposed by any individual on the scope of an inquiry, or the failure to provide access to necessary information or people for the purposes of such inquiry. The Chief Audit Executive shall work with the BOT and university management to remedy scope or access limitations. If the university is not able to remedy such limitations, the Chief Audit Executive shall timely notify the Board of Governors, through the Office of Inspector General and Director of Compliance (OIGC), of any such restriction, barrier, or limitation.

The Chief Audit Executive reports functionally to the Chair of the BOT and to the Chair of the BOT’s Audit and Compliance Committee, and therefore communicates and interacts directly with the BOT, including at BOT meetings and between BOT meetings as appropriate.  The Chief Audit Executive reports administratively to the President of the University.  The BOT will:

• Approve the charter of the Division of Audit;
• Approve the risk-based internal audit plan;
• Receive communications from the Chief Audit Executive on the internal audit activity’s performance relative to its plan and other matters;
• Approve all decisions regarding the performance evaluation, appointment, removal, and annual compensation and salary adjustment of the Chief Audit Executive;
• Approve ERM annual reports, institutional risk portfolio, risk appetite guidance, and reports on the status of risk response efforts; and
• Make appropriate inquiries of management and the Chief Audit Executive to determine whether there is inappropriate scope or resource limitations.

The Chief Audit Executive shall report directly to the Chair of the BOT and Chair of the BOT’s Audit and Compliance Committee any allegations by, or about, the University President.  Any allegations related to the Chief Audit Executive shall be reported to the University President and Chair of the BOT’s Audit and Compliance Committee.  Any allegations against BOT members shall be reported to the Board of Governors. These allegations are not to be handled internally and are not to be investigated by the Division. 

The Division will remain free from interference by any element in the University, including matters of audit and investigation selection, scope, procedures, frequency, timing, or report content to permit maintenance of a necessary independent and objective mental attitude.

Division staff must have no personal and external impairments to their independence, and have no direct responsibility or authority over any of the activities audited.  Accordingly, they will not implement internal controls, develop procedures, install systems, prepare records, or engage in any other activity that may impair their judgment.

Division staff will exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined.  Division staff will make a balanced assessment of all the relevant circumstances and not be unduly influenced by their own interests or by others in forming judgments.

The Chief Audit Executive will confirm to the BOT, at least annually, the organizational independence of the internal audit activity.

Responsibility 

The scope of internal audit encompasses, but is not limited to, providing assurance to management by examining and evaluating of the adequacy and effectiveness of the university’s governance, risk management, and internal controls as well as the quality of performance in carrying out assigned responsibilities to achieve the University’s stated goals and objectives.

The Chief Audit Executive is responsible for fulfillment of the following activities:

• Provide direction for, supervise, and coordinate audits, investigations, and risk management activities which promote economy, efficiency, and effectiveness in the administration of university programs and operations including, but not limited to, auxiliary facilities and services, direct support organizations, and other component units;
• Conduct, supervise, or coordinate activities for the purpose of preventing and detecting fraud and abuse within university programs and operations including, but not limited to, auxiliary facilities and services, direct support organizations, and other component units;
• Maintaining a professional audit staff with sufficient knowledge, skills, abilities, experience, and professional certifications;
• Perform consulting and advisory services related to governance, risk management and control as appropriate for the University.  Such services include management requests, and participation in institutional committees;
• Review statutory whistle-blower information and coordinate all activities of the university as required by the Florida Whistle-blower’s Act;
• Address significant and credible allegations relating to waste, fraud, or financial mismanagement as provided in Board of Governors Regulation 4.001;
• Keep the President and BOT informed concerning significant and credible allegations and known occurrences of waste, fraud, mismanagement, abuses, and deficiencies relating to university programs and operations; recommend corrective actions; and report on the progress made in implementing corrective actions;
• Promote, in collaboration with other appropriate university officials, effective coordination between the university and the Florida Auditor General, federal auditors, accrediting bodies, and other governmental or oversight bodies. Consider the scope of their work for the purpose of providing optimal audit coverage to the University at a reasonable overall cost;
• Review and make recommendations, as appropriate, concerning policies and regulations related to the university’s programs and operations including, but not limited to, auxiliary facilities and services, direct support organizations, and other component units;
• Evaluate the systems established to ensure compliance with policies, plans, procedures, laws and regulations which could have a significant impact on the University;
• Evaluate the reliability and integrity of information and the means used to identify, measure, classify, and report such information;
• Evaluate risk exposures relating to achievement of the university’s strategic objectives;
• Evaluating the means of safeguarding assets and, as appropriate, verifying the existence of such assets;
• Communicate to the president and the board of trustees, at least annually, the office’s plans and resource requirements, including significant changes, and the impact of resource limitations;
• Provide training and outreach, to the extent practicable, designed to promote accountability and address topics such as fraud awareness, risk management, controls, and other related subject matter;
• Coordinate or request audit, financial- and fraud-related compliance, controls, and investigative information or assistance as may be necessary from any university, federal, state, or local government entity;
• Develop and maintain a quality assurance and improvement program for the office of Chief Audit Executive.  This program must include an external assessment conducted at least once every five (5) years. The external assessment report and any related improvement plans shall be presented to the BOT, with a copy provided to the Board of Governors;
• Establish policies that articulate the steps for reporting and escalating matters of alleged misconduct, including criminal conduct, when there are reasonable grounds to believe such conduct has occurred;
• Inform the BOT when contracting for specific instances of audit or investigative assistance; and
• Report routinely to the BOT on matters including significant risk exposures, control issues, fraud risks, governance issues, and other matters requested by the President and the BOT.

View the signed Audit Charter