Internal Audit Service

CHARTER FOR INTERNAL AUDIT DUBLIN CITY UNIVERSITY

A Charter for the Internal Audit function in DCU was approved by the Governing Authority at their meeting on 10th July 2003 and subsequently revised and approved by Governing Authority on 14th April 2011.

1. Introduction

1.1 Internal Audit is responsible for conducting an independent appraisal of all of the University´s activities, financial and otherwise. It provides a service to the whole organisation, including the Governing Authority and all levels of management.

1.2 Internal Audit provides assurance to the Governing Authority and the President on the entire system of controls. Internal Audit assists management by evaluating and reporting on the effectiveness of the controls for which management are responsible. However, it remains the duty of management and not Internal Audit, to operate adequate systems of internal control.

2. Mission of Internal Audit

2.1 Internal Audit provides independent and objective assurance and advice designed to add value and improve the operations of the University. The general aim of Internal Audit is to assist the University in accomplishing its objectives by conducting a systematic and disciplined review of the effectiveness of controls, risk and governance processes designed by management to meet the strategic, financial, and operational objectives of the University.

2.2 In order to achieve this aim, Internal Audit will carry out independent assessments and report thereon to the Audit Committee and management. Each assignment undertaken by Internal Audit is intended to provide independent, objective assurance as well as recommendations designed to add value and improve the operations of the University.

3. Scope

3.1 All the Universities activities, funded from whatever source, fall within the remit of Internal Audit, the scope of which is not confined solely to financial matters.

3.2 Internal Audit may also conduct any special reviews requested by the Governing Authority, the President or the Audit Committee.

4. Authority and Access

4.1 Internal Audit derives its authority from the Governing Authority through the Audit Committee and the President. Internal Audit is responsible to the Audit Committee while reporting administratively to the President. Internal Audit shall have direct access to the President and the Chairperson of the Audit Committee in the performance of professional duties.

4.2 Internal Audit has the right of access to all the University´s information, records, assets and personnel which it considers necessary to fulfil its responsibilities. This right of access includes subsidiary companies of the University. Internal Audit may review other bodies or undertakings controlled or funded by the University as agreed by the Governing Authority.

4.3 Internal Audit shall be afforded the full co-operation of all employees and agents of the University in carrying out its professional duties.

5. Role and Responsibilities

5.1 Internal Audit is required to give an annual opinion to the Audit Committee, on the adequacy and effectiveness of the whole system of internal controls within the University, and the extent to which the Governing Authority may rely on it.

5.2 Internal Audit shall develop an overall audit strategy taking account, inter alia, of available resources, knowledge of the University, the work of external auditors and internal assurance providers, the University´s risk assessment process and Internal Audit´s own assessment of risk.

5.3 Based on the overall audit strategy, Internal Audit will undertake medium term and annual programmes of work to provide the required assurance. These will be drawn up by Internal Audit in consultation with the President and the approval of the Audit Committee. The programme will be designed to:

• Appraise progressively the soundness, adequacy and application of the internal control systems;
• Ascertain the extent to which the system of internal control ensures compliance with the University´s policies and procedures and State laws and regulations;
• Ascertain that the system of internal control promotes the efficient and effective use of resources;
• Ascertain that the system of internal control operates to ensure that the assets of the University are properly controlled and safeguarded from losses arising from fraud, irregularity or corruption;
• Ascertain that there are adequate controls to ensure reliability of accounting and other information as a basis for producing accounts and for financial, statistical and other returns;
• Ascertain that there is an adequate internal control system to ensure the integrity and reliability of financial and other information provided to the Governing Authority; and
• Confirm compliance with laws, regulations and Government Guidelines for Irish Universities.

5.4 In achieving its objectives Internal Audit should:

• Identify all aspects of control systems on which it intends to rely and develop a review cycle;
• Evaluate those systems, identify inappropriate and inadequate controls and recommend improvements in procedures and practices based on best practice;
• Recommend and advise on value for money and efficiency improvements as evident from reviews performed ; and
• Liaise with both the external auditors and the Comptroller and Auditor General (C&AG).

6. Independence and Objectivity

6.1 The internal auditor is required to deliver impartial and unbiased judgements. In order to enhance this objectivity, Internal Audit has no operating responsibilities and will remain independent of the activities being examined. Internal Audit is not part of the systems of governance, internal control, risk management or compliance but, rather is an independent appraisal function, which seeks to objectively and impartially review and report on those areas.

6.2 Without prejudice to this objective and if deemed appropriate by the Audit Committee and President, its remit may extend to systems being developed and it may provide advice on control and related matters.

7. Fraud

7.1 The responsibility for the prevention, detection and resolution of fraud lies with management. This responsibility is addressed through the implementation and continued operation of an effective system of internal control.

7.2 Internal Audit has responsibility to ensure that the audit programme and methodology takes due account of the possibility of fraud and will fully investigate any fraud or suspected fraud uncovered.

8. Standards and Approach

8.1 Internal Audit shall carry out its work with due professional care having regard to appropriate professional auditing practice as contained in Auditing Standards published by the Auditing Practices Board and by the Institute of Internal Auditors.

8.2 Internal Audit will, where possible, and taking account of the control environment, adopt a risk-based approach to its audits supplemented, as appropriate, by the use of a systems-based approach with traditional transaction testing and verification methods on a sample basis.

8.3 Internal Audit shall prepare periodic audit plans proposing areas for audit work, which shall be submitted to the Audit Committee for approval.

9. Reporting

9.1 On completion of an audit, findings will be reported to management and the President. Management responses will be incorporated in audit reports as appropriate.

9.2 There will be periodic follow-up action by Internal Audit to ascertain if findings and recommendations have been implemented.

9.3 Internal Audit will report to the Audit Committee at regular intervals during the year on the results of audit work undertaken in line with the audit plan and will provide an annual report on Internal Audit activities. This report shall be forwarded, after the year end of the financial year to the Audit Committee and the President The report will be circulated to the Governing Authority.

9.4 Internal Audit shall liaise with both the Comptroller and Auditor General (C&AG) and the external auditors engaged on audits of the financial statements. While internal and external auditors have their own distinct objectives, there are areas of common interest and co-operation which will be promoted through regular meetings and co-ordination of activities to ensure that maximum audit coverage is achieved.