Office of University Audit
“The Office of Audit provides audit and advisory services to the University community by assessing risks, analyzing controls, and ensuring that business practices are effective, efficient, and compliant with University and regulatory policies.”
URMC Compliance Office:
Department of Public Safety:
Office of Human Resources:
(585) 275 – 2815
The Office of University Audit is established as an independent appraisal function to examine and evaluate the business, financial, and administrative operations of the University as a service to management. It is a managerial control which functions by measuring and evaluating the effectiveness of other controls.
Objective and scope
The objective of the Office of University Audit is to assist all members of the University in the effective discharge of their responsibilities by furnishing then with analyses, appraisals, recommendations and pertinent comments concerning the activities reviewed. The Office of University Audit is concerned with any phase of any activity in which it may be of service to management. This involves going beyond the accounting and financial records to obtain a full understanding of the operations under review. The attainment of this overall objective involves such activities as:
- Reviewing and appraising the soundness, adequacy, and application of accounting, financial, and other operating controls, and promoting effective control at a reasonable cost.
- Evaluating the level of compliance with established University policies, plans and procedures, with federal and state laws and government regulations
- Ascertaining the extent to which University assets are accounted for and safeguarded from losses of all kinds
- Ascertaining the reliability of management data developed within the University
- Appraising the quality of performance in carrying out assigned responsibilities. (Does not include appraising the quality of teaching, research, nor patient care.
- Evaluating the effectiveness, efficiency and economy with which resources are employed
- Recommending operating improvements
Responsibility and authority
The responsibilities of the Office of University Audit are:
- To inform and advise management, and to discharge this responsibility in a manner that is consistent with the Code of Ethics of the Association of College and University Auditors and the Institute of Internal Auditors, and in accord with the Standards for the Professional Practice of Internal Auditing.
- To coordinate internal audit activities with others so as to best achieve the audit objectives and the objectives of the University
- To submit annual audit plans to the Senior Vice President for Administration and Finance and Chief Financial Officer, the President, and the Audit Committee of the board of Trustees for their review and approval
- To meet with and report to the Audit Committee, at least on an annual basis, on whether:
- Appropriate action has been taken on significant audit findings
- Audit activities have been directed toward the highest exposures to risk and toward increasing effectiveness, efficiency, and economy of operations.
- Internal Audit plans are adequate.
- There is any unwarranted restriction on the staffing and authority of the Office of University Audit or on access by internal auditors to all University activities, records, property, and personnel.
The Office of University Audit is provided with authority for full access to all of the University's records, properties, and personnel relevant to the subject under review. The Office of University Audit is free to review and appraise policies, plans, procedures, and records.
In performing its functions, the Office of University Audit has no direct responsibility for, nor authority over any of the activities which are reviewed. Therefore, the internal audit review and appraisal does not in any way relieve other persons in the University of the responsibilities assigned to them.
The Director of the Office of University Audit reports to the Senior Vice President for Administration and Finance and Chief Financial Officer, with direct access to the President and to the Audit Committee of the Board of Trustees.In order to maintain objectivity, the Office of University Audit will not undertake to develop and install procedures, prepare records, or engage in any other activity which it would normally review and appraise, and which could reasonably be construed to compromise its independence. However, objectivity need not be adversely affected by University Audit's determination and recommendation of the standards of control to be applied in the development of systems and procedures under review.
Adopted by the Audit Committee
of the University of Rochester Board of Trustees
January 25, 1984