Central Piedmont Community College Internal Audit _____________________________ What to Expect When You Are Audited November 2014

Objectives Introduction to Internal Audit Responsibilities and Authority How audits are selected Audit process

What is Internal Auditing? “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” (Institute of Internal Auditors)

What is the purpose of Internal Audit? To provide independent and objective management of evaluations, consultation, and reporting services; to help ensure the efficient and effective use of resources and program operations; and to monitor stewardship over assets. To ensure that the College is in compliance with applicable policies and procedures, statutes, and regulations, which in turn support the College in achieving its vision, mission, and goals.

What responsibilities and authority Internal Audit have? Refer to College Policy and Procedures Internal AuditCollege Policy and Procedures Internal Audit for responsibilities and authority Responsibilities & Authority A. The Internal Audit staff has authority and responsibility for conducting financial, enrollment, operational, and compliance audits. Other audit projects may be requested by the President’s Cabinet. B. To conduct an audit, the Internal Audit staff is authorized full and unrestricted access to records, personnel, and physical properties relevant to the performance of the audit.

What services does Internal Audit provide? We conduct audits We provide objective information We make recommendations We facilitate improvements IA Assists CPCC in improving Controls Processes Performance Risk Management IA Assists CPCC in improving Controls Processes Performance Risk Management

How do we decide what to audit? In a word…. We use risk assessment at two levels within internal audit: 1. Development of a risk-based annual audit plan 2. Selection of focus areas within individual audit topics

What are the typical risks all organizations face? Errors in financial & other reporting Non- compliance with policies, regulations, and laws Sub-optimized operational efficiency and effectiveness Loss of assets – tangible and informational Unauthorized use or damage to data Damage to reputation Fraud

How do we assess risks? Likelihood – probability of occurrence Impact – effect on your organization – Loss of resources – Loss of public trust – Violation of policies, laws, regulations – Bad publicity – Decreased enrollment – History – Change in key leadership or personnel – Complexity of unit or process – Known weaknesses in controls/activities

How do we want to relate to and work with stakeholders? We desire to work collaboratively with clients in a communicative and transparent environment. Key points: – Collaborate – Communicate – Transparency – Audit professionalism

What is the Internal Audit process? Each audit is unique, but follows a fairly standard process. Below are the main phases of an internal audit: Planning Entrance Conference Preliminary Survey of Operations Notifying the Administrator Performing the Audit Finalizing the Audit Report Resolving Recommendations Not Agreed to by the Administrator Transmitting the Audit Report Audit Evaluation Following-up on Recommendations Agreed to by the Administrator Reporting to the President’s Cabinet and Finance Committee Please open this link for detail information of Internal Audit Process

To learn more about services Internal Audit provides, please visit : or contact one of the following staff members: Brenda M LeonardBrenda M Leonard, Associate Vice President Audit Services and Reporting, Ed.D., CRMA, CICA, CBM, Janice JoyeJanice Joye, Director of Internal Audit Meera VoraMeera Vora, Assistant Director of Internal Audit